this is #debianan IRC-Channel at freenode (freenode IRC service closed 2021-06-01)
0[00:02:04] <jhutchins> f8e4: That could be the cable.
1[00:05:26] *** Quits: Jerrynicki (~niklas@replaced-ip) (Remote host closed the connection)
2[00:05:35] <oxek> f8e4: if you only have MTP option visible on phone, you need to install the packages 'gvfs gvfs-fuse gvfs-backends', reboot and then connect the phone
3[00:05:44] <oxek> it will then show up in your file manager
4[00:06:22] <oxek> you might already have some of those packages, but you need all three, and the recommended packages they install as well
24[00:18:35] <oxek> you likely shouldn't be picking mirrors manually, and definitely shouldn't be downloading .deb files manually unless you have a very good reason for it
26[00:19:06] <cybrNaut> i think i got my answer. some drivers are missing from my blu-ray disc so i'm downloading the needed pkgs from another machine (one that's secure).
47[00:27:40] <oxek> we're getting close to bullseye being released as stable in the next few months, so there might already be some people in here who know about it
57[00:33:40] <cybrNaut> apart from firmware, more generally, suppose i have a Buster blu-ray disc, and because of popcon some unpopular pkgs are missing from that disc. Is digging through Releases.gz then finding the deb in pool/* a sensible approach, assuming the target host is not yet online or hardened?
58[00:34:01] *** Quits: aaii (~aaii@replaced-ip) (Remote host closed the connection)
88[00:54:42] <cybrNaut> apt-cdrom didn't work for me.. apt update failed after that. But i got it sorted. I had to workaround that by mounting the ISO and then using "deb file:///mnt/my-iso-mountpoint ..." and that worked
92[00:56:50] <cybrNaut> i tried a few variations of apt-cdrom. most recently this way: "apt-cdrom --no-auto-detect --no-mount -d=/media/debian_bd_iso add"
93[00:57:30] <cybrNaut> it puts only a disc label in sources.list, and loses track of the mountpoint for that label
105[01:21:52] <Klatu> Anyone know if it is possible and if so how to share USB sound devices with multiple processes using the alsa USB AUDIO CODEC device?
106[01:22:19] <Klatu> I can't seem to make Debian nor Ubuntu do it...
126[02:16:52] <Buliarous> anybody have a favorite way to backup all your installed packages and dotfiles and things and restore when doing a fresh debian install?
138[02:44:19] <sussudio> Buliarous: /msg dpkg debian clone It's sitting outside the channel, so i don't know if it will still respond.
139[02:45:26] <Buliarous> sussudio: not getting a response unfortunately
140[02:46:06] *** Quits: wyatt8740 (~wyatt8740@replaced-ip) (Remote host closed the connection)
141[02:46:38] <sussudio> Buliarous: <dpkg> One method of cloning Debian installs is to take a current Debian machine that is set up with the packages you want and run the command "dpkg --get-selections > ~/selectionfile". Then, after the base install on other machines use that file and do: "dpkg --set-selections < ~/selectionfile && apt-get dselect-upgrade".
352[13:14:32] <coc0nut> its nice with two open source communities... makes it competitive and stronger and wider.. evolution! making you better feeling
398[14:25:52] <egawrilow2016> Hello, Debian community. I have question. I have error in Debootstrap image launched in Termux's Proot. This error manifests in APT and DPKG. How to solve? Log: replaced-url
418[14:43:05] <tomreyn> the baseline might still stand, but the constant flames, sparks, collapsing boards and, most of all, the smell, make me think the roof could come down at any time.
419[14:43:45] <tomreyn> but i see how there's no use in discussing this, and how this is the wrong place. sorry.
421[14:46:03] <jelly> oxek, we have a presence on irc.libera.chat now. that network seems to have stabilized and many other project have moved together with their active users..
422[14:46:31] <oxek> jelly: thanks, I'll likely be making an account there at some point
435[14:49:52] <oxek> yeah, I can understand that. The frustration of channel ops can be felt by everyone by now.
436[14:50:13] <jelly> that's not an official opinion, just my own. You'll note I've kept away from OFTC #debian for the most part, I just can't deal with 2+ channels doing the same thing
437[14:50:17] <jelly> let alone three
438[14:51:02] <jelly> and OFTC now has the largest #debian
439[14:51:38] <oxek> I'd be happy with moving myself to OFTC, but based on talking to OFTC staff I still need to wait for them to switch to a newer ircd before SASL is working and my account could be whitelisted based on SASL
440[14:51:55] <oxek> I'm on bad IP addresses that get killed immediatelly when spotted
441[14:52:11] <oxek> like, it doesn't even let the TLS terminate properly
455[14:58:37] <jelly> I mean you seem like a reasonable enough fellow that I could set up a separate znc instance on my vps for
456[14:59:36] <synthetek> I went to the new chat once.
