date:20231221



Sent from my iPad

> On Dec 21, 2023, at 5:37 AM, Andrew M.A. Cater  wrote:
> 
> On Wed, Dec 20, 2023 at 06:57:50PM -0500, Pocket wrote:
>> 
> 
> Could we please stop the thread now? You appear to be talking past each
> other at this point. Various suggestions as to the nature of the problem
> and possible solutions have been put forward - it is absolutely for you
> to choose whatever you wish to do but can we please end the discussion now.
> 
> The aim in this list is to be constructive and helpful - sometimes lengthy
> threads wear that thin.
> 
> Andy
> 

Maybe I should not post at all?

I have spoken

[SOLVED?] Re: Mouse single click handling?

2023-12-21 Thread local10

Dec 19, 2023, 16:36 by to...@tuxteam.de:

> Here's someone offering a patch for xserver-xorg-input-evdev:
>
>  https://blog.guntram.de/?p=16
>
> and this is someone reporting on how to build for Ubuntu:
>
>  
> https://askubuntu.com/questions/321816/mouse-sometimes-doubleclicks-when-i-click-once
>
> so yes, it seems you are not alone :-)
>


Will mark it as SOLVED in case if the solution that has worked for me ( 
https://lists.debian.org/debian-user/2023/12/msg01048.html ) doesn't work for 
someone.
Regards,

Re: Could we please cease this thread now? [WAS Re: lists]

On Thu, Dec 21, 2023 at 05:44:23AM -0500, Pocket wrote:
> Maybe I should not post at all?

Unless you are able to do better at it, that is a solution that I
for one am in favour of.

Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: difference in seconds between two formatted dates ...

On Wed, Dec 20, 2023 at 10:52:33PM -0600, David Wright wrote:
> Sorry for the synecdoche, but I think it expresses the comprehensive
> setting of UTC across the entirety of the computer and its operating
> system, from the RTC, through /etc/timezone and /etc/localhost, to
> the users' sessions. By this active (not just default) means, users
> can remain blissfully unaware of the effects of setting timezones
> other than UTC, just as the OP appeared to be, until reminded.

I'm not even sure what you're trying to say here.  "Active"?  Do you
think /etc/timezone and /etc/localhost somehow have agency?  That
they have intent?

They're just settings.  When an application wants to convert an
epoch time to a date/time string, it looks for the TZ environment
variable, and if that's not present, it looks for either /etc/localtime
or /etc/timezone, depending on how it was programmed.

As far as the RTC (real time clock) goes, that just exists to
bootstrap the system clock at boot time, before NTP takes over.
If the system isn't connected to a network with a time server
available, then of course NTP never takes over, and the system clock
tries its best to keep up with time based on the initial RTC value,
unless/until a sysadmin decides to run a date command to set the
system clock more accurately.

Again, there isn't any agency here.  The RTC is just a resource that
the system can use, once per boot, to get things started.  It could
be set correctly, or incorrectly.  It could be set to local time, as
was common when dual-booting with Windows, or to UTC.  On systems
that run NTP, the RTC is mostly vestigial.  Its setting has very
little effect on anything -- perhaps some early logfile timestamps.

Help: network abuse

My home PC is receiving, for hours at a time, 12-30 kB/s input traffic. This is
unsolicited. I do not know what it is trying to achieve but suspect no good. It
is also eating my broadband allowance.

This does not show up in the Apache log files - the TCP connection does not 
succeed.

Sometimes my machine does send a packet in reply, there are 2 examples at the
foot of this email.

Questions:

• What is going on ?

• What can I do about it ?
  I do manually add some of the IPs to the f2b chain which will stop replies
  but that is about it.

My ISP refuses to do anything about it - I admit that I cannot see what they
could do, maybe filter packets with a source port of 80 or 443.

I also get attempts to break into ssh (port 22) - I am not worried about that.

I append a few lines of output of "tcpdump -n -i enp3s0" done today.
192.168.108.2 is the address of my desktop PC.

The connecting IPs below all belong to Amazon but this changes with time, China
is another common source of similar packets.

11:08:56.354303 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
19070976, win 51894, options [mss 1401,sackOK,TS val 1182532729 ecr 
0,nop,wscale 7], length 0
11:08:56.354700 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
3665362944, win 51894, options [mss 1402,sackOK,TS val 4179952761 ecr 
0,nop,wscale 7], length 0
11:08:56.360527 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
479395840, win 51894, options [mss 1412,sackOK,TS val 3391683448 ecr 
0,nop,wscale 7], length 0
11:08:56.360696 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
1622147072, win 51894, options [mss 1410,sackOK,TS val 2887711608 ecr 
0,nop,wscale 7], length 0
11:08:56.360950 IP 54.184.78.87.80 > 192.168.108.2.80: Flags [S], seq 
3168796672, win 51894, options [mss 1404,sackOK,TS val 535364985 ecr 
0,nop,wscale 7], length 0
11:08:56.364565 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
132317184, win 51894, options [mss 1407,sackOK,TS val 2350122105 ecr 
0,nop,wscale 7], length 0
11:08:56.364708 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
1098776576, win 51894, options [mss 1405,sackOK,TS val 3426157689 ecr 
0,nop,wscale 7], length 0
11:08:56.367975 IP 13.231.232.88.80 > 192.168.108.2.80: Flags [S], seq 
3272540160, win 51894, options [mss 1413,sackOK,TS val 979961209 ecr 
0,nop,wscale 7], length 0

2 days ago a similar capture. Note that the source port is 443 not 80:

09:47:31.416452 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 
2724200448, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 
0,nop,wscale 7], length 0
09:47:31.417861 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], seq 
925237248, win 51894, options [mss 1407,sackOK,TS val 756418658 ecr 
0,nop,wscale 7], length 0
09:47:31.440892 IP 27.124.10.197.443 > 192.168.108.2.80: Flags [S], seq 
3474063360, win 51894, options [mss 1404,sackOK,TS val 3970828642 ecr 
0,nop,wscale 7], length 0
09:47:31.449393 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], seq 
2844721152, win 51894, options [mss 1407,sackOK,TS val 1831471202 ecr 
0,nop,wscale 7], length 0
09:47:31.451430 IP 154.39.104.67.443 > 192.168.108.2.80: Flags [S], seq 
2336358400, win 51894, options [mss 1415,sackOK,TS val 395513698 ecr 
0,nop,wscale 7], length 0
09:47:31.451610 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 
808976384, win 51894, options [mss 1414,sackOK,TS val 1960250978 ecr 
0,nop,wscale 7], length 0
09:47:31.453372 IP 143.92.60.30.443 > 192.168.108.2.80: Flags [S], seq 
3177512960, win 51894, options [mss 1408,sackOK,TS val 4033677410 ecr 
0,nop,wscale 7], length 0
09:47:31.456937 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 
1042087936, win 51894, options [mss 1415,sackOK,TS val 2011106914 ecr 
0,nop,wscale 7], length 0
09:47:31.461961 IP 27.124.10.226.443 > 192.168.108.2.80: Flags [S], seq 
3200516096, win 51894, options [mss 1403,sackOK,TS val 2314013026 ecr 
0,nop,wscale 7], length 0

Examples where my machine sends a reply:

09:47:31.658790 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 
612564992, win 51894, options [mss 1415,sackOK,TS val 2011106914 ecr 
0,nop,wscale 7], length 0
09:47:31.659442 IP 192.168.108.2.80 > 154.39.104.67.443: Flags [S.], seq 
3770299450, ack 1858732033, win 65160, options [mss 1460,sackOK,TS val 
164888251 ecr 395513698,nop,wscale 7], length 0

09:47:31.756220 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 
2992898048, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 
0,nop,wscale 7], length 0
09:47:31.756272 IP 192.168.108.2.80 > 5.45.73.147.443: Flags [.], ack 
1226309633, win 509, options [nop,nop,TS val 2085784149 ecr 994101358], length 0


-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT 
Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers. Registration Information: 
https://www.phcomp.co.uk/Contact.html
#include

RTC and (old) Windows [was: difference in seconds between two formatted dates ...]

On Thu, Dec 21, 2023 at 07:15:12AM -0500, Greg Wooledge wrote:

[...]

> Again, there isn't any agency here.  The RTC is just a resource that
> the system can use, once per boot, to get things started.  It could
> be set correctly, or incorrectly.  It could be set to local time, as
> was common when dual-booting with Windows, or to UTC.  On systems
> that run NTP, the RTC is mostly vestigial.  Its setting has very
> little effect on anything -- perhaps some early logfile timestamps.

Anecdote time:

I used to work in a shop Back Then (TM) (roughly Windows 3.1). We did
C programs for a living and had a mix of Windows boxes and Linux boxes.

Windows boxes were "naive" and had local time. We had a time zone
with summer and winter time.

On time transitions, all hell broke loose with Makefiles, which look
at file time stamps :-)

We ended up setting the Windows boxes to Monrovia/Liberia: no time
jumps *and* (more or less) GMT. No more hassles...

Cheers
-- 
t

signature.asc
Description: PGP signature

Re: Could we please cease this thread now? [WAS Re: lists]




On 12/21/23 06:32, Andy Smith wrote:

On Thu, Dec 21, 2023 at 05:44:23AM -0500, Pocket wrote:

Maybe I should not post at all?

Unless you are able to do better at it, that is a solution that I
for one am in favour of.

Andy



So I see that I am not welcome here.

Ok fine, I will take my leave and move on to another distro, since the 
folks here seem top be quite hostile.


My intention was to meld the raspios to debian to bring debian to be 
able to run better on the raspberry pi platform.


I use just starting to learn how to package software under debian, now 
it seems that I would be foolish to waste time doing that.


I will remove debian from my amd64 system and replace it with ArchLinux 
and return to developing my custom OS for the raspberry pi platform.


I don't want to waste any more time here.


BTW:

What is your official capacity for debian?

--

Hindi madali ang maging ako

Re: difference in seconds between two formatted dates ...

On Thu, Dec 21, 2023 at 06:08:26AM +, Albretch Mueller wrote:
>  and what would the systemd way to synch the RTC (Real Time Clock) and
> UTC?

I don't understand this question at all.  The system clock value is
normally written to the RTC as a backup when the system shuts down.
Then, the RTC value is read at boot time to initialize the system clock.

> Why is it I am noticing a 14 seconds difference on my computer
> (booted with a Debian Live DVD)?

Because you're not networked?  If the system has no time sources to draw
upon, other than its own battery-backed RTC, then it will continue to
drift farther and farther from the correct time.

> $ timedatectl
>Local time: Thu 2023-12-21 00:52:20 UTC
>Universal time: Thu 2023-12-21 00:52:20 UTC
>  RTC time: Thu 2023-12-21 00:52:06
> Time zone: Etc/UTC (UTC, +)
> System clock synchronized: no
>   NTP service: n/a
>   RTC in local TZ: no

I don't think this command's output is accurate for systems using NTP
services that *aren't* systemd's.  I'm running ntpsec on mine, and I
also get that same "NTP service: n/a" line.

However, I also get "System clock synchronized: yes".  I'm honestly
not sure what those two lines mean.  I don't know how far I would
trust this command, on systems that are not fully invested in the
systemd takeover.

Hmm... let's try a brief experiment.

unicorn:~$ sudo ln -sf /usr/share/zoneinfo/America/Chicago /etc/localtime
unicorn:~$ timedatectl | grep -m1 zone
Time zone: America/Chicago (CST, -0600)
unicorn:~$ sudo ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime
unicorn:~$ timedatectl | grep -m1 zone
Time zone: America/Chicago (CST, -0600)
unicorn:~$ timedatectl | grep -m1 zone
Time zone: America/New_York (EST, -0500)

There was a fair bit of time elapsed between those last two commands,
as I was busy pasting things into this email.  I don't know how long,
exactly.  More than a second, but less than two minutes.

So... this is interesting.  Apparently timedatectl doesn't simply look
at the target of /etc/localtime.  There's a DELAY before the value is
correctly reported.  This tells me that timedatectl is in communication
with some process (perhaps PID 1, I don't know), and this other process
only discovers that /etc/localtime has changed after some time has passed.
Is it *polling*?  I have no idea, but that's what it looks like.

More and more reasons not to let systemd touch my clock.  Not that I
needed more of them, but... here we stand.

Re: Help: network abuse

2023-12-21 Thread Tim Woodall


On Thu, 21 Dec 2023, Alain D D Williams wrote:


My home PC is receiving, for hours at a time, 12-30 kB/s input traffic. This is
unsolicited. I do not know what it is trying to achieve but suspect no good. It
is also eating my broadband allowance.

This does not show up in the Apache log files - the TCP connection does not 
succeed.

Sometimes my machine does send a packet in reply, there are 2 examples at the
foot of this email.

Questions:

? What is going on ?

? What can I do about it ?
 I do manually add some of the IPs to the f2b chain which will stop replies
 but that is about it.

My ISP refuses to do anything about it - I admit that I cannot see what they
could do, maybe filter packets with a source port of 80 or 443.

I also get attempts to break into ssh (port 22) - I am not worried about that.

I append a few lines of output of "tcpdump -n -i enp3s0" done today.
192.168.108.2 is the address of my desktop PC.

The connecting IPs below all belong to Amazon but this changes with time, China
is another common source of similar packets.

11:08:56.354303 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
19070976, win 51894, options [mss 1401,sackOK,TS val 1182532729 ecr 0,nop,wscale 
7], length 0
11:08:56.354700 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
3665362944, win 51894, options [mss 1402,sackOK,TS val 4179952761 ecr 0,nop,wscale 
7], length 0
11:08:56.360527 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
479395840, win 51894, options [mss 1412,sackOK,TS val 3391683448 ecr 0,nop,wscale 
7], length 0
11:08:56.360696 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
1622147072, win 51894, options [mss 1410,sackOK,TS val 2887711608 ecr 0,nop,wscale 
7], length 0
11:08:56.360950 IP 54.184.78.87.80 > 192.168.108.2.80: Flags [S], seq 
3168796672, win 51894, options [mss 1404,sackOK,TS val 535364985 ecr 0,nop,wscale 
7], length 0
11:08:56.364565 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
132317184, win 51894, options [mss 1407,sackOK,TS val 2350122105 ecr 0,nop,wscale 
7], length 0
11:08:56.364708 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
1098776576, win 51894, options [mss 1405,sackOK,TS val 3426157689 ecr 0,nop,wscale 
7], length 0
11:08:56.367975 IP 13.231.232.88.80 > 192.168.108.2.80: Flags [S], seq 
3272540160, win 51894, options [mss 1413,sackOK,TS val 979961209 ecr 0,nop,wscale 
7], length 0

2 days ago a similar capture. Note that the source port is 443 not 80:

09:47:31.416452 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 
2724200448, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 0,nop,wscale 
7], length 0
09:47:31.417861 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], seq 
925237248, win 51894, options [mss 1407,sackOK,TS val 756418658 ecr 0,nop,wscale 
7], length 0
09:47:31.440892 IP 27.124.10.197.443 > 192.168.108.2.80: Flags [S], seq 
3474063360, win 51894, options [mss 1404,sackOK,TS val 3970828642 ecr 0,nop,wscale 
7], length 0
09:47:31.449393 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], seq 
2844721152, win 51894, options [mss 1407,sackOK,TS val 1831471202 ecr 0,nop,wscale 
7], length 0
09:47:31.451430 IP 154.39.104.67.443 > 192.168.108.2.80: Flags [S], seq 
2336358400, win 51894, options [mss 1415,sackOK,TS val 395513698 ecr 0,nop,wscale 
7], length 0
09:47:31.451610 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 
808976384, win 51894, options [mss 1414,sackOK,TS val 1960250978 ecr 0,nop,wscale 
7], length 0
09:47:31.453372 IP 143.92.60.30.443 > 192.168.108.2.80: Flags [S], seq 
3177512960, win 51894, options [mss 1408,sackOK,TS val 4033677410 ecr 0,nop,wscale 
7], length 0
09:47:31.456937 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 
1042087936, win 51894, options [mss 1415,sackOK,TS val 2011106914 ecr 0,nop,wscale 
7], length 0
09:47:31.461961 IP 27.124.10.226.443 > 192.168.108.2.80: Flags [S], seq 
3200516096, win 51894, options [mss 1403,sackOK,TS val 2314013026 ecr 0,nop,wscale 
7], length 0

Examples where my machine sends a reply:

09:47:31.658790 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 
612564992, win 51894, options [mss 1415,sackOK,TS val 2011106914 ecr 0,nop,wscale 
7], length 0
09:47:31.659442 IP 192.168.108.2.80 > 154.39.104.67.443: Flags [S.], seq 
3770299450, ack 1858732033, win 65160, options [mss 1460,sackOK,TS val 164888251 
ecr 395513698,nop,wscale 7], length 0

09:47:31.756220 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 
2992898048, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 0,nop,wscale 
7], length 0
09:47:31.756272 IP 192.168.108.2.80 > 5.45.73.147.443: Flags [.], ack 
1226309633, win 509, options [nop,nop,TS val 2085784149 ecr 994101358], length 0


You can try sending RST. That might make them give up.

