Re: kde fully broken in debian/testing

[David Baron]

I have been upgrading from Sid.
So far, what I have is working with some deficiencies. But working.

> Am Donnerstag, 30. Juli 2015, 22:34:55 schrieb Gabriel Corona:
> > Hi,
> 
> Hello,
> yeah, I am still trying to fix it. The problem is, that many version 5
> packages are still not in testing. Instead of this, the repo-maintainers
> removed many version-4-packages, so you cannot go back. Sigh! I hope, they
> will put it back, as at the moment, KDE is fully unusable. I tried to
> install from sid, but the same problem here: packages missing, bad
> versions, same pita.
> 
> Somebody told, to use the repo from aptosid, these shall run.
> 
> Hope this will be fixed soon.
> 
> Best
> 
> Hans
> 
> > In fact, I did the update yesterday. It was quite painful but it's now
> > 
> > working OK-ish:
> >  * You need to move all the plasma packages to the version 5 (I'm
> >  
> >using testing so I had to force the packar manager to use them).
> >  
> >  * Check that you have powerdevil, plasma-desktop, kdeartwork, etc in
> >  
> >version 5.
> >  
> >  * Purge the old plasma packages.
> >  
> >  * You need to restart the session (otheriwse it's compltely broken);
> >  
> >  * I added a `kwin` script in my path (doing 'exec kwin_init "$@").
> >  
> >It's probably not needed if you have updated all your packages but
> >at some point I did not have window decoration and adding this
> >fixed it. It was probably because I was still using some Plasma 4
> >packages.
> >  
> >  * I had to manually launch kbuildsycoca5 (otherwise systemsettings
> >  
> >wouldn't display any configuration panel).
> > 
> > Some remaining issues:
> >  * systemsettings segaults sometimes but it's mostly working.
> >  
> >  * There is not support for XEmbed systray by design: xchat, hexchat,
> >  
> >nm-applet, etc. are quite broken. We're supposed to fill a lot of
> >bugs in a log of packages in order to have SNI support in the
> >applications. I used trayer [1] in order to have a systray.
> > 
> > Good luck!
> > 
> > [1] http://www.gabriel.urdhr.fr/2015/07/29/i-can-has-systray/
> > 
> > --
> > Gabriel



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/4062598.uTRqIHLhMR@dovidhalevi

Re: eth0 : no such device

[Diogene Laerce]

Le 30/07/2015 18:35, Lisi Reisz a écrit :
> On Wednesday 29 July 2015 18:09:36 Diogene Laerce wrote:
>> Hi,
>>
>> I have big issues recently with debian that I don't understand, maybe
>> someone could help on the matter ?
>>
>> First, debian does not want to give me any network. I really say debian
>> because I have 3 possibilities to run the OS : 2 USB sticks and a PC
>> tower, all
>> on wheezy, which worked fine til they do not for no reason.
>>
>> The one USB stick which does boot and run says, when /ifconfig eth0 up/ :
>>
>> eth0: ERROR while getting interface flags: no such device
>>
>> The other stick now even doesn't want to start X (but that I guess is not
>> related, surely USB stick issue).
>>
>> And the tower.. I had to install fedora because it didn't want to mount my
>> home during installation - which was a new 1To disk to format, even after
>> formatted it which gparted. Plus the unavailable network issue of course,
>> also during installation.
>>
>> These network issues only happen with debian as I could install fedora with
>> no issue at all : it took care of my home and found the network without
>> raising
>> any flag.
>>
>> Any idea ?
> Did you do anything to your network device(s)?  New anything?  New card?  
> What happens with a new Debian installation?

Well no, I didn't. Everything was fine and the same until it didn't.

Actually it started with repetitive attempt to connect from a live
cd 7.8 version which froze my internet box (router + TV). But the
repetitive attempt seems to underline the existence of a pre-existing
issue.. I guess.

After that, I was unable to connect from any debian device. Even a
mint live cd couldn't. But parted magic live cd could, fedora could.

I then tried to install 8.1 but it wouldn't either and raise the home issue
with it.

All those happen on the workstation/tower.

>   Did 
> you move anyhting? 

Yes I actually change my home disk to another one, new, 1To Seagate.


>  What is the physical relationship, if any, between the 
> USB sticks and the tower?

I installed all stick OSes with the station which failed first.

I now have access only to one USB stick : 1 does not load X as said before
and I have fedora now on the workstation (tower).

A mysterious comrade who wants to remain anonymous it seems, I will call
him Mr T. :), advised me to look into /etc/udev/rules : eth0 had been
renamed
to eth2 with eth0 bound to the tower MAC address (fedora today) and eth2
bound to another tower MAC address I tried the USB stick on after.

I deleted the first tower line and updated the eth2 definition ->
changing it
to eth0 and now it works.

But it still does not explain why the 7.8 and 8.1 did not, on the first
tower ?
And neither why the Mint live cd did not ? And as I can't reproduce the
issue
now, I may never know.


> What does /etc/network/interfaces say? 
>
> What is the result of 
> #ifconfig -a
> ?

Now the result is normal : http://pastebin.com/DDvQCePg

I did try to get it during the 8.1 installation though, from the shell, but
it seems that the installation shell lacks a lot of tools and I couldn't
get a clear status of what happened there.

So I guess this is it for this issue.


> Why did you write /lspci -n/ when the instruction was lspci -n? Did you
> try it without the fwd slash?

Actually those are italic font markers, I did run the good command.

Thanks to all for the good pointers,

-- 
"œOne original thought is worth a thousand mindless quotings."
"€œLe vrai n'est pas plus sûr que le probable."

  Diogene Laerce





signature.asc
Description: OpenPGP digital signature

Re: eth0 : no such device

[Gene Heskett]

On Friday 31 July 2015 05:58:28 Diogene Laerce wrote:

