Re: Windows Shares Abound Continuously

[Martin Smith]

On 29/02/2016 00:13, Steve Matzura wrote:

Martin:

On Sun, 28 Feb 2016 08:44:07 +, you wrote:


Ever since Windows 3.11 its networking has been just awful and prone to
malfunction without notice, they originally lifted the network stack from
FreeBSD but managed to completely screw it, and it is still awful now, both
in sharing and even trying to find shares.
You would probably be better off putting all that stuff on a samba share
on a nice Debian box, you would be much more likely to get a good nights
sleep.

I have a fine Synology NAS box where everything just works, so I think
that's what I'm going to do--move that content onto the NAS and be
done with it. Now I wish I had put bigger drives in that thing! LOL.
well bigger drives in due course Steve, looks like you are headed in the 
right direction :)

leave windows sharing and windows server to the committed masochists.


--
Martin

mutt fails to display signed mails: could not copy message

[Joel Roth]

Hi,

I have gpg installed (package gpgv).

I tried putting "source /etc/Muttrc.d/gpg.rc" at the end of
~/.muttrc, and also putting "source /etc/Muttrc" at the
beginning.

I looked at the mutt faq, which suggested compiling mutt
with debugging enabled. I haven't done this yet.

Kind regards,


-- 
Joel Roth
  

Re: lxde/openbox temp. deactivate touchpad? solved

[Tixy]

On Sun, 2016-02-28 at 19:12 +0100, BerndSchmittNews wrote:
> Thanks to everyone who responded.
> I got all the information I needed to solve my problem.
> 
> Am 28.02.2016 um 11:56 schrieb BerndSchmittNews:
> > under debian7 I was using gpoint to temporarily deactivate touchpad.
>   synclient TouchpadOff=1
>   synclient TouchpadOff=0
> 
> are doing the job.

If you want to assign those commands to keyboard shortcuts, you can do
so by editing .config/openbox/lxde-rc.xml. I use this method to get
sound volume working using amixer (see below) and googling I found
there's a key binding for touchpad called 'XF86TouchpadToggle'. Whether
that actually maps to the correct key combination on you computer
probably depends on your computer BIOS. From my personal notes getting
sound keys working...

In  section of .config/openbox/lxde-rc.xml add

   
 
   
 true
 amixer
   
   amixer -c 0 set Master 3- unmute
 
   
   
 
   
 true
 amixer
   
   amixer -c 0 set Master 3+ unmute
 
   
   
 
   
 true
 amixer
   
   amixer set Master toggle
 
   

-- 
Tixy

Re: Debian as My home firewall/router

[Ron]

Having posted Roco's comments on an IPCop list, I got these comments
 
Cheers,
 
Ron.
-- 
  One disk to rule them all, One disk to find them.
  One disk to bring them all and in the darkness grind them.
In the Land of Redmond where the shadows lie.
 -- The Silicon Valley Tarot

   -- http://www.olgiati-in-paraguay.org --
 

Hi Ron,

On Sun, 28 Feb 2016, Renaud (Ron) OLGIATI wrote:

> Would any IPCop guru care to comment ?  

I wouldn't call myself an IPCop guru, but (as you know) I've been using
it a while and occasionally I modify it and build my own versions of it.
I've sometimes had ten or a dozen IPCop firewalls active at once, but I
only run three or four at the moment.  They've all been installed more
than a decade.  Despite a large number of attacks, none has failed me.
I run one Smoothwall box, and I can say the same about it as about IPCop.
I'm not saying there's nothing better, but I'm not feeling the need to
rush out and find something better.

> Reco <.@gmail.com> wrote:  

Well I guess you didn't mean me to comment on this, but my business
doesn't accept mail from gmail accounts.

>> 1) No meaningful DNSSEC capability.  

Neither, to my knowledge, has any UK bank, and none of my customers
has ever heard of it except from me.  My customers think that if my
tiny business uses DNSSEC but their bank doesn't, then I must crazy.
(And one of my major suppliers has *two* SPF records, but I digress.)

There's no need for IPCop to do much more than route DNSSEC packets.
All my nameservers run DNSSEC and two of them are behind IPCop firewalls.
See also my reply to Reco's 4) below.

>> 2) Presence of libfontconfig.so *and* fonts for no good reason.  

I'm sure that there are bigger nits to pick than this one.

>> 3) Bunch of questionable quality root-owner SUID binaries in
>>  /usr/local/bin, intended to be called from Web-interface.  

To something as nebulous as this I can make no useful reply except
that (a) I very rarely use the IPCop Web interface, and (b) on my
IPCop boxes, nobody else on the planet ever uses the Web interface
(nor a shell).

>> 4) Lack of any pre-installed IDS.  

I think Reco's 2) above was intended to imply that features == security holes
and I would agree with that; so this seems like schizophrenia.

>> 5) Outdated kernel 3.4, configured *without* SELinux, Apparmor or tomoyo 
>> support.  

I'm still using kernel 2.4.36 without all that, and I'm quite
comfortable with things as they are.  I like to avoid the latest
and greatest (especially Debian latest and greatest, vide infra).