There is not much else you can do.

I sometimes do a whois on a persistent offender and blacklist the entire
network. But I don't know if they stop as this happens before any
logging.

I'd suggest sending RST f

Re: Help: network abuse

2023-12-21 Thread Dan Purgert

On Dec 21, 2023, Alain D D Williams wrote:
> My home PC is receiving, for hours at a time, 12-30 kB/s input
> traffic. This is unsolicited. I do not know what it is trying to
> achieve but suspect no good. It is also eating my broadband
> allowance.
> 
> Questions:
> 
> • What is going on ?

Looks like bots.

> 
> • What can I do about it ?

Dropping the entirety of Asia/Africa has helped my logs (though, my ISP
doesn't track usage; and I imagine if they did, it wouldn't actually
HELP anything there, since the traffic already made it to me).  If it's
a reputable hosting company, contacting their abuse department may
possibly help them kill the account(s) running the bots.

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860

signature.asc
Description: PGP signature

Re: Help: network abuse

On Thu, Dec 21, 2023 at 12:00:55PM +, Alain D D Williams wrote:
> My home PC is receiving, for hours at a time, 12-30 kB/s input traffic. This 
> is
> unsolicited. I do not know what it is trying to achieve but suspect no good. 
> It
> is also eating my broadband allowance.

> 11:08:56.354303 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
> 19070976, win 51894, options [mss 1401,sackOK,TS val 1182532729 ecr 
> 0,nop,wscale 7], length 0

34.217.144.104 appears to be an Amazon AWS system.

> 11:08:56.360527 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
> 479395840, win 51894, options [mss 1412,sackOK,TS val 3391683448 ecr 
> 0,nop,wscale 7], length 0

As does 52.195.179.12.

> 11:08:56.367975 IP 13.231.232.88.80 > 192.168.108.2.80: Flags [S], seq 
> 3272540160, win 51894, options [mss 1413,sackOK,TS val 979961209 ecr 
> 0,nop,wscale 7], length 0

Same for 13.231.232.88.

I'm not 100% sure how to read these logs, but it looks like you're
running a web server on your local system...?  I see .80 after your
internal IP address, which I'm assuming means you have a service running
on port 80, which is normally HTTP.

If your home Internet service has an "allowance", you probably shouldn't
run a web server on it.  If your web site becomes popular all of a sudden
(these things happen -- one link posted in the right place can drive a ton
of traffic to you with no warning), your "allowance" could be completely
exhausted in a day.

You really should consider moving this web service to a provider with no
bandwidth limits.  There are many available, and they're cheap.

Re: Help: network abuse

On Thu, Dec 21, 2023 at 07:50:42AM -0500, Greg Wooledge wrote:

> If your home Internet service has an "allowance", you probably shouldn't
> run a web server on it.

Yes: I do run a web server at home, but there is only a little/personal stuff,
it does not receive much real traffic, I do not want it to. Most of my web
presence is hosted elsewhere.

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT 
Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers. Registration Information: 
https://www.phcomp.co.uk/Contact.html
#include

Re: Could we please cease this thread now? [WAS Re: lists]

2023-12-21 Thread Byung-Hee HWANG

On Thu, 2023-12-21 at 07:35 -0500, Pocket wrote:
> 
> On 12/21/23 06:32, Andy Smith wrote:
> > On Thu, Dec 21, 2023 at 05:44:23AM -0500, Pocket wrote:
> > > Maybe I should not post at all?
> > Unless you are able to do better at it, that is a solution that I
> > for one am in favour of.
> > 
> > Andy
> 
> 
> So I see that I am not welcome here.
> 

Hellow Pocket,

Gmane is good to reading emails of mailing lists like as
debian-user@l.d.o. Also if you want to post someting, you can do that
via Gmane.

For now i am reading emails by Gmane (Gnome Evolution). And i am
writing in Gmane (Gnome Evolution).

If you use Gmane, actually you will be free from SMTP issues.

And Welcome to the Debian INDEED ^^^

Sincerely, Byung-Hee from South Korea

-- 
^고맙습니다 _布德天下_ 감사합니다_^))//

Re: Help: network abuse

Hello,

On Thu, Dec 21, 2023 at 01:10:59PM +, Alain D D Williams wrote:
> Yes: I do run a web server at home, but there is only a little/personal stuff,
> it does not receive much real traffic, I do not want it to. Most of my web
> presence is hosted elsewhere.

Okay well 30KiB/s is only about 78GiB/month which isn't really a
lot. I think we're both in UK and it's been hard to find a domestic
Internet connection that you'd run a web server on that can't cope
with 78G/mo. So ignoring it seems okay.

You say these never complete a TCP handshake even though you do run
Apache on port 80? If so, it does make me wonder what they are
trying to do. I mean, I don't find surprising a constant stream of
connections to port 80 looking for typical exploitable scripts, but
if they don't even complete the TCP connection then that's a bit
strange.

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: Could we please cease this thread now? [WAS Re: lists]

On Thu, Dec 21, 2023 at 07:35:44AM -0500, Pocket wrote:
> On 12/21/23 06:32, Andy Smith wrote:
> > On Thu, Dec 21, 2023 at 05:44:23AM -0500, Pocket wrote:
> > > Maybe I should not post at all?
> > Unless you are able to do better at it, that is a solution that I
> > for one am in favour of.
> 
> So I see that I am not welcome here.

You refuse to do better - got it.

Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: Mouse single click handling?

2023-12-21 Thread songbird

James H. H. Lampert wrote:
> On 12/20/23 11:30 AM, Jeremy Nicoll wrote:
>> Until about a year ago my experience with Logitech mice had been
>> good.  Those that had died normally did so after falling off a desk,
>> which I don't really see as a manufacturing fault.
>> 
>> But since then several I've bought have all failed with the problem of
>> LMB sending double-clicks when pressed once.  That includes two
>> separate "Pebble" mice.
>
> I've also been sticking with Logitech mice for many years. Specifically, 
> M100/B100/M110, &c.
>
> But my brand-loyalty has been eroding, because they've been cheapening 
> their product. In particular, it wasn't that long ago that, without 
> changing the model number, or making any public announcement, they 
> pulled support for PS/2 (and therefore for passive PS/2 adapters) from 
> what had been, up until then, dual-mode mice. Not a major problem for 
> Linux, running on current hardware, but a *very* major problem for me, 
> because I also run DOS (IBM PC/DOS 2000, with no WinDoze whatsoever) on 
> antique hardware.
>
> Fortunately, I live and work near what can only be described as a 
> computer junk shop, where finding antique hardware, some of it still 
> new-in-box, is not terribly difficult.
>
> But I can definitely confirm that Logitech is NOT making mice like they 
> used to.

  true, my M325 is doing the quick double clicks recently.  :(

  i'd love a converted Model M with a long (12ft) USB cable.
but i won't buy a new keyboard that is all plastic because 
they just bend too much and then fail.

> If only Unicomp made a mouse as good as their keyboards . . . .

  sadly i have two of them which failed too soon because they
don't have a sold base.  when used as lapkeyboards they stopped
sending the correct signals.  i switched to a Logitech K840 
which does have a solid base and it works, but i hate how stiff
it feels and it's been fading somewhat on me recently and needing
repeat key presses at some times to get a key to register.  i've
already worn some of letters off the keys.  :(  but, well, i got
it on sale for about $30 so i really can't complain.

  i won't buy any more keyboards from them because it costs
as much to fix them as it does to buy a new one.  i haven't
figured out how to fix them myself, but it would be nice to
see any vids where someone takes one apart and puts one back
together again and it actually works (note: i haven't looked 
recently).

  songbird

Re: Could we please cease this thread now? [WAS Re: lists]




On 12/21/23 08:49, Andy Smith wrote:

On Thu, Dec 21, 2023 at 07:35:44AM -0500, Pocket wrote:

On 12/21/23 06:32, Andy Smith wrote:

On Thu, Dec 21, 2023 at 05:44:23AM -0500, Pocket wrote:

Maybe I should not post at all?

Unless you are able to do better at it, that is a solution that I
for one am in favour of.

So I see that I am not welcome here.

You refuse to do better - got it.

Andy



I see you didn't answer my question, That is not surprising.



What is your official capacity for debian?


Are you the moderator here?


Are you the mailing list cops?

--
Hindi madali ang maging ako

Re: Could we please cease this thread now? [WAS Re: lists]

Hello all,

I did see the request from Andy Cater to bring this thread to a
close so I am only going to answer the below questions off-list and
do my part to not prolong this.

Hopefully you didn't feel that you missed anything. 😀

Thanks,
Andy

On Thu, Dec 21, 2023 at 08:58:28AM -0500, Pocket wrote:
> 
> On 12/21/23 08:49, Andy Smith wrote:
> > On Thu, Dec 21, 2023 at 07:35:44AM -0500, Pocket wrote:
> > > On 12/21/23 06:32, Andy Smith wrote:
> > > > On Thu, Dec 21, 2023 at 05:44:23AM -0500, Pocket wrote:
> > > > > Maybe I should not post at all?
> > > > Unless you are able to do better at it, that is a solution that I
> > > > for one am in favour of.
> > > So I see that I am not welcome here.
> > You refuse to do better - got it.
> > 
> > Andy
> > 
> 
> I see you didn't answer my question, That is not surprising.
> 
> 
> 
> What is your official capacity for debian?
> 
> 
> Are you the moderator here?
> 
> 
> Are you the mailing list cops?
> 
> -- 
> Hindi madali ang maging ako

Re: Could we please cease this thread now? [WAS Re: lists]




On 12/21/23 09:10, Hanno 'Rince' Wagner wrote:

Hi Pocket,

On Thu, 21 Dec 2023, Pocket wrote:


What is your official capacity for debian?

This is the mailinglist debian-user, where User help User with their
problems. Mainly Desktop-related some server-related. but this is a
user (in the sense of consumer, not developer) list.

so most people writing and reading here are just like you - User of
the Linux-Distribution.



Actually I develop custom GNU/Linux OS on the Raspberry Pi platform. my 
work is on the internet in a github type public repository.


I had a thought that I would move to debian and help debian support the 
Raspberry pi platform better , but it seems I have been grossly mistaken 
in that belief.


I moved my amd64 system to debian and it appears that was a mistake.  I 
will be correcting that miss step after Christmas and 
changing/rebuilding my cross compiler to use Archlinux instead of debian.



--
Hindi madali ang maging ako

Re: systemd and timezone (was: Re: difference in seconds between two formatted dates ...)

2023-12-21 Thread Dan Ritter

Max Nikulin wrote: 
> I am not going to discuss code posted by Albretch, despite it has serious
> issues from my point of view. This is a response to Greg.
> 
> On 20/12/2023 22:04, Greg Wooledge wrote:
> > The default time zone has nothing to do with systemd, nor with any other
> > init system that may be in place.  Systemd does not know or care about
> > the system's default time zone.
> 
> See systemd-timedated.service(8) and org.freedesktop.timedate1(5)
> 
> busctl introspect org.freedesktop.timedate1 /org/freedesktop/timedate1
> # Values are stripped
> org.freedesktop.DBus.Properties interface -
> .PropertiesChanged  signalsa{sv}as
> org.freedesktop.timedate1   interface -
> .SetTimezonemethodsb
> .Timezone   property  s
> 
> Desktop environments use this interface.

Is this set per-user? Because I certainly have multiple users on
the same computer at the same time from different timezones. And
it is quite possible on a few of those machines to have multiple
desktop users, each from a different TZ.

-dsr-

Fwd: Could we please cease this thread now? [WAS Re: lists]

 Forwarded Message 
Subject:Re: Could we please cease this thread now? [WAS Re: lists]
Date:   Thu, 21 Dec 2023 14:15:23 +
From:   Andy Smith 
Reply-To:   a...@strugglers.net
To: Pocket 

Hello,

[off-list]

On Thu, Dec 21, 2023 at 08:58:28AM -0500, Pocket wrote:

On 12/21/23 08:49, Andy Smith wrote:
> On Thu, Dec 21, 2023 at 07:35:44AM -0500, Pocket wrote:
> > On 12/21/23 06:32, Andy Smith wrote:
> > > On Thu, Dec 21, 2023 at 05:44:23AM -0500, Pocket wrote:
> > > > Maybe I should not post at all?
> > > Unless you are able to do better at it, that is a solution that I
> > > for one am in favour of.
> > So I see that I am not welcome here.
> You refuse to do better - got it.

I see you didn't answer my question, That is not surprising.

None of them were worth answering. You've made your choice to be an
argumentative troll to people who are trying to help you.

What is your official capacity for debian?

None. Just a user. As are most of the people helping you on
debian-user.

Are you the moderator here?

Nope. There aren't really any. Andy Cater is a Debian Developer and
member of the Community Team and asks people to moderate their
behaviour from time to time. That's about all there is.

Are you the mailing list cops?

No. My request was a personal one, hence the "I for one" bit.

So now you've established that I have no authority to require you to
behave decently, and you've let us all know that you're done with
Debian, we can all go our separate ways yes?

Andy

Did I force you into reading and of the posts here?

You could have skipped them as I have for other threads posted here.

--
https://bitfolk.com/  -- No-nonsense VPS hosting

Re: Help: network abuse

2023-12-21 Thread Michel Verdier

On 2023-12-21, Alain D D Williams wrote:

> Yes: I do run a web server at home, but there is only a little/personal stuff,
> it does not receive much real traffic, I do not want it to. Most of my web
> presence is hosted elsewhere.

If you open a port (80 or something else), not on your server but on your
ISP, you will receive traffic from spammers/hackers and enterprises
scanning internet for telling you your security breaches. Even if you
block the traffic on your server, your ISP will transmit and count
it. You can do nothing for that except change your ISP for one who do not
limit your upload.

Re: Fwd: Could we please cease this thread now? [WAS Re: lists]

2023-12-21 Thread Arno Lehmann


21.12.2023 at 15:25 Pocket:

(forwarded direct mail)

Stop this. There's still a slight chance that some of the list readers 
have not yet decided to ignore your mail.


Also stop trying to trigger some sort of guilt her. It's not going to work.

Cheers,

Arno

--
Arno Lehmann

IT-Service Lehmann
Sandstr. 6, 49080 Osnabrück

Re: Help: network abuse

On Thu, Dec 21, 2023 at 12:44:33PM +, Tim Woodall wrote:
> On Thu, 21 Dec 2023, Alain D D Williams wrote:

[...]

> You can try sending RST. That might make them give up.

And then, there's tarpit [1] . But then I'd make double-sure you aren't
hurting legitimate traffic.

Cheers

[1] https://manpages.debian.org/bullseye/firehol-doc/firehol-tarpit.5.en.html
-- 
t


signature.asc
Description: PGP signature

Re: Help: network abuse

On Thu, Dec 21, 2023 at 01:39:53PM +, Andy Smith wrote:

> Okay well 30KiB/s is only about 78GiB/month which isn't really a
> lot. I think we're both in UK and it's been hard to find a domestic
> Internet connection that you'd run a web server on that can't cope
> with 78G/mo. So ignoring it seems okay.

I have been with my ISP for 14 years (moved to get IPv6), for various reasons I
cannot change to a tariff that will give me anything like that (their support
has also fallen through the floor) - I need to change (& the landline) and then
I prolly would not care. Andrews & Arnold and Zen seem recommended.

> You say these never complete a TCP handshake even though you do run
> Apache on port 80? If so, it does make me wonder what they are
> trying to do.

They might be trying to hijack an existing TCP connection or, even simpler,
cause my machine problems by having many, many 1/2 set up TCP connections
(which uses memory until they expire).

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT 
Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers. Registration Information: 
https://www.phcomp.co.uk/Contact.html
#include

Re: systemd and timezone (was: Re: difference in seconds between two formatted dates ...)

