libera/#devuan/ Wednesday, 2022-12-07

« Tuesday, 2022-12-06 Index Thursday, 2022-12-08 »
TwistedFateHello01:33
Xenguyo/02:05
onefangJust to remind everyone, exactly one week from now my server, sledjhamr.org, gets shut down coz the server company is moving a bunch of us to a new datacentre.  They tell me it'll take eight hours.04:02
onefangThey also assure me the latency and speed will stay the same, so you lot can keep recommending people use it as a Devuan mirror.04:03
onefangAnd for those of us using it for apt-panopticon, there's a bunch of others running it -04:05
onefanghttps://borta.devuan.dev/apt-panopticon/results/Report-web.html04:06
onefanghttp://veritas.devuan.org/apt-panopticon/results/Report-web.html04:06
onefanghttps://mishka.snork.ca/apt-panopticon/results/Report-web.html04:06
onefanghttps://ap.in.devuan.org/apt-panopticon/results/Report-web.html04:06
uncloudedWhat does this line from /etc/console-setup/cached_setup_keyboard.sh do?  "kbd_mode '-u' < '/dev/tty1'".  I read that "kbd_mode -u" sets the keyboard mode to UTF-8, but what does the redirection do?04:09
gnarfacenot sure why but seems to be reading the string console name from stdin instead of passing it with -C04:16
Guest9gnarface I'm a newb. What's a backports kernel? How would I do this?04:55
gnarfaceGuest9: there's a special optional set of packages for the stable release that are newer than the normal rules for stable would allow, they're called backports05:00
gnarfaceGuest9: the instructions for doing it on debian work if you substitute devuan repo and release names05:03
gnarfacehttps://backports.debian.org/Instructions/05:03
gnarfaceif that doesn't work though i got nothing05:05
gnarfaceso basically instead of the line they say to add in your sources.list on that page, you use this instead: deb http://deb.devuan.org/merged chimaera-backports main05:07
gnarfaceand in the apt-get/apt-cache commands you use "-t chimaera-backports" instead of bullseye-backports05:08
gnarfacethe kernels are all named starting with "linux-image-" so you can search for that05:09
onefangThese backports are just versions of packages from later versions of Devuan.  So you can get a more recent kernel, Chimaera-backports is on kernel 6 now.05:09
gnarfaceGuest9: assuming you're on amd64 hardware the one you'd want to get is this one: linux-image-6.0.0-5-amd6405:11
gnarface...i think05:11
onefangI use that to support my newish graphics card, plus it has a fix for that twenty year old "fix" that slows down recent AMD Zen CPUs that didn't exist twenty years ago.  Twenty years ago it was a good thing for some CPUs.  But now with more recent ones, that have lots of cores, like my 64 core Threadripper, it slows things down.05:12
gnarfaceoh no, that's not it05:12
Guest9i have a librebooted thinkpad t40005:12
gnarfacei'm not sure what cpu is in that05:13
gnarfacecan you find out if it's 64-bit?05:13
onefanglinux-image-6.0.0-0.deb11.2-amd64 for Chimaera.05:13
gnarfacethanks onefang05:13
gnarfaceGuest9: this one^05:13
gnarfaceonefang: t400 is a 64-bit cpu right?05:14
onefangNo idea.05:14
gnarfaceih05:14
gnarfaceGuest9: make sure it's 64-bit, it probably is unless it's ancient but the last thinkpad i saw was ancient05:15
onefangAnd the version will be 6.0.3-1~bpo11+1 (stable-backports).  The bpo means backport.05:15
gnarfacehmm, google says it's core 2 duo, they didn't make those in 32-bit though they sold a few with 32-bit windows and lied about it05:16
gnarfacethe amd64 one should work afaik05:16
gnarfaceGuest9: if you run "uname -a" it should be clear05:16
onefangIn my case that says "6.0.0-0.deb11.2-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.0.3-1~bpo11+1 (2022-10-29) x86_64 GNU/Linux "05:17
Guest95.10.0-9-amd64 #1 SMP Debian 5.10.70-1 (2021-09-30) x86_64 GNU/Linux05:17
onefangAmd64 it is then.  B-)05:18
onefangAlso if you are using synaptic, then the option to pick the backport (or any other version) is Package menu -> Force Version... -> then select the wanted version from the drop down in the new window.05:25
Guest9So if I use Synaptic, I wouldn't have to use the terminal instructions in https://backports.debian.org/Instructions/ , correct?05:43
onefangSynaptic is a GUI wrapper around apt, so correct.05:44
