libera/#devuan/ Wednesday, 2018-10-10

XenguyThere must be a protocol for troubleshooting, or decommissioning, mirrors02:30
XenguyOne would want to be able to yank a mirror if it is broken, for example02:31
golinuxThere is and 99% of the time issues are user error.02:37
XenguyGood ol' PEBCAK02:49
EHeMThere seem to be a number of documentation failures too (out of date, not updated).02:51
XenguyIn my experience that is Situation Normal for must documentation period02:53
Xenguy*most02:53
golinuxEHeM: Fell free to correct/rewrite documentation errors or at a minimum report them04:08
golinuxFell > feel04:08
bjbHow can I lock the screen and start a new login session?  I used to use gdmflexiserver, but I can't seem to find it any more.05:26
ServiceRobothello peeps05:41
saptechbjb, are you using gdm? I use lxdm or lightdm can switch screen sessions05:45
saptechThe Switch User feature05:46
bjbsaptech, xfce405:48
bjbI will try those, thanks05:48
saptechyw05:54
Unit193`dm-tool switch-to-greeter` for lightdm, but that won't lock the session.05:56
dundeeWhere do I get the Beowulf .iso from?07:16
dundeeDo I install a package or run a command to migrate an ASCII installation to it? Is it just a matter of changing repos?07:18
ChankuI don't think there is an .iso yet, although Beowulf is relatively unstable at this time.07:19
plasma41dundee: There isn't a Beowulf ISO.07:20
ChankuIf you wish to migrate from ASCII to it though, change stable to testing in the sources.list (or change ascii to beowulf although not sure if that would work).07:20
ChankuPlease note that things *WILL* probably break and be broken.07:20
dundeeHow broken are we talking here? Individual package breaking or apt breaking?07:20
plasma41I am running an ASCII system, but I have selectively installed specific packages from Beowulf as needed.07:22
dundeeplasma41: I'll do that then. How do you selectively install packages from Beowulf?07:24
plasma41dundee: Add beowulf to your sources.list file temporarily, then apt-get update and install the package(s) you need, then remove or comment out beowulf in your sources.list and apt-get update again07:26
plasma41dundee: What package(s) do you want from Beowulf?07:28
dundeeplasma41: Updated versions of Emacs. My understanding is that ASCII is like Debian Stable, and so I wouldn't have versions of Emacs with recent features like multithreading.07:37
plasma41Which version of Emacs introduced that?07:43
gnarfaceascii has emacs24 and emacs25.  you guys should try ascii-backports before resorting to beowulf though07:46
gnarfacelast i heard, beowulf was pretty broken with regards to desktops07:47
gnarfaceit might be fine for headless servers though07:48
plasma41dundee: AFAICT, the version of emacs you're describing is version 26 which is not yet even in Debian Sid yet.07:57
plasma41dundee: If you would like to use the latest version of emacs, I would recommend you either compile it from source or install the Guix package manager and install emacs from Guix.08:03
golinuxdundee: In Devuan ALWAYS use the <releaasename> in sources.list not stable, testing etc.08:14
* man_in_shack waves08:20
plasma41o/08:20
man_in_shackpersistent-net udev rules not working for me08:24
man_in_shacksomething is trying to bring the network up before udev renames it :|08:30
man_in_shacki'm getting "IP-Config" lines about my 2 network cards in boot before udev08:31
gnarfaceis that on ascii?08:31
man_in_shackascii/ceres, ye08:32
man_in_shacki want one card dhcp and the other left unconfigured. these "IP-Config" thingies both mention dhcp08:37
gnarfacehmmm, i just saw something going strange on an ascii box here08:39
gnarfacei suspect it might be related but i was about to attempt to solve it by uninstalling the dhcp client again08:39
gnarface(not sure what pulled it back in anyway, wasn't using it)08:39
gnarfacethere should be a config file somewhere that you set explicitly which ethernet devices you want dhcp activated for.   i do remember that it will try them all if you don't change it, but i don't remember what the file was.  something in /etc though i think...08:40
gnarfacemaybe something to do with wpasupplicant08:40
man_in_shackwell this is all wired ethernet here08:41
gnarfaceoh, then it wouldn't be wpasupplicant08:41
gnarfaceactually, what i recall now i think is that it can be wpasupplicant too08:42
gnarfaceif you're using it08:42
gnarfacebut since you're not... i guess the first place i'd look is in /usr/share/doc/[package name] for your dhcp client08:42
man_in_shackgonna have to murder wicd then :P08:43
man_in_shacknot that i have a wifi connection atm08:43
man_in_shackwill give it a try08:44
gnarfaceoh08:44
gnarfacehuh08:44
gnarfacewicd might have settings for it honestly08:44
gnarfacei'm not using that either08:44
gnarfacei don't use much of the default stuff really, i sorta had my own setup from prior to devuan08:45
man_in_shackthis is well before wicd starts though08:45
man_in_shackhm08:55
man_in_shackhave tried redownloading initramfs-tools08:55
man_in_shackthere's some nfs stuff in there08:55
man_in_shackwheeee i broke it :D08:56
man_in_shackok08:57
man_in_shackso it's either an initrd thing or a kernel thing :|08:58
gnarfacedo you have a custom kernel/09:07
gnarface?09:07
man_in_shackyah (:09:08
gnarfacehmmm, i recall that there is a in-kernel dhcp option possible now.  perhaps it's activated accidentally09:10
gnarface?09:10
gnarfaceyou might be able to disable it with a kernel command-line option09:10
man_in_shackcould be09:14
man_in_shackmost of my problems stem from coming from debian unstable (:09:20
man_in_shackok i don't think it's kernel. CONFIG_IP_PNP_DHCP=n09:30
man_in_shackok09:34
man_in_shackfound networking stuff in initramfs-tools09:34
man_in_shackfor nbd and aoe09:34
man_in_shackwhheee09:41
man_in_shack"ipconfig: no devices to configure"09:41
man_in_shacknbd was the problem09:41