457[14:59:40] <oxek> jelly: thank you for the offer, but I have no plans for that yet. I'll check out how interesting the #debian channel is on libera, if I can still keep on learning things in there, and if not then I'll probably need to get myself to switch ISPs for a number of reasons anyway
458[14:59:48] <oxek> maybe starlink will be the solution for me
459[14:59:56] <jelly> nod
460[15:00:35] <jelly> starlink is going to KILL in the rural regions if they can scale
461[15:00:41] <oxek> exactly
462[15:00:57] <jelly> africa is going to be all Elon
468[15:02:53] <oxek> that would be the ideal case, yes. Let's hope it becomes a reality, and that starlink IP addresses don't end up on all the blacklists...
506[16:11:20] <cybrNaut> apt tools check the hash and sigs, & refuses to install unverifiable packages, or so i thought
507[16:11:27] <erts> Hi, I'm using Debian with KDE Plasma. It works perfectly, but if I choose a different window manager and log in from SDDM, on some of them the screen background doesn't change, the SDDM view stays on the screen even though the WM is totally usable, but the background doesn't refresh. Any idea about this?
508[16:12:02] *** h4x0riz3d is now known as antto
509[16:12:59] <cybrNaut> there's no way for apt to check the authenticity of a deb file on its own, so it should reject them
519[16:34:53] <cybrNaut> oxek: privs is moot. If you don't have the privs then there's no discussion. If you have the privs to install something, either you have an expectation for the tool to protect you or you don't. It can't be halfway because that's a recipe for disaster (the user expects more security than they actually get).
520[16:35:51] <cybrNaut> i recall aptitude refusing to install something for me once because the authenticity didn't check out. And rightfully so.
521[16:36:21] <cybrNaut> it's a security bug to say the least.
523[16:37:15] <cybrNaut> at a bare minimum, the docs or the tool should make sure the user is informed when authenticity of a pkg is exceptionally unchecked
531[16:48:52] <cybrNaut> well, unless there's something that's better at doing the checks
532[16:49:44] <oxek> using apt tools on .deb files that I haven't verified to be safe is my own bad decision
533[16:49:46] <cybrNaut> apt-* is the only debian installer that checks authenticity at all, no? what else is there
534[16:50:14] <oxek> aptitude does some checks
535[16:50:54] <cybrNaut> oxek> using apt tools on .deb files that I haven't verified to be safe is my own bad decision <= the tool is responsible for such bad decisions
536[16:51:19] <oxek> yeah, I'm the "tool" :p
537[16:51:26] <cybrNaut> it's the fault of the developers when they mislead users about what to expect
538[16:51:41] <oxek> respectfully, I disagree
539[16:51:51] <cybrNaut> users will do stupid things-- that's a given
540[16:52:21] <cybrNaut> it's inexcusable when tools promote bad decisions
541[16:52:30] <cybrNaut> it's inexcusable when tools misinform
542[16:53:04] <cybrNaut> package managers have a *duty* to check authenticity, and inform the user
543[16:53:16] <cybrNaut> apt is failing in that duty
544[16:53:37] <cybrNaut> and it's a recipe for disaster
549[17:02:00] <jelly> and apt actually never checks signatures inside .deb packages; it checks repo signatures and makes sure you're downloading a trusted thing
551[17:04:55] <jelly> cybrNaut, rpm packages have their own sigs, for comparison; apt doesn't have anything to check if instructed to install ./foo.deb
552[17:05:45] <jelly> if you don't want it to install local files, don't ask it to install local files
559[17:26:18] <cybrNaut> indeed. some debian mirrors don't even support TLS (and zero Ubuntu/Mint mirrors are secure). I thought there must checks on the packages happening, because no way would it be a norm for the whole population to trust http traffic in the clear. bad assumption.
560[17:28:07] <cybrNaut> i've always insisted on either https or onion, thinking that was just a matter of disclosure. But it's worse, if pkgs don't have sigs that are being checked individually
561[17:28:56] <tomreyn> cybrNaut: out of interest, what makes you say that "zero Ubuntu/Mint mirrors are secure"? do you mean "secure" as in "https" there, or something else?
