Re: What am I missing that causes this error response from the wheezy mozilla?

[tomas]

On Tue, Feb 05, 2019 at 09:42:04PM +0100, deloptes wrote:
> to...@tuxteam.de wrote:
> 
> > I'd guess the same. But... now it gets interesting: blocked by whom?
> > China? North Korea?
> 
> Yes just tried
> 
>  whois wvsto.com
> 
> and accessible from here Europe.
> I don't think one would block this site

Name resolution isn't a problem: it's the access to the host after
that. Tcpdump shows the SYNs going out but no ACKs arriving, it looks
like some silly firewall rule on the way.

I tried a couple of times after that (once just after I saw Brad's
positive response from the UK) -- the results are consistent for
me.

So our rough map is: France (near Paris), Germany (Berlin): out;
Spain (Madrid): in, UK: in.

So much for basing your "security" on the IPs you see :-D

Attempt at an explanation: as IPV4 gets more and more exhausted,
we're bound to see small slivers of IPV4 space "recycled" and
allocated to random places -- IP address to geolocation "mapping"
becoming more and more fractal and (time-) dynamic. Admins:
enjoy maintaining your firewall rules!

Cheers
-- tomás


signature.asc
Description: Digital signature

Status of PHP support in stretch

[Jochen Spieker]

Hi,

I noticed that PHP 7.0 is unsupported by upstream since the beginning of
2019:

https://secure.php.net/supported-versions.php

The most recent PHP version in stretch is, as of now, 7.0.33-0+deb9u1.
As far as I can tell, this is (roughly) the same as upstream 7.0.33 and
not a relabeled later upstream version and it does not contain
significant backports from later upstream versions.

Do I need to assume that PHP 7.0 in Debian is now only
security-supported by Debian alone? Is any DD close enough to upstream
to be able to at least backport new fixes from 7.1 and later if
necessary?

I found https://deb.sury.org/ which appears to be run by a DD[1]. But I
noticed that this version of PHP pulls in a different version of openssl
which rang some alarm bells with me. I would very much prefer something
more official, e.g. backpors.debian.org.

So, what do you do with your stretch servers running PHP now? Pray for
good support in Debian, upgrade to 3rd party packages? Upgrade to buster
already?

Regards,
Jochen.

[1] FWIW, the PGP key used for the repository (AC0E47584A7A714D) is
signed by Ondřej Surý (0C99B70EF4FCBB07) which, in turn, is
signed by 184 keys fro debian-keyring. The WoT probably does not get
better than that.

-- 
My memories gild my life with rare transcendance.
[Agree]   [Disagree]
 


signature.asc
Description: PGP signature

Re: shell script problem

[Rusi Mody]

I seem to be missing something... 
Is -.mount literally a thing? 
Or -- more likely -- are shell's arcane quoting/interpolating rules garbling 
something quite into a "-" unit? 

Re: shell script problem

[tomas]

On Wed, Feb 06, 2019 at 02:04:54AM -0800, Rusi Mody wrote:
> I seem to be missing something... 
> Is -.mount literally a thing? 
> Or -- more likely -- are shell's arcane quoting/interpolating rules garbling 
> something quite into a "-" unit? 

Perhaps you're better off looking into the systemd
config directories and finding out what symlinks point
to /dev/null or something (no systemd expert here, though).

Cheers
-- t


signature.asc
Description: Digital signature

Re: What am I missing that causes this error response from the wheezy mozilla?

[Gene Heskett]

On Wednesday 06 February 2019 03:10:18 to...@tuxteam.de wrote:

> On Tue, Feb 05, 2019 at 09:42:04PM +0100, deloptes wrote:
> > to...@tuxteam.de wrote:
> > > I'd guess the same. But... now it gets interesting: blocked by
> > > whom? China? North Korea?
> >
> > Yes just tried
> >
> >  whois wvsto.com
> >
> > and accessible from here Europe.
> > I don't think one would block this site
>
> Name resolution isn't a problem: it's the access to the host after
> that. Tcpdump shows the SYNs going out but no ACKs arriving, it looks
> like some silly firewall rule on the way.
>
> I tried a couple of times after that (once just after I saw Brad's
> positive response from the UK) -- the results are consistent for
> me.
>
> So our rough map is: France (near Paris), Germany (Berlin): out;
> Spain (Madrid): in, UK: in.
>
> So much for basing your "security" on the IPs you see :-D
>
> Attempt at an explanation: as IPV4 gets more and more exhausted,
> we're bound to see small slivers of IPV4 space "recycled" and
> allocated to random places -- IP address to geolocation "mapping"
> becoming more and more fractal and (time-) dynamic. Admins:
> enjoy maintaining your firewall rules!
>
> Cheers
> -- tomás