gnarfaceah09:43
gnarfaceyea that would make sense09:43
man_in_shackgah09:45
gnarfacecan't you just like, not try to mount any network block devices until after the network is up?09:46
man_in_shackwell that would be the smart thing to do, wouldn't it, whoever it was who decided to put nbd in initrd :P09:46
gnarfacehmmm09:46
gnarfacei assumed it would be dormant unless something it needs is on the network09:47
gnarfacebut i guess i don't know09:47
man_in_shackvery close to target now09:51
KatolaZEHeM: can you please articulate on your "breakage"?10:18
KatolaZI really would like to pin it down, but I can't reproduce your problem10:19
KatolaZEHeM: shouting and swearing won't have your problem solved :)10:20
KatolaZwe have no other report of a similar breakage10:20
KatolaZand your is not the only installation using deb.devuan.org10:20
KatolaZthe mirror in question serves all the packages and release files10:20
KatolaZfor jessie, ascii, beowulf, and unstable10:20
KatolaZ(including InRelease)10:21
KatolaZif this were not the case, almost anyody here would experience the very same issue10:21
KatolaZeveryday10:21
KatolaZso there must be somthing wrong somewhere10:21
KatolaZif you are willing to help, we can try to pin it down10:21
KatolaZI have asked you to provide your sources.list, which is something you have refused to do so far10:21
KatolaZwhen you are ready to collaborate, just shout10:22
EHeMKatolaZ: Check the logs of #devuan, there is at *least* one other.10:35
EHeMKatolaZ: Quote the refusal.  (hint, things could be misconstrued as a refusal, but no actual refusal happened)10:37
KatolaZEHeM: please paste your sources.list10:38
KatolaZyour full sources.list, please10:38
KatolaZ(that's an explicit request, can't be more explicit than that, I guess)10:39
EHeMKatolaZ: I suspect most users are experiencing the issue every day, but since `apt-get`'s output is voluminous they don't notice the error buried in there, or they get an error from a GUI, but retry and the error disappears due to the magic of round-robin DNS.10:40
KatolaZEHeM: I can't reproduce your problem10:40
KatolaZand I am administering a couple dozens of devuan machines10:40
gnarfacei can't reproduce it reliably here, but it happens occasionally.  i've been assuming that mirror is updating, and i try again.  i have had to be careful to pay attention so i don't miss any10:41
KatolaZEHeM: would you please post your sources.list?10:41
gnarfacebut i haven't paid close enough attention to figure out if it's the same one failing every time10:41
EHeMKatolaZ: Do you have a cache for APT in front?  Do they have special permissions or magic IP addresses which get special treatment?10:41
KatolaZnope10:41
KatolaZno apt cache10:42
KatolaZno special treatment10:42
KatolaZthe same dns round-robin10:42
KatolaZfrom all around the world10:42
KatolaZnow, please, EHeM would you be so kind to post your sources.list?10:42
EHeMgnarface: The error likely disappears due to your second running of `apt-get` going to a different mirror which doesn't have the problem.10:42
KatolaZEHeM: see the request above, please10:43
EHeMKatolaZ: Would you prefer a single line which reliably produces the error?10:43
KatolaZno10:43
KatolaZI would prefer to see your full sources.list, if you want me to help out10:43
EHeMKatolaZ: I'm concerned about doing multi-line cut and paste to this channel, but if that is what you want.10:44
KatolaZuse any pastebin, please10:45
KatolaZor you would be banned by a bot :\10:45
KatolaZcurl -L -F c=@- https://ptpb.pw <$FILEIN10:46
EHeMhttps://ptpb.pw/dz7U10:47
KatolaZjust remove the / after "merge"10:49
KatolaZ"merged"10:49
KatolaZit shouldn't make a different, but some redirects might actually fail10:49
KatolaZEHeM: ^^^10:50
EHeMKatolaZ: "deb http://37.220.36.58/merged ascii-updates main" reliably fails "404 Not Found".10:52
KatolaZEHeM: which command are you using, please?10:53
EHeM`apt-get update`.10:53
KatolaZ(and why are you putting the mirror IP there?)10:53
KatolaZthat mirror is not available at the named IP10:53
KatolaZit is available either behind deb.devuan.org10:53
KatolaZor as sledjhamr.org/devuan10:54
KatolaZnot directly at the IP10:54
KatolaZplease see https://pkgmaster.devuan.org/10:54
EHeMKatolaZ: Otherwise it will connect to any mirror and not reproduce.10:54
KatolaZsorry10:54
KatolaZhttps://pkgmaster.devuan.org/mirror_list.txt10:54
KatolaZthen you should use http://sledjhamr.org/devuan/merged10:54
KatolaZnot the IP10:54
KatolaZ-_-10:54
EHeMThat I can do.10:54
EHeMKatolaZ: Okay, that worked (with the '/' too).10:56
KatolaZok10:57
KatolaZthen use codenames10:57
KatolaZand everything should be working10:57
EHeMKatolaZ: I'll have to wait a while before it can be called worked around, since it might work with that URL, but fail with the appropriate round-robin one (https://us.deb.devuan.org/merged/).10:57
KatolaZtry the round-robin10:57
KatolaZwe are chacking the round-robin *continuously*10:57
KatolaZand *automatically*10:57
KatolaZany fault is reported within 2 minutes10:58
KatolaZand acted upon, if needed10:58
KatolaZthe fault you exprienced with the round-robin is most probably due to the usage of "stable" instead of "ascii"10:58
EHeMKatolaZ: Yet this wasn't detected despite being present for 2+ months.10:58
man_in_shackok10:58
KatolaZwhat wasn't detected?10:58
man_in_shacklooks like aoe won't do what i want10:58
man_in_shackand nbd is evil10:58
EHeMKatolaZ: Tries that with "stable", no difference.10:58
KatolaZthe fact that you used "stable" instead" of "ascii"?10:58
KatolaZo_O10:59
EHeM^Tries^Tried10:59
KatolaZEHeM: please test it10:59
KatolaZand report any misfunctioning10:59
EHeMKatolaZ: Right now it *appears* functioning.11:00
KatolaZgreat11:00
EHeMKatolaZ: I'll give good odds it will fail next time that particular mirror is hit via round-robin.11:01