562[17:29:18] <cybrNaut> tomreyn: i just mean https in that context
563[17:29:41] <cybrNaut> no ubuntu or mint mirrors supported https last time i checked
564[17:29:44] *** Quits: igrtrrt (~igrtrrt@replaced-ip) (Remote host closed the connection)
565[17:30:29] <tomreyn> it must have been a while that you checked
566[17:30:44] <cybrNaut> and no onion mirrors exist for ubuntu or mint either
567[17:31:00] <cybrNaut> ~2-3 years since i checked
572[17:32:35] <tomreyn> i see, i can't challenge that.
573[17:35:02] <cybrNaut> and since then, recently, Mint has moved their docs into Cloudflare, so security is dodgy for Mint users anyway. If the project is willing to use CF for docs, what other stupid things are they doing?
574[17:35:32] <cybrNaut> I used to install Mint for novices, but no longer
575[17:50:34] <cybrNaut> so to reach a reasonable level of security, we should give the "--download-only" option to apt*, visit replaced-url
576[17:52:45] <oxek> that's absolutely pointless
577[17:52:59] <oxek> you could just do `apt download <packagename>`
580[17:57:51] <oxek> coc0nut: don't comment on spam, you're only feeding the trolls. Do that in ##comment-on-spam or some other channel
581[17:58:21] <cybrNaut> oxek: you missed what jelly said: the apt tools are *not* checking the hashes of the individual pkgs
582[17:58:45] <oxek> cybrNaut: I didn't miss it.
583[17:58:59] <cybrNaut> oxek> that's absolutely pointless <= yes you did
584[17:59:17] <cybrNaut> unless you were replying to something else
585[17:59:21] <oxek> apt checks gpg signature of a text file, that contains the hashes of .deb files that will be downloaded from repositories, and verifies that on download
586[17:59:41] <oxek> the .deb files themselves don't contain any cryptographic (or other) signature
590[18:03:51] <cybrNaut> well then my original point stands -- that *.deb files are not hash-checked when fed directly to apt, yet they are hash-checked when taken from a mirror
591[18:05:20] <cybrNaut> apt* should either: 1) warn the user that the hash was not checked when a raw deb file is fed to it, or 2) refuse to install a deb file unless the user supplies an option like --no-check
654[19:12:32] <cybrNaut> if i download a file using wget and feed it to apt, it doesn't check the hash. it doesn't even have a parameter to supply the hash
662[19:15:03] <cybrNaut> it's inconsistent. It should either not accept user-supplied deb files, or it should treat them as it does the files it downloads
663[19:15:14] <oxek> anyway, you're not getting anywhere, you misunderstand how apt works and refuse to educate yourself
664[19:15:18] <cybrNaut> it's the inconsistency that burns users
665[19:16:01] <cybrNaut> you've misunderstood basic security principles. you need a 101 class
669[19:26:42] <coc0nut> cybrNaut, debian (apt) isnt proprietary. its open source, wich means you can freely modify and edit the source code. its not like debian is doing the security for you. you do whatever you like. so demanding a warning for hashcheck is kinda stupid... osx does it. and windows allow you to check for only using store apps..
670[19:27:32] *** Quits: nicopok (~nicopok@replaced-ip) (Remote host closed the connection)
671[19:27:59] <cybrNaut> coc0nut: who does the work is always a red herring wrt what needs to be done
672[19:28:34] <cybrNaut> it makes little sense to do all the work that a PR entails if it will only get rejected in the end
673[19:29:27] <cybrNaut> the 1st step is to report the bug. the next step is to discuss. the last step is to do the work. Putting the work first is backwards
674[19:30:03] <oxek> the PR would get rejected, yes
675[19:30:08] <coc0nut> ofc its a good thing. and if you want your app to be liked, you surely want to add a hashcode for the original file. just that if your adding a deb package you should know what youre doing, or atleast experiment in safe env
685[19:43:28] <cybrNaut> "if your adding a deb package you should know what youre doing" <= users have the *option* to look at the apt source code in order to see how the hashes are checked, but it's reckless to design software that *requires* users to inspect the source code in order to know what the app is doing.