>> ... suggesting putting *this* to serve as a firewall from an Internet is a 
>> joke.  

Perhaps Reco will tell us how many IPCop boxes he's compromised, or
he's seen compromised, or heard rumours might have been compromised.

And given Reco's tone, I also wonder if he can remember this:

https://www.schneier.com/blog/archives/2008/05/random_number_b.html

after which I found several of my own Debian-generated private keys
published on the Internet.  Thankfully I was pro-active enough not
to suffer any compromise as a result, but it didn't have to be so.

David Christensen wrote:

> ... IPCop-specific issues raised on the debian-user mailing list.
> They would be most properly addressed on that list ...  

Perhaps, but I unsubscribed from all the Debian mailing lists except
security announcements years ago, as I found them extremely tedious
and riddled with spammers.  I run dozens of Debian boxes and one of
them is a mailserver which sports my own firewall rules.  However I
wouldn't dream of using Debian as a general purpose firewall/router.

-- 

73,
Ged.

Using an SSD with strictatime mount option

[Joel Roth]

Hi again,

I have debian installed on a single SSD partition, 
with ordinary desktop use.

When I set the strictatime option, mutt accurately shows new
mails arriving. (I'm using mbox format.)

Is this setting going to wear out my SSD?

Thanks,

-- 
Joel Roth
  

Re: lxde/openbox temp. deactivate touchpad? solved

[Tixy]

On Mon, 2016-02-29 at 08:24 +, Tixy wrote:
[...]
> If you want to assign those commands to keyboard shortcuts, you can do
> so by editing .config/openbox/lxde-rc.xml. I use this method to get
> sound volume working using amixer (see below) and googling I found
> there's a key binding for touchpad called 'XF86TouchpadToggle'

I failed to point out (the probably obvious) that the particular key is
a personal choice, so if the proper key doesn't work, use something
else, e.g. "W-t", for the Windows key + 'T' combination.

-- 
Tixy

Re: ZFS on Debian GNU/Linux

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, Feb 28, 2016 at 08:22:37PM -0800, David Christensen wrote:
> On 02/28/2016 02:40 AM, Saša Janiška wrote:
> > I'd like to use zfs, but, it's still lacks proper distro support to
> > fiddle with it.
> 
> I believe the crux issue is incompatible licenses between Linux
> (GPL) and OpenZFS (CDDL):
> 
> http://open-zfs.org/wiki/FAQ#Licensing

For a good cross-section on the possible positions on that, I'd recommend
this discussion:

  

(the article itself points to the SFLC's position on Ubuntu including
zfs, which one may side with or not (I do), but the discussion itself
is, I think, a good coverage.

Regards
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlbUAw4ACgkQBcgs9XrR2kaNTACfTI1R+GjaDMx5/vMznwDkqnrj
uV0An0xD6DG6JR+vd7iK77GVbrcQ6XM1
=TIzo
-END PGP SIGNATURE-

Re: mutt fails to display signed mails: could not copy message

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, Feb 28, 2016 at 10:21:43PM -1000, Joel Roth wrote:
> Hi,
> 
> I have gpg installed (package gpgv).
> 
> I tried putting "source /etc/Muttrc.d/gpg.rc" at the end of
> ~/.muttrc, and also putting "source /etc/Muttrc" at the
> beginning.

 (1) Does it ask you for a passphrase -- or does it fail right away?
 (2) I'm assuming that you are looking at one message encrypted to
 you. What happens if you
 - copy this message to a file on its own (in mutt's index,
   type "C" and give it a file name say "foo")
 - from a shell, do "gpg -d foo"?

regards
- -- tomás
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlbUBJcACgkQBcgs9XrR2kbFgwCfXCETKdVwo49kUJqWvzMSRrbh
YVsAnRGwdE24OUKfJy8yV8ptE7bQtMhr
=yrRQ
-END PGP SIGNATURE-

SOLVED Re: how to autologin with systemd?

[Gregor Zattler]

Hi Austin,
* Austin Adams  [28. Feb. 2016]:
> On Sun, 2016-02-28 at 23:38 +0100, Gregor Zattler wrote:
>> /etc/systemd/system/getty@tty1.service.d/override.conf:
>> 
>> [Service]
>> ExecStart=-/sbin/agetty -a my-user-name --noclear %I $TERM
>> Type=idle
> 
> Like the ArchWiki page you linked suggests, you'll need to add an empty
> ExecStart= line into `override.conf'. Like:
> 
> [Service]
> ExecStart=
> ExecStart=-/sbin/agetty -a my-user-name --noclear %I $TERM
> Type=idle
> 
> If you're curious about what that does, systemd.service(5) says: 
>> ExecStart=
>> ...
>> If the empty string is assigned to this option, the list of  
>> commands to start is reset, prior assignments of this option will
>> have no effect.

That did the trick.  Now it works.  Thank you.  

> (The error message in Michael's response is helpful, too.)

I couldn't decipher it but thanks to Michael for the hint to
journalctl which I did not use till now.

Ciao, Gregor
-- 
 -... --- .-. . -.. ..--.. ...-.-

Re: Debian as My home firewall/router

[Reco]

Hi.