UlrarHi, I'm trying to use your version of debootstrap but whatever I do it seems to select systemd anyway, even with --exclude systemd,libpamsystemd,systemd-sysv,libsystemd011:24
Ulrar(And I can't manage to get it to work with fakechroot, but that's a separate issue)11:24
UlrarIsn't the whole point of maintaining your own version to avoid that forced dependency on systemd ?11:25
Ulraram I missing something ?11:25
EHeMKatolaZ: I hope the test is done using `curl` for the normal URL, but using the "--resolve" option to force it to load from a particular mirror, otherwise the test isn't covering much.11:28
gnarfaceUlrar: systemd shouldn't be in there, but libsystemd is still inextricable.  it's probably harmless though.11:32
UlrarI do see the actual systemd package11:33
Ulrar(in the chroot error, but still)11:33
gnarfaceyou're using ascii?11:33
Ulrar"stable" as indicated in the readme for your deboostrap11:34
Ulrarshould I replace that by ascii ?11:34
gnarfaceyes but it should be the same thing11:34
UlrarCould it be pulled by something, maybe linux-image-amd64 ?11:35
gnarfaceanything's possible, but i doubt it11:36
gnarfacewhat mirror are you using?11:36
UlrarIn any case I do have that in the list : /var/cache/apt/archives/systemd_232-25+deb9u4_amd64.deb11:37
UlrarNot sure11:37
Ulrar./debootstrap --variant=fakechroot --components=main,contrib,non-free --arch amd64 stable /some/path11:37
gnarfaceyea uh, i have no idea why that works at all11:37
gnarfacepoint it at a devuan mirror11:37
Ulrar:/ I just copied the readme and added the variant11:38
UlrarLet's see11:38
gnarfacethe readme didn't include a hostname in the command? really?11:38
gnarfacelots of the documentation hasn't been updated since debian, i don't know if this is any exception to that11:39
Ulrarhttps://git.devuan.org/devuan-packages/debootstrap11:39
UlrarIt does indeed reference debian11:39
UlrarHadn't realised11:39
gnarfaceit's worked for me but i've never read that readme and i always specified the mirror url on the command line11:40
Ulrar./debootstrap --variant=fakechroot --components=main,contrib,non-free --arch amd64 ascii /some/path http://deb.devuan.org/merged11:43
Ulrardoes that look correct ?11:43
UlrarI've never used deboostrap before, nor devuan11:44
gnarfaceoh11:44
gnarfacei think so, lemme check my notes...11:44
Ulrarbut I figured it might be better this way than removing systemd from debian like we usually do11:44
gnarfacehttp://paste.debian.net/1046656/11:47
gnarface^ that's the manpage from ceres, it's been updated for devuan11:48
gnarfaceyour commands looks right, i think11:49
gnarfacebut i think you'll need fakechroot to actually be installed though too11:49
gnarfacei'm not sure if it uses fakeroot for that or what11:49
UlrarAh great, thanks11:50
UlrarYeah I have the fakechroot stuff11:50
Ulrarit doesn't work, but it's there11:50
gnarfaceit might complain about the keyring11:50
Ulrarbut maybe it's something to do with that repo, maybe now it'll work11:50
Ulrarah, good point11:50
gnarfacei've never used the "--components"11:51
gnarfacei add contrib and non-free later, and usually just temporarily11:51
gnarfacebut i guess that might not make sense for all hardware11:51
UlrarOh, I just noticed11:51
Ulrarthe repo URL in the readme for deboostrap is wrong too11:51
UlrarI'm using the debian deboostrap ..11:51
Ulrarthat won't help11:52
furrymcgeeyou can debootstrap a netinstaller iso image11:56
UlrarWell I want a base system I can install stuff in with chroot. Then I'll turn that into an iso to make diskless web servers11:58
gnarfaceyou can use --include to add extra packages11:59
UlrarYeah but we have our own repo, and as I understand it deboostrap can't use two repos12:02
Ulrarso I'll just use chroot /blah /usr/bin/apt-get install .. after12:02
* man_in_shack flails12:04
man_in_shacknbd seems to work better than aoe but it screws with my network settings12:05
* man_in_shack flails12:45
man_in_shackok12:55
man_in_shackso current theory is neither aoe nor nbd pass ioctls. they just use open() to access the exported device12:56
man_in_shackwhich works fine for regular devices, but not encrypted opticals12:56
man_in_shackso ... i guess i can try iscsi next?12:58
gnarfacei still feel like you must be overlooking an easy way to mount after boot13:09
gnarfacei forget if there's another alternative to iscsi or not13:09
man_in_shackmounting is the least of my problems (:13:14
man_in_shackif it was just a matter of mounting, i could use nfs13:19
furrymcgeewhats wrong with nbd and network settings?13:24
man_in_shacksomething about the way it works in initrd initialises network devices before udev gets a chance to rename them13:25
man_in_shackiscsi looks like what i want. istgt package actually has examples for dvdrom13:25
HumanG33kKatolaZ, Do you know where i can found a good tutorial doc for make a devuan repository (first a private mirror and after a public one) if it can mirroring throught tor it’s perfect :)14:54
KatolaZHumanG33k: is that for personal use?14:54
HumanG33kfirst yes14:54
KatolaZthen you should use apt-mirror or debmirror14:55
HumanG33kand after a public one14:55
KatolaZbut you still need to set the needed rewrites14:55
KatolaZas explained at:14:55
KatolaZhttps://pkgmaster.devuan.org/devuan_mirror_walkthrough.txt <- HumanG33k14:55
HumanG33kthx14:55
KatolaZnp14:56
* man_in_shack flails14:59
KatolaZHumanG33k: on dev1galaxy there must be a (short) tutorial I wrote about using apt-mirror and/or debmirror15:00
KatolaZbut I don't remember where :\15:00
man_in_shackiscsi is connecting but getting i/o error on read15:00
rrqKatolaZ: "dh1" is searchable :)15:01
HumanG33krrq, KatolaZ i will search15:02
rrqhmm hould be d1h15:02
rrqs15:02
* rrq is lyxdexlic tonight15:03
man_in_shackgoddammit15:05
man_in_shackread works on usb disk but not on dvd15:05
driskWhat's the difference between linux-image-4.9.0-6-amd64 and linux-image-amd64?15:34