694[19:48:03] <oxek> .deb files do not contain a signature on them
695[19:48:10] <cybrNaut> it's unreasonable to assume users know the internal structure of deb files
696[19:48:41] <cybrNaut> or that they read the source code
697[19:48:45] <oxek> anyway, this really isn't a debian problem
698[19:48:54] <oxek> there is no threat model here
699[19:49:05] <oxek> and no description of any vulnerability
700[19:49:39] <coc0nut> its free... its not like theyre selling it, they dont care about competition/sabotage in that way. i get your point, but you use open source projects on your own responsibility i guess. that sounds fair to me :p if they were selling it, having costumers paying for it, it would be a totally different thing. having securities like copyright limitations and stuff.. then its not open source. and its not even linux. the freedom to do what you like with your
701[19:49:39] <coc0nut> stuff. its priceless :p
702[19:50:40] <cybrNaut> corruption is in everyone's threat model. You people who learn about infosec from hollywood movies have no idea what security is.. that anything (even accidents) that harm data integrity are a security issue
703[19:50:47] <oxek> let me ask you this cybrNaut, when you download a video file, and double click it, do you expect it to be hash checked by the media player? When you download a text file, do you expect the text editor to do a cryptographic verificiation it is the file you downloaded? Same with pdf, docx, ...
704[19:51:05] <cybrNaut> security is not always about fending off hacker attacks
711[19:52:30] <valgren> the default way of using an official repository is quite save, i guess. downloading .deb files and installing them is like downloading an .exe file on windows and just clicking "install anyways" in that fancy pop-up. So, even in other operating systems, they see it as your own risk as a user to use downloaded files.
714[19:53:05] <cybrNaut> that means if a power cable is running across a hallway floor and someone trips on it and brings down an important server, even *that* is a security issue
715[19:53:34] <oxek> and I keep on telling you what is in-scope and out-of-scope. Cables running across floor are out of scope for apt
716[19:54:12] <cybrNaut> oxek> cybrNaut: present an argument <= you asked
717[19:54:26] <oxek> I then presented you with the proper tools for verifying .deb files, and for means of ensuring integrity through ECC RAM and checksumming filesystems.
718[19:54:33] <cybrNaut> again, security is not limited to attacks
722[19:55:18] <cybrNaut> accidental integrity loss *is* a security problem -- and hashing addresses it
723[19:56:16] <oxek> Present an argument for why apt should warn the user that a checksumming filesystem is not in use, that ECC RAM is not in use, that a file was not downloaded from sources listed in sources.list, ...
724[19:56:49] <coc0nut> cybrNaut, you have to do your homework to get secure. I feel more secure in a open source community (the people), than in a corporate like microsoft (owned by governments)...
725[19:57:11] <cybrNaut> oxek: i don't need to -- my stance doesn't require apt to be filesystem-aware
726[19:57:37] <oxek> cybrNaut: and hashing exists at every step of the way. apt verifies the hash on download, ECC ensures integrity is preserved in RAM, btrfs ensures integrity is preserved on disk, cryptsetup ensures data is safe at rest, ...
727[19:58:03] <cybrNaut> coc0nut: i'm not just interested in "feeling" secure. a false sense of security is dangerous
728[19:58:35] <valgren> i bet someone could forge a hash for a file and set it up for download. then even if apt would check the hash, it would continue to install. we have projects where we build our own .deb packages for our customers with our own generated hash values in the corresponding Package files. apt just installs them as if they came from an official repository. so hashing does not completely help you with security, i think?
729[19:58:40] <coc0nut> well, being not only once said that you are never totally secure.
730[19:58:42] <cybrNaut> oxek> cybrNaut: and hashing exists at every step of the way. <= nonsense. it's skipped. hence this bug: replaced-url
731[19:59:58] <oxek> cybrNaut: that bug is the exact example of filesystem corruption, had btrfs or zfs been in use, it would not occur
732[20:00:00] <cybrNaut> valgren: you're right. hashing protects from /some/ security issues and not others. debian falls short on this
734[20:00:57] <cybrNaut> valgren: ideally, every pkg is crypto signed and apt checks the sigs using pubkeys on the keyring
735[20:01:53] <oxek> when a file is verified after downloading it, it is no longer untrusted input. If something corrupts it in RAM or on disk, then you need to look into ECC RAM and checksumming filesystems. It's not a security issue for apt.