On Mon, Feb 29, 2016 at 05:42:26AM -0300, Renaud OLGIATI wrote:
> Having posted Roco's comments on an IPCop list, I got these comments

Neat. I'm lazy to post my comments there, so I'll keep'em here for the
sake of completeness.

> Hi Ron,
> 
> On Sun, 28 Feb 2016, Renaud (Ron) OLGIATI wrote:
> 
> > Would any IPCop guru care to comment ?  
> 
> I wouldn't call myself an IPCop guru, but (as you know) I've been using
> it a while and occasionally I modify it and build my own versions of it.
> I've sometimes had ten or a dozen IPCop firewalls active at once, but I
> only run three or four at the moment.  They've all been installed more
> than a decade.  Despite a large number of attacks, none has failed me.
> I run one Smoothwall box, and I can say the same about it as about IPCop.
> I'm not saying there's nothing better, but I'm not feeling the need to
> rush out and find something better.

So, to sum it up - a distribution user, not a developer. Nowhere a bad
thing, mind you.


> > Reco <.@gmail.com> wrote:  
> 
> Well I guess you didn't mean me to comment on this, but my business
> doesn't accept mail from gmail accounts.

If I need to do business - I have several another e-mails. GMail was
suitable for Debian maillists so far.


> >> 1) No meaningful DNSSEC capability.  
> 
> Neither, to my knowledge, has any UK bank, and none of my customers
> has ever heard of it except from me.  My customers think that if my
> tiny business uses DNSSEC but their bank doesn't, then I must crazy.
> (And one of my major suppliers has *two* SPF records, but I digress.)
> 
> There's no need for IPCop to do much more than route DNSSEC packets.
> All my nameservers run DNSSEC and two of them are behind IPCop firewalls.
> See also my reply to Reco's 4) below.

Ah, my favorite "I don't need it = nobody needs it" motto. How quaint.

Still. dnsmasq by itself has the ability to query and verify SPF *if*
it's built with DNSSEC support. Deliberately disabling it during the
compilation *lowers* overall security.

Correct way to do it is to enable DNSSEC and have the distribution user
to decide if it's needed or not.

The real value of this comment, of course, is don't trust any UK bank
with your money.


> >> 2) Presence of libfontconfig.so *and* fonts for no good reason.  
> 
> I'm sure that there are bigger nits to pick than this one.

??? Sticking a random library into distribution without any meaningful
way to remove it is a wrong way to talk about overall distribution
security. Especially if the library is known to have some
vulnerabilities in the past.


> >> 3) Bunch of questionable quality root-owner SUID binaries in
> >>  /usr/local/bin, intended to be called from Web-interface.  
> 
> To something as nebulous as this I can make no useful reply except
> that (a) I very rarely use the IPCop Web interface, and (b) on my
> IPCop boxes, nobody else on the planet ever uses the Web interface
> (nor a shell).

Sly, but does not improve overall quality of said binaries in any way.
Nor the quality of design decisions that lead to putting those binaries
instead of conventional privilege escalation mechanisms in the first place.


> >> 4) Lack of any pre-installed IDS.  
> 
> I think Reco's 2) above was intended to imply that features == security holes
> and I would agree with that; so this seems like schizophrenia.

No. See parallel part of this thread for the real explanation of the need of
IDS.


> >> 5) Outdated kernel 3.4, configured *without* SELinux, Apparmor or tomoyo 
> >> support.  
> 
> I'm still using kernel 2.4.36 without all that, and I'm quite
> comfortable with things as they are.  I like to avoid the latest
> and greatest (especially Debian latest and greatest, vide infra).

My only comment on this is - I hope that such position is a rare
exception along the users of this fine distribution. Because the only
meaningful way to interpret such statement is - 'I know that the
distribution does not care about my security, and I don't care too'.



> >> ... suggesting putting *this* to serve as a firewall from an Internet is a 
> >> joke.  
> 
> Perhaps Reco will tell us how many IPCop boxes he's compromised,

Exactly zero. Such activity is a punishable criminal offence where I
live. Even if I did - I would never admitted it.

> or he's seen compromised,

Exactly zero. Here we refrain from using solutions of questionable
security quality in matters requiring actual security.

> or heard rumours might have been compromised.

And that part is really interesting. You see, dear list, a really good
distribution tries to play it nice once it is known that a part of
distribution is affected by known security vulnerability. They make
security advisories. They go to popular mailing list (bugtraq, for
instance), and publish such advisories for anyone to see.
They fix what's broken, after all.
Because the bird is out of the cage already, and the best one can do is
to update.

A bad distribution is going into 'lalala-can

Re: mutt fails to display signed mails: could not copy message

[Joel Roth]

tomás wrote:

> On Sun, Feb 28, 2016 at 10:21:43PM -1000, Joel Roth wrote:
> > Hi,
> > 
> > I have gpg installed (package gpgv).
> > 
> > I tried putting "source /etc/Muttrc.d/gpg.rc" at the end of
> > ~/.muttrc, and also putting "source /etc/Muttrc" at the
> > beginning.
> 
>  (1) Does it ask you for a passphrase -- or does it fail right away?
>  (2) I'm assuming that you are looking at one message encrypted to
>  you. What happens if you
>  - copy this message to a file on its own (in mutt's index,
>type "C" and give it a file name say "foo")
>  - from a shell, do "gpg -d foo"?