telst4rthe other is simply just a metapackage pointing to the other.15:36
driskThanks15:36
driskSo none at all then. Curious.15:36
telst4r4.9... is a real package, the linux-image-amd64 just points to that (or some other version, if it's updated in future).15:37
telst4r"real" as in 'complete', or something that actually includes a kernel.15:38
man_in_shackok now15:38
* man_in_shack flails wildly15:39
telst4rif you install the one without kernel number, it should forcibly install a versioned one15:39
telst4rwhat?15:39
UlrarSo that's strange, it works but as soon as I try to have ca-certificates installed in the chroot it hangs (on a grep in the post-inst for some reason)15:40
Ulrarread the script, I don't understand what can hang there15:40
debdogif you want a specific version, install that with the version number. if you want your system to automagically install the latest version use the meta package15:40
man_in_shacki am out of ideas to get my dvd drives accessible over a network connection :(15:43
telst4rMy Jessie hangs on 3.16.0-6-amd64 but not -4-amd64, so it might be a worthy idea to still maintain an older, known-to-work version in handy incase the metapackage upgrades.15:44
man_in_shackaoe and nbd would probably work if i wasn't trying to watch encrypted dvds15:44
man_in_shacki haven't had luck with iscsi15:44
man_in_shackoh hey, there's an in-kernel iscsi i didn't see before15:55
man_in_shackkernel iscsi is for TYPE_DISK only :(16:08
man_in_shackooh16:10
man_in_shackor maybe not16:10
golinuxHumanG33k: https://dev1galaxy.org/viewtopic.php?id=193316:13
HumanG33koh thx golinux16:14
golinuxI think that's what you want.16:14
* golinux is just catching up this morning16:15
_stephen_what's the name of an off topic chat channel where devuan users congregate?16:40
debdog_stephen_: #debianfork16:40
fsmithredman_in_shack, pmount /dev/sr0 on one computer, then sshfs user@remote:/media/sr0 mountpoint16:44
fsmithredon the other16:45
man_in_shackfsmithred: doesn't work for encrypted dvds17:42
man_in_shacklibdvdcss needs to access the device node17:44
fsmithredman_in_shack, sorry I never tried with encrypted dvd, but pmount does work with encrypted drives.18:38
fsmithredoh, you want to watch movies from a remote machine?18:39
nemosooo ever since switch from ubuntu 14.04 to devuan ascii, I've had to remember to shut down my laptop entirely since it seems to fail to suspend19:38
nemoeven in 14.04 it was buggy, and about one time in, oh, twenty or so, I'd have to explicitly shut it down..19:38
nemoanyway. my inclination for something like this is to blame kernel or its params. I guess I should start by comparing an ubuntu 14.04 kernel config and boot params to a debian one19:39
nemounless anyone here more familiar with linux on laptops than I might know a simple obvious thing to try19:40
system16try shutdown -h (insert time here)19:41
nemosystem16: oooh yes19:42
nemosystem16: screw correct detection of lid19:42
nemoso long as I can make it happen who cares19:42
system16:)19:42
nemowell. assuming I can unsuspend19:42
system16i tried suspending my sftp server19:43
system16it didnt go well19:43
nemohah19:43
system16stick to shutdown -h19:43
system16unless u have a GUI19:43
nemooh. durn19:43
nemosystem16: I had to read the manpage for shutdown - I was hoping you were suggesting a suspend state, but it seems no19:44
nemosystem16: and yeah, it's a laptop, gui is pretty much a given19:44
system16my server is a netbook'19:44
system16it could not handle a GUI19:44
system16BRo. just go to the powersettings and sett a time to suspend after no use19:45
system16like debian19:45
system16or windows19:45
nemosystem16: that seems unlikely. I had a laptop that was a P166 (or a P233 I forget) with 96MiB of RAM and it handled a gui just fine ☺19:45
system16i meant a DE19:45
nemook. GUI vs DE is very different19:45
nemoalthough there are lightweight DEs19:46
nemoanyway19:46
system16i guess there is a setting like that in devuan ?19:46
nemobasically I need to suspend immediately when I'm ready to haul this off somewhere.  I guess I need to find a command that does that19:46
system16if windows has it19:46
system16in windows power>>sleep19:46
system16and in ubuntu19:46
system16and every other distro that i tried out.19:47
nemohm? not sure what you mean by power>>sleep19:48
system16in ubuntu there are 4 options19:48
system16shutdown19:48
system16restart19:48
system16sleep19:48
system16and the other one i cant remember'19:48
nemosystem16: just tested pm-suspend - it worked as expecte19:49
nemo*d19:49
nemoalso woke up correctly on opening the lid19:49
nemothat's good enough for me, I'll just do that19:49
* system16 will try that19:49
nemoit'd be nice if it was correctly firing on *closing* the lid, but whatever19:49
system16lets hope i dont brick my server19:50
system16like last time19:50
nemofrankly it was none-too-reliable with ubuntu 14.04 and the one in twenty time that it'd fail would be a nasty surprise19:50
nemo"oh look, my laptop back is making a weird sound"19:50
nemo*bag19:50
system16see ?19:50
system16devuan hates suspending19:50
system16ether on or off'19:51
system16lol19:51
nemoon worked fine19:51
nemoand. eh. if it ever fails (which has happened with this old sucky laptop before - I'd literally get the "blinking capslock key of death")19:51
nemorestarting is always an option19:51
KatolaZsystem16: have you tried to debug what happens during suspend?19:52
* nemo makes a quick desktop icon for gksudo pm-suspend19:52
system16lol i can barely navigate the linux shell19:52
system16i cant do a debug19:52
system16if a thing is more complicated than a donut , i will come to freenode for welp19:53
nemomy main fun at present is that we are apparently supposed to have "CylanceProtect Agent" on these laptops and they don't officially support Debian, and certainly not Devuan19:53