Yup, I'm firmly in ipv4 country yet, and I don't know of an ipv6 facility 
closer than Pittsburgh. I've used it experimentally here in my own 
little domain, but currently have it turned off (I think)

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: What am I missing that causes this error response from the wheezy mozilla?

[John Hasler]

Gene writes:
> I'm firmly in ipv4 country yet, and I don't know of an ipv6 facility
> closer than Pittsburgh.

Irrelvant.  Use a tunnel.  I've used these free tunnel brokers:
https://ipv6.he.net/
https://www.sixxs.net/main/

A complete list:
https://en.wikipedia.org/wiki/List_of_IPv6_tunnel_brokers
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: What am I missing that causes this error response from the wheezy mozilla?

[Celejar]

On Tue, 5 Feb 2019 16:34:49 +0100
 wrote:

> On Tue, Feb 05, 2019 at 06:11:15PM +0300, Reco wrote:
> > Hi.
> > 
> > On Tue, Feb 05, 2019 at 03:41:30PM +0100, to...@tuxteam.de wrote:
> 
> [...]
> 
> > > China? North Korea?
> > 
> > Site owner, of course. (No)thanks to GDPR, it's easier for US site to
> > block any visitor from Europe than to comply with legal regulations.
> 
> ;-P
> 
> But it would be so easy to comply with GDPR: rotate logs regularly
> and don't serve javascript nasties. In short, don't be an asshole.
> 
> Funny that site owners have so many qualms over that...

I'm no GPDR expert, but isn't it much more complicated than that? I'm
not sure what sort of website the OP was talking about, but even for a
simple blog that allows comments, aren't there all sorts of other
requirements that would come into play? E.g.:

https://pbsmarket.com/gdpr-for-bloggers/

Celejar

Re: What am I missing that causes this error response from the wheezy mozilla?

[John Hasler]

Celejar writes:
> https://pbsmarket.com/gdpr-for-bloggers/

This is ludidrous.  If you sell nothing to Europeans and have no
business presence there you can ignore this.  It's easy to see why many
site owners decide that the safer course is to block Europe, though,
even if they are actually already in compliance.  From their point of
view it's block Europe, hire an expensive lawyer to tell them how to
comply, or risk prosecution.

I run a small site for my business.  I collect no data at all on
visitors and use no JS, but I have no idea whether or not I'm in
compliance and I have no intention of trying to find out.

My site is hosted by Gandi, though, and I believe it is still running on
their French servers.  I suppose I should move it to the USA just to
avoid the small risk of it being shut down for failure to register or
some such nonsense.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: shell script problem

[Greg Wooledge]

On Wed, Feb 06, 2019 at 02:22:35PM +0900, John Crawley wrote:
> On 06/02/2019 03.17, ghe wrote:
> > On 2/5/19 9:19 AM, Jude DaShiell wrote:
> > > Have you tried replacing "-" with \45 yet?  That's the ascii equivalent
> > > for "-'.
> > 
> > Excellent idea. But:
> > 
> > root@sbox:~# systemctl unmask \45.mount
> > Unit 45.mount does not exist, proceeding anyway.
> > 
> > (Same with quotes.)
> > 
> You might try
> root@sbox:~# systemctl unmask $'\45'.mount
> Just a thought.

You're all just making stuff up without understanding it.

First of all, the ASCII value of - is 45 decimal, or 055 octal, or 0x2d
hexadecimal.  If you use bash's $'\...' quoting syntax, you get to choose
between octal and hexadecimal, the default being octal.

So, $'\055' is equivalent to '-'.  $'\45' is a percent sign.