736[20:02:33] <cybrNaut> oxek> cybrNaut: that bug is the exact example of filesystem corruption <= as i said, it's an example of a single point of failure where apt installed a corrupt pkg
738[20:02:58] *** Quits: Vizva (~Vizva@replaced-ip) (Remote host closed the connection)
739[20:03:07] <cybrNaut> how it got corrupted is only relevant to the *first* point of failure, not the second
740[20:03:19] <valgren> cybrNaut: maybe, this is just a bit too much paranoid for a program like apt. i still need elevated privileges to do real damage to my machine or installing software with apt. so "I" am responsible for what i download
741[20:03:26] <oxek> cybrNaut: it's dpkg, not apt in there
742[20:04:13] <cybrNaut> division of duties. apt does the checking, not dpkg
743[20:04:24] <oxek> and hardware issues are out of scope for both apt and dpkg.
744[20:04:51] <oxek> hardware issues are out of scope for cryptsetup, veracrypt, keepassxc, ...
745[20:04:54] <valgren> i thing, the last instance of security could really just be the human sitting in front of the keyboard.
746[20:05:01] <cybrNaut> oxek: clearly all the multiple points of failure arguments went over your head
748[20:05:34] <oxek> cybrNaut: I addressed each step of the way, from download to installation, and the different parts of the system that ensure security & integrity
749[20:05:41] <valgren> but i would welcome if they make apt more secure (if possible and in scope of the program)
750[20:06:10] <cybrNaut> valgren: yes, the human has security duties and that's where good software *assumes* will fail. Good software mitigates human failure
751[20:06:23] <oxek> this really is a $1M bounty if you can find an in-scope issue there, paid out by facebook
752[20:06:55] <oxek> even reporting it would be enough to get the bounty
754[20:07:47] <coc0nut> I had an incident the other day, where installing a git-all package ruined my system. because it conflicted having my system uninstall vital parts. I guess it would need proprietarity to make sure everything is in place all the time. like alpha, beta gaga testing. even microsoft and apple can do mistakes like that probably
755[20:08:19] <valgren> cybrNaut: i also work at a software project where security is vital but we also have to consider what is practical in terms of computational resources and usability for our customers. at some point adding more security eats more money than our department has available for the project
756[20:08:32] <oxek> coc0nut: your problem wasn't installing git-all, it was running the autoremove afterwards
757[20:08:52] <coc0nut> but then again, it was me clicking enter to fast in the question if i would like to perform the action of autoremove
758[20:08:56] <coc0nut> your right oxek!
759[20:10:29] <wyatt8740> upgrading an old Dell latitude D610 I used to use from Debian Wheezy to Sid… wish me luck.
760[20:10:51] <oxek> wyatt8740: one release at at time?
761[20:11:07] <wyatt8740> nahh
762[20:11:09] <wyatt8740> one shot
763[20:11:15] <wyatt8740> >:)
764[20:11:31] <wyatt8740> and then clean up the mess later
765[20:11:44] <oxek> keep in mind that that is unsupported
766[20:11:45] <valgren> wyatt8740: do a backup/mirror of your hdd before you do the upgrade to have a save way back :)
767[20:11:48] <wyatt8740> yeah i know
768[20:11:57] <wyatt8740> Nope, not much i need on here anymore
770[20:12:11] <cybrNaut> valgren: indeed costs are part of security. Security costs money, but we do it because saves money by mitigating catastrophe. It's a balance of costs and in the commercial environment it's just down to the bottom line. Free software is not constrained in the same way though. You can have more security in free software than what would be commercially viable.
772[20:12:39] <wyatt8740> oxek: i'm using Sid and I also have a Powerbook G4 running sid; I
773[20:12:45] <wyatt8740> *I'm pretty used to unsupported stuff
774[20:13:09] <wyatt8740> so far as ports.debian.org is unsupported
775[20:14:25] <cybrNaut> valgren: it's the same as testing. Testing costs money, but it saves money. Some projects naively cut testing when the budget shrinks.. which is obviously a stupid move when you consider that the purpose of testing is to save money by catching bugs early
776[20:14:27] <valgren> cybrNaut: and that is what i bet on. open source will lead to better security but it takes more time. there is no contract that says "have security feature xy after z months". it's an evolutionary process, but i can live with that as long as i am aware of the consequences of my doing (installing packages and so on)
777[20:14:53] <cybrNaut> valgren: exactly
778[20:14:54] <valgren> cybrNaut: yeah, testing is one hard nut to crack in our project, because of the time constraints :D
779[20:17:00] <sussudio> wyatt8740: sid is not an upgrade.
780[20:17:01] <cybrNaut> valgren: note that fixing apt would be cheap. it would be trivial to hash a local deb file, show the hash to the user, and wait for "yes/no" whether the user confirms a match. that would be a very cheap fix IMO
783[20:18:50] <valgren> cybrNaut: if apt would show a long hash number, the user would probably not care and press 'y' just to get his new shiny program up and running. an automatic validation would be better.