uncloudedAre there tools to generate /etc/initramfs-tools/conf.d/resume, /etc/kernel-img.conf and /var/lib/urandom/random-seed, or do I create them by hand?05:49
Guest9I'm in Synaptic's "Kernel and modules" section and cannot find any "linux-image" greater than 5.10.1805:52
Guest9Is this a repository issue?05:52
Guest9I looked through my repositories, and I only have "chimaera" selected. Is it safe/stable for me to select the "chimaera-updates", "chimaera-security", and "chimaera-backports" repositories?06:11
onefangYou should have chimaera-updates, chimaera-security enabled for sure.  chimaera-backports is mostly safe and stable.  Consider that Devuan is based on Debian, and we both put great effort into being stable, selecting slightly unstable options is fine.06:14
onefangAh and you wont see the kernel 6.0 until you have backports selected installed.06:15
Guest9I'm sold. I've installed "linux-image-6.0.0-0.deb11.2-amd64" version "6.0.3-1~bpo11+1".06:41
Guest9I still don't see my bluetooth mouse on my blueman-applet, but I probably have to restart my system since I updated the kernel, correct?06:42
onefangCorrect, reboot if you changed kernels.06:45
onefangI tend to reboot if I change anything to do with the booting sequence.  So basically anything that updates the initram file system.06:46
Guest9In that case, I'll exit this chat to reboot. onefang , gnarface , thanks to both of you for the help.06:55
Guest9Hopefully this works.06:55
onefangYou are welcome, and good luck.06:55
gnarfaceunclouded: those are all packaged or generated files yes, though off the top of my head i don't know exactly by what, i know you don't create them by hand07:02
gnarfaceunclouded: er, maybe the resume file is manually created, not sure, that one i don't have here07:05
gnarfacethat one might only be needed if you have multiple swap partitions and it picks the wrong one07:06
gnarfacehmm, i'm not sure if that thinkpad Guest9 had needs nvidia drivers from non-free or not, but if it does they need to come from backports too or they most likely won't work... someone needs to pass the word along07:29
TwistedFateDoes anyone here use BIND as DNS on Devuan?09:46
TwistedFateHow would one go about setting it up as a basic DNS server to use the root servers?09:46
TwistedFateI once had it setup but I forgot how09:46
FatPhilIf you're not bound to bind there are much easier DNS servers to manage. I found MaraDNS trivial back in the days I wanted to run my own server.09:59
bb|hcbTwistedFate: The default setup does just that (I suppose you are going to use it as a caching resolver)10:01
bb|hcbThe only part to configure is to allow recursion for the intended clients.10:02
bb|hcbFor authoritative DNS bind has certain flaws, I'd recommend using nsd10:03
TwistedFatebb|hcb ah, how does recursion config goes?10:29
ravehaver9000quit12:11
ravehaver9000sorry12:11
ravehaver9000kinda new to irc clients, was gonna say i reset dpms tho12:11
ravehaver9000now to test if it werks12:11
ravehaver9000i still get the modprobe error after booting but i dont think i should worry much about it anyways. decided not to fuck around with the persistence daemon either.12:15
ravehaver9000anyways, im really enjoying using devuan these days. ive mostly used arch-based distros (including arch) before so moving to devuan was already kind of a change of pace from the beginning, but honestly i really like this distro the most out of all the ones i've used.12:17
ravehaver9000i unironically feel like arch these days has lost all its "diy" reputation it had with archinstall and similar stuff (ironically, its diy apprach made it so popular it just works now), and i unironically feel like debian-based distros, most notably devuan in testing and unstable give that exact same do it yourself feeling arch was meant to give12:19
ravehaver9000for one, yesterday was like the first time i ever had to downgrade my kernel. it wasnt really hard but it was still a pretty nice achievement for me12:19
bb|hcbTwistedFate: apt install bind9; it will do recursive lookups for all local ips by default; if you want to add more ranges, then add these to /etc/bind/named.conf.options: allow-recursion { localnets; localhost; 10.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; }; allow-query-cache { localnets; localhost; 10.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; }; ...and obviously change the perfixes12:56