Second, whatever form of quoting you use in your shell command is simply
a mechanism to make sure your intended arguments get passed to the
command you're invoking.  Once the shell has parsed your quoting, the
quotes are removed.  The command doesn't see them.

As arguments, - and "-" and '-' and $'-' and $'\055' and $'\x2d' are all
exactly the same.  There is no difference at all.

wooledg:~$ args - "-" '-' $'-' $'\055' $'\x2d'
6 args: <-> <-> <-> <-> <-> <->

The command (mount, umount, systemctl unmask, or whatever) does not know
or care which kind of quoting, if any, you used in your shell.

This is also why the classic Unix shell FAQ "how do I remove a file whose
name starts with -" is such a puzzler for many people.  People think
that by quoting the leading - they will somehow make rm treat it as a
filename instead of an option.  But because of how shells *work*, the
quotes are removed, and rm has no idea that you quoted it.

Answer to the FAQ: you must tell rm that this argument is a filename
and not an option.  You do that by putting the end-of-options indicator --
before the filename.  E.g. rm -- -myfile

Another way to do it is to give rm a pathname that does not begin with 
a - character.  E.g. rm ./-myfile

The latter only works because the argument to rm *is* a pathname,
and relative pathnames can have a leading ./ prepended to them without
changing their meaning.

Now, I don't know how systemctl unmask works.  You can try putting --
before your unit argument, if the unit name truly begins with a -,
and see if that helps.  Or, you can try to figure out whether this is
really the correct unit name at all.  It seems rather dubious.

Is there any chance that your fstab file is simply malformed, and is
being converted into bogus .mount units?  Maybe you should go through
your /etc/fstab and look for errors.

Re: USB hard drives -- recommendations?

[Stefan Monnier]

> Would anybody care to voice an opinion on USB external hard drives in the
> 2 terabyte size range, for automated backup purposes?

I personally use my external HDDs without enclosures.

I.e. I use a USB<->SATA adapter
(e.g. 
https://www.dx.com/p/usb-3-0-to-sata-22-pin-2-5-hard-disk-driver-adapter-cable-black-18cm-2021357)
and then connect the "raw drives".  The advantage is that the same
adapter cable works for various sizes of drives (e.g. I have some
extra-thick 2½" 2TB drives which don't fit in a normal 2½" enclosure).

Some of those adapters can also be used with 3½" drives (at the cost of
extra work to power the drive, and I'm not sure it's worth the trouble:
I personally stopped using 3½" disks when the 2½" disks crossed the 2TB
threshold).


Stefan

Re: What am I missing that causes this error response from the wheezy mozilla?

[Gene Heskett]

On Wednesday 06 February 2019 08:04:59 John Hasler wrote:

> Gene writes:
> > I'm firmly in ipv4 country yet, and I don't know of an ipv6 facility
> > closer than Pittsburgh.
>
> Irrelvant.  Use a tunnel.  I've used these free tunnel brokers:
> https://ipv6.he.net/

nearest portal is 500 miles away over ipv4 circuits

> https://www.sixxs.net/main/

was sunsetted 3 years ago.

I just called my cable connection provider, and asked how far away 
timewise, is ipv6 connectivity in Weston WV.
" I don't know what this ipv6 is "

So me, and my ancient web page, are stuck in 10 megabit territory, can 
get 100 if I needed it for another 30 bucks a month, at an ipv4 address 
I just renewed in the December past for another 5 years at namecheap.  
Address in the sig.  And while its said to be dynamic, as long as I 
clone this buffalo routers MAC into whatever router I have  hooked up, 
its been a fixed address for the past 7 years.

One must be practical.  And my point is that the most important mile in 
any net connection, is the last mile to ones modem, and what bandwidth 
the modem is provisioned for. And I consistently measure about 11 or 12 
megabyte down and around 3 up. Meaning I am getting a wee bit more than 
I'm paying for. My telephone is also part of that bundle.  I long ago 
found Verizon's copper here in town, buried for 80+ years, had  very 
poor reliability, and to get Verizon to fix it for another week was 
taking complaints to the states PUC, and which was pissing Verizon off 
no end. So when the local cable was sold to Shentel and a whole new 
technical facility was constructed to support it, I voted with my wallet 
and had it all moved. Now the only service outages have been because the 
power is off long enough for their batteries to run down. I have my own 
power and the modem and my phone is back up 15 seconds after my power 
starts.  Cell phone service dies after their generators run out of fuel.