nemotheir installer supports upstart and systemd - so I wrote a little init wrapper19:53
system16btw i have tiny problem with my server19:54
system16i cant start it up when the lid is closed19:54
nemothen it failed because their LinuxHook.h/LinuxHook.c which fires off if they don't have a prebuilt kernel module was doing a naughty redefinition that was freaking out gcc 6 - so fixed that19:54
nemothen they were trying to do something that's IFDEF'd off by default in kernels but that I guess ubuntu 14.04/16.04 enables, so I changed *that*19:54
system16which means i have to unplug my netbook. pull it out . open the lid . start the damn thing. reverse.19:54
nemoI now have a kernel module that loads, but no idea if it's working correctly - hope the workplace lets me slide19:55
nemoI tried contacting their support but ofc zero interest in supporting non-"standard" linux19:55
system16are you talking to yourself ?19:55
nemoeh. just kind of a warning to denizens of unexpected consequences of abandoning the Ubuntu Way Ⓒ on a corporate laptop19:56
nemoI may end up just ditching this old crappy thing and buying myself my own damn laptop19:57
nemooddly enough they don't require "CylanceProtect" on personal equipment19:57
system16nemo, can i make my server power on when the lid is closed ?19:57
nemosystem16: WoL presumably19:58
nemoor anything else it might be listening for.  some systems have a button for that - mac keyboards for example19:58
nemosystem16: do you have a keyboard plugged in?19:58
nemosystem16: https://askubuntu.com/questions/848698/wake-up-from-suspend-using-wireless-usb-keyboard-or-mouse-for-any-linux-distro  this seems relevant19:59
nemosystem16: not to me ofc, since have no particular need for that use case19:59
system16nemo no no keyboards20:00
nemosystem16: anything whatsoever plugged into it?20:00
nemosystem16: seems like any USB gadget would work, like one of those fun big red USB buttons20:01
system16a kan cable and a power adapter20:01
nemothose are even wireless20:01
system16lan*20:01
nemocould wake it up by smacking a big red button20:01
nemopretty satisfying20:01
system16wake on lan ?20:01
system16how can i do that20:01
system16i found a l3 option in its BIOs20:01
nemosystem16: why do you want to suspend your sftp server anyway?20:02
nemoI generally like to keep my servers up 24/7 - that's kinda the point of a server20:02
system16nemo, because of arseholes trying to brake in20:02
system16i tried the ssh key thing'20:02
system16no luck20:02
nemouh... hopefully you're hardened enough that they are not going to be successful20:02
nemoregardless of how much it's active20:02
nemosystem16: also, considered autoblocking them?20:03
system16(and its a netbook. its not built to be on all the time)20:03
system16i have fail2ban20:03
system16but idk how to configure it20:03
fsmithredsystem16, try a non-standard port. All my break-in attempts stopped when I did that. (Unless someone is out to get you specifically.)20:06
unixmanProbably would work (caveat: I've not tried it) - https://www.atlantic.net/cloud-hosting/how-to-install-fail2ban-ubuntu-debian/20:06
system16fsmithred, i failed that too20:06
fsmithredwhat do you mean failed?20:06
system16didnt work20:06
fsmithredcouldn't set it up, or they tried anyway20:06
fsmithred?20:06
system16do i have to change something on the server ?20:06
unixmanfsmithred, I still have random hits on non-standard port @home. But much, much, much less than on port 22.20:06
system16could not set it up20:07
fsmithredwhatever router directs traffic to the server should be able to specify that it receives on a high port and then delivers on 22, so you don't need to change the server in that case, just the router20:07
unixmansystem16, change the listening port for ssh and make sure that is open in the firewall.20:08
unixmanOh, is this behind a router?20:08
fsmithredif the router insists on using the same port for wan/lan, then change the port in /etc/ssh/ssh_config (or sshd_config)20:08
system16yes20:08
system16oh so i need to change the port on the router AND the server ?20:09
fsmithreddepends on what the router will do20:09
unixmanYeah, system16, if behind a router just redirect a port, like 10222, to port 22 on your ssh host.20:09
fsmithredif the router will accept outside traffic on a high port and then deliver it to 22 on the server, then you don't need to change the server20:10
* system16 is firing up the server. plz stand by20:10
fsmithredsome will and some won't20:10
unixmanDepends on what the router can do. Some are less configurable than others.20:10
system16i can use whatever port i wan on the router20:11
fsmithredwell, any one that's not in use20:11
fsmithredpick a number above 102420:11
fsmithredI usually google a port number before I use it, just to make sure20:12
system16OK im in20:13
system16what was the command ?20:13
fsmithredfor which?20:13
system16changing the port20:13
fsmithredare you in the router?20:13
system16no20:13
system16in the server20:13
system16(ssh)20:13
fsmithredyou have to change the router20:14
fsmithredand then depending on how much you can change in the router, you may or may not need to change it in the server20:14
fsmithredgo to the port forwarding section in the router and see what you can do20:14
Acaciabtw IANA says ports 49152-65535 are custom ports to be specified by the user, so use those if anything, and it's the least likely port range to turn up a conflict20:15
fsmithredbrb20:15
system16# What ports, IPs and protocols we listen for20:15
system16Port 2220:15
system16is that it ?20:15
system16(i changed the port on router)20:16
fsmithredyes, in sshd_config20:16
system16it was not in ssh_config20:16
fsmithredso change it there and then restart ssh20:16
system16PermitRootLogin without-password20:17
system16is it off ?20:17
system16root login is bad af20:17
system16i thought i turned it off20:17