Hi Tomás,

I noticed that it is signed messages, like yours, that cause the
hiccup. I can't view them with the space bar (could not copy
message), but I can see them (including the signature text)
with the 'v' key.

Saving your message to a folder and running gpg -d on it
returns the message text and this:

gpg: Signature made Sun 28 Feb 2016 10:43:03 PM HST using DSA key ID 
7AD1DA46
gpg: Can't check signature: public key not found

Could the exit status of gpg be causing mutt to give up?
I shouldn't need to verify your signature. 

btw I tried setting "set crypt_verify_sig=no" in .muttrc.

Thanks 

Joel

 
> regards
> - -- tomás

__
Joel Roth

Re: mutt fails to display signed mails: could not copy message

[Nicolas George]

Le primidi 11 ventôse, an CCXXIV, Joel Roth a écrit :
> Saving your message to a folder and running gpg -d on it
> returns the message text and this:
> 
>   gpg: Signature made Sun 28 Feb 2016 10:43:03 PM HST using DSA key ID 
> 7AD1DA46
>   gpg: Can't check signature: public key not found
> 
> Could the exit status of gpg be causing mutt to give up?

In this kind of situation, I use strace (with the -f option, and a large
value for -s) in order to know exactly how gpg is invoked, then I invoke it
separately to see the error messages.

HTH.

Regards,

-- 
  Nicolas George


signature.asc
Description: Digital signature

Re: mutt fails to display signed mails: could not copy message

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Feb 29, 2016 at 12:32:31AM -1000, Joel Roth wrote:
> tomás wrote:
> 
> > On Sun, Feb 28, 2016 at 10:21:43PM -1000, Joel Roth wrote:
> > > Hi,
> > > 
> > > I have gpg installed (package gpgv).
> > > 
> > > I tried putting "source /etc/Muttrc.d/gpg.rc" at the end of
> > > ~/.muttrc, and also putting "source /etc/Muttrc" at the
> > > beginning.
> > 
> >  (1) Does it ask you for a passphrase -- or does it fail right away?
> >  (2) I'm assuming that you are looking at one message encrypted to
> >  you. What happens if you
> >  - copy this message to a file on its own (in mutt's index,
> >type "C" and give it a file name say "foo")
> >  - from a shell, do "gpg -d foo"?
> 
> Hi Tomás,
> 
> I noticed that it is signed messages, like yours, that cause the
> hiccup. I can't view them with the space bar (could not copy
> message), but I can see them (including the signature text)
> with the 'v' key.

Is it only *some* signed messages?

I'm asking because my messages are signed using the somewhat antiquated
"traditional PGP" (or some such) scheme[1]. The message from Nicolas
George in this thread is more "modern": does this one also trigger your
problem?

[1] I know, I know. I'm fixing that Real Soon Now(TM)

regards
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlbUGrsACgkQBcgs9XrR2kbJ2gCfcCmidG4cctkl6lfmWfyb+NOh
K9QAn1NItTAdwV6zznjLxqZ330GCXplr
=fxTT
-END PGP SIGNATURE-

Re: Using an SSD with strictatime mount option

[Pascal Hambourg]

Disclaimer : I do not use mutt nor any SSD yet.

Joel Roth a écrit :
> 
> I have debian installed on a single SSD partition, 
> with ordinary desktop use.
> 
> When I set the strictatime option, mutt accurately shows new
> mails arriving. (I'm using mbox format.)

Doesn't mutt work with relatime, which is the current kernel default ?
The mount(8) man page states that it should.

> Is this setting going to wear out my SSD?

Yes, faster that relatime because of the extra writes.

Re: mutt fails to display signed mails: could not copy message

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[setting To: to list, I hope that's OK with you]

On Mon, Feb 29, 2016 at 01:09:35AM -1000, Joel Roth wrote:
> 
> On Mon, Feb 29, 2016 at 11:17:31AM +0100, to...@tuxteam.de wrote:

[...]

> > > Hi Tomás,
> > > 
> > > I noticed that it is signed messages, like yours, that cause the
> > > hiccup. I can't view them with the space bar (could not copy
> > > message), but I can see them (including the signature text)
> > > with the 'v' key.
> > 
> > Is it only *some* signed messages?
> > 
> > I'm asking because my messages are signed using the somewhat antiquated
> > "traditional PGP" (or some such) scheme[1]. The message from Nicolas
> > George in this thread is more "modern": does this one also trigger your
> > problem?
> 
> His doesn't trigger the problem, only yours :)

Yep -- then it's the "traditional" problem. See [1].