Takes half a day before their batteries go flat if the outage is wide 
spread.

Verizon sold the local phone system to Frontier, which try harder but its 
still the same old copper with all its problems.

So ipv6 is locally moot, John, and likely will not change within my 
remaining time on this ball of rock and water, which I just extended by 
getting a pacemaker with a ten year battery installed last month. Since 
I am 84 now, I expect something else will put a ~30~ on my story.

If and when it arrives locally, I expect the drones answering the phones 
at my provider will be made cognizant because its their job to sell me a 
better service.

>
> A complete list:
> https://en.wikipedia.org/wiki/List_of_IPv6_tunnel_brokers


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: What am I missing that causes this error response from the wheezy mozilla?

[deloptes]

Gene Heskett wrote:

> Not that I know about ATM. But the woofs family has a few small pieces of
> gas well royalties, and they always mail the checks so they get here
> late Friday's, too late to hit the bank with such a piddly deposit.  And
> by Monday its buried in this midden heap and forgotten, so more than 1
> $7 or $12 check has wound up in the treasurers office and I have to
> claim them for her. Mailing it so it gets here after the banks close on
> Friday is NOT anything but intentional, they get to use your money for a
> little while longer. Interesting what you can learn at the rodeo...

very interesting - couple of years ago I learned about over night swaps ...
and usually you are not getting bigger transfers same day. They (in the
bank) say that bigger amounts need approval and it takes one day :) (in
Europe) :)
I am not sure if it changed now, cause they changed something last year -
but I doubt cause it is so tasty. Especially if you know what will happen
in the next 6 hours on wall street or in japan ...

regards

Re: What am I missing that causes this error response from the wheezy mozilla?

[deloptes]

to...@tuxteam.de wrote:

> Attempt at an explanation: as IPV4 gets more and more exhausted,
> we're bound to see small slivers of IPV4 space "recycled" and
> allocated to random places -- IP address to geolocation "mapping"
> becoming more and more fractal and (time-) dynamic. Admins:
> enjoy maintaining your firewall rules!

My feeling is that might be all of that is managed from India or Malaysia
and perhaps no one knows what is going on.

I expect worse things in the future.

PARTIAL success - was [Re: Adding/modifying users under MATE DE]

[Richard Owlett]

On 02/04/2019 12:29 PM, Richard Owlett wrote:

On 02/04/2019 11:32 AM, to...@tuxteam.de wrote:

[snip]

Although it seems visudo can cope with a graphical editor [1],
I've never tried that. Perhaps someone around here has.


I can cope {if grumpily} with any editor.
I prefer Pluma, but that hardly qualifies as a console editor.
I'm not about to blindly edit those files on my primary machine. I've 
alternate hardware for test cases but I'm much more interested is safely 
and conveniently to configure users to work on a INTERESTING problem.


If [as root] I do   > export EDITOR=/usr/bin/pluma
before
  > visudo
things *approximately* work ;/

Pluma, not nano, is invoked.
$EDITOR is not preserved across sessions.
I've seen mention of a remedy, but the reference is missing at moment.

The "error checking" of visudo appears to work:
 1. If garbage string is entered, visudo will balk at saving it.
 2. If garbage is preceded by "#", it will be saved on exit.

NOTE BENE
An error message is displayed BEFORE visudo executes:

(pluma:1343): EggSMClient-WARNING **: Failed to connect to the session manager: 
None of the authentication protocols specified are supported


(pluma:1343): dconf-WARNING **: failed to commit changes to dconf: The 
connection is closed
Error creating proxy: The connection is closed (g-io-error-quark, 18)
Error creating proxy: The connection is closed (g-io-error-quark, 18)
Error creating proxy: The connection is closed (g-io-error-quark, 18)
Error creating proxy: The connection is closed (g-io-error-quark, 18)
Error creating proxy: The connection is closed (g-io-error-quark, 18)

(pluma:1343): dconf-WARNING **: failed to commit changes to dconf: The 
connection is closed

(pluma:1343): dconf-WARNING **: failed to commit changes to dconf: The 
connection is closed

(pluma:1343): dconf-WARNING **: failed to commit changes to dconf: The 
connection is closed




I've seen this form of error before when launching Pluma in a MATE 
terminal. Haven't chased down the details as everything appeared to 
"just work".