Acaciassh_config is the configuration file for the ssh client, sshd_config is the configuration file for the ssh daemon/server. Make sure you didn't use the wrong configuration file20:18
system16i used the sshd_config one20:19
system16changed the port to 201720:19
system16(because it was a good year for me)20:19
system16its restarting20:19
system16there was nothing related to ports in ssh_config afaik20:20
system16ssh: connect to host 192.168.0.107 port 22: Connection refused cmd is using port 2220:20
system16how can i tell it to dont use port 22 ?20:21
system16oh gawd20:21
system16im gonna go back to 2220:23
unixmanWell, 'man ssh' and 'man sftp' would tell you. But since you asked here, use 'ssh -p port# ...' or 'sftp -P port# ...'20:34
unixmanWhere "port#" is just the number. Such as 'ssh -p 48222 foo@bar.baz.bat'.20:36
unixmanIf you stay on port 22 then I strongly recommend getting fail2ban working.20:37
system16filezilla failed too20:38
system16rror:Cannot establish FTP connection to an SFTP server. Please select proper protocol.20:38
system16Error:Critical error: Could not connect to server20:38
system16it was proper protocol20:38
system16it did not accept port 2017 as a sftp port20:39
nemosystem16: what the heck client are you using?20:48
unixmanWell, trying to use FTP to connect to SFTP is going to fail. Too bad system16 is gone so I can't 'splain that.21:06
nemounixman: yeah I was kinda puzzled by that, which was why I was wondering what client he was using - my guess was, when he was on port 22 the client autoselected the correct protocol for him in whatever connection dialog he's using21:07
nemobut it had no clue what to use for 2017 so left it at default and he didn't correct it21:07
nemobuuut since he didn't answer21:07
unixmannemo, Looks like his client was FileZilla. I use FileZilla often to connect to SFTP on altrernate ports. One just has to configure it correctly when setting up the connection.21:08
unixmans/altrernate/alternate/21:09
* unixman glares at his drunk fingers21:09
nemounixman: I haven't used filezilla in a long while, but it was my goto SFTP client under windows once upon a time21:12
nemounfortunately their reputation has fallen recently21:12
unixmannemo, fallen? You have a URL for that?21:12
nemounixman: you heard about the installer malware right21:12
nemoI *think* that's windows only21:12
unixmanAh, I don't run Microsoft systems.21:13
nemohttps://news.ycombinator.com/item?id=1738118421:13
nemounixman: this is the 2nd iteration of bundled malware for them21:13
nemoit's just scummy21:13
unixmanI use command line sftp and sftp in FileZilla on Linux, FreeBSD and OS X.21:13
nemoif you're using distro bundled filezilla you should definitely be fine21:14
nemowho knows what system16 is doing tho21:14
nemounixman: yeah. that's my usual approach, for my SO, I use a combination of automount and the MATE VFS21:14
unixmanNice. Lately I have been playing with ssh tunnels and SFTP. It's quite cool to set up a tunnel through a jump box then SFTP to localhost to send/receive files.21:16
nemoit's gotten easier to do since ssh supported that natively21:16
nemobefore you had to setup a netcat rule in your .config21:16
nemobut yeah. it's pretty convenient to relay through gateway like that21:17
unixmanYup21:17
nemoyou might also like sshuttle21:17
unixmanI'll check it out.21:17
unixmanAh, a Python VPN thingie I see.21:19
nemounixman: yeeeah, although I'd say python is not the key aspect21:20
nemocertainly it's not why I'd pick it21:20
nemotheir project page pretty much describes its advantages21:20
nemounixman: I find it pretty handy when on my laptop on a random remote network21:20
nemolike, airport, starbucks whatever21:20
unixmanWell, for $COMPANY I am already provided a MacBook Pro with corporate VPN software installed. For home I just tunnel VNC over ssh.21:21
nemounixman: welp, depending on $COMPANY's TOS WRT ssh connections in or out, you might find sshuttle handy anyway.21:22
nemounixman: the use case when travelling would be to relay all or some of your traffic transparently through to your home machine/personal server host when on a nosy/untrusted public wifi21:23
nemounixman: it's also handy when travelling to access all of your home network's services, regardless of what they are and without special .config rules21:23
unixmannemo, we have an official Linux based gateway that can be used and works fine for ssh + VNC. As for travel, I don't travel. I "hate" to travel. I'm a homebody type of dude. :D21:24
unixmanHowever, if I *have* to travel I will keep sshuttle in mind.21:25
nemoheh. well, local coffeeshop still counts as travel21:26
nemoif they have an official linux gateway at work, that probably implies they are blessing ssh tunnelling for trusted accounts21:26
nemounixman: in that case, you might find sshuttle handy for getting work done on something that's not the MBP21:27
nemoanyway whatev.  just brought it up 'cause you'd mentioned tunnelling21:27
unixmanI rarely use my laptop at coffee shops. I may play a game on my Samsung Android tablet, but that does not require connection to home/owkr.21:27
unixmanDamn! s/owkr/work/21:28
unixmannemo, like I said, I will keep sshuttle in mind. I may find a use for it yet. ;)21:28
unixmannemo, reading the thread for FileZilla it seems to be a complaint about running untrusted executables on Microsoft more than anything else. AFAIK running random crapware downloaded from random sites is a "thing" on Microsoft systems. ;)21:39
nemounixman: random crapware downloaded from random sites BY the filezilla installer which the user trusts21:42
nemothe only thing that protects linux users, at present is the distro21:44
nemobut unfortunately alternate less-reviewed paths are becoming popular21:44
nemoflatpak crap...21:44
nemounixman: there's also the sad state of affairs for chrome users21:44