785[20:20:22] <valgren> cybrNaut: oh, i got it, the user gets the message that the hash does not match and has to confirm the install/update (much like MS asking for "install anyways?") but if that would be more secure? i don't know, even doubt it
786[20:20:53] <cybrNaut> valgren: i agree, but just in terms of doing a cheap fix it would go a long way. The software can help prevent a user from accidentally or carelessly shooting themselves in the foot, but can't do much against a user determined to do self harm
787[20:21:01] <valgren> cybrNaut: the thing is, most users are "idiots" (including me sometimes :D )
788[20:21:31] <coc0nut> people are idiots, computers are stupid
789[20:21:59] <valgren> cybrNaut: yes, it's like the questions about the maintainer scripts you get from time to time, it let's you stop an think for a while
790[20:22:00] <cybrNaut> indeed. some users will burn themselves even with good guidance. That doesn't mean we decide to toss out good guidance
791[20:22:20] <coc0nut> mistakes is the best lessons too
792[20:22:48] <oxek> cybrNaut: you're missing the point that the computed hash cannot be compared to anything, if you haven't provided a hash yourself. At which point you can already use `sha256sum` or other utility to do the same, or if you have cryptographically secure hashes then there's .asc files and gpg for that.
793[20:23:14] <valgren> oxek: yes, that could be a problem...
794[20:23:19] <oxek> all these tools work together, but if the user chooses to avoid them, then the responsibilty falls onto that uesr
795[20:23:35] <oxek> and what you're describing is intentionally avoiding those tools
797[20:23:44] <oxek> hence completely out of scope of anything
798[20:24:09] <coyotes4ys> so i've been using brave browser. i think i need a different browser. it doesn't seem free
799[20:24:14] <coyotes4ys> any suggestions?
800[20:24:23] <oxek> coyotes4ys: there's always firefox in the debian repos
801[20:24:31] <coyotes4ys> lol
802[20:24:39] <coyotes4ys> thank u though oxek
803[20:24:53] <valgren> in good unix philosophy, these tools need to work together, maybe someone turns apt into a script that smokes these tools through a nice long pipe :D
804[20:24:59] <jelly> two things to note: /usr/bin/apt is a tool for interactive use; it has no API or syntax set in stone yet; and the new-ish apt install ./foo.deb syntax is obviously a shorthand/shortcut to make installing local, custom packages easier
828[20:39:35] <wyatt8740> there's plenty of reason to be nervous about it, but I learned a lot
829[20:39:50] <wyatt8740> if you have a low stakes system it might be a good place to try it
830[20:39:54] <wyatt8740> (assuming you have time)
831[20:40:11] *** iPodClassic is now known as iPodClassic^[AFK
832[20:40:14] <iPodClassic^[AFK> BRB!
833[20:40:46] <wyatt8740> honestly i don't see things break very often, but one must always be a little more careful
834[20:42:48] *** iPodClassic^[AFK is now known as iPodClassic
835[20:43:02] <valgren> i used stable for a long time and at some point things even break there, but that is by my own doing. i don't like to spend an afternoon reinstalling the system and copying backups and configuring the system, because most often the latest config is not in the backup :(
837[20:43:29] <valgren> and the change with sid is greater i guess to break something
838[20:43:44] <valgren> the chance
839[20:46:32] <wyatt8740> i have had the same sid install on my main desktop at home since 2014
840[20:46:54] <wyatt8740> it's starting to get a bit messy in terms of how I've added more storage over the years, but it remains pretty steady
841[20:47:16] <wyatt8740> package management isn't broken yet or anything :)
842[20:48:36] <valgren> wyatt8740: with all that knowledge from fixing/maintaining the system, have you ever considered building your own system? that would be my next step; building something with yocto/busybox but i've only watched some vids on youtube about these tools and i'm not sure if i want to go that way right now
843[20:49:06] <wyatt8740> valgren: eh, I don't feel the need, although honestly my system is pretty much its own thing at this point
845[20:49:38] <wyatt8740> I've considered it, yeah
846[20:50:05] <wyatt8740> but I just have a couple debian packages I tweak myself and I otherwise depend on the debian repositories.