On Thu, Dec 21, 2023 at 09:08:09AM -0500, Dan Ritter wrote:
> Max Nikulin wrote: 
> > I am not going to discuss code posted by Albretch, despite it has serious
> > issues from my point of view. This is a response to Greg.
> > 
> > On 20/12/2023 22:04, Greg Wooledge wrote:
> > > The default time zone has nothing to do with systemd, nor with any other
> > > init system that may be in place.  Systemd does not know or care about
> > > the system's default time zone.
> > 
> > See systemd-timedated.service(8) and org.freedesktop.timedate1(5)
> > 
> > busctl introspect org.freedesktop.timedate1 /org/freedesktop/timedate1
> > # Values are stripped
> > org.freedesktop.DBus.Properties interface -
> > .PropertiesChanged  signalsa{sv}as
> > org.freedesktop.timedate1   interface -
> > .SetTimezonemethodsb
> > .Timezone   property  s
> > 
> > Desktop environments use this interface.
> 
> Is this set per-user? Because I certainly have multiple users on
> the same computer at the same time from different timezones. And
> it is quite possible on a few of those machines to have multiple
> desktop users, each from a different TZ.

I've sometimes the impression that desktop environments are losing
the concept pf multi-user operating systems and are regreding to
something like Windows 95.

But hey. I'm just an old fart ;-)

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: Could we please cease this thread now? [WAS Re: lists]

2023-12-21 Thread Brad Rogers

On Thu, 21 Dec 2023 09:25:26 -0500
Pocket  wrote:

Hello Pocket,

> Forwarded Message 

Putting a private message on the list, without sender's consent, is very
rude indeed.  Given that it was announced by sender beforehand that they
would reply privately, I'm absolutely certain they did not agree to the
message being forwarded here.

May you live in interesting times. (ancient insult)

-- 
 Regards  _   "Valid sig separator is {dash}{dash}{space}"
 / )  "The blindingly obvious is never immediately apparent"
/ _)rad   "Is it only me that has a working delete key?"
We're going to hell anyway, let's travel first class
Saturday Night - Kaiser Chiefs


pgpyCHcTafX1e.pgp
Description: OpenPGP digital signature

Re: Help: network abuse


On 12/21/23 09:58, Alain D D Williams wrote:

On Thu, Dec 21, 2023 at 01:39:53PM +, Andy Smith wrote:


Okay well 30KiB/s is only about 78GiB/month which isn't really a
lot. I think we're both in UK and it's been hard to find a domestic
Internet connection that you'd run a web server on that can't cope
with 78G/mo. So ignoring it seems okay.

I have been with my ISP for 14 years (moved to get IPv6), for various reasons I
cannot change to a tariff that will give me anything like that (their support
has also fallen through the floor) - I need to change (& the landline) and then
I prolly would not care. Andrews & Arnold and Zen seem recommended.


You say these never complete a TCP handshake even though you do run
Apache on port 80? If so, it does make me wonder what they are
trying to do.

They might be trying to hijack an existing TCP connection or, even simpler,
cause my machine problems by having many, many 1/2 set up TCP connections
(which uses memory until they expire).



Use a firewall and set it up correctly.

Assuming a residential environment.

Firewall the router and server(s) as well as all the client machines.

I have nginx, dovecot and exim4 and other daemons running on my network 
servers.


Most, (includes many of the ones here) don't have a firewall properly 
configured. Nor do they understand how to properly configure a firewall.


You will still get scanned but there is little you can do about that.

--

Hindi madali ang maging ako

Re: Could we please cease this thread now? [WAS Re: lists]




On 12/21/23 09:46, Brad Rogers wrote:

On Thu, 21 Dec 2023 09:25:26 -0500
Pocket  wrote:

Hello Pocket,


 Forwarded Message 

Putting a private message on the list, without sender's consent, is very
rude indeed.  Given that it was announced by sender beforehand that they
would reply privately, I'm absolutely certain they did not agree to the
message being forwarded here.

May you live in interesting times. (ancient insult)


Then don't hit and hide.

--
Hindi madali ang maging ako

Re: Could we please cease this thread now? [WAS Re: lists]

2023-12-21 Thread Michael Kjörling

On 21 Dec 2023 09:25 -0500, from poc...@columbus.rr.com (Pocket):
>  Forwarded Message 
> Subject:  Re: Could we please cease this thread now? [WAS Re: lists]
> Date: Thu, 21 Dec 2023 14:15:23 +
> From: Andy Smith 
> Reply-To: a...@strugglers.net
> To:   Pocket 
> 
> Hello,
> 
> [off-list]

To forward private correspondence to others, let alone to a publicly
archived and widely indexed mailing list, is extremely rude.

Please take care to not do that again.

If you don't understand why this is the case, please refrain from such
behavior until you understand why it is inappropriate.

-- 
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

Re: Help: network abuse

On Thu, Dec 21, 2023 at 10:11:08AM -0500, Pocket wrote:

> Use a firewall and set it up correctly.

That I have done.

The issue is broadband usage - ie before it hits the firewall.

> Assuming a residential environment.
> 
> Firewall the router and server(s) as well as all the client machines.
> 
> I have nginx, dovecot and exim4 and other daemons running on my network
> servers.
> 
> Most, (includes many of the ones here) don't have a firewall properly
> configured. Nor do they understand how to properly configure a firewall.
> 
> You will still get scanned but there is little you can do about that.
> 
> -- 
> 
> Hindi madali ang maging ako
> 

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT 
Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers. Registration Information: 
https://www.phcomp.co.uk/Contact.html
#include

Re: systemd and timezone


On 21/12/2023 21:08, Dan Ritter wrote:

Max Nikulin wrote:

busctl introspect org.freedesktop.timedate1 /org/freedesktop/timedate1


Is this set per-user?


It would be "busctl --user" if it were per-user. This an interface for a 
system-wide setting.



Because I certainly have multiple users on
the same computer at the same time from different timezones. And
it is quite possible on a few of those machines to have multiple
desktop users, each from a different TZ.


Unless TZ is explicitly set or particular applications have their own 
way to configure timezone, users get time in the system time zone.


I have a kind of minimal KDE with enough missed recommended packages. 
Changing time zone in "System Settings" asks for password and updates it 
system-wide. LocalZone in ~/.config/ktimezonedrc just follows 
system-wide settings. Full KDE or e.g. Gnome might allow per-user time 
zone set through GUI. If implemented, I would expect that it will change 
the TZ environment variable.

Re: Help: network abuse



On 12/21/23 10:24, Alain D D Williams wrote:

On Thu, Dec 21, 2023 at 10:11:08AM -0500, Pocket wrote:


Use a firewall and set it up correctly.

That I have done.

The issue is broadband usage - ie before it hits the firewall.



All you should be seeing is scans which you can not prevent.

What are you using for a firewall?

Show your firewall setup

It is my belief that your firewall is NOT setup correctly and that is 
why you are seeing the traffic.


Amazon AWS system. should not be able to hit your http server, unless 
you want it to.






Assuming a residential environment.

Firewall the router and server(s) as well as all the client machines.

I have nginx, dovecot and exim4 and other daemons running on my network
servers.

Most, (includes many of the ones here) don't have a firewall properly
configured. Nor do they understand how to properly configure a firewall.

You will still get scanned but there is little you can do about that.

--

Hindi madali ang maging ako


--
Hindi madali ang maging ako

Re: difference in seconds between two formatted dates ...


On 21/12/2023 19:38, Greg Wooledge wrote:

On Thu, Dec 21, 2023 at 06:08:26AM +, Albretch Mueller wrote:



Why is it I am noticing a 14 seconds difference on my computer
(booted with a Debian Live DVD)?


Have you executed any commands setting time since boot? Does the 
difference remain after reboot?



$ timedatectl
Local time: Thu 2023-12-21 00:52:20 UTC
Universal time: Thu 2023-12-21 00:52:20 UTC
  RTC time: Thu 2023-12-21 00:52:06
 Time zone: Etc/UTC (UTC, +)
System clock synchronized: no
   NTP service: n/a
   RTC in local TZ: no


I don't think this command's output is accurate for systems using NTP
services that *aren't* systemd's.  I'm running ntpsec on mine, and I
also get that same "NTP service: n/a" line.


You may try to pull more NTP-related info from timedatectl. I am unsure 
if ntpsec is supported.



However, I also get "System clock synchronized: yes".  I'm honestly
not sure what those two lines mean.


"NTPSynchronized shows whether the kernel reports the time as 
synchronized (c.f.  adjtimex(3))."



Hmm... let's try a brief experiment.

[...]

unicorn:~$ timedatectl | grep -m1 zone
 Time zone: America/Chicago (CST, -0600)
unicorn:~$ timedatectl | grep -m1 zone
 Time zone: America/New_York (EST, -0500)

[...]

So... this is interesting.  Apparently timedatectl doesn't simply look
at the target of /etc/localtime.  There's a DELAY before the value is
correctly reported.  This tells me that timedatectl is in communication
with some process (perhaps PID 1, I don't know), and this other process
only discovers that /etc/localtime has changed after some time has passed.


I have another guess. systemd-timedated is activated on demand and reads 
/etc/localtime. It exits a half of a minute later. Perhaps second 
command caused start of new process since the old one was dead already.


I do not think that it expect that something changes /etc/localtime 
behind the scene. I admit inotify might be implemented, but expected way 
is to call "timedatectl set-timezone ZONE".

Re: Could we please cease this thread now? [WAS Re: lists]

2023-12-21 Thread Byung-Hee HWANG

On Thu, 2023-12-21 at 10:12 -0500, Pocket wrote:
> 
> On 12/21/23 09:46, Brad Rogers wrote:
> > On Thu, 21 Dec 2023 09:25:26 -0500
> > Pocket  wrote:
> > 
> > Hello Pocket,
> > 
> > >  Forwarded Message 
> > Putting a private message on the list, without sender's consent, is
> > very
> > rude indeed.  Given that it was announced by sender beforehand that
> > they
> > would reply privately, I'm absolutely certain they did not agree to
> > the
> > message being forwarded here.
> > 
> > May you live in interesting times. (ancient insult)
> 
> Then don't hit and hide.
> 


Hellow Pocket,

You kicked someone who was trying to help you. Let's stop everything
here. I'm going to have coffee.


Sincerely, Byung-Hee

-- 
^고맙습니다 _布德天下_ 감사합니다_^))//

Re: Help: network abuse

On Thu, Dec 21, 2023 at 10:31:06AM -0500, Pocket wrote:

> All you should be seeing is scans which you can not prevent.

I am looking at incoming packets with tcpdump. This sees packets *before* they
are filtered by iptables.

> What are you using for a firewall?

Something hand rolled. Reasonably complicated (over 300 rules) as it deals
with: internet, VPN, DMZ, internal network for virtual machines.

It is NOT a firewall issue.

> It is my belief that your firewall is NOT setup correctly and that is why
> you are seeing the traffic.

My firewall *cannot* deal with packets before they hit my machine. They only
hit my machine after they have arrived over broadband.

The only thing that I might be able to do is to somehow prevent discovery that 
my
machine is listening on port 80 -- that would mean somehow distinguishing
between a genuine visitor and one that is mapping the Internet to later pass
that map somewhere else which generates the unwanted traffic that I see.

> Amazon AWS system. should not be able to hit your http server, unless you
> want it to.

How do I distinguish between wanted & unwanted connections. The only thing that
I can think of is to DROP incoming packets if the source port is 80 or 443 -
which would disrupt the mapping process.

However: if the mapping process uses normal TCP (ie high/random port number)
this would do little.

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT 
Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers. Registration Information: 
https://www.phcomp.co.uk/Contact.html
#include

Re: Help: network abuse

2023-12-21 Thread Jeffrey Walton

On Thu, Dec 21, 2023 at 10:51 AM Alain D D Williams  wrote:
>
> On Thu, Dec 21, 2023 at 10:31:06AM -0500, Pocket wrote:
> [...]
> > Amazon AWS system. should not be able to hit your http server, unless you
> > want it to.
>
> How do I distinguish between wanted & unwanted connections. The only thing 
> that
> I can think of is to DROP incoming packets if the source port is 80 or 443 -
> which would disrupt the mapping process.
>
> However: if the mapping process uses normal TCP (ie high/random port number)
> this would do little.

You may be able to use

to generate a blacklist.

On machines under my purview, I find Amazon is fairly well behaved.
Microsoft/Sharepoint/Teams, Digital Ocean, China, and other European
country netblocks are much more misbehaving.

Jeff

Re: systemd and timezone


On 21/12/2023 12:33, to...@tuxteam.de wrote:

On Thu, Dec 21, 2023 at 10:30:42AM +0700, Max Nikulin wrote:


busctl introspect org.freedesktop.timedate1 /org/freedesktop/timedate1



Desktop environments use this interface.


Ugh.


I do not see any problem if it is considered as a D-Bus interface to 
/etc/localtime. Users may change timezone from GUI and polkit will show 
a popup requesting password to confirm the action.



I would not be surprised to find an "Automatic time zone" checkbox in GUI
settings similar to e.g. Android.


Double ugh.

UNIX got that right from the start. Now this crazy notion "the computer
HAS to have a timezone of its own" is creeping in.


Even admins may wish to see local time, not UTC in logs. So the D-Bus 
interface is no worse than the /etc/localtime file.


GUI users traveling a lot would be happy to see time suitable for 
current location. A server and a portable device are different use cases 
and different set of features are expected. Those who do not like 
system-wide timezone may set TZ.

wifi issue on bullseye

2023-12-21 Thread Andrea Neroni

Dear all,
I am having issues with my laptop wifi (Debian Bullseye). The connection comes 
and goes making using internet impossible.I assumed a firmware problem, so I 
tried several versions of the firmware-iwlwifi.deb package without 
improvements.Specifically I tried the versions 20190114, 20210315-3 and 
currently 20230210-5 from Bookworm.
>From the /var/log/messages file I keep finding entries like
Dec 21 16:48:53 hellnote02 kernel: [  309.357125] wlp2s0: authenticate with 
1c:ed:6f:f6:06:d2Dec 21 16:48:53 hellnote02 kernel: [  309.360810] wlp2s0: send 
auth to 1c:ed:6f:f6:06:d2 (try 1/3)Dec 21 16:48:53 hellnote02 kernel: [  
309.364095] wlp2s0: authenticatedDec 21 16:48:53 hellnote02 kernel: [  
309.367660] wlp2s0: associate with 1c:ed:6f:f6:06:d2 (try 1/3)Dec 21 16:48:53 
hellnote02 kernel: [  309.377138] wlp2s0: RX AssocResp from 1c:ed:6f:f6:06:d2 
(capab=0x1431 status=0 aid=1)Dec 21 16:48:53 hellnote02 kernel: [  309.382335] 
wlp2s0: associatedDec 21 16:48:53 hellnote02 gnome-shell[1231]: An active 
wireless connection, in infrastructure mode, involves no access point?Dec 21 
16:49:21 hellnote02 kernel: [  337.696611] wlp2s0: authenticate with 
b0:f2:08:c3:d9:21Dec 21 16:49:21 hellnote02 kernel: [  337.698907] wlp2s0: send 
auth to b0:f2:08:c3:d9:21 (try 1/3)Dec 21 16:49:21 hellnote02 kernel: [  
337.707314] wlp2s0: authenticatedDec 21 16:49:21 hellnote02 kernel: [  
337.711160] wlp2s0: associate with b0:f2:08:c3:d9:21 (try 1/3)Dec 21 16:49:21 
hellnote02 kernel: [  337.717298] wlp2s0: RX AssocResp from b0:f2:08:c3:d9:21 
(capab=0x1431 status=0 aid=1)Dec 21 16:49:21 hellnote02 kernel: [  337.722306] 
wlp2s0: associatedDec 21 16:49:21 hellnote02 gnome-shell[1231]: An active 
wireless connection, in infrastructure mode, involves no access point?Dec 21 
16:49:21 hellnote02 gnome-shell[1231]: An active wireless connection, in 
infrastructure mode, involves no access point?Dec 21 16:49:21 hellnote02 
gnome-shell[1231]: An active wireless connection, in infrastructure mode, 
involves no access point?
while from dmesg
[  309.357125] wlp2s0: authenticate with 1c:ed:6f:f6:06:d2[  309.360810] 
wlp2s0: send auth to 1c:ed:6f:f6:06:d2 (try 1/3)[  309.364095] wlp2s0: 
authenticated[  309.367660] wlp2s0: associate with 1c:ed:6f:f6:06:d2 (try 1/3)[ 
 309.377138] wlp2s0: RX AssocResp from 1c:ed:6f:f6:06:d2 (capab=0x1431 status=0 
aid=1)[  309.382335] wlp2s0: associated[  309.849855] wlp2s0: Limiting TX power 
to 20 (20 - 0) dBm as advertised by 1c:ed:6f:f6:06:d2[  337.696611] wlp2s0: 
authenticate with b0:f2:08:c3:d9:21[  337.698907] wlp2s0: send auth to 
b0:f2:08:c3:d9:21 (try 1/3)[  337.707314] wlp2s0: authenticated[  337.711160] 
wlp2s0: associate with b0:f2:08:c3:d9:21 (try 1/3)[  337.717298] wlp2s0: RX 
AssocResp from b0:f2:08:c3:d9:21 (capab=0x1431 status=0 aid=1)[  337.722306] 
wlp2s0: associated[  337.723407] wlp2s0: Limiting TX power to 20 (20 - 0) dBm 
as advertised by b0:f2:08:c3:d9:21
Note that I have several devices connected to the same wifi (computers and 
phones) with zero issues.