> Le 30/07/2015 18:35, Lisi Reisz a écrit :
> > On Wednesday 29 July 2015 18:09:36 Diogene Laerce wrote:
> >> Hi,
> >>
> >> I have big issues recently with debian that I don't understand,
> >> maybe someone could help on the matter ?
> >>
> >> First, debian does not want to give me any network. I really say
> >> debian because I have 3 possibilities to run the OS : 2 USB sticks
> >> and a PC tower, all
> >> on wheezy, which worked fine til they do not for no reason.
> >>
> >> The one USB stick which does boot and run says, when /ifconfig eth0
> >> up/ :
> >>
> >> eth0: ERROR while getting interface flags: no such device
> >>
> >> The other stick now even doesn't want to start X (but that I guess
> >> is not related, surely USB stick issue).
> >>
> >> And the tower.. I had to install fedora because it didn't want to
> >> mount my home during installation - which was a new 1To disk to
> >> format, even after formatted it which gparted. Plus the unavailable
> >> network issue of course, also during installation.
> >>
> >> These network issues only happen with debian as I could install
> >> fedora with no issue at all : it took care of my home and found the
> >> network without raising
> >> any flag.
> >>
> >> Any idea ?
> >
> > Did you do anything to your network device(s)?  New anything?  New
> > card?  What happens with a new Debian installation?
>
> Well no, I didn't. Everything was fine and the same until it didn't.
>
> Actually it started with repetitive attempt to connect from a live
> cd 7.8 version which froze my internet box (router + TV). But the
> repetitive attempt seems to underline the existence of a pre-existing
> issue.. I guess.
>
> After that, I was unable to connect from any debian device. Even a
> mint live cd couldn't. But parted magic live cd could, fedora could.
>
> I then tried to install 8.1 but it wouldn't either and raise the home
> issue with it.
>
> All those happen on the workstation/tower.
>
> >   Did
> > you move anyhting?
>
> Yes I actually change my home disk to another one, new, 1To Seagate.
>
> >  What is the physical relationship, if any, between the
> > USB sticks and the tower?
>
> I installed all stick OSes with the station which failed first.
>
> I now have access only to one USB stick : 1 does not load X as said
> before and I have fedora now on the workstation (tower).
>
> A mysterious comrade who wants to remain anonymous it seems, I will
> call him Mr T. :), advised me to look into /etc/udev/rules : eth0 had
> been renamed
> to eth2 with eth0 bound to the tower MAC address (fedora today) and
> eth2 bound to another tower MAC address I tried the USB stick on
> after.
>
> I deleted the first tower line and updated the eth2 definition ->
> changing it
> to eth0 and now it works.
>
> But it still does not explain why the 7.8 and 8.1 did not, on the
> first tower ?
> And neither why the Mint live cd did not ? And as I can't reproduce
> the issue
> now, I may never know.
>
> > What does /etc/network/interfaces say?
> >
> > What is the result of
> > #ifconfig -a
> > ?
>
> Now the result is normal : http://pastebin.com/DDvQCePg
>
> I did try to get it during the 8.1 installation though, from the
> shell, but it seems that the installation shell lacks a lot of tools
> and I couldn't get a clear status of what happened there.
>
> So I guess this is it for this issue.
>
> > Why did you write /lspci -n/ when the instruction was lspci -n? Did
> > you try it without the fwd slash?
>
> Actually those are italic font markers, I did run the good command.
>
> Thanks to all for the good pointers,

If you search your dmesg, you wil probably find that udev, after 
discovering eth0, then quite a bit later, renames it according to the 
connection attempts made during THIS install.

That bit me when I was moving the drive with a linuxcnc install on it 
from machine to machine while looking for a machine capable of doing the 
realtime correctly.  So now, and the ethernet works fine once I had 
excised network-mangler and edited /etc/network/interfaces to tell it to 
use eth5.  Obviously my local network is /etc/host file based, fixed 
addresses for all my machines.

To use my fixed address methods, which are officialy discouraged by the 
list police you will need to edit /etc/resolv.conf after nuking the 
softlink that it is and creating a real file, saying "order hosts,dns" 
on the first line, and the address of the local dns resolver 
as "nameserver" on the next line.  My router runs dd-wrt, so its address 
is used as the nameserver and it then forwards a dns query it doesn't 
know about to the dns servers it gets from my cable modem.  And it all 
Just Works(TM).

I have no clue what genius thought that renameing eth0 was the right 
thing to do, but its damned sure biteing a lot of folks that do not need 
to be so bitten.  This list is not the only one being littered 
with "where's my network" questions.

Cheers, Gene Heskett
-- 

issue with Taskbar in Kde on debian 8.1

[Muhammad Yousuf Khan]

i am using multiple chat clients in office. i am using spark and skype for
official use. however the problem is when ever some one send a message it
does not show the indication color.
so when ever i leave my desk and comeback i leave most of the messages
unread due to this problem. can please some one guide me how to fix that.
it is not just happening with skype but also happening with "Spark chat
client" for our XMPP messenger client.

Thanks,
Yousuf

Re: eth0 : no such device

[Bob Bernstein]

On Fri, 31 Jul 2015, Gene Heskett wrote:

To use my fixed address methods, which are officialy 
discouraged by the list police...


And what, exactly, pray tell, do those august 
personages ("the list police") preach? Something tells 
me that what you jocularly term "my fixed address 
methods" are the exact ones I have been using since lo 
those many aeons ago when I sat down to read a 
hardcopy printout of the ifconfig man page.


you will need to edit /etc/resolv.conf after nuking 
the softlink that it is and creating a real file, 
saying "order hosts,dns" on the first line, and the 
address of the local dns resolver as "nameserver" on 
the next line.


Ditto above. Been doing it that way for aeons. Is 
there a new way? Changing resolv.conf to a softlink 
merits harsh punishment. Where's my PPK?


AND, I am going to have to make sure that my next $100 
Staples refurb box boots one of the *bsd's! This is 
incredible!


--
IMPORTANT: This email is intended for the use of the 
individual addressee(s) named above and may contain 
information that is confidential, privileged or 
unsuitable for overly sensitive persons with low 
self-esteem, no sense of humour or irrational 
metaphysical beliefs.



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: 
https://lists.debian.org/nycvar.QRO.7.75.3.1507310932160.3438@arjgebyy.ybpnyqbznva

Re: eth0 : no such device

[Lisi Reisz]

On Friday 31 July 2015 14:50:18 Bob Bernstein wrote:
> On Fri, 31 Jul 2015, Gene Heskett wrote:
> > To use my fixed address methods, which are officialy
> > discouraged by the list police...
>
> And what, exactly, pray tell, do those august
> personages ("the list police") preach? Something tells
> me that what you jocularly term "my fixed address
> methods" are the exact ones I have been using since lo
> those many aeons ago when I sat down to read a
> hardcopy printout of the ifconfig man page.

I prefer fixed address, almost always use it (I sometimes now achieve static 
IPs by using DHCP and having fixed IP allocation by MAC for some addresses in 
the router) and have never had a problem, nor been aware that I was being 
discouraged...

Just be deaf to discouragement, Gene.  I clearly am.

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201507311500.06589.lisi.re...@gmail.com

Re: Help - 13-year Debian veteran can't install Jessie

[Patrick Bartek]

On Thu, 30 Jul 2015, Brian wrote:

> On Sun 26 Jul 2015 at 21:46:31 -0500, David Bruce wrote:
> 
> > 5. (most troubling) - I posted a couple of days ago that I had
> > trouble with DHCP not working during install, and have had exactly
> > zero follow-ups (although I did receive one very nice off-list email
> > suggestion, which unfortunately did not help).
> 
> Zero follow-ups are not unknown.
> 
> Even when there are 20+ reponses to a mail the OP is quiescent. One
> just assumes there is nothing which helps him so there is nothing to
> respond to.

Or the initial query gets filtered as spam and no one sees it.

B 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150731075529.40040...@debian7.boseck208.net

Can't connect to the internet after "aptitude safe-upgrade"

[tan_ny]

Hi!

I use an ADSL modem to connect to the internet. A few hours ago I ran
"aptitude safe-upgrade" on two  computers with sid installed on them.
As soon as the upgrade finished I lost  my internet connection on both
computers. When I rebooted them and  ran "pon dsl-provider" and
ifconfig, ppp0 did show up. Here are the ifconfig outcomes.