847[20:50:20] <valgren> i have some old hardware that would benefit from a smaller kernel image, less modules to load/run in the system, and it would only contain things i really need
848[20:50:58] <wyatt8740> I've run FreeBSD/OpenBSD and stuff on things before, too, and I have built my own kernels, but i tend to leave them rather large even on old systems just so I don't have to rebuild if I get a new card or USB device
849[20:51:49] <wyatt8740> I think my machine with the least ram right now has 1.5GiB
850[20:51:50] <valgren> yes, if you upgrade the hardware it would be better to leave the support in the kernel
851[20:52:08] <wyatt8740> I mainly worry about "what if I get a new video capture card or something"
852[20:52:21] <wyatt8740> because I don't want to wait an hour and a half at that point before I can use it
854[20:52:54] <wyatt8740> I might remove some things but honestly I build most stuff as modules so that I can keep them out of memory until I need them
855[20:55:02] <valgren> so, you boot your system up and it has about 200-300 MiB RAM usage, and then you load modules as you need?
857[20:58:02] <wyatt8740> valgren: Sort of? i usually have modules for the hardware that's permanently installed load at boot (from /etc/modules), but i will build modules for things I might not have, like a drawing tablet, a video capture card, etc.. Then, when I plug the device in I can load a module for that card and that's when it will take up more space in kernel memory. But until that point it's just waiting to be used on the hard disk
858[20:58:23] <wyatt8740> I do load up all my permanently installed hardware at boot time, though, either baked in completely or as a module
859[20:58:56] <wyatt8740> so since I have no intention of upgrading my sound card (audigy 2 ZS, uses the emu10k1 module), I'd put that in /etc/modules
860[20:59:25] <wyatt8740> but my video capture USB (uses the em28xx module) won't get put in there because it'd be wasting RAM if I didn't use it.
861[20:59:36] <wyatt8740> i'd have that one load when plugged in
862[21:00:02] <wyatt8740> i believe debian already does it like that (not loading stuff until needed)
863[21:00:16] <wyatt8740> i just hardcoded some of it into /etc/modules because a bit of it is init-system dependent
864[21:00:27] <wyatt8740> (if it gets autoloaded or not)
865[21:00:55] <valgren> so it is like a custom kernel, that's kind of what i would like to try a some point in the future, building a minimal kernel; the idea of loading the modules later is a really good idea
866[21:01:57] <wyatt8740> yeah, if you're in doubt and you have hdd space (they don't really use THAT much relatively speaking) i just follow make menuconfig and do what they suggest, picking modules where necessary. If there's something I'm 100% sure I won't use (for instance, hot-plugging CPU's) I'll disable that.
868[21:03:08] <wyatt8740> tbh things like pulseaudio or web browsers are be bigger ram hogs than most kernel modules
869[21:03:11] <valgren> i guess hdd space it now a problem now-a-days because most devices come with usb (unless it is really really old and even then you could probably find an adapter)
870[21:03:27] <wyatt8740> uh, what do you mean?
871[21:03:51] <wyatt8740> hdd space isn't a huge problem for me btw, except that one of my laptops has a 40gb hdd because it's about 15 years old
872[21:03:54] <valgren> i guess hdd space is not a problem ...
873[21:04:08] <wyatt8740> yep^
874[21:04:52] <valgren> my oldest hardware is a 386 system (intel DX) with a small 40 MiB hdd :D
876[21:05:18] <wyatt8740> my oldest is a VIC-20, followed by an Amiga 500, but my oldest that can run linux is a Pentium laptop from 1996
877[21:05:22] <wyatt8740> i forget how big its hdd is
878[21:05:50] <wyatt8740> I'd love to have a 386 or 486 machine, but i just don't want to spend much on one
879[21:06:09] <valgren> it is a pity that we have so much space today but cannot use it because the corresponding software now eats so much more memory
880[21:06:12] <wyatt8740> btw linux kernels don't support the 386 anymore, starting a couple years ago
881[21:06:28] <wyatt8740> it's true, but it can be fought against
882[21:06:42] <wyatt8740> depends how motivated/determined you are :p
883[21:06:45] <valgren> yes, i would have to build from an older version
884[21:07:02] <wyatt8740> i might recommend a BSD on them, but that's a whole other can of worms
900[21:14:28] <wyatt8740> i think rms accepted hurd wasn't going to hit the primetime a long time ago
901[21:15:30] <wyatt8740> and it's been around 40 i think
902[21:16:30] <wyatt8740> ah, 38
903[21:17:34] <valgren> yes GNU started in 1983 and that was for the better for linux (1991) because "all" the necessary parts for the operating system (except) kernel were there, Linus just had to use them and here we are today, using GNU/Linux
904[21:19:18] <valgren> funny thing, i've switch to linux just "recently" about 2008/2009; i grew up using dos and windows
912[21:26:19] <wyatt8740> my first computer was my parents' mac plus, but the first i really used much was a beige Dell Dimension of some sort, running windows 98
913[21:26:29] <wyatt8740> prob. pentium iii
914[21:27:01] <wyatt8740> first i programmed on was a VIC-20 I found in a basement while helping a friend clean up :)
915[21:27:14] <valgren> the amstrad 386 machine i've mentioned earlier was my first machine, it ran dos 5.0 and windows 3.11 for workgroups
916[21:27:26] <wyatt8740> you in aus?