Thank you.



Cheers

[1] 
https://unix.stackexchange.com/questions/42726/how-do-i-change-the-default-text-editor-in-the-debian-squeeze-distro 


-- t

Re: What am I missing that causes this error response from the wheezy mozilla?

[John Hasler]

Gene writes:
> nearest portal is 500 miles away over ipv4 circuits

That's what the tunnel is for.

But it sounds like you think ipV6 might get you more bandwidth.  It won't.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: What am I missing that causes this error response from the wheezy mozilla?

[Dan Ritter]

John Hasler wrote: 
> Celejar writes:
> > https://pbsmarket.com/gdpr-for-bloggers/
> 
> This is ludidrous.  If you sell nothing to Europeans and have no
> business presence there you can ignore this.  It's easy to see why many
> site owners decide that the safer course is to block Europe, though,
> even if they are actually already in compliance.  From their point of
> view it's block Europe, hire an expensive lawyer to tell them how to
> comply, or risk prosecution.
> 
> I run a small site for my business.  I collect no data at all on
> visitors and use no JS, but I have no idea whether or not I'm in
> compliance and I have no intention of trying to find out.

You're in compliance.

GDPR is:

- written clearly
- makes reasonable sense given its premise
- scales requirements to what you are doing
- scales fines to how badly you are abusing the requirements

If you collect personal information, you need to be able to show that
it was gathered with the person's consent; correct it or delete it on
request of the particular person it's about, and you need to make it
easy for them to contact you to do those things. You need to be able to
state why you are collecting their information, how long you are keeping
their information, and have a policy about when you delete it.


You're not collecting personal data? No problem, you're done.


-dsr-

Re: PARTIAL success - was [Re: Adding/modifying users under MATE DE]

[tomas]

On Wed, Feb 06, 2019 at 01:47:26PM -0600, Richard Owlett wrote:
> On 02/04/2019 12:29 PM, Richard Owlett wrote:

[...]

> If [as root] I do   > export EDITOR=/usr/bin/pluma
> before
>   > visudo
> things *approximately* work ;/
> 
> Pluma, not nano, is invoked.

Not bad :-)

> $EDITOR is not preserved across sessions.

This is to be expected: this "export... " is only good for this
one shell session.

> I've seen mention of a remedy, but the reference is missing at moment.

Most probably you should add

  export EDITOR=/usr/bin/pluma

to your /etc/profile (for all users) or to $HOME/.xsession (for one
specific user). Don't know for sure whether MATE picks that up there
(others might chime in).

> The "error checking" of visudo appears to work:
>  1. If garbage string is entered, visudo will balk at saving it.
>  2. If garbage is preceded by "#", it will be saved on exit.
> 
> NOTE BENE
> An error message is displayed BEFORE visudo executes:
> >(pluma:1343): EggSMClient-WARNING **: Failed to connect to the session 
> >manager: None of the authentication protocols specified are supported
> >
> >
> >(pluma:1343): dconf-WARNING **: failed to commit changes to dconf: The 
> >connection is closed
> >Error creating proxy: The connection is closed (g-io-error-quark, 18)
> >Error creating proxy: The connection is closed (g-io-error-quark, 18)
> >Error creating proxy: The connection is closed (g-io-error-quark, 18)
> >Error creating proxy: The connection is closed (g-io-error-quark, 18)
> >Error creating proxy: The connection is closed (g-io-error-quark, 18)
> >
> >(pluma:1343): dconf-WARNING **: failed to commit changes to dconf: The 
> >connection is closed
> >
> >(pluma:1343): dconf-WARNING **: failed to commit changes to dconf: The 
> >connection is closed
> >
> >(pluma:1343): dconf-WARNING **: failed to commit changes to dconf: The 
> >connection is closed
> >
> >
> 
> I've seen this form of error before when launching Pluma in a MATE
> terminal. Haven't chased down the details as everything appeared to
> "just work".