Outcome 1

eth0  Link encap:Ethernet  HWaddr 10:c3:7b:9d:d0:d2  
  inet6 addr: fe80::12c3:7bff:fe9d:d0d2/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:10 errors:0 dropped:0 overruns:0 frame:0
  TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000 
  RX bytes:614 (614.0 B)  TX bytes:4184 (4.0 KiB)

loLink encap:Local Loopback  
  inet addr:127.0.0.1  Mask:255.0.0.0
  inet6 addr: ::1/128 Scope:Host
  UP LOOPBACK RUNNING  MTU:65536  Metric:1
  RX packets:378 errors:0 dropped:0 overruns:0 frame:0
  TX packets:378 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0 
  RX bytes:30580 (29.8 KiB)  TX bytes:30580 (29.8 KiB)

ppp0  Link encap:Point-to-Point Protocol  
  inet addr:219.77.72.189  P-t-P:203.218.189.254 
Mask:255.255.255.255
  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
  RX packets:4 errors:0 dropped:0 overruns:0 frame:0
  TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:3 
  RX bytes:94 (94.0 B)  TX bytes:54 (54.0 B)

Outcome 2

eth0  Link encap:Ethernet  HWaddr 40:61:86:b3:13:66  
  inet6 addr: fe80::4261:86ff:feb3:1366/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:9 errors:0 dropped:0 overruns:0 frame:0
  TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000 
  RX bytes:552 (552.0 B)  TX bytes:3201 (3.1 KiB)

loLink encap:Local Loopback  
  inet addr:127.0.0.1  Mask:255.0.0.0
  inet6 addr: ::1/128 Scope:Host
  UP LOOPBACK RUNNING  MTU:65536  Metric:1
  RX packets:400 errors:0 dropped:0 overruns:0 frame:0
  TX packets:400 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0 
  RX bytes:32160 (31.4 KiB)  TX bytes:32160 (31.4 KiB)

ppp0  Link encap:Point-to-Point Protocol  
  inet addr:219.77.72.186  P-t-P:203.218.189.254 
Mask:255.255.255.255
  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
  RX packets:3 errors:0 dropped:0 overruns:0 frame:0
  TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:3 
  RX bytes:54 (54.0 B)  TX bytes:54 (54.0 B)

/etc/resolv.conf on the computers seemed OK, but I couldn't ping any
website or connect to any website  using Firefox. I tried using
OpenDNS but it didn't help.

On the  computer that I'm using now I didn't run "aptitude
safe-upgrade" and the  internet connection is fine, so the problem
isn't related to my ADSL  modem or my ISP.

Someone suggested that I should run

/etc/init.d/network-manager restart

but it didn't work.

Thanks for any help.

NY

Re: Letsencrypt - Debian?

[Nicolas George]

Le decadi 10 thermidor, an CCXXIII, Christian Seiler a écrit :
> But no other way without using the service of companies with a
> business model that many people don't necessarily want to
> support.

The business model may be more acceptable, but the security model is the
same, and it is utterly broken.

Certificates, signatures and such are there to allow the client to trust the
server. Therefore, choosing the certification authority should be up to the
client.

Right now, the only choice is between trusting a bunch of certification
authorities that do nothing more than checking the DNS ownership and not
having certification at all. That is not a choice, that is a bad joke.

Firefox starts getting it right with public key pinning, but it has too many
limitations. First, Firefox only has hard-coded pinning; users should be
able to manage it, just like ~/.ssk/known_hosts. Second, it will not work on
a large scale as long as sites change their public key more often than their
graphic design.

And most importantly: third, it lacks a protocol to obtain pinning /
certification from third party.

Because that is the only way it should work: when I visit an unknown server,
my client should query the certification authorities I chose, and if enough
of them trust the server, then I consider it trustworthy.

Not only is it the correct way of establishing trust, but it also opens
whole new branches of business. For example, my insurance could run its own
certification authority for a small additional fee, certifying not only
key-DNS mapping but also honesty and good security practices. If one of the
sites that it certifies swindles me or has poor security and gets cracked,
the insurance pays immediately. Nothing like that is possible with the
current model.

Back to "let's encrypt": I usually do not condone behaviours that we call
"politique du pire"¹, but I must observe that, by making the whole system
more acceptable to people who thought of the ugly business model but not of
the absurd trust model, "let's encrypt" will delay the apparition of a
correct system.

(And do not get me started on the absurd payment model, where you have to
give your credit card number to various random sites instead of simply being
redirected to a pre-filled transfer form on your own bank's site. Same
stupid design mistake.)


1: I did not found a proper idiomatic English translation; it means making
things deliberately worse (or refusing easy ways of making them better) in
order to convince people they must change and make things better.


Regards,

-- 
  Nicolas George


signature.asc
Description: Digital signature

Re: eth0 : no such device

[David Wright]

Quoting Diogene Laerce (me_buss...@yahoo.fr):
> Le 30/07/2015 18:35, Lisi Reisz a écrit :
> > On Wednesday 29 July 2015 18:09:36 Diogene Laerce wrote:
> >> Hi,
> >>
> >> I have big issues recently with debian that I don't understand, maybe
> >> someone could help on the matter ?
> >>
> >> First, debian does not want to give me any network. I really say debian
> >> because I have 3 possibilities to run the OS : 2 USB sticks and a PC
> >> tower, all
> >> on wheezy, which worked fine til they do not for no reason.
> >>
> >> The one USB stick which does boot and run says, when /ifconfig eth0 up/ :
> >>
> >> eth0: ERROR while getting interface flags: no such device
> >>
> >> The other stick now even doesn't want to start X (but that I guess is not
> >> related, surely USB stick issue).
> >>
> >> And the tower.. I had to install fedora because it didn't want to mount my
> >> home during installation - which was a new 1To disk to format, even after
> >> formatted it which gparted. Plus the unavailable network issue of course,
> >> also during installation.
> >>
> >> These network issues only happen with debian as I could install fedora with
> >> no issue at all : it took care of my home and found the network without
> >> raising
> >> any flag.
> >>
> >> Any idea ?
> > Did you do anything to your network device(s)?  New anything?  New card?  
> > What happens with a new Debian installation?
> 
> Well no, I didn't. Everything was fine and the same until it didn't.
> 
> Actually it started with repetitive attempt to connect from a live
> cd 7.8 version which froze my internet box (router + TV). But the
> repetitive attempt seems to underline the existence of a pre-existing
> issue.. I guess.
> 
> After that, I was unable to connect from any debian device. Even a
> mint live cd couldn't. But parted magic live cd could, fedora could.
> 
> I then tried to install 8.1 but it wouldn't either and raise the home issue
> with it.
> 
> All those happen on the workstation/tower.
> 
> >   Did 
> > you move anyhting? 
> 
> Yes I actually change my home disk to another one, new, 1To Seagate.
> 
> 
> >  What is the physical relationship, if any, between the 
> > USB sticks and the tower?
> 
> I installed all stick OSes with the station which failed first.
> 
> I now have access only to one USB stick : 1 does not load X as said before
> and I have fedora now on the workstation (tower).
> 
> A mysterious comrade who wants to remain anonymous it seems, I will call
> him Mr T. :), advised me to look into /etc/udev/rules : eth0 had been
> renamed
> to eth2 with eth0 bound to the tower MAC address (fedora today) and eth2
> bound to another tower MAC address I tried the USB stick on after.
> 
> I deleted the first tower line and updated the eth2 definition ->
> changing it
> to eth0 and now it works.
> 
> But it still does not explain why the 7.8 and 8.1 did not, on the first
> tower ?
> And neither why the Mint live cd did not ? And as I can't reproduce the
> issue
> now, I may never know.