917[21:27:33] <wyatt8740> amstrad's not common around here?
918[21:27:36] <wyatt8740> *.
919[21:27:48] <wyatt8740> could be uk too
920[21:27:49] <valgren> east germany :D
921[21:27:52] <wyatt8740> ahh
922[21:28:20] <wyatt8740> america, here, for better or worse
923[21:28:29] <wyatt8740> makes finding stuff for my amiga a lot harder
924[21:29:35] <wyatt8740> also makes finding a better amiga than an a500 much harder; i'd love to have one of the 68k's with an MMU for linux/unix
925[21:29:44] <valgren> in respect to computer science, america is quite a good country to grow up (arpa, mit, bell labs, unix, ...)
926[21:29:54] <wyatt8740> that's almost all in the past
927[21:29:56] <wyatt8740> :(
928[21:30:10] <valgren> yeah, but the spirit lives on? :D
929[21:30:17] <wyatt8740> when we cut off research funding that died
930[21:30:49] <wyatt8740> there's still some things, of course
931[21:30:58] <wyatt8740> ibm, etc.
932[21:31:05] <valgren> if i want to learn/know something about programming/computer architecture/history i most likely use stuff that was printed/produced in america in the past
933[21:31:07] <wyatt8740> but... it's sad
934[21:31:21] <wyatt8740> that's fair, commodore was here too
935[21:31:32] <wyatt8740> despite being a bigger success in germany :)
936[21:31:57] <valgren> my friend had had a commodore back in the days, programming in basic was fun
937[21:32:13] <wyatt8740> like i said, my first progamming experience was CBM (microsoft) basic
938[21:33:18] <wyatt8740> i might be a bit of a europhile too though; old Volvos, european films and cartoons, etc..
939[21:33:33] <wyatt8740> so that might cloud my judgement
940[21:33:49] <wyatt8740> also half my shame comes from recent political happenings here
941[21:33:54] <wyatt8740> rather than anything computing related
942[21:34:54] <valgren> well, the only thing i remember from here is the Zuse I, the Robotron computers and maybe programming the U880 at high school, everything else came from america
943[21:35:06] <wyatt8740> you didn't have MSX in east germany?
947[21:36:10] <valgren> if it was there, i haven't seen it, it was difficult behind the iron curtain
948[21:36:24] <wyatt8740> i know soviet russia had a lot of spectrum clones
949[21:36:27] <wyatt8740> that's why i asked
950[21:37:30] <wyatt8740> ahh so there was one, called the "spectral"
951[21:37:33] <wyatt8740> it was sold as a kit
952[21:37:42] <valgren> yeah i really only listed things i've seen (the Zuse I in a museum, the Robotron computers in a company my grandpa worked, ...)
953[21:38:23] <wyatt8740> MSX i mentioned because it was a japanese thing
954[21:38:46] <wyatt8740> and i believe finland got them (finlant was only partially soviet-bloc, I know; it occupied a strange middle ground)
973[21:45:57] <wyatt8740> don't plan to do that here unless systemd _REALLY_ messes things up; that's the biggest difference between wheezy and current i think
974[21:46:22] <wyatt8740> well, that and newer libc and such
975[21:46:24] <wyatt8740> and kernel
976[21:47:20] <valgren> my own experience with upgrading the dist was that they changed the device paths to UUIDs and that screwed everything up, had to manually fix it, same later for the network cards...
1071[23:21:18] <Ede|Popede> heh, makes me think of all the fun some years ago on facebook and elsewhere where some rightwing idiots started the story that the antifa got paid by the government to appear at demonstrations
1072[23:22:06] <Ede|Popede> within a few weeks TONS of fake antifa-profiles appear claiming to be the official transportation company, the antifa union, antifa event catering, what not