That said, if you only care about my mails (why should you) waiting
will solve it. But I've got some yaks to shave before that, so it
might take some time ;-)

[1] 


regards
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlbUI+YACgkQBcgs9XrR2kYMXgCfTCmfFqIhrCtlJEL5UsmNo+rg
pfYAnRoCRdpNZBEMxJ8EjxSRz3FMAhXg
=FcSA
-END PGP SIGNATURE-

Re: ZFS on Debian GNU/Linux

[Petter Adsen]

On Sun, 28 Feb 2016 20:22:37 -0800
David Christensen  wrote:

> On 02/28/2016 02:40 AM, Saša Janiška wrote:
>  > I'd like to use zfs, but, it's still lacks proper distro support to
>  > fiddle with it.  
> 
> I believe the crux issue is incompatible licenses between Linux (GPL) 
> and OpenZFS (CDDL):
> 
>  http://open-zfs.org/wiki/FAQ#Licensing
> 
> 
> I believe some Linux distributions have tried to offered ZFS OOTB,
> but people and organizations have cried GPL foul:
...
> Any other thoughts, comments, or suggestions for ZFS on Debian
> GNU/Linux?

You might be interested in this:

http://blog.halon.org.uk/2016/01/on-zfs-in-debian/

Petter

-- 
"I'm ionized"
"Are you sure?"
"I'm positive."

Re: Using an SSD with strictatime mount option

[jdd]

Le 29/02/2016 11:52, Pascal Hambourg a écrit :

Disclaimer : I do not use mutt nor any SSD yet.



Is this setting going to wear out my SSD?


Yes, faster that relatime because of the extra writes.


yes, but how long do you plan to keep your ssd?

price drop so fast I buy a new one at most each year :-) (480Gb for now)

jdd

Re: Using an SSD with strictatime mount option

[Joel Roth]

Pascal Hambourg wrote:
> Disclaimer : I do not use mutt nor any SSD yet.
> 
> Joel Roth a écrit :
> > 
> > I have debian installed on a single SSD partition, 
> > with ordinary desktop use.
> > 
> > When I set the strictatime option, mutt accurately shows new
> > mails arriving. (I'm using mbox format.)
> 
> Doesn't mutt work with relatime, which is the current kernel default ?
> The mount(8) man page states that it should.

With mbox and relatime, I get only one notification of new mail 
in a folder. If I quit mutt without reading and start
again, the indication now longer shows up.

I have filtering in to lots of folders, and have missed
seeing mail that way.

> > Is this setting going to wear out my SSD?
> 
> Yes, faster that relatime because of the extra writes.

 

-- 
Joel Roth
  

Re: mutt fails to display signed mails: could not copy message

[Joel Roth]

On Mon, Feb 29, 2016 at 11:56:38AM +0100, to...@tuxteam.de wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> [setting To: to list, I hope that's OK with you]
> 
> On Mon, Feb 29, 2016 at 01:09:35AM -1000, Joel Roth wrote:
> > 
> > On Mon, Feb 29, 2016 at 11:17:31AM +0100, to...@tuxteam.de wrote:
> 
> [...]
> 
> > > > Hi Tomás,
> > > > 
> > > > I noticed that it is signed messages, like yours, that cause the
> > > > hiccup. I can't view them with the space bar (could not copy
> > > > message), but I can see them (including the signature text)
> > > > with the 'v' key.
> > > 
> > > Is it only *some* signed messages?
> > > 
> > > I'm asking because my messages are signed using the somewhat antiquated
> > > "traditional PGP" (or some such) scheme[1]. The message from Nicolas
> > > George in this thread is more "modern": does this one also trigger your
> > > problem?
> > 
> > His doesn't trigger the problem, only yours :)
> 
> Yep -- then it's the "traditional" problem. See [1].
> 
> That said, if you only care about my mails (why should you) waiting
> will solve it. But I've got some yaks to shave before that, so it
> might take some time ;-)

I'm in no special hurry, but it's nice to read your
contributions here :)

btw, speaking of yaks, I've got a couple of Tibetan yak
blankets, very light and warm.

Joel

> 
> [1] 
> 
> 
> regards
> - -- t
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.12 (GNU/Linux)
> 
> iEYEARECAAYFAlbUI+YACgkQBcgs9XrR2kYMXgCfTCmfFqIhrCtlJEL5UsmNo+rg
> pfYAnRoCRdpNZBEMxJ8EjxSRz3FMAhXg
> =FcSA
> -END PGP SIGNATURE-
> 
[-- Error: could not find beginning of PGP message! --]


-- 
Joel Roth
  

Re: Using an SSD with strictatime mount option

[Sven Hartge]

Pascal Hambourg  wrote:
> Joel Roth a écrit :

>> I have debian installed on a single SSD partition, 
>> with ordinary desktop use.
>> 
>> When I set the strictatime option, mutt accurately shows new
>> mails arriving. (I'm using mbox format.)

>> Is this setting going to wear out my SSD?

> Yes, faster that relatime because of the extra writes.

Right. Now the SSD will only last 19 years instead of 20.

As long as you don't use any of the first consumer SSDs available you
are not going to destroy the SSD with normal use. And even if you try
and force to break a recent SSD, it will take you nearly 2 years of
constant writes to do so.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.