I was reluctant to make any comment on your first post because, at the
end of it, I wasn't sure how many computers you were using and what
was and wasn't running on them.

Having in the past played fast and loose with switching hard drives,
NICs and kernels between computers (no USB sticks back then), I
remember the problems with the kernel's random naming of multiple
identical NICs (the university naturally bought hundreds of them),
and the usefulness of udev when it arrived. But the persistence of
/etc/udev/rules.d/ comes at a price. I think there's work in progress
but it's probably quite hard to keep things in sync between different
distributions/versions etc.

> > What does /etc/network/interfaces say? 
> >
> > What is the result of 
> > #ifconfig -a
> > ?
> 
> Now the result is normal : http://pastebin.com/DDvQCePg
> 
> I did try to get it during the 8.1 installation though, from the shell, but
> it seems that the installation shell lacks a lot of tools and I couldn't
> get a clear status of what happened there.

ifconfig is considered outdated, so installers use ip. You don't even
have to be root to find ip in your path. Yes, ifconfig's indentation
is prettier when you just want a quick summary, but ip is more
flexible and the output is much easier /to parse/. Emphasis directed
at Lisi :)

> So I guess this is it for this issue.

One small thing: your concealed MAC address is fully revealed in the
ipv6 link address. If you obscure just the 2nd half of the MAC (and
its corresponding part of the ipv6), we can then still read the
manufacturer's part without your revealing then full MAC.

Glad it's all working now.

Cheers,
David.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150731155545.GA8779@alum

Re: eth0 : no such device

[Lisi Reisz]

On Friday 31 July 2015 16:55:45 David Wright wrote:
> Yes, ifconfig's indentation
> is prettier when you just want a quick summary, but ip is more
> flexible and the output is much easier /to parse/. Emphasis directed
> at Lisi :)

:-)  I wanted to be able to read it - and the OP had said that he had Wheezy, 
so I knew that he had ifconfig.  If you remember, I got in trouble the other 
day for saying that the command is "ip". ;-)

I just wanted to be able compare what he had as ip in /e/n/i and what ifconfig 
said, to see if they tallied.  Or to suggest it to the OP. ;-)  So a "pretty" 
quick summary was ideal.

And no, ip is not easier to parse.  It may be for you, and even for most 
people - but I find it so difficult to read that it is hard to get anything 
out of it.  (And I do mean read - physically read).  But ip clearly gives 
more information - _if_ you can read it. ;-)

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201507311737.36420.lisi.re...@gmail.com

Re: eth0 : no such device

[The Wanderer]

On 07/31/2015 at 12:37 PM, Lisi Reisz wrote:

> And no, ip is not easier to parse.  It may be for you, and even for
> most people - but I find it so difficult to read that it is hard to
> get anything out of it.  (And I do mean read - physically read).  But
> ip clearly gives more information - _if_ you can read it. ;-)

I usually interpret "parse" in this sort of context to refer to machine
parsing, not reading by humans - i.e., ease of parsing refers to how
comparatively easy it is to write a program to look at the output and
extract exactly the piece of information you want without any extraneous
bits. "easier to parse" does _not_ mean the same thing as "easier to
read".

I'm not familiar with the use of 'ip' (it took me half-a-dozen tries and
several references to the man page to figure out how to get it to
produce any potentially useful output, rather than just its usage
message or an error message), but at a glance, I can see some merit to
the claim that the output of 'ip address' is more readily parseable by
e.g. a shell script than is the output of 'ifconfig'.

To human eyes, however, at a glance the output of 'ip address' is
significantly less readable than that of 'ifconfig' - which is saying
something. I certainly would not want to have to use 'ip' to the
exclusion of 'ifconfig', if this sort of output is the best that it
provides.

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: eth0 : no such device

[Lisi Reisz]

On Friday 31 July 2015 18:15:14 The Wanderer wrote:
> I usually interpret "parse" in this sort of context to refer to machine
> parsing, not reading by humans

Ah!  I'll certainly accept that.  I took it to mean:
1. (linguistics) To resolve into its elements, as a sentence, pointing out the 
several parts of speech, and their relation to each other by government or 
agreement; to analyze and describe grammatically.

I.e. to deconstruct and understand.

I didn't know the meaning:
2.(computing) To split a file or other input into pieces of data that can be 
easily stored or manipulated.

https://en.wiktionary.org/wiki/parse

So you have taught me something, and I wouldn't argue about that!

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201507311904.02201.lisi.re...@gmail.com

Re: Can't connect to the internet after "aptitude safe-upgrade"

[Cindy-Sue Causey]

On 7/31/15, tan...@hushmail.com  wrote:
> Hi!
>
> I use an ADSL modem to connect to the internet. A few hours ago I ran
> "aptitude safe-upgrade" on two  computers with sid installed on them.
> As soon as the upgrade finished I lost  my internet connection on both
> computers. When I rebooted them and  ran "pon dsl-provider" and
> ifconfig, ppp0 did show up. Here are the ifconfig outcomes.
>
< snipped for brevity >
>
> /etc/resolv.conf on the computers seemed OK, but I couldn't ping any
> website or connect to any website  using Firefox. I tried using
> OpenDNS but it didn't help.
>
> On the  computer that I'm using now I didn't run "aptitude
> safe-upgrade" and the  internet connection is fine, so the problem
> isn't related to my ADSL  modem or my ISP.
>
> Someone suggested that I should run
>
> /etc/init.d/network-manager restart
>
> but it didn't work.



Hi.. I'm a fish out of water (inexperienced) on this topic but am
writing with a thought while you're waiting for someone WITH
experience to write. If if I was mucking around this in your same
Shoes, one step I'd surely try is to see if specifically related
software packages didn't make the upgrade but do have upgrades that
are needed.

As an example of where *MY brain* would take me, I'm on dialup. For
starters, I'd be looking at pppd, pon, and wvdial if I lost my
connections in a similar way. My thought process would be that maybe
those didn't get touched on during a "safe-upgrade" where they might
have upgraded otherwise. Maybe something else WAS upgraded that
directly affects how not yet upgraded packages work.

Or not. :)

You know what a SUPER HANDY tip I picked up from this list last
year (k/t Bob!) and that is a PERMANENT TOP FIVE of mine is
"apt-show-versions".

That's the package name. The actual command I use AT LEAST couple
times a week is:

$ apt-get update
$ apt-show-versions -u

That "-u" presents you with a list of only those packages currently in
need of upgrades. Maybe by running something like "apt-show-versions"
or similar if you find it, you might see appropriate package names
leaping off your screen?

Or not, grin.

Just thinking out loud.. Good luck!