bb|hcbLet me stress that it is REALLY a bad idea to have an open resolver answering to anyone. [OK, it is possible with complex rate limiting]12:58
gnarfacedamnit ravehaver9000 was back again someone please please tell him if he comes back i meant DKMS NOT DPMS15:46
* gnarface signs15:46
* gnarface sighs even15:46
jjakobsteal-ctty segfault, something about can't open reopen-console16:59
jjakobin chimaera minimal iso16:59
jjakobhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932149 yeah I have just 512mb17:03
jjakobthe netinstall iso actually17:06
gnarfaceand no swap?17:06
jjakobit's booting from usb, how can it have swap17:08
jjakobit's the iso17:08
gnarfacewell, it can still get it, believe it or not17:10
gnarfacebut you're saying this happens before disk partitioning?17:10
gnarfaceor you're saying the usb is the system disk?17:11
jjakobyeah immediately as it starts to boot17:11
gnarfaceoh, bummer17:11
gnarfacehmm17:11
jjakobno, just booting the installer17:11
gnarfaceand that's in text mode?17:11
jjakobI'm searching for a 1gb ram stick17:11
gnarfacenot graphical mode?17:11
jjakobexpert mode17:12
jjakobisn't netinstall text mode always?17:12
gnarfaceuh, i didn't think so, i thought it also had a graphical mode these days but it's been so long since i've used it17:14
gnarfacenot graphical like the live image that boots to a full desktop, but a interface analogous to the text one but with X11 rendered buttons and mouse support etc17:15
jjakobshould I try DEBIAN_FRONTEND=newt? or text?17:17
jjakobnow that I found the 1gb stick, lol17:17
gnarfacei'm not sure honestly, i'd try the 1GB stick17:18
jjakob1gb stick works, frontend didn't17:25
jjakobit's text anyway17:25
gnarfacenoted17:25
gnarfacethis is a bad bug but i don't know any other tricks except to just do a debootstrap install instead17:26
gnarfacesorry :(17:26
xisophello. as of late, i've been having issues with i3 and possibly firefox. the issue is that the window manager stops responding to right mouse clicks. I was just wondering if anyone has reported anything similar? i've only noticed it within the last 24-48 hours18:49
xisopi've submitted a bug report to i3's github issues page and will be waiting on their team to respond18:49
gnarfacenothing i've seen so far, i'd try a different WM for comparison, and if it's happening in both i'd start to suspect the mouse itself18:49
xisopthe thing is that if i restart i3, it's fine18:50
xisopwhat's a recommended way to look into issues with the mouse?18:50
mdti had that lately and it was indeed the mouse ;)18:50
xisopmdt: what wm did you use?18:51
gnarfacexisop: interesting, can you isolate a series of specific steps that cause it to start misbehaving? it could be some program grabbing focus and then sticking on it18:51
gnarfacexisop: usually errors related to x11 go into the xorg log18:51
xisopgnarface: i wish it was more specific, but all i have to do is use firefox for about an hour or two18:51
xisopgnarface: i will look at the xorg log18:52
gnarfacefirefox is one program i've previously noted that's very bad about stealing focus especially when changing between adjacent windows too fast18:52
xisopi upgraded to firefox 107.0.1 thinking it would fix it, but it didn't. i think it might also be related to using youtube18:53
xisopi will try to get more details18:54
gnarfaceanother thing you could try is seeing if you can recreate it without firefox18:54
xisopyoutube made me think of stealing focus because it usually has a fullscreen interface18:54
xisopgnarface: ok, i'll try that too18:54
gnarfaceyea, i have problems with focus stealing if i'm using two fullscreen windows on adjacent desktops (not using i3 but since it's tiling, the way it tiles may make tile borders act similarly)18:55
xisopfwiw, i was thinking it was related to this which is why i upgraded firefox https://www.mozilla.org/en-US/security/advisories/mfsa2022-48/#CVE-2022-4540418:59
mdtxisop: same setup ;)19:00
mdtbut is was the switch in the mouse, i replaced it and it was gone19:01
xisopmdt: the switch?19:02
xisopi'm going to build i3 from source and then go from there19:02
mdtbehind the left mouse button, its a micro switch that sometimes did not fire19:02
xisop(latest version, i mean)19:02
mdtgive a mouse-change a try ;)19:03