Any experience with this problem?
Thanks and kind regards,Andrea

WiFi issue on Bullseye

2023-12-21 Thread Andrea Neroni


Dear all,
I am having issues with my laptop wifi (Debian Bullseye). The connection comes 
and goes making using internet impossible.I assumed a firmware problem, so I 
tried several versions of the firmware-iwlwifi.deb package without 
improvements.Specifically I tried the versions 20190114, 20210315-3 and 
currently 20230210-5 from Bookworm.
>From the /var/log/messages file I keep finding entries like
Dec 21 16:48:53 hellnote02 kernel: [  309.357125] wlp2s0: authenticate with 
1c:ed:6f:f6:06:d2Dec 21 16:48:53 hellnote02 kernel: [  309.360810] wlp2s0: send 
auth to 1c:ed:6f:f6:06:d2 (try 1/3)Dec 21 16:48:53 hellnote02 kernel: [  
309.364095] wlp2s0: authenticatedDec 21 16:48:53 hellnote02 kernel: [  
309.367660] wlp2s0: associate with 1c:ed:6f:f6:06:d2 (try 1/3)Dec 21 16:48:53 
hellnote02 kernel: [  309.377138] wlp2s0: RX AssocResp from 1c:ed:6f:f6:06:d2 
(capab=0x1431 status=0 aid=1)Dec 21 16:48:53 hellnote02 kernel: [  309.382335] 
wlp2s0: associatedDec 21 16:48:53 hellnote02 gnome-shell[1231]: An active 
wireless connection, in infrastructure mode, involves no access point?Dec 21 
16:49:21 hellnote02 kernel: [  337.696611] wlp2s0: authenticate with 
b0:f2:08:c3:d9:21Dec 21 16:49:21 hellnote02 kernel: [  337.698907] wlp2s0: send 
auth to b0:f2:08:c3:d9:21 (try 1/3)Dec 21 16:49:21 hellnote02 kernel: [  
337.707314] wlp2s0: authenticatedDec 21 16:49:21 hellnote02 kernel: [  
337.711160] wlp2s0: associate with b0:f2:08:c3:d9:21 (try 1/3)Dec 21 16:49:21 
hellnote02 kernel: [  337.717298] wlp2s0: RX AssocResp from b0:f2:08:c3:d9:21 
(capab=0x1431 status=0 aid=1)Dec 21 16:49:21 hellnote02 kernel: [  337.722306] 
wlp2s0: associatedDec 21 16:49:21 hellnote02 gnome-shell[1231]: An active 
wireless connection, in infrastructure mode, involves no access point?Dec 21 
16:49:21 hellnote02 gnome-shell[1231]: An active wireless connection, in 
infrastructure mode, involves no access point?Dec 21 16:49:21 hellnote02 
gnome-shell[1231]: An active wireless connection, in infrastructure mode, 
involves no access point?
while from dmesg
[  309.357125] wlp2s0: authenticate with 1c:ed:6f:f6:06:d2[  309.360810] 
wlp2s0: send auth to 1c:ed:6f:f6:06:d2 (try 1/3)[  309.364095] wlp2s0: 
authenticated[  309.367660] wlp2s0: associate with 1c:ed:6f:f6:06:d2 (try 1/3)[ 
 309.377138] wlp2s0: RX AssocResp from 1c:ed:6f:f6:06:d2 (capab=0x1431 status=0 
aid=1)[  309.382335] wlp2s0: associated[  309.849855] wlp2s0: Limiting TX power 
to 20 (20 - 0) dBm as advertised by 1c:ed:6f:f6:06:d2[  337.696611] wlp2s0: 
authenticate with b0:f2:08:c3:d9:21[  337.698907] wlp2s0: send auth to 
b0:f2:08:c3:d9:21 (try 1/3)[  337.707314] wlp2s0: authenticated[  337.711160] 
wlp2s0: associate with b0:f2:08:c3:d9:21 (try 1/3)[  337.717298] wlp2s0: RX 
AssocResp from b0:f2:08:c3:d9:21 (capab=0x1431 status=0 aid=1)[  337.722306] 
wlp2s0: associated[  337.723407] wlp2s0: Limiting TX power to 20 (20 - 0) dBm 
as advertised by b0:f2:08:c3:d9:21
Note that I have several devices connected to the same wifi (computers and 
phones) with no issues.
Any experience with this problem?
Thanks and kind regards,Andrea

Re: systemd and timezone (was: Re: difference in seconds between two formatted dates ...)

2023-12-21 Thread Jeffrey Walton

On Thu, Dec 21, 2023 at 12:51 AM  wrote:
>
> On Thu, Dec 21, 2023 at 10:30:42AM +0700, Max Nikulin wrote:
>
> [...]
>
> > See systemd-timedated.service(8) and org.freedesktop.timedate1(5)
> >
> > busctl introspect org.freedesktop.timedate1 /org/freedesktop/timedate1
> > # Values are stripped
> > org.freedesktop.DBus.Properties interface -
>
> [...]
>
> > Desktop environments use this interface.
>
> Ugh.
>
> [...]
>
> > I would not be surprised to find an "Automatic time zone" checkbox in GUI
> > settings similar to e.g. Android.
>
> Double ugh.
>
> UNIX got that right from the start. Now this crazy notion "the computer
> HAS to have a timezone of its own" is creeping in.
>
> Glad I stay clear from that "Desktop" craze. Thanks for giving me yet
> another reason :-)

I think you will find a fair number of Unix & Linux servers set a
default timezone. I sometimes have to set TZ in my bashrc because of
an unexpected default timezone. Or that's been my experience at the
GCC Compile Farm, .

Jeff

Re: Help: network abuse




On 12/21/23 10:50, Alain D D Williams wrote:

On Thu, Dec 21, 2023 at 10:31:06AM -0500, Pocket wrote:


All you should be seeing is scans which you can not prevent.

I am looking at incoming packets with tcpdump. This sees packets *before* they
are filtered by iptables.


What are you using for a firewall?

Something hand rolled. Reasonably complicated (over 300 rules) as it deals
with: internet, VPN, DMZ, internal network for virtual machines.

It is NOT a firewall issue.



If I am correct you don't want any thing from the outside to hit your 
web server?


If so your firewall is not configured correctly.





It is my belief that your firewall is NOT setup correctly and that is why
you are seeing the traffic.

My firewall *cannot* deal with packets before they hit my machine. They only
hit my machine after they have arrived over broadband.

The only thing that I might be able to do is to somehow prevent discovery that 
my
machine is listening on port 80 -- that would mean somehow distinguishing
between a genuine visitor and one that is mapping the Internet to later pass
that map somewhere else which generates the unwanted traffic that I see.



Which points to your firewall not being correct.



Amazon AWS system. should not be able to hit your http server, unless you
want it to.

How do I distinguish between wanted & unwanted connections. The only thing that
I can think of is to DROP incoming packets if the source port is 80 or 443 -
which would disrupt the mapping process.

However: if the mapping process uses normal TCP (ie high/random port number)
this would do little.


What mapping process?


--
Hindi madali ang maging ako

Re: systemd and timezone (was: Re: difference in seconds between two formatted dates ...)

On Thu, Dec 21, 2023 at 11:04:35AM -0500, Jeffrey Walton wrote:

[...]

> I think you will find a fair number of Unix & Linux servers set a
> default timezone. I sometimes have to set TZ in my bashrc because of
> an unexpected default timezone. Or that's been my experience at the
> GCC Compile Farm, .

But it's not the "server's timezone". It is the default timezone for
applications which haven't set one themselves (if they care about it
at all).

A "server's timezone" makes so much sense as a "server's $PATH setting".
Or its $LANG.

But I'm out of it.

Cheers
-- 
t

signature.asc
Description: PGP signature

Re: Help: network abuse

On Thu, Dec 21, 2023 at 11:39:40AM -0500, Pocket wrote:
> 
> On 12/21/23 10:50, Alain D D Williams wrote:
> > It is NOT a firewall issue.
> 
> 
> If I am correct you don't want any thing from the outside to hit your web
> server?

The words "web server" is ambiguous. It can mean my machine, ie can me the
Apache process. The packets are hitting the machine (evidence tcpdump) but not
the process (as the TCP startup does not complete).

> If so your firewall is not configured correctly.

You have failed to understand what is happening.

I shall stop after this.

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT 
Lecturer.
+44 (0) 787 668 0256  https://www.phcomp.co.uk/
Parliament Hill Computers. Registration Information: 
https://www.phcomp.co.uk/Contact.html
#include

Re: Help: network abuse




On 12/21/23 13:04, Alain D D Williams wrote:

On Thu, Dec 21, 2023 at 11:39:40AM -0500, Pocket wrote:

On 12/21/23 10:50, Alain D D Williams wrote:

It is NOT a firewall issue.


If I am correct you don't want any thing from the outside to hit your web
server?

The words "web server" is ambiguous. It can mean my machine, ie can me the
Apache process. The packets are hitting the machine (evidence tcpdump) but not
the process (as the TCP startup does not complete).


If so your firewall is not configured correctly.

You have failed to understand what is happening.



Well yes, I guess so, that is why I don't have the issue you do and I 
don't have any unwanted traffic on my network to any system.





I shall stop after this.


--
Hindi madali ang maging ako

Re: Help: network abuse

2023-12-21 Thread Peter Hillier-Brook


On 21/12/2023 15:11, Pocket wrote:

On 12/21/23 09:58, Alain D D Williams wrote:

[cut]



Use a firewall and set it up correctly.

Assuming a residential environment.

Firewall the router and server(s) as well as all the client machines.

I have nginx, dovecot and exim4 and other daemons running on my network 
servers.


Most, (includes many of the ones here) don't have a firewall properly 
configured. Nor do they understand how to properly configure a firewall.


You will still get scanned but there is little you can do about that.

Are you still here? I thought that you had exited in a sulk because some 
of us on this list were fed up with your trolling.


You're black listed on my systems so don't bother responding.

Peter HB

Re: Help: network abuse

2023-12-21 Thread debian-user

Alain D D Williams  wrote:
> On Thu, Dec 21, 2023 at 10:11:08AM -0500, Pocket wrote:
> 
> > Use a firewall and set it up correctly.  
> 
> That I have done.
> 
> The issue is broadband usage - ie before it hits the firewall.

IIUC you have a residential system with an ISP connection with a
download limit, and on that you are running a web server that you want
to expose so some of your contacts can access it.

You are concerned by scans run by potentially hostile actors against
your server. Particularly by the volume of data they send.

Is that correct?

As long as you have a web server exposed, you cannot stop anybody and
everybody sending packets to it, for good purposes or foul. You can
cause your outermost firewall to drop packets, either from a blacklist
of disallowed addresses or from all hosts except those on an allowed
whitelist of hosts. That should reduce the traffic you see
significantly.

You should in any case instruct your firewall to drop all incoming
packets on all ports except those you specifically need.

Alternatively, you can change your ISP to one that offers unlimited
service. I am happy with Zen, and would be happy to switch to Andrews &
Arnold if I needed to.

Re: difference in seconds between two formatted dates ...

On Thu, Dec 21, 2023 at 10:36:06PM +0700, Max Nikulin wrote:
> I have another guess. systemd-timedated is activated on demand and reads
> /etc/localtime. It exits a half of a minute later. Perhaps second command
> caused start of new process since the old one was dead already.

Hmm.  OK, logs do seem to support that this could be the case.

unicorn:~$ sudo systemctl status systemd-timedated
[...]
Dec 21 07:18:14 unicorn systemd[1]: Starting systemd-timedated.service - Time &>
Dec 21 07:18:14 unicorn systemd[1]: Started systemd-timedated.service - Time & >
Dec 21 07:18:44 unicorn systemd[1]: systemd-timedated.service: Deactivated succ>
Dec 21 07:25:47 unicorn systemd[1]: Starting systemd-timedated.service - Time &>
Dec 21 07:25:47 unicorn systemd[1]: Started systemd-timedated.service - Time & >
Dec 21 07:26:39 unicorn systemd[1]: systemd-timedated.service: Deactivated succ>
Dec 21 07:26:59 unicorn systemd[1]: Starting systemd-timedated.service - Time &>
Dec 21 07:26:59 unicorn systemd[1]: Started systemd-timedated.service - Time & >
Dec 21 07:27:29 unicorn systemd[1]: systemd-timedated.service: Deactivated succ>

> I do not think that it expect that something changes /etc/localtime behind
> the scene. I admit inotify might be implemented, but expected way is to call
> "timedatectl set-timezone ZONE".

"Expected" by... well, not by *me*, that's for sure.  Maybe expected by
systemd developers?  Now I'm really curious what that command does.
Let's find out.

unicorn:~$ sudo timedatectl set-timezone America/Chicago
unicorn:~$ ls -ld /etc/timezone /etc/localtime
lrwxrwxrwx 1 root root 37 Dec 21 12:18 /etc/localtime -> 
../usr/share/zoneinfo/America/Chicago
-rw-r--r-- 1 root root 17 Dec  9 07:33 /etc/timezone

Looks like it does NOT know about Debian's legacy /etc/timezone file, and
does not update it.  I therefore cannot recommend that anyone on a Debian
system use this command to change their time zone, unless they follow it
up by manually editing /etc/timezone.

Is there a problem with Linux-image-6.1.0-16?

2023-12-21 Thread Gary Dale

Several days ago my main server upgraded to kernel 6.1.0-16 but various 
other devices that are also running Bookworm seem stuck at 6.1.0-13. 
They are all using the same architecture. Some are using the same mirror 
as the server that upgraded. I haven't set any special policies on upgrades.


Can anyone explain what's going on?

Re: Is there a problem with Linux-image-6.1.0-16?

On Thu, Dec 21, 2023 at 09:02:34AM -0500, Gary Dale wrote:
> Several days ago my main server upgraded to kernel 6.1.0-16 but various
> other devices that are also running Bookworm seem stuck at 6.1.0-13. They
> are all using the same architecture. Some are using the same mirror as the
> server that upgraded. I haven't set any special policies on upgrades.
> 
> Can anyone explain what's going on?

Did you run a command?  Which command was it?  What did it tell you?

"apt upgrade" or "apt-get dist-upgrade" should work.  There are other
ways as well.

Re: difference in seconds between two formatted dates ...


On 12/21/23 07:38, Greg Wooledge wrote:

On Thu, Dec 21, 2023 at 06:08:26AM +, Albretch Mueller wrote:

  and what would the systemd way to synch the RTC (Real Time Clock) and
UTC?


I don't understand this question at all.  The system clock value is
normally written to the RTC as a backup when the system shuts down.
Then, the RTC value is read at boot time to initialize the system clock.


Why is it I am noticing a 14 seconds difference on my computer
(booted with a Debian Live DVD)?


Because you're not networked?  If the system has no time sources to draw
upon, other than its own battery-backed RTC, then it will continue to
drift farther and farther from the correct time.


$ timedatectl
Local time: Thu 2023-12-21 00:52:20 UTC
Universal time: Thu 2023-12-21 00:52:20 UTC
  RTC time: Thu 2023-12-21 00:52:06
 Time zone: Etc/UTC (UTC, +)
System clock synchronized: no
   NTP service: n/a
   RTC in local TZ: no


I don't think this command's output is accurate for systems using NTP
services that *aren't* systemd's.  I'm running ntpsec on mine, and I
also get that same "NTP service: n/a" line.

However, I also get "System clock synchronized: yes".  I'm honestly
not sure what those two lines mean.  I don't know how far I would
trust this command, on systems that are not fully invested in the
systemd takeover.

Hmm... let's try a brief experiment.

unicorn:~$ sudo ln -sf /usr/share/zoneinfo/America/Chicago /etc/localtime
unicorn:~$ timedatectl | grep -m1 zone
 Time zone: America/Chicago (CST, -0600)
unicorn:~$ sudo ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime
unicorn:~$ timedatectl | grep -m1 zone
 Time zone: America/Chicago (CST, -0600)
unicorn:~$ timedatectl | grep -m1 zone
 Time zone: America/New_York (EST, -0500)

There was a fair bit of time elapsed between those last two commands,
as I was busy pasting things into this email.  I don't know how long,
exactly.  More than a second, but less than two minutes.