Cindy :)


-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* wrangles ~50' fallen Hickory trees with her 16" electric chainsaw *


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAO1P-kBiLJj8vjK0qNSf6cULXuT36Q=e9=0+A5d1tc=alnq...@mail.gmail.com

Re: eth0 : no such device

[David Wright]

Quoting Lisi Reisz (lisi.re...@gmail.com):
> On Friday 31 July 2015 18:15:14 The Wanderer wrote:
> > I usually interpret "parse" in this sort of context to refer to machine
> > parsing, not reading by humans
> 
> Ah!  I'll certainly accept that.  I took it to mean:
> 1. (linguistics) To resolve into its elements, as a sentence, pointing out 
> the 
> several parts of speech, and their relation to each other by government or 
> agreement; to analyze and describe grammatically.
> 
> I.e. to deconstruct and understand.
> 
> I didn't know the meaning:
> 2.(computing) To split a file or other input into pieces of data that can be 
> easily stored or manipulated.
> 
> https://en.wiktionary.org/wiki/parse
> 
> So you have taught me something, and I wouldn't argue about that!

My apologies for causing confusion. The original exchange that I was
referring back to with my emphasis was indeed the "ip address" thread.
I ought to have added two words to my comment (in brackets):

> ifconfig output is much easier to look at.

But much harder to parse. And ip's -o switch makes it even easier
[to parse] because each item is all on one line.

I still think it's fairly obvious that I *was* contrasting reading
(ie looking at) and something else (using the results in a script,
parsing). That's why I wrote "But...".

Still harking back to that thread, I made my original comment there
because I didn't think that the OP's posting (flagged "solved")
answered the question satisfactorily, viz.

Q: What command will tell me what ip address it is using?
A: The problem was that ifconfig is in sbin not bin.

Your answer, ip addr, was much better and ought IMHO to have been
quoted and flagged. Ironically, your suggestion yesterday (ifconfig)
was not so potentially useful for a different reason (ifconfig might
not be there), but of course you didn't have the context.

There's nowt wrong with ifconfig but a lot of people don't seem to
even know about ip. BTW it might be worth pointing out that the
examples of its use are all in the man pages listed at the bottom of
man ip. It keeps   man ip   smaller but unfortunately means you can't
use bash-completion on such as   man ip-neighbour. What a contrast to
ip itself, eg, "ip n"!

Cheers,
David.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150731185940.GA12786@alum

Re: eth0 : no such device

[Gene Heskett]

On Friday 31 July 2015 09:50:18 Bob Bernstein wrote:

> On Fri, 31 Jul 2015, Gene Heskett wrote:
> > To use my fixed address methods, which are officialy
> > discouraged by the list police...
>
> And what, exactly, pray tell, do those august
> personages ("the list police") preach? 

They have been drinking the koolaid and saying the network-mangler can 
handle it.

The number of times it HAS handled it for me has not used up the fingers 
on one hand yet.  And I've been using linux since 1998.

> Something tells 
> me that what you jocularly term "my fixed address
> methods" are the exact ones I have been using since lo
> those many aeons ago when I sat down to read a
> hardcopy printout of the ifconfig man page.
>
> > you will need to edit /etc/resolv.conf after nuking
> > the softlink that it is and creating a real file,
> > saying "order hosts,dns" on the first line, and the
> > address of the local dns resolver as "nameserver" on
> > the next line.
>
> Ditto above. Been doing it that way for aeons. Is
> there a new way? Changing resolv.conf to a softlink
> merits harsh punishment. Where's my PPK?
>
> AND, I am going to have to make sure that my next $100
> Staples refurb box boots one of the *bsd's! This is
> incredible!
>
> --
> IMPORTANT: This email is intended for the use of the
> individual addressee(s) named above and may contain
> information that is confidential, privileged or
> unsuitable for overly sensitive persons with low
> self-esteem, no sense of humour or irrational
> metaphysical beliefs.


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201507311500.27299.ghesk...@wdtv.com

Re: eth0 : no such device

[Gene Heskett]

On Friday 31 July 2015 10:00:06 Lisi Reisz wrote:

> On Friday 31 July 2015 14:50:18 Bob Bernstein wrote:
> > On Fri, 31 Jul 2015, Gene Heskett wrote:
> > > To use my fixed address methods, which are officialy
> > > discouraged by the list police...
> >
> > And what, exactly, pray tell, do those august
> > personages ("the list police") preach? Something tells
> > me that what you jocularly term "my fixed address
> > methods" are the exact ones I have been using since lo
> > those many aeons ago when I sat down to read a
> > hardcopy printout of the ifconfig man page.
>
> I prefer fixed address, almost always use it (I sometimes now achieve
> static IPs by using DHCP and having fixed IP allocation by MAC for
> some addresses in the router) and have never had a problem, nor been
> aware that I was being discouraged...
>
> Just be deaf to discouragement, Gene.  I clearly am.
>
> Lisi

Gotta play the Sid Dabster part to the end, both of us. ;-)


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201507311501.38857.ghesk...@wdtv.com

Re: Can't connect to the internet after "aptitude safe-upgrade"

[Gene Heskett]

On Friday 31 July 2015 10:54:31 tan...@hushmail.com wrote:

> Hi!
>
> I use an ADSL modem to connect to the internet. A few hours ago I ran
> "aptitude safe-upgrade" on two  computers with sid installed on them.
> As soon as the upgrade finished I lost  my internet connection on both
> computers. When I rebooted them and  ran "pon dsl-provider" and
> ifconfig, ppp0 did show up. Here are the ifconfig outcomes.
>
> Outcome 1
>
> eth0  Link encap:Ethernet  HWaddr 10:c3:7b:9d:d0:d2
>   inet6 addr: fe80::12c3:7bff:fe9d:d0d2/64 Scope:Link
>   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>   RX packets:10 errors:0 dropped:0 overruns:0 frame:0
>   TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
>   collisions:0 txqueuelen:1000
>   RX bytes:614 (614.0 B)  TX bytes:4184 (4.0 KiB)
>
> loLink encap:Local Loopback
>   inet addr:127.0.0.1  Mask:255.0.0.0
>   inet6 addr: ::1/128 Scope:Host
>   UP LOOPBACK RUNNING  MTU:65536  Metric:1
>   RX packets:378 errors:0 dropped:0 overruns:0 frame:0
>   TX packets:378 errors:0 dropped:0 overruns:0 carrier:0
>   collisions:0 txqueuelen:0
>   RX bytes:30580 (29.8 KiB)  TX bytes:30580 (29.8 KiB)
>
> ppp0  Link encap:Point-to-Point Protocol
>   inet addr:219.77.72.189  P-t-P:203.218.189.254
> Mask:255.255.255.255
>   UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
>   RX packets:4 errors:0 dropped:0 overruns:0 frame:0
>   TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
>   collisions:0 txqueuelen:3
>   RX bytes:94 (94.0 B)  TX bytes:54 (54.0 B)
>
> Outcome 2
>
> eth0  Link encap:Ethernet  HWaddr 40:61:86:b3:13:66
>   inet6 addr: fe80::4261:86ff:feb3:1366/64 Scope:Link
>   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>   RX packets:9 errors:0 dropped:0 overruns:0 frame:0
>   TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
>   collisions:0 txqueuelen:1000
>   RX bytes:552 (552.0 B)  TX bytes:3201 (3.1 KiB)
>
> loLink encap:Local Loopback
>   inet addr:127.0.0.1  Mask:255.0.0.0
>   inet6 addr: ::1/128 Scope:Host
>   UP LOOPBACK RUNNING  MTU:65536  Metric:1
>   RX packets:400 errors:0 dropped:0 overruns:0 frame:0
>   TX packets:400 errors:0 dropped:0 overruns:0 carrier:0
>   collisions:0 txqueuelen:0
>   RX bytes:32160 (31.4 KiB)  TX bytes:32160 (31.4 KiB)
>
> ppp0  Link encap:Point-to-Point Protocol
>   inet addr:219.77.72.186  P-t-P:203.218.189.254
> Mask:255.255.255.255
>   UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
>   RX packets:3 errors:0 dropped:0 overruns:0 frame:0
>   TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
>   collisions:0 txqueuelen:3
>   RX bytes:54 (54.0 B)  TX bytes:54 (54.0 B)
>
> /etc/resolv.conf on the computers seemed OK, but I couldn't ping any
> website or connect to any website  using Firefox. I tried using
> OpenDNS but it didn't help.
>
> On the  computer that I'm using now I didn't run "aptitude
> safe-upgrade" and the  internet connection is fine, so the problem
> isn't related to my ADSL  modem or my ISP.
>
> Someone suggested that I should run
>
> /etc/init.d/network-manager restart
>
> but it didn't work.
>
> Thanks for any help.
>
> NY
It appears that someone is trying to enforce IPV6 addressing only.  Where 
I'm at, thats plain stupid since the nearest IPV6 capable circuit is 
more than likely in Pitsburgh, 3+ interstate 79 hours north of me.