xisopmdt: but then how does that explain it working fine after logging out and back in again?19:04
gnarfacemaybe you're subconsciously pressing it harder?19:05
gnarfacemaybe it's cooling down or something? i had an optical sensor in an old mouse go out in a way where if it were unplugged for half an hour it'd work again for 5 minutes19:06
xisoplet's say i am pushing harder. would that be fixed by restarting i3?19:07
gnarfacei'm saying, it seems very unlikely but slightly possible19:08
xisopi see19:09
gnarfacetry a different WM to be sure19:09
_ds_You could confirm whether it's the mouse by watching input events.19:09
xisopi'm not trying to be a jerk, i'm just trying to follow the line of questioning19:09
gnarfacei've seen weird shit happen it's pretty rare though19:09
gnarfacekeep in mind when the driver re-inits there's gonna be a slight surge in power19:10
gnarfacevery slight, but possibly enough to clear some sort of hysteresis in a switch that's only barely damaged19:10
gnarfacei think it's more likely you're running into an issue specifically with i3 and certain programs19:10
xisopk19:11
gnarfacethe only way to REALLY test that would be deductively, with a different WM19:11
gnarfacebut, you can always try out xev to see if you can catch the mouse signals there when firefox isn't seeing them19:11
gnarfacethat could at least isolate the issue to firefox19:11
gnarfaceyou should be able to have multiple WMs installed concurrently and change between them19:12
gnarfaceif you're using "startx" it's easy but it's still possible if you're using a graphical login19:13
_ds_hexdump -C $(sudo lsinput|grep -i mouse -B5|head -n1)19:13
_ds_(note: lift the mouse to remove interference from motion events)19:13
xisopi will keep an eye on it. thank you immensely for the help gnarface , mdt, _ds_19:15
xisoptechnically, if i'm using i3, the mouse is the enemy :P19:16
_ds_Enemy? Hmm. i3 must be a cat equivalent, then.19:17
xisopyou can do a lot without the mouse in i319:17
xisopit's the only reason i use it: i can avoid using the mouse to manage workspaces19:17
gnarfacexisop: it tends ot have problems with opengl fullscreen contexts when they are tiled, and firefox has been using opengl rendering by default for a while... it occurs to me you might be able to also test by disabling that in firefox (hardware accelerated page rendering, or whatever firefox calls it)19:18
xisopi believe i disabled hw rendering, but let me double check19:18
gnarfaceif it stops happening entirely after that, you pretty much know19:18
xisopconfirmed: hw accel is disabled19:18
gnarfacehmm, so much for that theory then19:18
gnarfacewell, xfce is pretty well known around here, i like enlightenment though19:19
gnarfaceenlightenment does also have a tiling mode19:19
gnarface(though i suspect there's a possibility it's the inherent behavior of tiling that could be causing this)19:19
xisopenlightenment.. not sure i've used that, though i do beleive i used a terminal emulator for it and it was quite beautiful19:19
xisopi'd like to see what building 4.21.1 from source could do for me.19:20
xisopninja is such a fast build system. that i3 compile was over in no time19:32
uncloudedThanks gnarface.  I'm making a comparison between debootrap and an installation at https://pub.rui.nz/debootstrap_vs_installation.html and these are the last three differences.  It's good to know that /etc/initramfs-tools/conf.d/resume is not essential19:58
gnarfaceunclouded: i think that if you run update-initramfs it will tell you which partition is currently designated as the resume partition and the variable you need to define to override it19:59
gnarfacei believe you'll also see the same info whenever installing a new kernel20:00
gnarfacemy assumption is that the kernel-img.conf file comes from the kernel package pre/postinst scripts and the urandom offset is generated by the kernel itself or maybe udev, but those are just guesses20:01
uncloudedHmm.  I already installed a kernel in the bootstrapped system and it didn't generate these files.  I'll keep looking20:01
gnarfacethe system i'm looking at also has had a number of custom kernel packages created with the kernel-package tool so that might be where i got them20:02
uncloudedAh, so you have those files in a tree created by debootstrap?  Interesting20:02