So... this is interesting.  Apparently timedatectl doesn't simply look
at the target of /etc/localtime.  There's a DELAY before the value is
correctly reported.  This tells me that timedatectl is in communication
with some process (perhaps PID 1, I don't know), and this other process
only discovers that /etc/localtime has changed after some time has passed.
Is it *polling*?  I have no idea, but that's what it looks like.

More and more reasons not to let systemd touch my clock.  Not that I
needed more of them, but... here we stand.

.

can us see your /etc/ntpsec/ntp.conf?  And, do you have a
/var/log/ntpsec subdir ownwd by ntpsec:ntpsec?

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: Help: network abuse


On 12/21/23 07:45, Tim Woodall wrote:

On Thu, 21 Dec 2023, Alain D D Williams wrote:

My home PC is receiving, for hours at a time, 12-30 kB/s input 
traffic. This is
unsolicited. I do not know what it is trying to achieve but suspect no 
good. It

is also eating my broadband allowance.

This does not show up in the Apache log files - the TCP connection 
does not succeed.


Sometimes my machine does send a packet in reply, there are 2 examples 
at the

foot of this email.

Questions:

? What is going on ?

? What can I do about it ?
 I do manually add some of the IPs to the f2b chain which will stop 
replies

 but that is about it.

My ISP refuses to do anything about it - I admit that I cannot see 
what they

could do, maybe filter packets with a source port of 80 or 443.

I also get attempts to break into ssh (port 22) - I am not worried 
about that.


I append a few lines of output of "tcpdump -n -i enp3s0" done today.
192.168.108.2 is the address of my desktop PC.

The connecting IPs below all belong to Amazon but this changes with 
time, China

is another common source of similar packets.

11:08:56.354303 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], 
seq 19070976, win 51894, options [mss 1401,sackOK,TS val 1182532729 
ecr 0,nop,wscale 7], length 0
11:08:56.354700 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], 
seq 3665362944, win 51894, options [mss 1402,sackOK,TS val 4179952761 
ecr 0,nop,wscale 7], length 0
11:08:56.360527 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
479395840, win 51894, options [mss 1412,sackOK,TS val 3391683448 ecr 
0,nop,wscale 7], length 0
11:08:56.360696 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
1622147072, win 51894, options [mss 1410,sackOK,TS val 2887711608 ecr 
0,nop,wscale 7], length 0
11:08:56.360950 IP 54.184.78.87.80 > 192.168.108.2.80: Flags [S], seq 
3168796672, win 51894, options [mss 1404,sackOK,TS val 535364985 ecr 
0,nop,wscale 7], length 0
11:08:56.364565 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
132317184, win 51894, options [mss 1407,sackOK,TS val 2350122105 ecr 
0,nop,wscale 7], length 0
11:08:56.364708 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], 
seq 1098776576, win 51894, options [mss 1405,sackOK,TS val 3426157689 
ecr 0,nop,wscale 7], length 0
11:08:56.367975 IP 13.231.232.88.80 > 192.168.108.2.80: Flags [S], seq 
3272540160, win 51894, options [mss 1413,sackOK,TS val 979961209 ecr 
0,nop,wscale 7], length 0


2 days ago a similar capture. Note that the source port is 443 not 80:

09:47:31.416452 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 
2724200448, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 
0,nop,wscale 7], length 0
09:47:31.417861 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], 
seq 925237248, win 51894, options [mss 1407,sackOK,TS val 756418658 
ecr 0,nop,wscale 7], length 0
09:47:31.440892 IP 27.124.10.197.443 > 192.168.108.2.80: Flags [S], 
seq 3474063360, win 51894, options [mss 1404,sackOK,TS val 3970828642 
ecr 0,nop,wscale 7], length 0
09:47:31.449393 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], 
seq 2844721152, win 51894, options [mss 1407,sackOK,TS val 1831471202 
ecr 0,nop,wscale 7], length 0
09:47:31.451430 IP 154.39.104.67.443 > 192.168.108.2.80: Flags [S], 
seq 2336358400, win 51894, options [mss 1415,sackOK,TS val 395513698 
ecr 0,nop,wscale 7], length 0
09:47:31.451610 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], 
seq 808976384, win 51894, options [mss 1414,sackOK,TS val 1960250978 
ecr 0,nop,wscale 7], length 0
09:47:31.453372 IP 143.92.60.30.443 > 192.168.108.2.80: Flags [S], seq 
3177512960, win 51894, options [mss 1408,sackOK,TS val 4033677410 ecr 
0,nop,wscale 7], length 0
09:47:31.456937 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], 
seq 1042087936, win 51894, options [mss 1415,sackOK,TS val 2011106914 
ecr 0,nop,wscale 7], length 0
09:47:31.461961 IP 27.124.10.226.443 > 192.168.108.2.80: Flags [S], 
seq 3200516096, win 51894, options [mss 1403,sackOK,TS val 2314013026 
ecr 0,nop,wscale 7], length 0


Examples where my machine sends a reply:

09:47:31.658790 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], 
seq 612564992, win 51894, options [mss 1415,sackOK,TS val 2011106914 
ecr 0,nop,wscale 7], length 0
09:47:31.659442 IP 192.168.108.2.80 > 154.39.104.67.443: Flags [S.], 
seq 3770299450, ack 1858732033, win 65160, options [mss 1460,sackOK,TS 
val 164888251 ecr 395513698,nop,wscale 7], length 0


09:47:31.756220 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 
2992898048, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 
0,nop,wscale 7], length 0
09:47:31.756272 IP 192.168.108.2.80 > 5.45.73.147.443: Flags [.], ack 
1226309633, win 509, options [nop,nop,TS val 2085784149 ecr 
994101358], length 0



You can try sending RST. That might make them give up.

There is not much else you can do.

I sometimes do a whois on a persistent offender and blacklist the entire
network. But I don't know if they stop as th

Re: difference in seconds between two formatted dates ...

On Thu, Dec 21, 2023 at 02:51:50PM -0500, gene heskett wrote:
> can us see your /etc/ntpsec/ntp.conf?  And, do you have a
> /var/log/ntpsec subdir ownwd by ntpsec:ntpsec?

unicorn:~$ ls -ld /var/log/ntpsec /etc/ntpsec/ntp.conf 
ls: cannot access '/var/log/ntpsec': No such file or directory
-rw-r--r-- 1 root root 1922 Jan 16  2023 /etc/ntpsec/ntp.conf

My ntp.conf file was migrated from a Debian 11 /etc/ntp.conf
file, with whatever adjustments the ntp -> ntpsec transition scripts
did to it.  Should be very generic, but here you go.

==
# /etc/ntpsec/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntpsec/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list

# To enable Network Time Security support as a server, obtain a certificate
# (e.g. with Let's Encrypt), configure the paths below, and uncomment:
# nts cert CERT_FILE
# nts key KEY_FILE
# nts enable

# You must create /var/log/ntpsec (owned by ntpsec:ntpsec) to enable logging.
#statsdir /var/log/ntpsec/
#statistics loopstats peerstats clockstats
#filegen loopstats file loopstats type day enable
#filegen peerstats file peerstats type day enable
#filegen clockstats file clockstats type day enable

# This should be maxclock 7, but the pool entries count towards maxclock.
tos maxclock 11

# Comment this out if you have a refclock and want it to be able to discipline
# the clock by itself (e.g. if the system is not connected to the network).
tos minclock 4 minsane 3

# Specify one or more NTP servers.

# Public NTP servers supporting Network Time Security:
# server time.cloudflare.com nts

# pool.ntp.org maps to about 1000 low-stratum NTP servers.  Your server will
# pick a different set every time it starts up.  Please consider joining the
# pool: 
pool 0.debian.pool.ntp.org iburst
pool 1.debian.pool.ntp.org iburst
pool 2.debian.pool.ntp.org iburst
pool 3.debian.pool.ntp.org iburst

# Access control configuration; see /usr/share/doc/ntpsec-doc/html/accopt.html
# for details.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
restrict default kod nomodify nopeer noquery limited

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
==

Now let's look for logs.

unicorn:/var/log$ sudo grep ntpsec *
[...]
syslog.1:2023-12-16T15:01:52.641110-05:00 unicorn ntpd[815]: statistics 
directory /var/log/ntpsec/ does not exist or is unwriteable, error No such file 
or directory

Well, look at that.  I wonder why the ntpsec package didn't create that.
Let's take a look at  and see if there's
already a report for it.

Here we go: 
"ntpsec: Missing /var/log/ntpsec is logged as an error"

So I guess one's expected to create this themselves, but only if they
care enough to do it...?  Weird.

Fwd: Re: Problem Installing WebMO.23.0.17

2023-12-21 Thread Stephen P. Molnar

I'm hoping for some help is solving this problem.

An excellent discussion of the installation  of WebMO is www/webmo.net

 Forwarded Message 
Subject:Re: Problem Installing WebMO.23.0.17
Date:   Thu, 21 Dec 2023 12:36:54 -0500
From:   Stephen P. Molnar 
To: JR Schmidt 
CC: William Polik 

JR

Thanks for the quick response.

(base) comp@AbNormal:~$ sudo apt-get install apache2
apache2-suexec-custom libcgi-pm-perl
[sudo] password for comp:
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
apache2 is already the newest version (2.4.57-2).
apache2-suexec-custom is already the newest version (2.4.57-2).
libcgi-pm-perl is already the newest version (4.55-1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

To address the question if Apache is running:

(base) comp@AbNormal:~$ sudo service apache2 stop
(base) comp@AbNormal:~$ sudo service apache2 start
Job for apache2.service failed because the control process exited with
error code.
See "systemctl status apache2.service" and "journalctl -xeu
apache2.service" for details.
(base) comp@AbNormal:~$ sudo systemctl status apache2.service
× apache2.service - The Apache HTTP Server
 Loaded: loaded (/lib/systemd/system/apache2.service; enabled;
preset: enabled)
 Active: failed (Result: exit-code) since Thu 2023-12-21 12:34:04
EST; 14s ago
   Docs: https://httpd.apache.org/docs/2.4/
    Process: 35373 ExecStart=/usr/sbin/apachectl start (code=exited,
status=1/FAILURE)
    CPU: 18ms

Dec 21 12:34:04 AbNormal systemd[1]: Starting apache2.service - The
Apache HTTP Server...
Dec 21 12:34:04 AbNormal apachectl[35379]: (2)No such file or directory:
AH02291: Cannot access directory '/var/log/apache2/' for main error log
Dec 21 12:34:04 AbNormal apachectl[35379]: (2)No such file or directory:
AH02291: Cannot access directory '/var/log/apache2/' for error log of
vhost d>
Dec 21 12:34:04 AbNormal apachectl[35379]: AH00014: Configuration check
failed
Dec 21 12:34:04 AbNormal apachectl[35373]: Action 'start' failed.
Dec 21 12:34:04 AbNormal apachectl[35373]: The Apache error log may have
more information.
Dec 21 12:34:04 AbNormal systemd[1]: apache2.service: Control process
exited, code=exited, status=1/FAILURE
Dec 21 12:34:04 AbNormal systemd[1]: apache2.service: Failed with result
'exit-code'.
Dec 21 12:34:04 AbNormal systemd[1]: Failed to start apache2.service -
The Apache HTTP Server.
(base) comp@AbNormal:~$ sudo journalctl -xeu apache2.service
Dec 21 12:34:04 AbNormal apachectl[35373]: Action 'start' failed.
Dec 21 12:34:04 AbNormal apachectl[35373]: The Apache error log may have
more information.
Dec 21 12:34:04 AbNormal systemd[1]: apache2.service: Control process
exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ An ExecStart= process belonging to unit apache2.service has exited.
░░
░░ The process' exit code is 'exited' and its exit status is 1.
Dec 21 12:34:04 AbNormal systemd[1]: apache2.service: Failed with result
'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ The unit apache2.service has entered the 'failed' state with result
'exit-code'.
Dec 21 12:34:04 AbNormal systemd[1]: Failed to start apache2.service -
The Apache HTTP Server.
░░ Subject: A start job for unit apache2.service has failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A start job for unit apache2.service has finished with a failure.
░░
░░ The job identifier is 4943 and the job result is failed.

On 12/21/2023 11:05 AM, JR Schmidt wrote:

I probably cannot be of much help, since it doesn't look like Apache is even 
started:

Dec 21 06:42:27 AbNormal apachectl[4457]: (2)No such file or directory: 
AH02291: Cannot access directory '/var/log/apache2/' for main error log
Dec 21 06:42:27 AbNormal apachectl[4457]: (2)No such file or directory: 
AH02291: Cannot access directory '/var/log/apache2/' for error log of vhost 
defined at /etc/apache2/sites-enabled/000-default.conf:1

It appears that Apache was not installed correctly, since the log directory 
doesn't even exist.  I wouldn't be surprised if there were more fundamental 
issues as well.

You can try removing/reinstalling APACHE itself.  If you cannot connect to 
Apache (just http:// abnormal.att.net) then Apache isn't even running.

Although I double Apache has started, even if it HAS, it it likely not using 
SSL.  Thus the right URL would be:
http://abnormal.att.net/~comp/cgi-bin/webmo/login.cgi

-Original Message-
From: Stephen P. Molnar 
Sent: Thursday, December 21, 2023 6:20 AM
To: supp...@webmo.net
Subject: Problem Installing WebMO.23.0.17

Due to an increasing number of show stopping questions, I have reinstalled 
Debian 12 on my main Linux platform.

Once again, the same reoccurring problem:

https://abnormal.att.net/~comp/cgi-bin/webmo/login.cgi ge

Re: Where is "LADSPA Noise Suppressor for Voice" for Kdenlive?

2023-12-21 Thread Leela Vam

I followed these instructions and when I load Kdenlive I do not see the
effect under LDASPA Plugins.  The instructions say Kdenlive will see the
plugin automatically, but mine does not.  Is there an extra configuration
step required to tell Kdenlive where the effect is at and to load it?

I have the following:
ls -l /usr/lib/ladspa
total 176
-rw-r--r-- 1 root root 179608 Dec 21 10:12 librnnoise_ladspa.so
and
ls -l /usr/local/lib/ladspa
total 176
-rw-r--r-- 1 root root 179608 Dec 21 10:30 librnnoise_ladspa.so

If the files are in those locations and Kdenlive is not automatically
seeing and loading them into LADSPA Plugins, then what do I need to do to
fix that.

Thank you!

Re: difference in seconds between two formatted dates ...


On 12/21/23 15:04, Greg Wooledge wrote:

On Thu, Dec 21, 2023 at 02:51:50PM -0500, gene heskett wrote:

can us see your /etc/ntpsec/ntp.conf?  And, do you have a
/var/log/ntpsec subdir ownwd by ntpsec:ntpsec?


unicorn:~$ ls -ld /var/log/ntpsec /etc/ntpsec/ntp.conf
ls: cannot access '/var/log/ntpsec': No such file or directory
-rw-r--r-- 1 root root 1922 Jan 16  2023 /etc/ntpsec/ntp.conf

My ntp.conf file was migrated from a Debian 11 /etc/ntp.conf
file, with whatever adjustments the ntp -> ntpsec transition scripts
did to it.  Should be very generic, but here you go.

==
# /etc/ntpsec/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntpsec/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list

# To enable Network Time Security support as a server, obtain a certificate
# (e.g. with Let's Encrypt), configure the paths below, and uncomment:
# nts cert CERT_FILE
# nts key KEY_FILE
# nts enable

# You must create /var/log/ntpsec (owned by ntpsec:ntpsec) to enable logging.
#statsdir /var/log/ntpsec/
#statistics loopstats peerstats clockstats
#filegen loopstats file loopstats type day enable
#filegen peerstats file peerstats type day enable
#filegen clockstats file clockstats type day enable

# This should be maxclock 7, but the pool entries count towards maxclock.
tos maxclock 11

# Comment this out if you have a refclock and want it to be able to discipline
# the clock by itself (e.g. if the system is not connected to the network).
tos minclock 4 minsane 3

# Specify one or more NTP servers.

# Public NTP servers supporting Network Time Security:
# server time.cloudflare.com nts

# pool.ntp.org maps to about 1000 low-stratum NTP servers.  Your server will
# pick a different set every time it starts up.  Please consider joining the
# pool: 
pool 0.debian.pool.ntp.org iburst
pool 1.debian.pool.ntp.org iburst
pool 2.debian.pool.ntp.org iburst
pool 3.debian.pool.ntp.org iburst

# Access control configuration; see /usr/share/doc/ntpsec-doc/html/accopt.html
# for details.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
restrict default kod nomodify nopeer noquery limited

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
==

Now let's look for logs.

unicorn:/var/log$ sudo grep ntpsec *
[...]
syslog.1:2023-12-16T15:01:52.641110-05:00 unicorn ntpd[815]: statistics 
directory /var/log/ntpsec/ does not exist or is unwriteable, error No such file 
or directory

Well, look at that.  I wonder why the ntpsec package didn't create that.
Let's take a look at  and see if there's
already a report for it.