Theres an option someplace in one of the (NetworkMangler?) configs to 
disable that, but I don't have my hands on that doc ATM.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201507311506.44596.ghesk...@wdtv.com

Re: eth0 : no such device

[Lisi Reisz]

On Friday 31 July 2015 19:59:40 David Wright wrote:
> Ironically, your suggestion yesterday (ifconfig)
> was not so potentially useful for a different reason (ifconfig might
> not be there), but of course you didn't have the context.

I was suggesting it in a very specific context, and did know that it was 
there - or I wouldn't have suggested it.  It is still available otb in 
Wheezy.

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201507312026.58880.lisi.re...@gmail.com

Re: VLAN config on Jessie

[Andrew Wood]

On 30/07/15 22:34, Matt Ventura wrote:

Could you post the DHCPD config?


default-lease-time 7200; #2 hours
max-lease-time 7200;
option web-proxy code 252 = text;


#Subnet 192.168.10.d our private network
#As a convention we're using  d values 1 to 199 for DHCP (192.168.10.1 
etc), 200

 and above for static
subnet 192.168.10.0 netmask 255.255.255.0{
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.10.255;
option routers 192.168.10.254;
range 192.168.10.1 192.168.10.199;
option domain-name-servers 192.168.10.254;
#option web-proxy "http://192.168.10.254/wpad.dat\000";;
option domain-name "commsmuseum.local";
#option ntp-servers 192.168.10.200;
}

#Subnet 192.168.100.0 the public (wifi) network
subnet 192.168.100.0 netmask 255.255.255.0{
option subnet-mask 255.255.255.0;
option routers 192.168.100.254;
range 192.168.100.1 192.168.100.253;
option domain-name-servers 192.168.100.254;
#option web-proxy "http://192.168.100.254/wpad.dat\000";;
option domain-name "commsmuseumpublic.local";

on release {
set clip = binary-to-ascii(10, 8, ".", leased-address);
set clhw = binary-to-ascii(16, 8, ":", substring(hardware, 1, 6));
execute("/var/publicwifisessions/clearsession.sh", clip);
execute("/var/publicwifisessions/logdhcp.sh", clip, clhw, "released");

}
on expiry {
set clip = binary-to-ascii(10, 8, ".", leased-address);
set clhw = binary-to-ascii(16, 8, ":", substring(hardware, 1, 6));
execute("/var/publicwifisessions/clearsession.sh", clip);
execute("/var/publicwifisessions/logdhcp.sh", clip, clhw, "released");

}
on commit {
set clip = binary-to-ascii(10, 8, ".", leased-address);
set clhw = binary-to-ascii(16, 8, ":", substring(hardware, 1, 6));
execute("/var/publicwifisessions/clearsession.sh", clip);
execute("/var/publicwifisessions/logdhcp.sh", clip, clhw, "assigned");
}

}


class "MSFT" {
  match if substring(option vendor-class-identifier, 0, 4) = "MSFT";
  # Send PAC file to Windows clients
  # They put 252 on the DHCPINFORM's, but not on the DHCPREQUEST's
  # PRL.  So we over-ride the PRL to include 252 = 0xFC, which will
  # send the option at DHCPDISCOVER/DHCPREQUEST time, and wil also
  # suppress the DHCPINFORMS!  They seem to cache it.
  option dhcp-parameter-request-list = concat(option
dhcp-parameter-request-list, fc);
}


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/55bbcf44.7040...@perpetualmotion.co.uk

Re: eth0 : no such device

[Diogene Laerce]

Le 31/07/2015 17:55, David Wright a écrit :
> Quoting Diogene Laerce (me_buss...@yahoo.fr):
...
> I was reluctant to make any comment on your first post because, at the
> end of it, I wasn't sure how many computers you were using and what
> was and wasn't running on them.
>
> Having in the past played fast and loose with switching hard drives,
> NICs and kernels between computers (no USB sticks back then), I
> remember the problems with the kernel's random naming of multiple
> identical NICs (the university naturally bought hundreds of them),
> and the usefulness of udev when it arrived. But the persistence of
> /etc/udev/rules.d/ comes at a price. I think there's work in progress
> but it's probably quite hard to keep things in sync between different
> distributions/versions etc.

I didn't test it yet but a little ifdown script deleting the faulty line
should
solve this, no ?


> One small thing: your concealed MAC address is fully revealed in the
> ipv6 link address. If you obscure just the 2nd half of the MAC (and
> its corresponding part of the ipv6), we can then still read the
> manufacturer's part without your revealing then full MAC.

Yeah.. My ass was kind of itching while I posted but I didn't get why
at the moment. ;)


> Glad it's all working now.

Thanks ! /
-- 
“One original thought is worth a thousand mindless quotings.”
“Le vrai n'est pas plus sûr que le probable.”

  Diogene Laerce/



signature.asc
Description: OpenPGP digital signature

Re: eth0 : no such device

[Marc Aurele]

Le 31/07/2015 21:26, Lisi Reisz a écrit :
> On Friday 31 July 2015 19:59:40 David Wright wrote:
>> Ironically, your suggestion yesterday (ifconfig)
>> was not so potentially useful for a different reason (ifconfig might
>> not be there), but of course you didn't have the context.
> I was suggesting it in a very specific context, and did know that it was 
> there - or I wouldn't have suggested it.  It is still available otb in 
> Wheezy.

I do confirm, it was. :)

Best regards,
/--
“One original thought is worth a thousand mindless quotings.”
“Le vrai n'est pas plus sûr que le probable.”

  Diogene Laerce/


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/55bbd99c.2040...@yahoo.fr

Re: Letsencrypt - Debian?

[Christian Seiler]

On 07/31/2015 05:31 PM, Nicolas George wrote:
> Le decadi 10 thermidor, an CCXXIII, Christian Seiler a écrit :
>> But no other way without using the service of companies with a
>> business model that many people don't necessarily want to
>> support.
> 
> The business model may be more acceptable, but the security model is the
> same, and it is utterly broken.
> 
> [Long explanation of why the CA trust model is broken and
> what kind of trust model you'd prefer.]