gnarfaceah, no i have those files in a tree created by multiple updates of debian unstable20:03
gnarfacei'm just now checking another system which was created by debootstrap but does not have a packaged kernel is also missing the /etc/kernel-img.conf file, but does have the /var/lib/urandom/random-seed file20:04
gnarfaceso it looks like kernel-img.conf is also optional20:04
uncloudedOK.  I am wondering if they're created by the installer rather than a dpkg-reconfigure20:04
gnarfacepossible based only on the examples i have here, but i note that kernel-img.conf man pages show up in the linux-base package and kernel-img.conf examples show up both in kernel-package as well as a custom packaged kernel i made with it20:06
gnarfaceso that's why i thought kernel-img.conf might have something to do with packaged kernels20:06
gnarfacethe random-seed file being present on a install i made with debootstrap and no packaged kernel suggests to me it's generated on the fly after boot20:07
gnarfacei don't really know for sure at this point20:07
uncloudedNice.  I plan to boot this system, so will find out if random-seed is generated at boot20:08
gnarfacethe system without the packaged kernel is also not using an initrd.img, and on that one the entire /etc/initramfs-tools/ directory is missing20:09
gnarfaceso you don't need any of that if you're not using an initrd.img apparently20:09
uncloudedI guess that makes sense.  I plan to use a regular packaged kernel, which is already installed in the bootstrapped tree20:10
uncloudedit might not be critical.  The man page says do_symlinks has a default value and the packaged kernel has created the /initrd.img symlink and others20:13
xisoplooks like i3 won't support bug reports for older versions. i'll update here if i run into any issues with v4.21.120:45
Udo21:06
smplxisop; I've experienced broken left-clicking in the most recent update of FF on Mint.22:27
deuxexmachinahttp://dev1galaxy.org/viewtopic.php?id=419122:33
deuxexmachinaI realize this is 4yo... But do many devuan users use unattended upgrades?22:34
deuxexmachinaWondering if I should just use debian if I want unattended upgrading reliably long term on production22:34
deuxexmachinaWould prefer non-sysd ofc22:34
deuxexmachinanevermind, not 4yo, only about 1yo22:35
deuxexmachinaalso curious how many issues devuan has not experienced since the fork that debian has... I'm guessing there's a thread showing off its simplicity with examples like that somewhere?22:36
* gnarface shrugs22:39
gnarfacei don't think we do a lot of gloating around here22:39
gnarfacei could be wrong22:39
deuxexmachina:(22:40
deuxexmachina*seeks gloat*22:40
gnarfaceit would be easy to find that info though22:40
deuxexmachinacould be phrased as incidents22:40
deuxexmachinaas far as i can tell so far devuan should benefit from all of debian's security work22:40
deuxexmachinabut i could be wrong22:40
gnarfaceit seems to22:44
gnarfaceand it's immune to any systemd-specific problems22:44
gnarfacedeuxexmachina: try asking in #devuan-offtopic, i think golinux might have been keeping score somewhere. this channel is more about support issues (as you can see there aren't many but we like to keep it that way)23:02
deuxexmachinawhy golinux - how's that related to devuan?23:06
deuxexmachinagnarface: sounds good... So long as a bunch of other devuan users are depending on unattended upgrades23:07
deuxexmachinawhich I guess could be partially debian-specific, based on that thread I pasted23:07
gnarfacei meant about the "issues" score vs systemd23:08
gnarfacei don't actually know how many users are depending on unattended upgrades, i know there's at least 2 who asked about it but it's actually not something we advise using just because of the inherent risks involved23:09
deuxexmachinaBut debian doesn't advice against it, do they?23:18
deuxexmachinasome people have relied on that across many production servers for years without issue...23:19
gnarfacereally? it's a surprise to me if debian doesn't advise against it, it's quite reckless23:22
gnarfacenothing devuan specific about that, you should always know what is being installed on your system, over-automation leads to problems23:22
gnarfaceanyway it'll work if you wanna use it, but i personally would advise you always check your updates23:23