It seems pluma loses its umbilical cord to the mothership. I guess
there's some environment variable which is filtered out when invoking
the su shell (they are for security reasons, but there is a way to
whitelist them).

Background: gconf is a settings database where Gnome (and Mate)
applications can store their settings. To talk to this, the application
needs to know the coordinates of the thingy to talk to (perhaps an
Unix domain socket?) Those coordinates are probably stashed in an
environment variable (Caution; there's much guesswork involved
here).

Sigh. Gnome and its family. They are so fussy.

Perhaps someone around here has more solid knowledge of that.

Cheers
-- tomás


signature.asc
Description: Digital signature

Re: What am I missing that causes this error response from the wheezy mozilla?

[Gene Heskett]

On Wednesday 06 February 2019 12:46:29 deloptes wrote:

> Gene Heskett wrote:
> > Not that I know about ATM. But the woofs family has a few small
> > pieces of gas well royalties, and they always mail the checks so
> > they get here late Friday's, too late to hit the bank with such a
> > piddly deposit.  And by Monday its buried in this midden heap and
> > forgotten, so more than 1 $7 or $12 check has wound up in the
> > treasurers office and I have to claim them for her. Mailing it so it
> > gets here after the banks close on Friday is NOT anything but
> > intentional, they get to use your money for a little while longer.
> > Interesting what you can learn at the rodeo...
>
> very interesting - couple of years ago I learned about over night
> swaps ... and usually you are not getting bigger transfers same day.
> They (in the bank) say that bigger amounts need approval and it takes
> one day :) (in Europe) :)
> I am not sure if it changed now, cause they changed something last
> year - but I doubt cause it is so tasty. Especially if you know what
> will happen in the next 6 hours on wall street or in japan ...
>
> regards

You are just playing in a bigger rodeo.  I have had to write 2 checks for 
the last 2 vehicles I've bought. Writing a single check for close to 
$20k for a good used car/truck doesn't fly, some sort of a rule that 10k 
and over has to be reported so the irs can watch for laundering, so I 
write one for $ one day, and the balance the next day. As long as 
the account is good for it, what business is it I buy a new truck to 
replace a 20 yo rust bucket that getting dangerous to drive.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: What am I missing that causes this error response from the wheezy mozilla?

[John Hasler]

Gene writes:
> I have had to write 2 checks for the last 2 vehicles I've
> bought. Writing a single check for close to $20k for a good used
> car/truck doesn't fly, some sort of a rule that 10k and over has to be
> reported so the irs can watch for laundering, so I write one for $
> one day, and the balance the next day. As long as the account is good
> for it, what business is it I buy a new truck to replace a 20 yo rust
> bucket that getting dangerous to drive.

People have been prosecuted for evading the controls in that way.  The
government doesn't need to prove that any other illegal activity was
involved or intended: evading the reporting requirements is a crime in
itself.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: What am I missing that causes this error response from the wheezy mozilla?

[Gene Heskett]

On Wednesday 06 February 2019 20:15:48 John Hasler wrote:

> Gene writes:
> > I have had to write 2 checks for the last 2 vehicles I've
> > bought. Writing a single check for close to $20k for a good used
> > car/truck doesn't fly, some sort of a rule that 10k and over has to
> > be reported so the irs can watch for laundering, so I write one for
> > $ one day, and the balance the next day. As long as the account
> > is good for it, what business is it I buy a new truck to replace a
> > 20 yo rust bucket that getting dangerous to drive.
>
> People have been prosecuted for evading the controls in that way.  The
> government doesn't need to prove that any other illegal activity was
> involved or intended: evading the reporting requirements is a crime in
> itself.

Maybe, but if they jailed everybody that did it, we'd need at least 20x 
more beds in the jails.+


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 

Re: What am I missing that causes this error response from the wheezy mozilla?