I completely agree with your explanations about why the current
model is broken, and am very intrigued by the suggestions you
have to fix it.

What I disagree with, however, is the following:

> Back to "let's encrypt": I usually do not condone behaviours that we call
> "politique du pire"¹, but I must observe that, by making the whole system
> more acceptable to people who thought of the ugly business model but not of
> the absurd trust model, "let's encrypt" will delay the apparition of a
> correct system.

No, it won't, I think you are deluding yourself here. We've had
years of website owners having to pay a TON of money to get
certificates that would be accepted in browsers, with other
people using self-signed certificates and users often accepting
them anyway (because they want to access the site) - and the
proper system has NOT developed, even though many people may
have had a large incentive to actually change it (because they
were continuously paying a lot of money for an essentially
ineffective service). So it has been really, really bad for a
long time, and it hasn't improved at all.

Look at it this way:


Current situation:
  - many sites don't offer any encryption at all, and at least
one reason for that is because it's hard to properly set
up TLS certificates (even if you'd be willing to pay the
money required)
  - many legitimate sites operate with invalid (e.g. expired)
certificates or even self-signed certificates. Most users
simply ignore any warnings browsers give
  - certificate replacement is fraught with errors currently,
causing this
  - therefore, if you want to do MITM currently, you are very,
very likely to get away with just using a self-signed
certificate and many users will simply ignore the warnings
their browser gives them. Sure, people such as myself will
not fall for that, but far too many will

Situation after something like Let's Encrypt:
  - properly setting up certificates, dealing with renewal etc.
will be _easy_, you set it up once and an automated system
will do it for you
  - there will be no excuse anymore to operate with
self-signed and/or invalid (expired) certificates
  - it will become reasonable for programs to simply start
rejecting invalid and/or self-signed certs (without the
possibility to override that as is currently possible, or
at least making it a *LOT* harder[1])
(not saying that's going to happen, but I would really
welcome this)
  - if you want to do MITM with TLS, you will actually have to
somehow get a valid certificate by a CA - which is
definitely possible, as has been shown in the past, but
still much more difficult than to simply set up something
with a self-signed certificate. So yes, while it will not
prevent ALL attackers (especially not governments), it
WILL prevent a lot of attackers that might collect
low-hanging fruit

So yes, "Let's Encrypt" will not solve the CA security model
at all - but it will improve upon the current situation quite
a bit, because the current situation is just completely
horrible. With "Let's Encrypt" it will still be horrible, but
not completely so anymore.

Also, I think that if "Let's Encrypt" shows that gradual
innovations when it comes to the CA model are possible, this
will give a boost to other measures that try to change the
current model into something that actually works. Therefore,
I think the opposite of what you're claiming is true: "Let's
Encrypt" will _help_ in reforming the CA system by providing
a first step of marginally improving it. It won't be a huge
step that fixes everything, but it will show that change IS
indeed possible (remember: for around 20 years nothing REALLY
changed in that regard at all!) - and because it's going to
be gratis, it will severely disrupt the business model of
existing CAs - to the point where they will be looking for
slightly different business models, such as the one you are
describing here - thus in fact bringing about the necessary
incentive structure for change.

Of course, that's just my personal opinion, and the future
will tell if my prediction comes true.

Christian

[1] Even the current Firefox/Iceweasel versions make it too
easy to override that in my eyes.



signature.asc
Description: OpenPGP digital signature

Re: Help - 13-year Debian veteran can't install Jessie

[pjw]

As I recall, if expert install is selected from the initial screen, the option 
of using non-free will eventually be presented, which would likely provide the 
missing firmware.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/1438387392.437605.344778689.69980...@webmail.messagingengine.com

Re: Suspend-sedation Problem

[John Hasler]

Gave up and kludged together a workaround.  rtcwake will not return
"alarm: off" when run from a systemd service though it will when run
from a login shell.  The "File exists" message is evidently a red
herring.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/873803euq0@thumper.dhh.gt.org

Re: kde fully broken in debian/testing

[Arp Laht]

I can confirm, unfortunately. :(

Attempted an upgrade today (01.08) a bit past midnight.
Was warned about "plasma-desktop" conflicting "kde-workspace-bin",
"kde-workspace-data" and some 7 other packages.
Chose to proceed. Uninstalled them. Results aren't neat.
If you depend on your system to do accomplish work,
do NOT upgrade at the moment!

Details:
- networkmanager working, fortunately, connectivity not lost
- most non-KDE apps working (iceweasel, pidgin, gimp, etc)
unless you want to resize their windows (no obvious way to do it)

- all desktop items gone (was using folder view)
- no obvious way of switching back to folder view

- windows cannot be reized by dragging
- no obvious alternative way to resize windows

- K menu switched over from classing to new version
- no obvious way of switching back

- Dolphin working very strangely, most options inaccessible

Very fortunately I do all of my actual work (except 3D design)
in VirtualBox VMs, and VirtualBox works without any changes.
I can thus ignore that my KDE "stumbled and fell",
but I must caution others, plz be careful!

Best regards,
Arp.


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/55bc0acc.5030...@mail.ee

Re: eth0 : no such device

[David Wright]

Quoting Lisi Reisz (lisi.re...@gmail.com):
> On Friday 31 July 2015 19:59:40 David Wright wrote:
> > Ironically, your suggestion yesterday (ifconfig)
> > was not so potentially useful for a different reason (ifconfig might
> > not be there), but of course you didn't have the context.
> 
> I was suggesting it in a very specific context, and did know that it was 
> there - or I wouldn't have suggested it.  It is still available otb in 
> Wheezy.

That's why I wrote "not so *potentially* useful". I'm not clear what
the "*very* specific context" was, but your reply was to a post that
included the lines:

> And the tower.. I had to install fedora because it didn't want to mount my
> home during installation - which was a new 1To disk to format, even after
> formatted it which gparted. Plus the unavailable network issue of course,
> also during installation.

In the context of installation, ifconfig is not available and
hasn't been at least since squeeze, whereas ip (a cut down version)
is in busybox.

Cheers,
David.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150801014840.GA18733@alum

Re: Can't connect to the internet after "aptitude safe-upgrade"

[tan_ny]

>>
>> Outcome 1
>>
>> eth0  Link encap:Ethernet  HWaddr 10:c3:7b:9d:d0:d2
>>   inet6 addr: fe80::12c3:7bff:fe9d:d0d2/64 Scope:Link
>>   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>>   RX packets:10 errors:0 dropped:0 overruns:0 frame:0
>>   TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
>>   collisions:0 txqueuelen:1000
>>   RX bytes:614 (614.0 B)  TX bytes:4184 (4.0 KiB)
>>
>> loLink encap:Local Loopback
>>   inet addr:127.0.0.1  Mask:255.0.0.0
>>   inet6 addr: ::1/128 Scope:Host
>>   UP LOOPBACK RUNNING  MTU:65536  Metric:1
>>   RX packets:378 errors:0 dropped:0 overruns:0 frame:0
>>   TX packets:378 errors:0 dropped:0 overruns:0 carrier:0
>>   collisions:0 txqueuelen:0
>>   RX bytes:30580 (29.8 KiB)  TX bytes:30580 (29.8 KiB)
>>
>> ppp0  Link encap:Point-to-Point Protocol
>>   inet addr:219.77.72.189  P-t-P:203.218.189.254
>> Mask:255.255.255.255
>>   UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
>>   RX packets:4 errors:0 dropped:0 overruns:0 frame:0
>>   TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
>>   collisions:0 txqueuelen:3
>>   RX bytes:94 (94.0 B)  TX bytes:54 (54.0 B)
>>
>> 
>>
>> NY

>It appears that someone is trying to enforce IPV6 addressing only.  Where 
>I'm at, thats plain stupid since the nearest IPV6 capable circuit is 
>more than likely in Pitsburgh, 3+ interstate 79 hours north of me.