Here we go: 
"ntpsec: Missing /var/log/ntpsec is logged as an error"

So I guess one's expected to create this themselves, but only if they
care enough to do it...?  Weird.

.
unforch it does not create them and in my recent experience it may run 
but does not work without being able to log. I created it that subdir 
and chowned it,  then I went around to my other machines doing likewise 
and the other machines now use this one as a stratum 2 server. by 
removing the pool 0,1,2,3 entries from their ntp.conf is removing 6 
other machines from the traffic into debian's ntp server pool.


Those of us with goodly sized private networks hiding behind a NATing 
router should do that to reduce the load on debians ntp server pool.


Even with a stratum 2 rating, you are still within a microsecond of the 
cesium beam clock in Boulder Colorado USA. When I first set it up a week 
ago, I quickly found I was part of a pool and had external to my local 
network clients, but I finally found how to stop that.


Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

On Wed, 20 Dec 2023 at 02:40, Felix Miata  wrote:
>
> Mark Fletcher composed on 2023-12-20 00:28 (UTC):
>
> > I am curious to know from Debian
> > GRUBbers (as it were) if the behaviour I am describing in this thread
> > is expected...
>
> I suspect few if any regulars here spend much time with Slackware.

I am genuinely confused about how Slackware came into the picture
here... my foreign OS is LFS, nothing to do with slackware as far as I
know...

I appreciate your initial help which I still think is my best hope of
a solution -- about to implement in a few minutes so will know for
sure shortly -- but have not responded to the rest of this message as
I think it is based on a misunderstanding.

Thanks

Mark

Re: difference in seconds between two formatted dates ...

On Thu, Dec 21, 2023 at 03:34:49PM -0500, gene heskett wrote:
> unforch it does not create them and in my recent experience it may run but
> does not work without being able to log.

That would be a bug, given that this stats directory is apparently
optional.  (It logs through syslog just fine without the stats dir.)

What evidence did you see that makes you think it wasn't working?

Formal reminder of Codes of Conduct [WAS Re: Could we please cease this thread now?]

2023-12-21 Thread Andrew M.A. Cater

On Thu, Dec 21, 2023 at 10:12:36AM -0500, Pocket wrote:
> 
> On 12/21/23 09:46, Brad Rogers wrote:
> > On Thu, 21 Dec 2023 09:25:26 -0500
> > Pocket  wrote:
> > 
> > Hello Pocket,
> > 
> > >  Forwarded Message 
> > Putting a private message on the list, without sender's consent, is very
> > rude indeed.  Given that it was announced by sender beforehand that they
> > would reply privately, I'm absolutely certain they did not agree to the
> > message being forwarded here.
> > 
> > May you live in interesting times. (ancient insult)
> 
> Then don't hit and hide.
> 
> -- 
> Hindi madali ang maging ako
>

Posted to the list - purely so that this is recorded in the list archives
which Pocket can view at https://lists.debian.org/debian-user/2023/12/thrd3.html
As a member of the Debian Community Team, I'm also copying this to community@d.o

I'm not a moderator of this list: the list is unmoderated. I am a Debian
Community Team member. The Community Team is here to resolve disputes and
to make Debian a welcoming place. In that context, the tone of your recent
posts here is unhelpful and your messaging has been non-constructive

I would refer you to the FAQ for this list which I maintain.
https://lists.debian.org/debian-user/2023/12/msg00845.html 

Replies to you which are specifically marked as replies off-list are 
private. Don't repost private information. The normal expectation is
that the list is public and communication to the list is public.
If someone specifically replies to you in private, it would be for an
exceptional reason and should not be reposted back to the list.

If you're posting on the lists, your post is subject to the Debian codes
of conduct - please abide by them.

You are welcome in Debian - and contributions are appreciated - but a level
of basic understanding and courtesy is expected of all here.  

Andrew Cater
(amaca...@debian.org)
[For the Debian Community Team]

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

On Wed, 20 Dec 2023 at 06:01, David Wright  wrote:
>
>
> I can't see anywhere where the OP claims to have set up LFS for
> booting itself, as opposed to being booted from a Debian Grub.
> It only says "I have been able to get a grub.cfg including the
> LFS system …", which seems to imply LFS has only been set up
> as a "foreign" system by a Debian system.

Yes, that's exactly it. My very first attempt involved using Debian's
/boot partition as the /boot partition for LFS as well, so installing
LFS's kernel (6.4.12 IIRC) alongside Debian's, but I quickly learned
the folly of that when I saw the mess update-grub made of that...

So I rebuilt my LFS (was happy to do so, this is a learning exercise)
with its own /boot partition, which gets me closer to the solution I
want which is one Grub, Debian's grub, with Debian as the first and
default boot choice, but LFS available as an alternative. And the only
remaining problem is the Debian GRUB's insistence on using /dev/sdX2
(for the root partition is the second partition on the disk) in the
"linux" command line parameter.

>
> When os-prober runs on my system, a lot of stuff gets logged in
> messages, syslog and user.log. The lines that contain the string
> "result:" (without the quotes) are interesting. It's evident from
> those that have six fields following result: have had their root=
> field copied from the foreign system's grub.cfg. (In my case,
> "foreign" means a Debian system of the previous release.)
>
> When os-prober writes several clauses into my new grub.cfg's
> "### BEGIN /etc/grub.d/30_os-prober ###" section, the references
> to the partition are constructed using UUIDs (not PARTUUIDs, because
> there's an initrd). However, the kernel command line reads
> "root=LABEL=toto04", so that string wasn't constructed by os-prober,
> but copied from the foreign grub.cfg¹.
>
> That suggests to me the probability that whereas +Grub constructs+
> the root= strings for the "### BEGIN /etc/grub.d/10_linux ###"
> section, +os-prober copies+ the root= strings into the
> "### BEGIN /etc/grub.d/30_os-prober ###" section instead.
>

Interesting -- but there is no grub.cfg on the LFS system because grub
has never been installed there. There is a /boot partition but no
/boot/grub/grub.cfg .
So, nothing to copy from in this case.

Mark

Re: systemd and timezone (was: Re: difference in seconds between two formatted dates ...)

2023-12-21 Thread Nicolas George

to...@tuxteam.de (12023-12-21):
> I've sometimes the impression that desktop environments are losing
> the concept pf multi-user operating systems and are regreding to
> something like Windows 95.

Desktop environment and the “modern” applications designed for them had
already lost the ability to put back everything in place by quitting and
restarting. Now they are losing the concept of multiple users, and they
are also losing the ability to run several independent instances of the
same program.

Desktop environment suck.

Regards,

-- 
  Nicolas George

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

On Thu, 21 Dec 2023 at 21:38, Mark Fletcher  wrote:
>
>
> So I rebuilt my LFS (was happy to do so, this is a learning exercise)
> with its own /boot partition, which gets me closer to the solution I
> want which is one Grub, Debian's grub, with Debian as the first and
> default boot choice, but LFS available as an alternative. And the only
> remaining problem is the Debian GRUB's insistence on using /dev/sdX2
> (for the root partition is the second partition on the disk) in the
> "linux" command line parameter.
>
Apologies -- I probably made it less clear rather than more with the
above -- I mean that Debian GRUB is insisting on using /dev/sdX2 _for
the LFS menu entry_. For its own menu entry it works fine, because my
bookworm installation is using LVM.

There is and ever has been only one GRUB on this system -- Debian's.
That's why I am asking about this on a Debian list. My goal here is to
configure Debian's GRUB to boot LFS as a secondary option alongside
the primary option of Debian, and have that survive kernel updates for
Debian, and I am there, except for persuading it not to specify
"root=/dev/sdX2" for the root filesystem in the LFS linux command
line, and instead persuading ti to specify "root=PARTUUID="
which grub-mkconfig's documentation says is what it will do when there
is no initrd and the GRUB_DISABLE_LINUX_{PART,}UUID variables are set
to false.

Mark

Re: Formal reminder of Codes of Conduct [WAS Re: Could we please cease this thread now?]

2023-12-21 Thread Charles Curley

On Thu, 21 Dec 2023 21:36:00 +
"Andrew M.A. Cater"  wrote:

> Replies to you which are specifically marked as replies off-list are 
> private. Don't repost private information. The normal expectation is
> that the list is public and communication to the list is public.
> If someone specifically replies to you in private, it would be for an
> exceptional reason and should not be reposted back to the list.

Clarification, please. Occasionally a miss-configured mail reader will
cause a private off-list reply, which the correspondent does not notice.
My usual response to that sort of thing is to suggest that the
correspondent fix his mail reader, and then reply to the email on-list.
But only if there is nothing in either the errant email or my reply to
it which I believe to be private. Is something like that within your
admonition not to reply on-list to an off-list email?

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: Help: network abuse

2023-12-21 Thread David Christensen


On 12/21/23 04:00, Alain D D Williams wrote:

My home PC is receiving, for hours at a time, 12-30 kB/s input traffic. This is
unsolicited. I do not know what it is trying to achieve but suspect no good. It
is also eating my broadband allowance.

This does not show up in the Apache log files - the TCP connection does not 
succeed.

Sometimes my machine does send a packet in reply, there are 2 examples at the
foot of this email.

Questions:

• What is going on ?

• What can I do about it ?
   I do manually add some of the IPs to the f2b chain which will stop replies
   but that is about it.

My ISP refuses to do anything about it - I admit that I cannot see what they
could do, maybe filter packets with a source port of 80 or 443.

I also get attempts to break into ssh (port 22) - I am not worried about that.

I append a few lines of output of "tcpdump -n -i enp3s0" done today.
192.168.108.2 is the address of my desktop PC.

The connecting IPs below all belong to Amazon but this changes with time, China
is another common source of similar packets.

11:08:56.354303 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
19070976, win 51894, options [mss 1401,sackOK,TS val 1182532729 ecr 0,nop,wscale 
7], length 0
11:08:56.354700 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
3665362944, win 51894, options [mss 1402,sackOK,TS val 4179952761 ecr 0,nop,wscale 
7], length 0
11:08:56.360527 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
479395840, win 51894, options [mss 1412,sackOK,TS val 3391683448 ecr 0,nop,wscale 
7], length 0
11:08:56.360696 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
1622147072, win 51894, options [mss 1410,sackOK,TS val 2887711608 ecr 0,nop,wscale 
7], length 0
11:08:56.360950 IP 54.184.78.87.80 > 192.168.108.2.80: Flags [S], seq 
3168796672, win 51894, options [mss 1404,sackOK,TS val 535364985 ecr 0,nop,wscale 
7], length 0
11:08:56.364565 IP 52.195.179.12.80 > 192.168.108.2.80: Flags [S], seq 
132317184, win 51894, options [mss 1407,sackOK,TS val 2350122105 ecr 0,nop,wscale 
7], length 0
11:08:56.364708 IP 34.217.144.104.80 > 192.168.108.2.80: Flags [S], seq 
1098776576, win 51894, options [mss 1405,sackOK,TS val 3426157689 ecr 0,nop,wscale 
7], length 0
11:08:56.367975 IP 13.231.232.88.80 > 192.168.108.2.80: Flags [S], seq 
3272540160, win 51894, options [mss 1413,sackOK,TS val 979961209 ecr 0,nop,wscale 
7], length 0

2 days ago a similar capture. Note that the source port is 443 not 80:

09:47:31.416452 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 
2724200448, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 0,nop,wscale 
7], length 0
09:47:31.417861 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], seq 
925237248, win 51894, options [mss 1407,sackOK,TS val 756418658 ecr 0,nop,wscale 
7], length 0
09:47:31.440892 IP 27.124.10.197.443 > 192.168.108.2.80: Flags [S], seq 
3474063360, win 51894, options [mss 1404,sackOK,TS val 3970828642 ecr 0,nop,wscale 
7], length 0
09:47:31.449393 IP 27.124.10.200.443 > 192.168.108.2.80: Flags [S], seq 
2844721152, win 51894, options [mss 1407,sackOK,TS val 1831471202 ecr 0,nop,wscale 
7], length 0
09:47:31.451430 IP 154.39.104.67.443 > 192.168.108.2.80: Flags [S], seq 
2336358400, win 51894, options [mss 1415,sackOK,TS val 395513698 ecr 0,nop,wscale 
7], length 0
09:47:31.451610 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 
808976384, win 51894, options [mss 1414,sackOK,TS val 1960250978 ecr 0,nop,wscale 
7], length 0
09:47:31.453372 IP 143.92.60.30.443 > 192.168.108.2.80: Flags [S], seq 
3177512960, win 51894, options [mss 1408,sackOK,TS val 4033677410 ecr 0,nop,wscale 
7], length 0
09:47:31.456937 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 
1042087936, win 51894, options [mss 1415,sackOK,TS val 2011106914 ecr 0,nop,wscale 
7], length 0
09:47:31.461961 IP 27.124.10.226.443 > 192.168.108.2.80: Flags [S], seq 
3200516096, win 51894, options [mss 1403,sackOK,TS val 2314013026 ecr 0,nop,wscale 
7], length 0

Examples where my machine sends a reply:

09:47:31.658790 IP 27.124.10.225.443 > 192.168.108.2.80: Flags [S], seq 
612564992, win 51894, options [mss 1415,sackOK,TS val 2011106914 ecr 0,nop,wscale 
7], length 0
09:47:31.659442 IP 192.168.108.2.80 > 154.39.104.67.443: Flags [S.], seq 
3770299450, ack 1858732033, win 65160, options [mss 1460,sackOK,TS val 164888251 
ecr 395513698,nop,wscale 7], length 0

09:47:31.756220 IP 5.45.73.147.443 > 192.168.108.2.80: Flags [S], seq 
2992898048, win 51894, options [mss 1401,sackOK,TS val 862439534 ecr 0,nop,wscale 
7], length 0
09:47:31.756272 IP 192.168.108.2.80 > 5.45.73.147.443: Flags [.], ack 
1226309633, win 509, options [nop,nop,TS val 2085784149 ecr 994101358], length 0



On 12/21/23 05:10, Alain D D Williams wrote:
> ... I do run a web server at home, but there is only a little/personal
> stuff, it does not receive much real traffic, I do not want it to.
> Most of my web presence is hosted elsewhere.


On 12/21/23 06:58, Alain D D

Re: RTC and (old) Windows [was: difference in seconds between two formatted dates ...]

2023-12-21 Thread David Christensen


On 12/21/23 04:22, to...@tuxteam.de wrote:


I used to work in a shop Back Then (TM) (roughly Windows 3.1). We did
C programs for a living and had a mix of Windows boxes and Linux boxes.

Windows boxes were "naive" and had local time. We had a time zone
with summer and winter time.

On time transitions, all hell broke loose with Makefiles, which look
at file time stamps :-)

We ended up setting the Windows boxes to Monrovia/Liberia: no time
jumps *and* (more or less) GMT. No more hassles...



That is a great idea -- thank you!  :-)


David

Clarification: public private replies [WAS Re: Formal reminder of Codes of Conduct]

2023-12-21 Thread Andrew M.A. Cater

On Thu, Dec 21, 2023 at 02:59:26PM -0700, Charles Curley wrote:
> On Thu, 21 Dec 2023 21:36:00 +
> "Andrew M.A. Cater"  wrote:
> 
> > Replies to you which are specifically marked as replies off-list are 
> > private. Don't repost private information. The normal expectation is
> > that the list is public and communication to the list is public.
> > If someone specifically replies to you in private, it would be for an
> > exceptional reason and should not be reposted back to the list.
> 

In this particular thread, a poster suggested on-list that he was replying
off-list in order to not prolong the thread. That _private_ post was then
posted back to the list. That's not appropriate in any circumstances.

If you do reply to something off-list, then a good practice is to put
in a sentence explaining _why_ you're replying off list and that it shouldn't
be copied back to the list. If someone doesn't do that, then you should
assume that anything off list is intended between two people only. 

Anyone can make mistakes and reply with a post to a list that was intended
to be a private reply: that's why it's important to make it clear up front
that something is intended to remain private, if possible.