gnarfacethere's a simpsons episode about a plastic water-bird that seems relevant here23:23
xisopi've been locked out of servers because of failed upgrades that happened without my approval23:23
xisopit's usually debian or ubuntu servers that just kinda do whatever they want23:24
xisopthen you have to launch recovery console in digital ocean or physically get on the box23:24
xisopthat's just one man's use case though, but i've found it's easier for me to be in control of upgrades23:25
gnarfacejust seems like an unnecessary risk to me too23:25
uncloudedsame23:25
gnarfacelike i said though, it's been asked about at least twice before, and i know those two people used it successfully23:26
uncloudedI can cause enough trouble for myself on remote servers even without unattended upgrades ;)23:28
deuxexmachinagnarface: but as i understand it unattended upgrades is only for mission critical fixes, stuff that should break - like mandatory security patches23:28
xisopi think the problem is when you get those upgrades that force you to make a decision about the config file powering that package23:29
deuxexmachinawell if i can figure out how to do very clean live migrations of a VPSs networking and its docker containers - then I'll just deploy fresh images each time and migrate...23:29
deuxexmachinapeople say not to use rolling releases on servers too and I've had way fewer problems on those than the popular choices23:30
xisopbtw, TCL might be of use to you if you want to control those types of things23:30
deuxexmachinaeverything on the servers in question is run in docker too, except some backup init scripts23:30
xisoptcl is made for this sorta thing... granted you are aware of the output these tools give you23:31
deuxexmachinathe security work, especially reproducible builds, is a main reason I'm considering debian for these servers23:31
xisopdebians solid. i just dont know how to audit systemd23:31
deuxexmachinawho does :P23:32
xisopor if it's been attempted, or what the status is23:32
xisopwell, i guess that's why we're all here eh :)23:35
deuxexmachinaa devuan forum post says use sysvinit if you're priority is keeping the server running23:35
deuxexmachinabut id choose runit due to familiarity23:35
deuxexmachinaI'd want to*23:35
deuxexmachinawhat's the sentiment here about the reliability of the various init choices?23:36
gnarfacerunit is fine, sysvinit is just the one that more people around here can actually help you with23:36
xisopi've heard good things about openrc, though i don't know much about it23:36
deuxexmachinaI'd be happy with openrc as well, would just prefer not to use sysvinit since i havent used it in forever23:36
deuxexmachinamostly use runit these days because my workstation is on void23:37
gnarfacesysvinit is also the one with the most populated set of startup files, though debian sometimes deletes them without cause23:37
xisopwell, regarding init choices... for me, it's a security issue.23:37
xisopi don't look at sysvinit and wonder what the motivation is. i look at systemd and can't help to think that it wants to *become* linux23:37
xisopwhen you have a firm grasp on the security issues that matter to you, you don't want to have to just assume a program does what it says it does23:38
xisopthe same sort of sentiment applies to people with windows gaming rigs. they hate windows but can't run their high end games on linux23:39
xisopand how do you audit windows if it's closed source. you just have to assume it works23:40
xisopi'm forced to assume the bad choices (in my opinion) of systemd's issues (like scope creep) are leading to something that's not terrible23:41
xisopless cognitive load, less to think about when you have one thing that does one thing23:41
deuxexmachinaxisop: ya same here23:42
deuxexmachinaand same with wayland23:42
gnarfacei just don't like shit changing out from underneath me and causing more workload23:42
deuxexmachinatho i dont care about gui because i wont use debian-based stuff for desktop and workstation anyway23:42
deuxexmachinagnarface: indeed23:43
deuxexmachinaWould like to do security-only unattanded upgrades tho, since these boxen only run docker, ssh, and some backups scripts. Then can deploy new images for major upgrades.23:44
« Tuesday, 2022-12-06 Index Thursday, 2022-12-08 »

Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!