>Theres an option someplace in one of the (NetworkMangler?) configs to 
>disable that, but I don't have my hands on that doc ATM.

>Cheers, Gene Heskett
-- 

Outcome 1 above was what I got by running "pon dsl-provider" and ifconfig. I 
disabled IPV6 (Is that what you meant?) using the kernel boot option 
ipv6.disable=1. It didn't help.

Now instead of outcome 1 I have

eth0  Link encap:Ethernet  HWaddr 10:c3:7b:9d:d0:d2  
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:61 errors:0 dropped:0 overruns:0 frame:0
  TX packets:32 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000 
  RX bytes:5301 (5.1 KiB)  TX bytes:1162 (1.1 KiB)

loLink encap:Local Loopback  
  inet addr:127.0.0.1  Mask:255.0.0.0
  UP LOOPBACK RUNNING  MTU:65536  Metric:1
  RX packets:714 errors:0 dropped:0 overruns:0 frame:0
  TX packets:714 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0 
  RX bytes:57796 (56.4 KiB)  TX bytes:57796 (56.4 KiB)

ppp0  Link encap:Point-to-Point Protocol  
  inet addr:218.102.185.241  P-t-P:203.218.189.254  Mask:255.255.255.255
  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
  RX packets:17 errors:0 dropped:0 overruns:0 frame:0
  TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:3 
  RX bytes:1797 (1.7 KiB)  TX bytes:54 (54.0 B)

BTW I forgot to mention that I had rerun pppoeconf to set up the connection, 
which didn't help either.

Thanks!

NY


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150801033937.929d123...@smtp.hushmail.com

Re: Can't connect to the internet after "aptitude safe-upgrade"

[Gene Heskett]

On Friday 31 July 2015 23:39:37 tan...@hushmail.com wrote:

> >> Outcome 1
> >>
> >> eth0  Link encap:Ethernet  HWaddr 10:c3:7b:9d:d0:d2
> >>   inet6 addr: fe80::12c3:7bff:fe9d:d0d2/64 Scope:Link
> >>   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >>   RX packets:10 errors:0 dropped:0 overruns:0 frame:0
> >>   TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
> >>   collisions:0 txqueuelen:1000
> >>   RX bytes:614 (614.0 B)  TX bytes:4184 (4.0 KiB)
> >>
> >> loLink encap:Local Loopback
> >>   inet addr:127.0.0.1  Mask:255.0.0.0
> >>   inet6 addr: ::1/128 Scope:Host
> >>   UP LOOPBACK RUNNING  MTU:65536  Metric:1
> >>   RX packets:378 errors:0 dropped:0 overruns:0 frame:0
> >>   TX packets:378 errors:0 dropped:0 overruns:0 carrier:0
> >>   collisions:0 txqueuelen:0
> >>   RX bytes:30580 (29.8 KiB)  TX bytes:30580 (29.8 KiB)
> >>
> >> ppp0  Link encap:Point-to-Point Protocol
> >>   inet addr:219.77.72.189  P-t-P:203.218.189.254
> >> Mask:255.255.255.255
> >>   UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492 
> >> Metric:1 RX packets:4 errors:0 dropped:0 overruns:0 frame:0 TX
> >> packets:3 errors:0 dropped:0 overruns:0 carrier:0 collisions:0
> >> txqueuelen:3
> >>   RX bytes:94 (94.0 B)  TX bytes:54 (54.0 B)
> >>
> >>
> >>
> >> NY
> >
> >It appears that someone is trying to enforce IPV6 addressing only. 
> > Where I'm at, thats plain stupid since the nearest IPV6 capable
> > circuit is more than likely in Pitsburgh, 3+ interstate 79 hours
> > north of me.
> >
> >Theres an option someplace in one of the (NetworkMangler?) configs to
> >disable that, but I don't have my hands on that doc ATM.
> >
> >Cheers, Gene Heskett
>
> --
>
> Outcome 1 above was what I got by running "pon dsl-provider" and
> ifconfig. I disabled IPV6 (Is that what you meant?) using the kernel
> boot option ipv6.disable=1. It didn't help.
>
> Now instead of outcome 1 I have
>
> eth0  Link encap:Ethernet  HWaddr 10:c3:7b:9d:d0:d2
>   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>   RX packets:61 errors:0 dropped:0 overruns:0 frame:0
>   TX packets:32 errors:0 dropped:0 overruns:0 carrier:0
>   collisions:0 txqueuelen:1000
>   RX bytes:5301 (5.1 KiB)  TX bytes:1162 (1.1 KiB)
>
> loLink encap:Local Loopback
>   inet addr:127.0.0.1  Mask:255.0.0.0
>   UP LOOPBACK RUNNING  MTU:65536  Metric:1
>   RX packets:714 errors:0 dropped:0 overruns:0 frame:0
>   TX packets:714 errors:0 dropped:0 overruns:0 carrier:0
>   collisions:0 txqueuelen:0
>   RX bytes:57796 (56.4 KiB)  TX bytes:57796 (56.4 KiB)
>
> ppp0  Link encap:Point-to-Point Protocol
>   inet addr:218.102.185.241  P-t-P:203.218.189.254 
> Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492 
> Metric:1 RX packets:17 errors:0 dropped:0 overruns:0 frame:0 TX
> packets:3 errors:0 dropped:0 overruns:0 carrier:0 collisions:0
> txqueuelen:3
>   RX bytes:1797 (1.7 KiB)  TX bytes:54 (54.0 B)
>
> BTW I forgot to mention that I had rerun pppoeconf to set up the
> connection, which didn't help either.
>
> Thanks!
>
> NY

The only place you are getting an IPV4 address is ppp0.  And to get that 
you are running pppoeconf.  Are you equipt with some sort of a phone 
modem card in your machine?  I have a bag of those things but its been 
15 years since I last actually used one.  In the above sampling, 2 
things are dead wrong.

1. Mask is restricted to the exact address when the setting is 
255.255.255.255.  Much more normal would be to zero the last triplet.

2.  That however would still block the P-t-P address as its in a 
different block of 255 addresses.  You would have to zero the last 2 
triplets before you could even ping the P-t-P address shown.

My memory is fuzzy at best as its also 80 yo, so if you are truly dealing 
with a modem card and a dialup phone line, someone who has done this 
recently needs to chime in and advise.  I am not equipt with recent 
enough experience to be of any help.


Everything that I have written assumes the first rj45 jack is connected 
to a router, and that the router is connected to a ca ble or DSL modem.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201508010248.34181.ghesk...@wdtv.com