Re: mutt fails to display signed mails: could not copy message

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Feb 29, 2016 at 02:12:34AM -1000, Joel Roth wrote:

[...]

> I'm in no special hurry, but it's nice to read your
> contributions here :)

*blush*

> btw, speaking of yaks, I've got a couple of Tibetan yak
> blankets, very light and warm.

Now you're putting nasty ideas in my head ;-)

- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlbUMQAACgkQBcgs9XrR2kYO7wCfbgY/J32rvtGkYNfBfAA1KRQ5
vmMAn3oTde47GUPVQQPI3+linVukiKdR
=0Zfs
-END PGP SIGNATURE-

Re: Problem with TP-Link network card

[Luis Eduardo Cortés]

>
> Well, after some time, I have returned to this matter.
>
> I have done one more test that I think is is conclusive. As I said, this
> Debian GNU/Linux firewall PC has two network cards:
>
> * eth0: RealTek RTL8139 (to the ADSL router)
> * eth1: VIA Rhine II (to the local network)
>
> The problem was with the RTL8139 card connected to the router. This only
> worked when setting up it to 10 Mbps. The VIA card connected to the
> switch of the local network never gave problems.
>
> So I now exchanged the configuration of the cards. Now the eth0 Realtek
> card connects to the internal network. It runs smoothly at 100 Mbps,
> full duplex and auto negotiation. So I think it was not a problem with
> the Realtek card. In fact, now the VIA card (that previously worked
> properly connected to the internal network switch) only works against
> ADSL router when it is set to 10 Mbps.
>
> All this makes me think the problem is in the ethernet interface of the
> ADSL router.
>
> I have requested a new router to Telefonica. I hope they send me a good
> one. This Zyxel router worked smoothly for quite some time. I also hope
> it have a default password to access the router and make the necessary
> settings (such as SNMP monitoring).
>
>
> Thanks for your reply.
>
> Kind regards,
> Daniel
>


Try installing "firmware-realtek" package to solve the original problem.

Regards.

Re: Using an SSD with strictatime mount option

[David Wright]

On Mon 29 Feb 2016 at 02:09:41 (-1000), Joel Roth wrote:
> Pascal Hambourg wrote:
> > Disclaimer : I do not use mutt nor any SSD yet.
> > 
> > Joel Roth a écrit :
> > > 
> > > I have debian installed on a single SSD partition, 
> > > with ordinary desktop use.
> > > 
> > > When I set the strictatime option, mutt accurately shows new
> > > mails arriving. (I'm using mbox format.)
> > 
> > Doesn't mutt work with relatime, which is the current kernel default ?
> > The mount(8) man page states that it should.
> 
> With mbox and relatime, I get only one notification of new mail 
> in a folder. If I quit mutt without reading and start
> again, the indication now longer shows up.
> 
> I have filtering in to lots of folders, and have missed
> seeing mail that way.

That's because you haven't unset mail_check_recent and mark_old in muttrc.

Cheers,
David.

Re: mutt fails to display signed mails: could not copy message

[Curt]

On 2016-02-29, Joel Roth  wrote:
>
> I'm in no special hurry, but it's nice to read your
> contributions here :)
>
> btw, speaking of yaks, I've got a couple of Tibetan yak
> blankets, very light and warm.

No kidding I have a couple of sweaters out of yak; light and warm is
right.  Beats the hell out of sheep.

Hand-knitted, BTW.

> Joel
>
-- 
Hypertext--or should I say the ideology of hypertext?--is ultrademocratic and
so entirely in harmony with the demagogic appeals to cultural democracy that
accompany (and distract one’s attention from) the ever-tightening grip of 
plutocratic 
capitalism. - Susan Sontag

Re: SOLVED Re: how to autologin with systemd?

[Michael Biebl]

Am 29.02.2016 um 10:35 schrieb Gregor Zattler:
>> (The error message in Michael's response is helpful, too.)
> 
> I couldn't decipher it but thanks to Michael for the hint to
> journalctl which I did not use till now.

Some hints how you can troubeshoot/solve such issues yourself:
- Check the journal, limit it to the unit (-u) which causes the problem.
- Check the documentation. The journal was complaining about ExecStart.
Open "man systemd.directives", search for ExecStart, note it's
documented in systemd.service. Read the ExecStart= section in the
systemd.services(5) man page.

There is also an online version [1], with cross-references and all,
which makes this even more convenient.
Keep in mind though, that the online version is for the latest upstream
version, atm that's v229.

Michael

[1] https://www.freedesktop.org/software/systemd/man/systemd.directives.html

https://www.freedesktop.org/software/systemd/man/systemd.directives.html#ExecStart=
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Re: XFS on root

[Glenn Holmer]

On 02/28/2016 01:31 PM, mj wrote:
> On 02/28/2016 03:34 PM, Adam Wilson wrote:
>> Let me get this straight- /boot on XFS, with GRUB, working flawlessly?
> 
> I think we have been running root xfs, without a seperate boot partition
> for ages. This has been working at least since wheezy, but I guess even
> earlier.
> 
> Just try it.