[David Wright]

On Wed 06 Feb 2019 at 19:15:48 (-0600), John Hasler wrote:
> Gene writes:
> > I have had to write 2 checks for the last 2 vehicles I've
> > bought. Writing a single check for close to $20k for a good used
> > car/truck doesn't fly, some sort of a rule that 10k and over has to be
> > reported so the irs can watch for laundering, so I write one for $
> > one day, and the balance the next day. As long as the account is good
> > for it, what business is it I buy a new truck to replace a 20 yo rust
> > bucket that getting dangerous to drive.
> 
> People have been prosecuted for evading the controls in that way.  The
> government doesn't need to prove that any other illegal activity was
> involved or intended: evading the reporting requirements is a crime in
> itself.

Isn't it the payee who's evading the reporting requirement? So a payer
might try pleading ignorance as to why the payee asked for two cheques.

Cheers,
David.

Re: What am I missing that causes this error response from the wheezy mozilla?

[Celejar]

On Wed, 6 Feb 2019 20:51:37 -0600
David Wright  wrote:

> On Wed 06 Feb 2019 at 19:15:48 (-0600), John Hasler wrote:
> > Gene writes:
> > > I have had to write 2 checks for the last 2 vehicles I've
> > > bought. Writing a single check for close to $20k for a good used
> > > car/truck doesn't fly, some sort of a rule that 10k and over has to be
> > > reported so the irs can watch for laundering, so I write one for $
> > > one day, and the balance the next day. As long as the account is good
> > > for it, what business is it I buy a new truck to replace a 20 yo rust
> > > bucket that getting dangerous to drive.
> > 
> > People have been prosecuted for evading the controls in that way.  The
> > government doesn't need to prove that any other illegal activity was
> > involved or intended: evading the reporting requirements is a crime in
> > itself.
> 
> Isn't it the payee who's evading the reporting requirement? So a payer
> might try pleading ignorance as to why the payee asked for two cheques.

The practice is called structuring, and I think that, at least in the
U.S., the statute does cover payer conduct:

https://en.wikipedia.org/wiki/Structuring

Celejar

Install Report: Buster Weekly Build on Intel NUC (NUC8I5BEK1)

[Carl Fink]

My Intel NUC (Next Unit of Computing) mini-PC arrived today. Installing the
RAM and M.2 card was super-simple. Then I tried to install Debian.

First I used unetbootin to create a Testing (Buster) netinstall USB drive.

First of all, it's hard to get it to boot from a USB drive. You have to get
into the BIOS, which on this device by default is not prompted when you
power it up. You have to use Intel's secret handshake: turn off the NUC,
then hold the power button down for three (but not four!) seconds, which
gets you their special power-button menu, where you can turn on the BIOS
prompt (and also change the BIOS directly from that menu). You also have to
turn on legacy boot, of course, to boot from the USB drive.

... and when the installer got to installing kernel modules, it could not do
that because the kernel version on the downloadable image doesn't match the
version in the repository. I'm assuming this is a transient thing with this
particular weekly image.

So I downloaded the DVD image, and used unetbootin to put that on the USB
key. Now the installer failed with the message that it could not mount the
install CD ... which was imaged onto the same USB drive I had just booted
from, so ... something weird there.

I flashed the Intel BIOS to the latest version. This had no effect I could
see.

Finally, rather than try to figure out the installer issue, I dug out my DVD
burner (not used for over a year), burned an actual DVD image and plugged
the USB optical drive into the NUC, which detected it, and the install then
ran smoothly. Aside from HDMI audio not working, I mean, and restarting
PulseAudio fixed that.

Before anyone asks: yes, I'm going to submit this through reportbug. I
wanted this here as well, at least partly to help anyone experiencing the
same problems (since this mailing list is more likely to turn up in web
searches than Debian bug reports).
--

Carl Fink  c...@finknetwork.com
Thinking and logic and stuff at Reasonably Literate
http://reasonablyliterate.com

Re: Install Report: Buster Weekly Build on Intel NUC (NUC8I5BEK1)

[Kenneth Parker]

On Wed, Feb 6, 2019 at 11:13 PM Carl Fink  wrote:

> My Intel NUC (Next Unit of Computing) mini-PC arrived today. Installing the
> RAM and M.2 card was super-simple. Then I tried to install Debian.
>

Okay folks, it looks like Microsoft and Intel are playing Hardball on
people installing Linux on Laptop Computers.