Likewise, if I accidentally reply to a poster with a more general post that
I meant to go to the list, I'll post to the list with "Sent to poster
in private by mistake - forwarding to the list for info" so that it's 
not lost.

Finger trouble happens: the correct thing is to respond to it appropriately,
with an apology if necessary..

> Clarification, please. Occasionally a miss-configured mail reader will
> cause a private off-list reply, which the correspondent does not notice.
> My usual response to that sort of thing is to suggest that the
> correspondent fix his mail reader, and then reply to the email on-list.
> But only if there is nothing in either the errant email or my reply to
> it which I believe to be private. Is something like that within your
> admonition not to reply on-list to an off-list email?
> 

I think I'm going to have to expand the FAQ again. There's a bit in there
that says, effectively "don't start a question thread on list, take it off
list and get an answer, then come back to the list saying *Solved* without
actually giving an answer" 

That's quite often the reaction of someone relatively new to the list,
who gets a good answer from someone on list, mails the expert off list,
maybe has a further problem solving conversation  and then doesn't leave the
answer. That's frustrating for someone trawling a search engine later.
That's why there's a bit in there saying "hold your conversations on list
as far as you can".

Posting well-intentioned private replies back to the list is not appropriate.
Throwing people's help back in their face is not appropriate.
Consideration - and sometimes keeping your hands off the keyboard for an hour
- *is* appropriate.

All the very best, as ever,

Andy Cater
[amaca...@debian.org]

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

On Mon, 18 Dec 2023 at 22:15, Felix Miata  wrote:
>
> I can't answer why Grub scripts to what the do, because I don't really use 
> them,
> and don't need to understand much about them. Grub config files in 
> /boot/grub/ are
> akin to scripts, but they are really simple, mainly just command scripts. The
> usual one is grub.cfg, the one os-prober feeds from other Linux 
> installations. A
> less common one is custom.cfg. To use it requires the admin build it. When it
> exists, grub-mkconfig incorporates its use by/in grub.cfg. It actually gets 
> called
> by default from /etc/grub.d/41_custom, which adds the stanzas from it to the 
> Grub
> boot menu - after those that it has generated itself. I copy it to
> /etc/grub.d/07_custom, and empty 41_custom. That causes my custom stanzas to
> appear first in Grub's boot menu. /etc/grub.d/40_custom acts, and a copy of 
> it as
> 06_custom would act, in similar fashion, except that the admin's custom 
> stanzas
> are put into it by the admin instead of into a custom.cfg file.
>
> Thus, you, as admin, construct working stanzas however you like, with or 
> without
> UUIDS, with or without device names, with or without volume LABELS, however 
> you
> like boot to go, and they don't get changed, except by the admin - you. This 
> is
> easy, because you as admin can use the kernel (and initrd) symlinks Debian 
> puts in
> /, or anywhere you'd like symlinks to them to go, for distros that don't
> automatically create them for you. There's no need for maintenance when new
> kernels are installed in the case of Debian and other distros that 
> automatically
> generate new symlinks. For those that don't, creating them is trivial.
>

I have just tried this, I see 41_custom in /etc/grub.d and I see that
the text from that file ends up in my grub.cfg when I run update-grub.
So I have disabled os-prober, since I won't need it if I can get this
working, and created a cusom.cfg file with approximately what
os-prober generated as manuentry stanza lines for my LFS instance
(with references to os-prober removed and the root=/dev/sdc2 changed
to root=PARTUUID=)

And... on reboot, the menu entry for LFS is not included.

Now looking closer at 41_custom, it says this:

#!/bin/sh
cat <

Re: difference in seconds between two formatted dates ...


On 12/21/23 16:31, Greg Wooledge wrote:

On Thu, Dec 21, 2023 at 03:34:49PM -0500, gene heskett wrote:

unforch it does not create them and in my recent experience it may run but
does not work without being able to log.


That would be a bug, given that this stats directory is apparently
optional.  (It logs through syslog just fine without the stats dir.)

What evidence did you see that makes you think it wasn't working?

.
A nominal +12 minute error was not corrected despite several restarts of 
ntpsec. Reading the .conf it finally dawned that I did not have that 
directory, so I made it, chowned it to ntpsec:ntpsec and by the time I 
had looked to see the that it was using that dir, I found the clock was 
by then about .0017 microseconds off.  Serendipity? DarnedifIknow.


Take care, stay warm and well, Greg.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: Clarification: public private replies [WAS Re: Formal reminder of Codes of Conduct]

2023-12-21 Thread David Christensen


On Thu, Dec 21, 2023 at 02:59:26PM -0700, Charles Curley wrote:

Clarification, please. Occasionally a miss-configured mail reader will
cause a private off-list reply, which the correspondent does not notice.
My usual response to that sort of thing is to suggest that the
correspondent fix his mail reader, and then reply to the email on-list.
But only if there is nothing in either the errant email or my reply to
it which I believe to be private. Is something like that within your
admonition not to reply on-list to an off-list email?



I had similar questions.


On 12/21/23 14:27, Andrew M.A. Cater wrote:

...
Posting well-intentioned private replies back to the list is not appropriate.



Please clarify how the Debian Community Team wishes us to respond to the 
following use-case:


1.  User A posts to the list.  This post may start or continue a thread.

2.  User B replies to #1 directly to user A.  All content is suitable 
for the list.  There is no statement of "off-list", "private", etc..  A 
reasonable mailing list reader would conclude that the reply was 
intended for the list, but was send off-list due to human error.



And, the double-fault use-case (yes, I made this mistake recently):

1.  User A posts to the list.  This post may start or continue a thread.

2.  User B replies to #1 directly to user A.  All content is suitable 
for the list.  There is no statement of "off-list", "private", etc..  A 
reasonable mailing list reader would conclude that the reply was 
intended for the list, but was send off-list due to human error.


3.  User A replies to #2 directly to user B.  All content is suitable 
for the list.  There is no statement of "off-list", "private", etc..  A 
reasonable mailing list reader would conclude that the reply was 
intended for the list, but was send off-list due to human error.



David

Re: systemd and timezone


On 12/21/23 16:54, Nicolas George wrote:

to...@tuxteam.de (12023-12-21):

I've sometimes the impression that desktop environments are losing
the concept pf multi-user operating systems and are regreding to
something like Windows 95.


Desktop environment and the “modern” applications designed for them had
already lost the ability to put back everything in place by quitting and
restarting. Now they are losing the concept of multiple users, and they
are also losing the ability to run several independent instances of the
same program.

Desktop environment suck.

Regards,


I agree Nic, and the Torr rating is getting worse all the time.

Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

2023-12-21 Thread Felix Miata

Mark Fletcher composed on 2023-12-21 21:30 (UTC):

> Felix Miata wrote:

>> I suspect few if any regulars here spend much time with Slackware.

> I am genuinely confused about how Slackware came into the picture
> here... my foreign OS is LFS, nothing to do with slackware as far as I
> know...

Pure unadulterated word dyslexia here. My brain routinely fails to register any
difference between LFS and Slackware, both of which in my mind rely more heavily
on the brains of its admins than those of Debian's or its derivatives'. LFS I've
never attempted to use. Slackware I have. Sorry for causing confusion here.

> I appreciate your initial help which I still think is my best hope of
> a solution

Boot setup are rather simple here. I don't "edit" content of any files in
/etc/grub.d/ in the usual sense of the word. What I do is copy 40_custom to
06_custom, and copy 41_custom to 07_custom on my Tumbleweed installation. Then I
remove the content from 40_custom and 41_custom to make them inert rather than
having the package system recreate them and bloat grub.cfg as a result. I 
manually
maintain one file: /boot/grub2/custom.cfg on my Tumbleweed / filesystem. That
would correspond to a Debian LVM user, such as you, maintaining /grub/custom.cfg
on his /boot filesystem.

Admins are 100% responsible for the content of (*/gru*/)custom.cfg. Because of 
my
particular handling of /etc/grub.d/, the stanzas in custom.cfg head the 
selection
list presented by Grub on boot. Those generated by Grub's scripts are rarely
utilized here. Any selected stanza from custom.cfg that fails to boot something
can only be due to my own fault.

Tumbleweed is the only distro installed here where the ESP is routinely mounted 
to
/boot/efi/. Only one bootloader is needed per typical Gnu/Linux-only multiboot 
PC.

>From one PC here currently booted:
# grep vmlinuz /boot/grub2/custom.cfg | wc -l
21
# grep root= /boot/grub2/custom.cfg | wc -l
21
# grep root=LABEL /boot/grub2/custom.cfg | wc -l
21
#

There need be no difference from my configuration an any Debian user's, other 
than
the name of the directory containing custom.cfg.

For those who don't know the why of /boot/grub2/ instead of /boot/grub/ (on
openSUSE at least), grub2 is used instead of grub in /boot/ as a historical
continuation of the multiple releases period when both Grub Legacy and Grub2 
could
be simultaneously installed on the same installation without need for any 
filename
customization in Grub as installed. IIRC, one could be setup on MBR, the other 
on
a partition, possibly more for developer convenience than any expectation users
would want both at once.
-- 
Evolution as taught in public schools is, like religion,
based on faith, not based on science.

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

On Thu, Dec 21, 2023 at 07:33:13PM -0500, Felix Miata wrote:
> >From one PC here currently booted:
> # grep vmlinuz /boot/grub2/custom.cfg | wc -l
> 21
> # grep root= /boot/grub2/custom.cfg | wc -l
> 21
> # grep root=LABEL /boot/grub2/custom.cfg | wc -l
> 21

Just for the record, grep -c (count matching lines) exists.

Re: systemd and timezone

2023-12-21 Thread Nicholas Geovanis

On Thu, Dec 21, 2023, 10:06 AM Max Nikulin  wrote:

> On 21/12/2023 12:33, to...@tuxteam.de wrote:
> .
> >
> > Double ugh.
> >
> > UNIX got that right from the start. Now this crazy notion "the computer
> > HAS to have a timezone of its own" is creeping in.
>
> Even admins may wish to see local time, not UTC in logs. So the D-Bus
> interface is no worse than the /etc/localtime file.
>

Servers work in groups and log-aggregation and analysis software is normal
in that context. And since your web server fleet, for one example, may be
spread across multiple timezones or multiple continents to reduce latency,
you configure accordingly.

>

Re: GRUB -- Debian overrides? Or maybe I just don't understand it well...

On Thu 21 Dec 2023 at 21:38:46 (+), Mark Fletcher wrote:
> On Wed, 20 Dec 2023 at 06:01, David Wright  wrote:
> >
> > I can't see anywhere where the OP claims to have set up LFS for
> > booting itself, as opposed to being booted from a Debian Grub.
> > It only says "I have been able to get a grub.cfg including the
> > LFS system …", which seems to imply LFS has only been set up
> > as a "foreign" system by a Debian system.
> 
> Yes, that's exactly it. My very first attempt involved using Debian's
> /boot partition as the /boot partition for LFS as well, so installing
> LFS's kernel (6.4.12 IIRC) alongside Debian's, but I quickly learned
> the folly of that when I saw the mess update-grub made of that...

What sort of mess? I would have thought Grub would ignore excess
kernels dropped into /boot. I have a laptop here that has two
bookworm netinst ISOs (release candidates) and a kernel and initrd
(hd-media) for booting the ISOs, and they've been ignored through
at least two kernel upgrades:

 4096 Oct  9 22:49 /grub
   83 Aug 16 15:52  System.map-5.10.0-25-686
   83 Sep 28 23:25  System.map-5.10.0-26-686
   245147 Aug 16 15:52  config-5.10.0-25-686
   245200 Sep 28 23:25  config-5.10.0-26-686
  703594k Apr 24  2023  debian-bookworm-DI-rc1-i386-netinst.iso
  704643k Apr 28  2023  debian-bookworm-DI-rc2-i386-netinst.iso
   19920k Apr 27  2023  initrd.gz
   33580k Oct  7 12:36  initrd.img-5.10.0-25-686
   33588k Nov 27 18:46  initrd.img-5.10.0-26-686
  5548224 Apr  8  2023  vmlinuz
  4988160 Aug 16 15:52  vmlinuz-5.10.0-25-686
  4990880 Sep 28 23:25  vmlinuz-5.10.0-26-686

I've already posted my (slightly overlong) /etc/grub.d/07_custom;
I can boot the installer with:

  ### BEGIN /etc/grub.d/40_custom ###
  # This file provides an easy way to add custom menu entries.  Simply type the
  # menu entries you want to add after this comment.  Be careful not to change
  # the 'exec tail' line above.
  menuentry "Install Debian via HTTP" {
  search --no-floppy --label --set=root noah03
  linux   /boot/vmlinuz priority=low
  initrd  /boot/initrd.gz
  }
  #
  ### END /etc/grub.d/40_custom ###

> So I rebuilt my LFS (was happy to do so, this is a learning exercise)
> with its own /boot partition, which gets me closer to the solution I
> want which is one Grub, Debian's grub, with Debian as the first and
> default boot choice, but LFS available as an alternative. And the only
> remaining problem is the Debian GRUB's insistence on using /dev/sdX2
> (for the root partition is the second partition on the disk) in the
> "linux" command line parameter.

I've never run LFS; what does the menuentry in grub.cfg look like?

> > When os-prober runs on my system, a lot of stuff gets logged in
> > messages, syslog and user.log. The lines that contain the string
> > "result:" (without the quotes) are interesting. It's evident from
> > those that have six fields following result: have had their root=
> > field copied from the foreign system's grub.cfg. (In my case,
> > "foreign" means a Debian system of the previous release.)
> >
> > When os-prober writes several clauses into my new grub.cfg's
> > "### BEGIN /etc/grub.d/30_os-prober ###" section, the references
> > to the partition are constructed using UUIDs (not PARTUUIDs, because
> > there's an initrd). However, the kernel command line reads
> > "root=LABEL=toto04", so that string wasn't constructed by os-prober,
> > but copied from the foreign grub.cfg.
> >
> > That suggests to me the probability that whereas +Grub constructs+
> > the root= strings for the "### BEGIN /etc/grub.d/10_linux ###"
> > section, +os-prober copies+ the root= strings into the
> > "### BEGIN /etc/grub.d/30_os-prober ###" section instead.

So what does this command show, if anything:

  $ zgrep result: /var/log/messages*
  /var/log/messages:Dec 21 18:10:52 acer 90linux-distro: result: 
/dev/sda4:Debian GNU/Linux 12 (bookworm):Debian:linux
  /var/log/messages:Dec 21 18:10:57 acer 40grub2: result: 
/dev/sda4:/dev/sda4:Debian 
GNU/Linux:/boot/vmlinuz-6.1.0-13-686:/boot/initrd.img-6.1.0-13-686:root=UUID=ac1b3d4f-aa95-4e12-b6e6-fd455273a3b8
 ro quiet
  /var/log/messages:Dec 21 18:10:57 acer 40grub2: result: 
/dev/sda4:/dev/sda4:Debian GNU/Linux, with Linux 
6.1.0-13-686:/boot/vmlinuz-6.1.0-13-686:/boot/initrd.img-6.1.0-13-686:root=UUID=ac1b3d4f-aa95-4e12-b6e6-fd455273a3b8
 ro quiet
  /var/log/messages:Dec 21 18:10:57 acer 40grub2: result: 
/dev/sda4:/dev/sda4:Debian GNU/Linux, with Linux 6.1.0-13-686 (recovery 
mode):/boot/vmlinuz-6.1.0-13-686:/boot/initrd.img-6.1.0-13-686:root=UUID=ac1b3d4f-aa95-4e12-b6e6-fd455273a3b8
 ro single
  /var/log/messages:Dec 21 18:10:57 acer 40grub2: result: 
/dev/sda4:/dev/sda4:Debian GNU/Linux, with Linux 
6.1.0-10-686:/boot/vmlinuz-6.1.0-10-686:/boot/initrd.img-6.1.0-10-686:root=UUID=ac1b3d4f-aa95-4e12-b6e6-fd455273a3b8
 ro quiet
  /var/log/messages:Dec 21 18:10:58 acer 40grub2: result: 
/dev/sda4:/dev/sda4:Debian GNU/Linux, with Linux 6.1.0-10-686 (recov

Re: difference in seconds between two formatted dates ...