I have machines with multiple operating systems, and use a "master" GRUB
in its own small partition with the boot code in the MBR, and a "slave"
GRUB embedded in each operating system's boot partition. I don't know if
this is still true (the message is quite old), but it's why I've always
used a separate ext2 /boot partition in that scenario.

http://www.mail-archive.com/bug-grub@gnu.org/msg10770.html

"As we all know, you cannot install grub into an XFS partition because
the XFS superblock is in sector 0 of the partition."

-- 
Glenn Holmer (Linux registered user #16682)
"After the vintage season came the aftermath -- and Cenbe."

Re: Using an SSD with strictatime mount option

[Joel Roth]

David Wright wrote:
> On Mon 29 Feb 2016 at 02:09:41 (-1000), Joel Roth wrote:
> > Pascal Hambourg wrote:
> > > Disclaimer : I do not use mutt nor any SSD yet.
> > > 
> > > Joel Roth a écrit :
> > > > 
> > > > I have debian installed on a single SSD partition, 
> > > > with ordinary desktop use.
> > > > 
> > > > When I set the strictatime option, mutt accurately shows new
> > > > mails arriving. (I'm using mbox format.)
> > > 
> > > Doesn't mutt work with relatime, which is the current kernel default ?
> > > The mount(8) man page states that it should.
> > 
> > With mbox and relatime, I get only one notification of new mail 
> > in a folder. If I quit mutt without reading and start
> > again, the indication now longer shows up.
> > 
> > I have filtering in to lots of folders, and have missed
> > seeing mail that way.
> 
> That's because you haven't unset mail_check_recent and mark_old in muttrc.

Thanks for this suggestion.

Just FYI, running mutt on a FS set for relatime, mark_old is
the default (yes) but older unread messages only show up as
N. The O designation never appears.

The behavior does not change with mail_check_recent set or
unset.

mount -o remount,strictatime /

Fixes it.

Regards,

Joel

 
> Cheers,
> David.
> 

-- 
Joel Roth
  

Intel Wireless 8260 not working on Lenovo Ideapad

[Levi S. Darrell]

Dear all at debian-user@lists.debian.org,

In January of 2016, I purchased a Lenovo IdeaPad Y700 laptop, which had 
Windows 10 pre-installed on it. Since that time I have been unable to get my 
Intel Wireless 8260 hardware to work with my Debian Jessie stable 
distro. After several hours searching the internet for solutions, I have seen 
that this is a common problem with Lenovo computers. Here are the solutions 
that I have tried:

1. I recompiled the kernel, using the stable 4.4.1 version that I 
obtained from www.kernel.org via wget. Using apt, I downloaded the package 
kernel-package. Using menuconfig, I selected the iwlwifi drivers in the 
wireless 
options. I made the image using the make-kpkg command, and compiled it using 
the fakeroot make-kpkg --initrd --revision=1.0.custom kernel_image command. I 
rebooted, but the drivers seemed not to have been correct, and the wifi card 
continued not to work.

2. I then downloaded the most recent backports package using wget 
https://www.kernel.org/pub/linux/kernel/projects/backports/2016/01/22/backports-20160122.tar.gz.
 I untarred the package, issued the commands make 
defconfig-wifi && make && make install. The program seemed to compile without 
any errors. I then searched in the 
/lib/modules/4.4.1/build/drivers/net/wireless/iwlwifi/pcie/drv.c file, where on 
line 425 I read:

{IWL_PCI_DEVICE(0x24F3, 0x1010, iwl8260_2ac_cfg)},
 
This seemed to indicate to me that my device should be supported, based on the 
lspci -nnk | grep 0280 -A2 command, which gives the following output:

08:00.0 Network controller [0280]: Intel Corporation Wireless 
8260 [8086:24f3] (rev 3a)
Subsystem: Intel Corporation Device [8086:1010]
Kernel driver in use: iwlwifi

However, upon rebooting my machine, my wifi card still did not work.

3. I then attempted to manage a problem with rfkill by searching in the 
file /lib/modules/4.4.1/build/drivers/platform/x86/ideapad-laptop.c, which 
states:

/*
 * Some ideapads don't have a hardware rfkill switch, reading 
VPCCMD_R_RF
 * always results in 0 on these models, causing ideapad_laptop 
to wrongly
 * report all radios as hardware-blocked.
 */

At line 902, I added the following:

{
.ident = "Lenovo Yoga 700",
.matches = {
DMI_MATCH(DMI_SYS_VENDOR, "LENOVO"),
DMI_MATCH(DMI_PRODUCT_VERSION, "Lenovo ideapad 
Y700 Touch-15ISK"),
},
},

This was because the output of the command dmidecode | grep -A3 '^System 
Information' was:

System Information
Manufacturer: LENOVO
Product Name: 80NW
Version: Lenovo ideapad Y700 Touch-15ISK

I guessed based on this that DMI_PRODUCT_VERSION should therefore be set to 
"Lenovo ideapad Y700 Touch-15ISK". However, upon reboot, rfkill list still 
showed the following:

0: hci0: Bluetooth
Soft blocked: yes
Hard blocked: no
1: ideapad_wlan: Wireless LAN
Soft blocked: no
Hard blocked: yes
2: ideapad_bluetooth: Bluetooth
Soft blocked: no
Hard blocked: yes
3: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no

I don't know why phy0 is showing up as a logical device, because that 
had not been showing up prior to my updating the kernel to 4.4.1. However, I 
don't think this is part of the problem. I believe I have exhausted my 
capacity to troubleshoot the problem using web searches, and I therefore am 
seeking some help here. The outputs of some other commands appear below for 
further information:

dmesg | grep -i iwl

[2.477758] iwlwifi :08:00.0: Direct firmware load for 
iwlwifi-8000C-20.ucode failed with error -2
[2.484820] iwlwifi :08:00.0: loaded firmware version 16.242414.0 
op_mode iwlmvm
[2.520860] iwlwifi :08:00.0: Unsupported splx structure
[2.557772] iwlwifi :08:00.0: Detected Intel(R) Dual Band Wireless AC 
8260, REV=0x208
[2.558389] iwlwifi :08:00.0: L1 Enabled - LTR Enabled
[2.559215] iwlwifi :08:00.0: L1 Enabled - LTR Enabled
[2.567127] iwlwifi :08:00.0: can't access the RSA semaphore it is write 
protected
[2.718970] ieee80211 phy0: Selected rate control algorithm 'iwl-mvm-rs'

lspci:

00:00.0 Host bridge: Intel Corporation Device 1910 (rev 07)
00:01.0 PCI bridge: Intel Corporation Device 1901 (rev 07)
00:02.0 VGA compatible controller: Intel Corporation Device 191b (rev 06)
00:14.0 USB contro

Re: mutt fails to display signed mails: could not copy message

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Feb 29, 2016 at 03:40:25PM +, Curt wrote:
> On 2016-02-29, Joel Roth  wrote:
> >
> > I'm in no special hurry, but it's nice to read your
> > contributions here :)
> >
> > btw, speaking of yaks, I've got a couple of Tibetan yak
> > blankets, very light and warm.
> 
> No kidding I have a couple of sweaters out of yak; light and warm is
> right.  Beats the hell out of sheep.

First gotta shave a couple of those, though ;-)

> Hand-knitted, BTW.

Now you make me envious.

regards
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlbUnjYACgkQBcgs9XrR2kZAfwCeO6KZDEJMGVZuHgpXEvI5OjnB
r1AAnRKhgd7nuTwZnSLFrrPrCqYr3ZR3
=JiZ8
-END PGP SIGNATURE-

Re: Intel Wireless 8260 not working on Lenovo Ideapad

[Sven Arvidsson]

On Mon, 2016-02-29 at 13:11 -0700, Levi S. Darrell wrote:
> Dear all at debian-user@lists.debian.org,
> 
>   In January of 2016, I purchased a Lenovo IdeaPad Y700 laptop,
> which had Windows 10 pre-installed on it. Since that time I have been
> unable to get my Intel Wireless 8260 hardware to work with my Debian
> Jessie stable 
> distro. After several hours searching the internet for solutions, I
> have seen that this is a common problem with Lenovo computers. Here
> are the solutions that I have tried:

As a general rule, with hardware that new, go for testing or unstable
immediately. (Even with a backported kernel, you're not likely to get
the GPU running without new Mesa, and possibly xorg driver)

There seems to be quite a few reports of running Linux on the Y700.
E.g. http://mashu.github.io/2015/12/19/Debian-Ideapad-Y700.html

If you're fighting with wpa_supplicant doesn't that mean that the
driver is working? Can you scan for access points? Can you connect to
an unprotected network?

-- 
Cheers,
Sven Arvidsson
http://www.whiz.se
PGP Key ID 6FAB5CD5



signature.asc
Description: This is a digitally signed message part

(OT) Re: mutt fails to display signed mails: could not copy message

[Charlie]

On Mon, 29 Feb 2016 15:40:25 + (UTC) Curt sent:

>  btw, speaking of yaks, I've got a couple of Tibetan yak
> > blankets, very light and warm.  
> 
> No kidding I have a couple of sweaters out of yak; light and warm is
> right.  Beats the hell out of sheep.

Horses for courses. The wool from sheep is hygroscopic, lifts moisture
from skin, and absorbs moisture from without if it gets wet.

Much like a wetsuit in severe weather. Keeps you warm even when wet.
But heavy the more moisture it soaks up.

The lycra and wool combination was supposed to be light and keep you
dry by absorbing the sweat from your skin. Did it work? No idea. I'm
not into Lycra though I have a couple of thick woollen hand knitted
jumpers, which do work.

Stay well,
Charlie

-- 
Registered Linux User:- 329524
***

Be true to your work, your word, and your friend. .Henry
David Thoreau

***

Debian GNU/Linux - Magic indeed.

-

Where can I find the bugs for a package in stable?

[Albin Otterhäll]

Iceweasel has crashed two times in a day, and I would like to report it
(or read the bug report if it's already reported). But I can only find
the bug-list for Sid.

Where to find the currently active bugs for stable?