>
> First I used unetbootin to create a Testing (Buster) netinstall USB drive.
>
> First of all, it's hard to get it to boot from a USB drive. You have to get
> into the BIOS, which on this device by default is not prompted when you
> power it up. You have to use Intel's secret handshake: turn off the NUC,
> then hold the power button down for three (but not four!) seconds, which
> gets you their special power-button menu, where you can turn on the BIOS
> prompt (and also change the BIOS directly from that menu). You also have to
> turn on legacy boot, of course, to boot from the USB drive.
>

[Sarcasm]  How hard can you make it, for someone to figure out how to use
their Computer in the way they want to?   [/Sarcasml]

>
> ... and when the installer got to installing kernel modules, it could not
> do
> that because the kernel version on the downloadable image doesn't match the
> version in the repository. I'm assuming this is a transient thing with this
> particular weekly image.
>

I suspect that Microsoft likes Ubuntu more than Debian.  As an
administrator of eyeblinkuniverse.com, I have to work with my superiors
(some of whom aren't Linux-Friendly).   I will be  extremely interested in
your experiences.  (and yes, eyeblinkuniverse.com is on Ubuntu 16.04.5).

>
> So I downloaded the DVD image, and used unetbootin to put that on the USB
> key. Now the installer failed with the message that it could not mount the
> install CD ... which was imaged onto the same USB drive I had just booted
> from, so ... something weird there.
>


> I flashed the Intel BIOS to the latest version. This had no effect I could
> see.
>
> Finally, rather than try to figure out the installer issue, I dug out my
> DVD
> burner (not used for over a year), burned an actual DVD image and plugged
> the USB optical drive into the NUC, which detected it, and the install then
> ran smoothly. Aside from HDMI audio not working, I mean, and restarting
> PulseAudio fixed that.
>

Good.

>
> Before anyone asks: yes, I'm going to submit this through reportbug. I
> wanted this here as well, at least partly to help anyone experiencing the
> same problems (since this mailing list is more likely to turn up in web
> searches than Debian bug reports).
> --
>
I thank you for that.



>
> Carl Fink  c...@finknetwork.com
> Thinking and logic and stuff at Reasonably Literate
> http://reasonablyliterate.com


Kenneth Parker
http://eyeblinkuniverse.com

Re: Install Report: Buster Weekly Build on Intel NUC (NUC8I5BEK1)

[Thomas Schmitt]

Hi,

Carl Fink wrote:
> First I used unetbootin to create a Testing (Buster) netinstall USB drive.

This is deprecated by
  https://www.debian.org/CD/faq/#write-usb

"Please note, that Debian advises not using "unetbootin" for this task.
 It can cause difficult-to-diagnose problems with booting and installing,
 so is not recommended."

Rather copy the ISO image flatly to the base device file of the USB stick.
The FAQ proposes

  cp  

or

  dd if= of= bs=4M; sync

( has to be e.g. /dev/sdc, not a partition device like /dev/sdc1.)


> You also have to turn on legacy boot, of course, to boot from the USB drive.

The ISOs do have boot entries for EFI from DVD and from USB stick.
Probably unetbootin did not copy the EFI System Partition from the ISO.


Have a nice day :)

Thomas

/boot full (of old-dkms)

[Erik Josefsson]

Hello,

I happen to have a couple of quite large old-dkms* files in my /boot 
directory.


Apparently they are not removed by aptitude autoclean (which I use 
regularly).



Can I safely remove those files manually with rm?

Or should I use another tool or command?

Thanks!


//Erik


*)

/boot$ ls -al | grep old
-rw-r--r--  1 root root 26018518 jul 26  2018 
initrd.img-4.16.0-1-amd64.old-dkms
-rw-r--r--  1 root root  3538944 jul 26  2018 
initrd.img-4.16.0-2-amd64.old-dkms
-rw-r--r--  1 root root 28866434 jan 16 18:06 
initrd.img-4.19.0-1-amd64.old-dkms