nemounixman: the other thing that helps protect ofc is fact that it's not quite worth trying to compromise the smaller linux audience with crapware21:45
nemootherwise a filezilla flatpak could do the 'sact same thing21:45
unixmanWell, Linux kernel is used in billions of internet connected devices. It's not as small a target as some folks think.21:46
golinux<nemo> flatpak crap...21:47
nemounixman: ofc. but vast majority of those are smartphones or extremely limited use stripped down servers and commodity devices21:47
* golinux agrees 100%21:47
nemogolinux: did you see the link trending on hacker news today?21:47
golinuxNo21:47
nemogolinux: WRT flatpak21:47
nemohttp://flatkill.org/21:47
golinuxBut I've seen signs here and elsewgere.21:48
nemoI ranted about it a bit in #hedgewars21:48
golinuxOh yeah, I did see that21:48
golinuxflatpak, snapd all rubbish21:48
nemosecurity... that's one aspect of it - the other that bothers me is it feels like it's an end run around distros and open source ecosystem. once people accept flatpak, linux is just a kernel for executing these self-contained massive blobs - which weakens open source quite a lot. I would actually be less bothered if it was kind of a 3rd class alternative for the closed source world. but spreading it into21:49
nemomajor FOSS packages, ew...21:49
diskpHow do you install and update an individual package from beowulf instead of ascii?21:49
nemoturning linux desktop into android/osx21:49
nemodiskp: dpkg -i ?21:49
nemodiskp: which package?21:50
nemospeaking of that sort of thing... I'd like to have libreoffice 6.1 which is in ascii stable backports21:51
nemonormally I'd force version, but libreoffice has quite a large chain of deps so doing that causes broken packages21:51
nemoI was wondering what the most elegant way to do this would be21:51
diskpnemo: Emacs.21:51
diskpI was told something involving sources.list, but I only see instructions for all packages.21:52
nemohuh... 25.1 vs 25.2 - that's a pretty small version jump - I'm surprised it matters, not that I've used emacs in, oh, 20 years21:53
diskpnemo: Using Emacs on Arch, they're on 26.1, which has a lot of really useful features. Emacs in ASCII tries to install v24 (.5, I think).21:54
gnarfacediskp: the trick is you add backports to sources.list, just upgrade that one package, then remove it again21:54
nemodiskp: ascii has 25.121:54
nemodiskp: beowulf has 25.221:55
nemodiskp: https://pkginfo.devuan.org/cgi-bin/d1pkgweb-query?search=emacs25&release=ascii21:55
gnarfacediskp: if the package has dependencies that are also in backports, you actually probably want them too21:55
fsmithredI see 46.1 in ascii and 1:25.2+1-11 in beowulf21:55
nemodiskp: frankly I don't think people pick debian for latest hotness ☺21:56
nemodiskp: I went to the trouble of adding a new sources.list to get a usable gimp tho - I can't believe gimp 2.10 was only just released this spring. yeesh21:56
fsmithredolder = better tested21:56
nemofsmithred: yeah. sure, makes sense most of time, is just, well, super irritating in a few minor domains like games21:57
nemofsmithred: Debian/Ubuntu/Mint users are bane of our hedgewars dev team ☺21:57
nemofsmithred: similar issues with Spring21:57
nemoalthough they do a frankly insane end-run around the distro by having the lobby client fetch builds from latest git21:57
fsmithredI've run into the problem other places. Not a big gamer here.21:57
nemofsmithred: issue w/ games is people usually want to play against other humans and deterministic lockstep is a popular model in FOSS to reduce cheating and network load21:58
nemofsmithred: and that instantly means debian/ubuntu/mint users who are almost never on latest are constantly wandering around the lobby complaining about why no one wants to play with them ☹21:58
nemofsmithred: I feel debian's policy could use more nuance, based upon, you know, the trivalness of the app ☺21:58
Artemis3well there are rolling distros if you want to live in the edge... rest would be making your own repository, compile directly, distribute static binaries... The ubuntu camp has PPAs tho.21:59
nemoArtemis3: yeah, for ubuntu, the maintainer for debian/ubuntu/mint (LocutusOfBorg) etc maintains a PPA - that solves their situation so long as we can communicate this to users21:59
diskpSomeone suggested either installing from source or using Guix. I don't see a Guix package, but the website package search utility has been acting funny.21:59
nemoArtemis3: there's also playdeb for ubuntu21:59
nemoArtemis3: for debian users, we usually tell them to dpkg -i21:59
Artemis3nemo, i'd try gdebi22:00
nemoArtemis3: I just wish their policy could draw distinction between a game vs a critical system package - steam can update games without problems, why not debian22:00
nemoArtemis3: I totally get security fixes only for, you know, important stuff22:00
nemoArtemis3: but right now their policy makes Hedgewars local-play-only on debian the majority of the time22:00
nemoeven if we just do one or two releases a year22:00
fsmithredflatpak!22:01
Artemis3An official repository would be best then?22:01
* nemo glares at fsmithred 22:01
Artemis3lol22:01
nemoArtemis3: that's an interesting idea22:01
* fsmithred ducks22:01
nemoArtemis3: hm22:01
nemoArtemis3: I'll ask LocutusOfBorg about that22:01
nemosince he knows the intricacies of all that22:01
nemomaybe we could add that to our download page in the Debian section22:01
nemoArtemis3: what's the functional difference between adding a sources.list official repo and a PPA? apart from nicer management interface?22:02
nemoArtemis3: still, it requires quite a lot of interaction on user's part, instead of just promoting anything that's a game to a special dynamic updates section22:02
nemocould even have it be optional ☺22:03
nemoenable trivial-game-unstable-non-critical-backports22:03