On Thu 21 Dec 2023 at 06:38:55 (+0100), to...@tuxteam.de wrote:
> On Wed, Dec 20, 2023 at 10:52:33PM -0600, David Wright wrote:
> > On Wed 20 Dec 2023 at 08:37:46 (+0100), to...@tuxteam.de wrote:
> > > On Wed, Dec 20, 2023 at 12:00:29AM -0600, David Wright wrote:
> > > 
> > > [...]
> > > 
> > > > Yes, I'm guessing that the OP is in my timezone, as just a few of
> > > > their previous posts have -5/-6 offsets. But most are +0, and
> > > > I wonder whether the OP ran this code on an all-UTC machine.
> > > > (IDK whether their using gmail is relevant.)
> > > 
> > > Nitpick and reminder: in UNIX and cousins, the "machine" has no
> > > timezone. It's the executable (and its children, if they don't
> > > change it). See:
> > > 
> > >   tomas@trotzki:~$ date
> > >   Wed Dec 20 08:24:32 CET 2023
> > >   tomas@trotzki:~$ TZ=Asia/Singapore bash
> > >   tomas@trotzki:~$ date
> > >   Wed Dec 20 15:24:47 +08 2023
> > >   tomas@trotzki:~$ exit
> > > 
> > > What is /etc/timezone for, then? you may ask.
> > > 
> > > It's just the default for when you don't pick any.
> > 
> > Sorry for the synecdoche, but I think it expresses the comprehensive
> > setting of UTC across the entirety of the computer and its operating
> > system, from the RTC, through /etc/timezone and /etc/localhost, to
> > the users' sessions.
> 
> Now I'm confused. The timezone is just a (pointer to a) set of rules
> stating how to translate UNIX time into a human readable form. So it
> just touches applications intending to show times to a human.
> 
> What is the RTC doing here, then?

I was under the impression that the OP had a mode called "unexposed".
I assumed that meant that the machine was isolated from other
machines. Perhaps I've overlooked some other method of initialising
System Time after booting up in unexposed mode, other than the RTC.

Cheers,
David.

Re: difference in seconds between two formatted dates ...

On Thu 21 Dec 2023 at 07:15:12 (-0500), Greg Wooledge wrote:
> On Wed, Dec 20, 2023 at 10:52:33PM -0600, David Wright wrote:
> > Sorry for the synecdoche, but I think it expresses the comprehensive
> > setting of UTC across the entirety of the computer and its operating
> > system, from the RTC, through /etc/timezone and /etc/localhost, to
> > the users' sessions. By this active (not just default) means, users
> > can remain blissfully unaware of the effects of setting timezones
> > other than UTC, just as the OP appeared to be, until reminded.
> 
> I'm not even sure what you're trying to say here.

I'm trying to explain something I thought was a simple concept,
an "all-UTC machine". So I suggested how you might make one.
Take a PC, turn it on, and set the CMOS clock to UTC. Boot it up,
run dpkg-reconfigure tzdata and set UTC as the timezone.

> "Active"?  Do you
> think /etc/timezone and /etc/localhost somehow have agency?  That
> they have intent?

No, I just meant that /you/ actively set everything that you could
to UTC, as if your universe was set in London on a wintry day.

> They're just settings.

Yes, and I just meant that you'd have to set the machine's System
Timetone to UTC. I'll hazard a guess that most people here won't
have that already set as their system timezone.

What would "passive" settings be? I don't know, but I've just
seen the term used in this thread:

  https://lists.debian.org/debian-user/2023/12/msg01131.html

> As far as the RTC (real time clock) goes, that just exists to
> bootstrap the system clock at boot time, before NTP takes over.
> If the system isn't connected to a network with a time server
> available, then of course NTP never takes over, and the system clock
> tries its best to keep up with time based on the initial RTC value,
> unless/until a sysadmin decides to run a date command to set the
> system clock more accurately.

Exactly, so the RTC is the primary source of time for a system in
the so-called "unexposed" mode of operation.

> Again, there isn't any agency here.  The RTC is just a resource that
> the system can use, once per boot, to get things started.  It could
> be set correctly, or incorrectly.  It could be set to local time, as
> was common when dual-booting with Windows, or to UTC.  On systems
> that run NTP, the RTC is mostly vestigial.  Its setting has very
> little effect on anything -- perhaps some early logfile timestamps.

Bear in mind that I was explaining my use of "all-UTC machine".
Were you to construct such a beast, I think the first thing you
might set, actively, is the RTC. You wouldn't just assume that
it was already set to UTC.

What would be a better term for such a machine in the state described?

Anyway, having followed these actions, someone could now write and
test scripts without worrying about timezones, and then find out that
they fail when someone in the real world runs them. Which is what
I posted in:

  https://lists.debian.org/debian-user/2023/12/msg00915.html

on my "exposed" "America/Chicago machine".

Cheers,
David.

Re: difference in seconds between two formatted dates ...

On 20/12/2023 22:04, Greg Wooledge wrote:

The key point here is that you don't STORE these human-readable time
strings anywhere. You simply *produce* them on demand, using the
epoch time values that you *do* store.

Greg, I agree to almost everything you write, however I believe that
text timestamp representation is perfectly valid. To be clear, I
consider UTC formatted time as human readable, despite some people are
not comfortable with it:

date --utc --rfc-3339=seconds
2023-12-22 01:38:50+00:00

date --utc --iso-8601=seconds
2023-12-22T01:39:07+00:00

from my point of view, it is no worse than seconds since epoch as
integer. In the commands above "--utc" may be omitted since timezone
offset is explicitly specified.

Latest activity related to text timestamp representation (known to me)
is the following draft

https://datatracker.ietf.org/doc/draft-ietf-sedate-datetime-extended/
"Date and Time on the Internet: Timestamps with additional information"

I would try to avoid storing timestamp in file name. If it is absolutely
necessary and dates are limited to 4-digit years then I would still prefer

date --utc '+%Y%m%d%H%M%S'
20231222014904

to %s seconds (assuming that 60 produced by %S does not cause parser
error). I still consider this format as human readable despite some
inconvenience. I would consider adding "Z" suffix to make it clear that
it is UTC time rather than local one.

Seconds since epoch are suitable in most cases when binary storage is
available. For text storage formatted date may be better. Extra care is
required to properly store formatted local time.

Back to the code posted by Albretch.

I would avoid BASH for any sufficiently complex problem, so I agree with
suggestions posted earlier. On the other hand parser implementation in
date(1) may be more reliable that date-time libraries for some
programming languages.

Invoking date without "--utc" I consider as a call for a trouble due to
absence of time zone offset:

date '+%Y%m%d%H%M%S' # Do not do it

The code may be accidentally run inside an environment with configured
timezone.

I am not sure that UTC is really UTC on that particular machine due to
the following thread, so bizarre results might be expected:

https://lists.debian.org/msgid-search/CAFakBwhvEThCnmbfSA1uZJw1BTTznY+J=gfegq1nqrrkzbm...@mail.gmail.com
differences between hwclock <-> date due to time zone issues? ...
Thu, 23 Mar 2023 21:41:40 +

Re: difference in seconds between two formatted dates ...

On Thu, Dec 21, 2023 at 07:31:31PM -0600, David Wright wrote:
> Bear in mind that I was explaining my use of "all-UTC machine".
> Were you to construct such a beast, I think the first thing you
> might set, actively, is the RTC. You wouldn't just assume that
> it was already set to UTC.
> 
> What would be a better term for such a machine in the state described?

A non-networked machine with its default time zone set to UTC.  The
admin would need to keep setting the clock by hand as it drifts, but
otherwise, this is not a special or unusual setup... if this were 1990.

> Anyway, having followed these actions, someone could now write and
> test scripts without worrying about timezones, and then find out that
> they fail when someone in the real world runs them.

A cynic might observe that nobody else in the world is ever going to
run those scripts.  But yeah, this is a hive of bugs being hatched.
We've pointed out the obvious ones, and that's all we can do for now.

Re: GRUB -- Debian overrides? (but on original thread topic, not so much)

2023-12-21 Thread Felix Miata

David Wright composed on 2023-12-21 19:20 (UTC-0600):

> On Thu 21 Dec 2023 at 21:38:46 (+), Mark Fletcher wrote:

>> My very first attempt involved using Debian's
>> /boot partition as the /boot partition for LFS as well, so installing
>> LFS's kernel (6.4.12 IIRC) alongside Debian's, but I quickly learned
>> the folly of that when I saw the mess update-grub made of that...

> What sort of mess? I would have thought Grub would ignore excess
> kernels dropped into /boot. 

It doesn't exactly ignore. This is from a rather old Dell MBR booting
with Grub Legacy installed (but rarely actually used to boot Bullseye):

# inxi -CSz
System:
  Kernel: 5.10.0-23-amd64 arch: x86_64 bits: 64 Desktop: Trinity v: R14.1.1
Distro: Debian GNU/Linux 11 (bullseye)
CPU:
  Info: dual core model: Intel Core2 Duo E4400 bits: 64 type: MCP cache:
L2: 2 MiB
  Speed (MHz): avg: 2000 min/max: N/A cores: 1: 2000 2: 2000
# apt-get full-upgrade
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
  linux-image-5.10.0-11-amd64 linux-image-5.10.0-13-amd64 
linux-image-5.10.0-14-amd64 linux-image-5.10.0-18-amd64
  linux-image-5.10.0-9-amd64 usb.ids
Use 'apt autoremove' to remove them.
The following NEW packages will be installed:
  linux-image-5.10.0-26-amd64
The following packages will be upgraded:
  linux-image-amd64
1 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/55.6 MB of archives.
After this operation, 318 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Reading changelogs... Done
Selecting previously unselected package linux-image-5.10.0-26-amd64.
(Reading database ... 97500 files and directories currently installed.)
Preparing to unpack .../linux-image-5.10.0-26-amd64_5.10.197-1_amd64.deb ...
Unpacking linux-image-5.10.0-26-amd64 (5.10.197-1) ...
Preparing to unpack .../linux-image-amd64_5.10.197-1_amd64.deb ...
Unpacking linux-image-amd64 (5.10.197-1) over (5.10.179-1) ...
Setting up linux-image-5.10.0-26-amd64 (5.10.197-1) ...
I: /vmlinuz.old is now a symlink to boot/vmlinuz-5.10.0-23-amd64
I: /initrd.img.old is now a symlink to boot/initrd.img-5.10.0-23-amd64
I: /vmlinuz is now a symlink to boot/vmlinuz-5.10.0-26-amd64
I: /initrd.img is now a symlink to boot/initrd.img-5.10.0-26-amd64
/etc/kernel/postinst.d/initramfs-tools:
update-initramfs: Generating /boot/initrd.img-5.10.0-26-amd64
/etc/kernel/postinst.d/zz-update-grub:
Searching for GRUB installation directory ... found: /boot/grub
WARNING: tempfile is deprecated; consider using mktemp instead.
Searching for default file ... found: /boot/grub/default
Testing for an existing GRUB menu.lst file ... found: /boot/grub/menu.lst
WARNING: tempfile is deprecated; consider using mktemp instead.
Searching for splash image ... none found, skipping ...
dpkg: warning: version 'prv' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'prv2' has bad syntax: version number does not start 
with digit
dpkg: warning: version 'cur' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'prv2' has bad syntax: version number does not start 
with digit
dpkg: warning: version 'cur' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'prv' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'prv2' has bad syntax: version number does not start 
with digit
dpkg: warning: version 'prv' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'cur' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'prv2' has bad syntax: version number does not start 
with digit
dpkg: warning: version 'prv' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'cur' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'prv2' has bad syntax: version number does not start 
with digit
dpkg: warning: version 'prv' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'cur' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'prv2' has bad syntax: version number does not start 
with digit
dpkg: warning: version 'prv' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'cur' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'prv2' has bad syntax: version number does not start 
with digit
dpkg: warning: version 'prv' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'cur' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'prv2' has bad syntax: version number does not start 
with digit
dpkg: warning: version 'prv' has bad syntax: version number does not start with 
digit
dpkg: warning: version 'cur' has bad syntax: ve

Re: Is there a problem with Linux-image-6.1.0-16?

2023-12-21 Thread Charles Curley

On Thu, 21 Dec 2023 09:02:34 -0500
Gary Dale  wrote:

> Several days ago my main server upgraded to kernel 6.1.0-16 but
> various other devices that are also running Bookworm seem stuck at
> 6.1.0-13. They are all using the same architecture. Some are using
> the same mirror as the server that upgraded. I haven't set any
> special policies on upgrades.

I saw similar here. Of four machines here running Bookworm, three have
kernels:

linux-image-6.1.0-15-amd64 6.1.66-1
linux-image-6.1.0-16-amd64 6.1.67-1

but one has:

linux-image-6.1.0-13-amd64 6.1.55-1
linux-image-6.1.0-15-amd64 6.1.66-1

However, I found that the latter machine has the following in
/etc/apt/sources.list:

# bookworm-updates, to get updates before a point release is made;
# see 
https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports
# Line commented out by installer because it failed to verify:
#deb http://deb.debian.org/debian bookworm-updates main contrib non-free 
non-free-firmware
# deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free 
non-free-firmware

whereas the others three have:

# bookworm-updates, to get updates before a point release is made;
# see 
https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports
deb http://deb.debian.org/debian bookworm-updates main contrib non-free 
non-free-firmware
# deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free 
non-free-firmware

Uncommenting the bookworm-updates line got me the missing kernel. You
might try the same.

-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Re: GRUB -- Debian overrides? (but on original thread topic, not so much)

On Thu 21 Dec 2023 at 22:19:47 (-0500), Felix Miata wrote:
> David Wright composed on 2023-12-21 19:20 (UTC-0600):
> > On Thu 21 Dec 2023 at 21:38:46 (+), Mark Fletcher wrote:
> 
> >> My very first attempt involved using Debian's
> >> /boot partition as the /boot partition for LFS as well, so installing
> >> LFS's kernel (6.4.12 IIRC) alongside Debian's, but I quickly learned
> >> the folly of that when I saw the mess update-grub made of that...
>  
> > What sort of mess? I would have thought Grub would ignore excess
> > kernels dropped into /boot. 
> 
> It doesn't exactly ignore. This is from a rather old Dell MBR booting
> with Grub Legacy installed (but rarely actually used to boot Bullseye):

[ … ]

> Found kernel: /boot/vmlinuz
> Found kernel: /boot/vmlinuz-prv2
> Found kernel: /boot/vmlinuz-prv
> Found kernel: /boot/vmlinuz-cur
> Found kernel: /boot/vmlinuz-5.10.0-26-amd64
> Found kernel: /boot/vmlinuz-5.10.0-23-amd64
> Found kernel: /boot/vmlinuz-5.10.0-20-amd64
> Found kernel: /boot/vmlinuz-5.10.0-18-amd64
> Found kernel: /boot/vmlinuz-5.10.0-14-amd64
> Found kernel: /boot/vmlinuz-5.10.0-13-amd64
> Found kernel: /boot/vmlinuz-5.10.0-11-amd64
> Found kernel: /boot/vmlinuz-5.10.0-9-amd64
> Updating /boot/grub/menu.lst ... done

[ … ]

> Newer PCs with grub-efi exhibit similar behavior, but all here that actually
> have grub-efi installed already have current kernel.

Mine is a bullseye BIOS-booting laptop with the previously listed
/boot directory. I copied a couple of kernels and initrds from
the bookworm RCs in partition noah04, and then ran grub-mkconfig.
Stderr shows:

  Generating grub configuration file ...
  Found linux image: /boot/vmlinuz-6.1.0-13-686
  Found initrd image: /boot/initrd.img-6.1.0-13-686
  Found linux image: /boot/vmlinuz-6.1.0-10-686
  Found initrd image: /boot/initrd.img-6.1.0-10-686
  Found linux image: /boot/vmlinuz-5.10.0-26-686
  Found initrd image: /boot/initrd.img-5.10.0-26-686
  Found linux image: /boot/vmlinuz-5.10.0-25-686
  Found initrd image: /boot/initrd.img-5.10.0-25-686
  Warning: os-prober will be executed to detect other bootable partitions.
  Its output will be used to detect bootable binaries on them and create new 
boot entries.
  Found Debian GNU/Linux 12 (bookworm) on /dev/sda4
  done

All the Debian kernels installed from linux-image-….deb packages
are found by Grub, and appear in the usual array of prefix10
menuentries. Also, both the bookworm kernels are found by
os-prober, as shown by the previously posted   zgrep result:
listing, and appear in the usual array of prefix30 menuentries.

But something about the hd-media installer kernel/initrd seems
to prevent Grub from finding them and constructing a menuentry.

We know that the LFS kernel is detected by Debian's os-prober,
but only that Grub makes a "mess" when given the opportunity
of finding the LFS kernel in the same /boot as the Debian ones.
What exactly is this mess?

Cheers,
David.

Re: difference in seconds between two formatted dates ...