Artemis3oh PPAs are maintained by Canonical, and they removed Debian support sometime ago. Its their place to go for personal repository where the keys and compiling is handled by them22:03
nemolame22:03
nemo(the debian support part)22:04
nemoArtemis3: I know I've added a PPA to devuan a couple of years ago though, so it must still work soemtimes22:04
Artemis3its good for Ubuntus but Debian needs another solution, tho i have seen people ocasionally using ubuntu PPAs in debian, but thats ugly22:04
Artemis3yes depending what the package links against22:05
nemohm. playdeb is ubuntu only...22:05
nemoArtemis3: well... the frustrating thing for a game with a deterministic lockstep model (like hedgewars or spring) is we can change NOTHING about the libs we depend on - which has been true for 90% of the releases, such that debian could trivially compile it... but still be stuck with debian stable being years out of date22:06
nemoArtemis3: actually, we were recently dragged kicking and screaming into the Qt5 world by gentoo threatening to remove us from the distro22:06
Artemis3there is also.. compile in the lowest common denominator, and try with debian/ubuntu stable to see if everything is ok, that is, binary distribution22:06
nemoArtemis3: frustrating as all hell since qt5 removed features we depended on and also introduced fun surprise unicode bugs22:06
nemoArtemis3: hmmmm22:07
nemoArtemis3: yeah, I guess I'd just like to avoid having to explain all this to users. it'd be nice if they could find it in their distro tools somehow. I really feel backports lacks nuance22:07
Artemis3i remember some project using some old fedora to compile everything in, and they distributed those binaries for the major distros. Not sure if its still feasible, could take long testing22:07
Artemis3oh they would just download the binary and run it (when things work, that is)22:08
nemoyeah, we really have been trying to avoid doing our own binary distribution. we've barely been able to keep windows functioning22:08
nemowe're a very small team22:08
nemoArtemis3: actually Windows 10 1809 just broke play for all users due to a bug on part of Microsoft. yay.22:08
Artemis3lol22:08
nemo(causing physfs that we depend on to malfunction)22:08
Artemis3why i'm not surprised22:09
nemoapparently microsoft pulled 1809 'cause it was deleting a ton of user files, but their rereleased version still doesn't function it seems22:09
nemoArtemis3: we were Windows XP compatible up until the forced Qt5 upgrade - we would have maintained XP but we were having trouble finding the Qt5 long term support binaries that were XP compatible22:10
nemoArtemis3: amusingly had a few users complain about this22:10
Artemis3or do you acually want to go the steam way? Tho they basically compile for debian/ubuntu, there was a low common denominator. They also bundle a bunch of base libs that you may use if you want22:10
nemoArtemis3: we reaaaaaaally want to leave it up to the distro22:10
nemodoes Steam handle the builds for you?22:10
nemoArtemis3: at present we only have one windows build "machine" which is a VM on unc0rr's desktop ☺22:11
Artemis3i don't think so, but with the client you can see the bundled libs (which are usually older than the distro itself)22:11
nemoArtemis3: we lost our OSX "build machine" 'cause koda has been too busy working for vimeo to do builds22:11
nemoArtemis3: ew. vulnerabilties and all no doubt22:11
nemoArtemis3: just crying out for DLC exploits22:12
Artemis3suppose it was ubuntu 14.04 (it might be the Debian from SteamOS now days) you see the lib versions are bundled with the client, even if the distro doesn't have those the client do22:12
Artemis3so you compile for those specific versions and it "should" be covered, thats their way i think22:12
nemoArtemis3: anyway. speaking of backports ... do you know the "correct" way to get libreoffice 6 from backports into ascii?  I'm trying to avoid screwing up my package tree22:12
nemoArtemis3: yeah, I dunno. Locutus does maintain 14.04 for now, since it is in ubuntu LTS until next april - no idea what happens then. maybe steam will bump theirs22:13
nemoor drop linux. who knows22:13
Artemis3if its in backports there should be no problem, it should be lower priority anyway, so you have to tell apt to specifically pull the backports version with -t iirc22:13
nemoArtemis3: so I guess in theory could maybe do some sort of autowrapper to fetch the ubuntu 14.04 .deb for now and feed it into steam22:13
nemoArtemis3: oh..22:14
nemohm22:14
* nemo RTFMS22:14
fsmithredadd backports repo to sources.list, update, then 'apt-get -t ascii-backports install $package'22:14
nemoyay22:14
Artemis3nemo, for that i'd need to update myself with steam... i think they have a page somewhere explaining the developing of linux22:14
Artemis3yes that22:14
Artemis3for22:14
nemothat's muuuuch better22:14
fsmithredyou shouldn't need to disable backports repo after you install what you want, but it's a good idea to do that anyway22:15
nemoArtemis3: up until now my gui clueless way to do it was "force version" in synaptic which tended to break things with large complex webs of packages like this one22:15
fsmithredjust in case the priority gets screwed up in the repo22:15
nemolatest libreoffice and gimp is pretty important ☺22:15
Artemis3unless you to -t ascii-backports update/upgrade (don't lol) it will only pick the required package and its dependencies22:15
Artemis3you can safely leave backports in sources.list, won't harm you in anyway22:16
nemoArtemis3: yeah. I already had it enabled, it was using it correctly that was the problem22:17
Artemis3the fun is when the package in backports isn't the one you want, but if it is in backports, thats no brainer xD22:17
nemoArtemis3: far riskier was doing this https://forums.bunsenlabs.org/viewtopic.php?id=477022:17
nemobut seems fine so far22:17
Artemis3yes, thats an example22:18

Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!