Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Rene Engelhard]

On Fri, Jul 07, 2017 at 09:35:53PM +0200, Hans wrote:
> Sounds weired. I am running debian/testing , i386. It is an EEEPC. Maybe this 
> is the difference. Let's see, if others can confirm or deny this.

LO on i386 is broken when starting. What I'd bet here is that your config
contains "disable Java". Wheres a clean config of course would not.

In that case you run tinto the known Java bug _ONLY ON I386_ with newer
kernels.

Google is your friend, luke.

Regards,

Rene

Re: pop-up windows all the time in Firefox, Stretch

[Dejan Jocic]

On 09-07-17, Anil Duggirala wrote:
> hello,
> Ever since I moved to Stretch I have had pop-up windows popping up all
> the time (clicking on various items on various types of pages). I am
> posting here, since this is only happening in my Debian installation.
> Was anything changed in the default configuration of Firefox. It feels
> like Windows with all of these pop-ups, this is the first time I
> experience anything like this in a linux installation.
> thanks,
> 

In firefox you have option to block pop-up windows. Go to preferences,
it is under content. And install some add blocker. For me, best is :

https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/

You can also install script blocker, like this one:

https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss

With all that on, you will be pretty safe against pop-ups.

Re: How to gain control over the system?

[Dejan Jocic]

On 10-07-17, Kaj Persson wrote:
> Hi Jimmy,
> Well, I did not follow your suggestion exactly, but as people has said, the
> root account is already and always  there, even it has not been assigned a
> password. So, against my real whish, not to activate the root account, I
> gave the command sudo passwd root, and entered a password. And now I suppose
> I have burned my ships and have no way back...
> 
> But! Nothing has changed. I can still not enter program icons to the panel,
> and not define keyboard shortcuts. If I sort the icons on the desktop they
> still, after a cold start, come back in a completely other order, dispite I
> had marked "Keep ajusted" (right click on desktop).
> 
> So...?
> /Kaj
> 

What are you talking about, there are several ways to lock your root
account? Not sure why you would like to though. You can lock it with
sudo, like this:

sudo passwd -l root

But that is not really necessary. Better would be to learn how to
strengthen your root account. Depending on what you really want to
achieve, you can set it up so only way to access it would be to use su,
or sudo from trusted accounts. If you are interested in that, further
reading you can find here:

https://www.centos.org/docs/5/html/5.1/Deployment_Guide/s2-wstation-privileges-noroot.html

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Hans]

Am Montag, 10. Juli 2017, 09:33:32 CEST schrieb Rene Engelhard:
Hi Rene,
> LO on i386 is broken when starting. What I'd bet here is that your config
> contains "disable Java". Wheres a clean config of course would not.
> 
yes, I am running i386 at the moment only, as my other notebook has died some 
weeks ago. I looked into the bugs of debian, but could not find the required 
information. So, LO is broken, hmm, good to know. However, it is still running 
on my system with my config, as at other people will do, too. So only few 
people will know about this bug at all.  
> In that case you run tinto the known Java bug _ONLY ON I386_ with newer
> kernels.
> 

Yes, I guess so. Running debian/testing with 4.9.0-3 kernel. I believe, I will 
wait for the next version, which is already available in sid 
(experimental???), as it is still running on my system. 

But good to know, that the bug is known. Thank you very much for this 
information indeed!

Best regards

Hans
> Google is your friend, luke.
> 
> Regards,
> 
> Rene

Re: stretch not booting

[didier gaumet]

Le 18/05/2017 à 02:30, bw a écrit :
>> I had exactly the same problem recently with almost the same laptop:
>> Dell Inspiron Mini 1012 that I had previously given to a friend. I
>> switched it back to Jessie.
> 
> I can confirm this on Dell Mini 1012, installation is successful, first boot 
> is okay.  After reboot all boots fail at various places.
> I have tried minimal install (no X) from RC2 with same behavior.  
> 
> I have not tried installing sysV and removing systemd after first boot, just 
> sticking with jessie for now.

Thanks to him, a guy (kozaki) has done thorough research (see 1&2) to
solve this problem. It is caused by a failed attempt to restore the LCD
backlight at boot. Passing 'systemd.restore_state=0' kernel parameter at
boot is a solution.

1) https://bugs.archlinux.org/task/47509
2) https://bbs.archlinux.org/viewtopic.php?id=201523&p=2

Re: Debian 8: Postfix -> amavisd-new -> spamassassin -> Bayes : not scanning?

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Jul 10, 2017 at 11:32:38AM +0900, soyeo...@doraji.xyz wrote:
> "Frantisek Rysanek"  께서 쓰시길,
>  《記事 全文 <59629f76.25660.58659...@frantisek.rysanek.post.cz> 에서》:
> 
> > [...]
> > I've just built a new mailserver based on Debian 8.8,
> > with Postfix + Cyrus. I have a long history of using
> > [..]
> > Any help would be much appreciated.
> 
> Sorry man, this is off story. If i were you, i do not run email
> servers. Because it is very hard work always. 

There are quite a few people running their own mail server around
here. Thankfully, this species doesn't die out yet (ever noticed
that mail is these days the only really working and still widespread
decentralized communication service?).

My setup is very different, that's why I haven't helpful ideas
for the OP.

> So just now i'm using free email hosting service like as 
> Google Apps, Zoho, etc.

They are not *free*. They are shackles. Sweet shackles. Shackles with
anesthetizing padding, so they don't hurt too much. But your email
ain't your email anymore :-)

Nevertheless, enjoy.
- -- tomás
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlljOSYACgkQBcgs9XrR2kbibwCeLlEz1lZKOadSZ018QPcDvXEK
UvMAn0ErPe9CbrZP54XJokyj/NA8eqqI
=LiTO
-END PGP SIGNATURE-

Gateway disappears on IPv6

[Rainer Dorsch]

Hi,

I added a IPv6 support to a KVM virtualized Jessie system following the 
instructions by the hoster

https://www.netcup-wiki.de/wiki/Zus
%c3%a4tzliche_IP_Adresse_konfigurieren#IPv6%7C

I my case, I added

(for me it looks a little weird that IPv4 gets configured via dhcp and IPv6 is 
a static configuration, but that is how I read the information in the wiki.

After rebooting the system works nicely and shows ipv6 addresses and a routing 
table

root@netcup:~# ip -6 addr show
1: lo:  mtu 65536 
inet6 ::1/128 scope host 
   valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qlen 1000
inet6 2a03:4000:6:52b6::/64 scope global 
   valid_lft forever preferred_lft forever
inet6 fe80::5054:9cff:fe31:f1e0/64 scope link 
   valid_lft forever preferred_lft forever
root@netcup:~# /sbin/route -6
Kernel IPv6 routing table
DestinationNext Hop   Flag Met Ref Use If
::1/128:: U256 0 0 lo
2a03:4000:6:52b6::/64  :: U256 0 0 
eth0
fe80::/64  :: U256 0 0 
eth0
::/0   fe80::1UGDAe 1024 3 0 
eth0
::/0   :: !n   -1  1   163 lo
::1/128:: Un   0   136 lo
2a03:4000:6:52b6::/128 :: Un   0   714 lo
fe80::5054:9cff:fe31:f1e0/128  :: Un   0   1 5 lo
ff00::/8   :: U256 10 0 
eth0
::/0   :: !n   -1  1   163 lo
root@netcup:~# 

After some time (at least hours) the server is not reachable anymore on its 
IPv6 address, when connecting on the IPv4 address it seems that the gateway 
fe80::1 got lost:

root@netcup:~# ip -6 addr show
1: lo:  mtu 65536 
inet6 ::1/128 scope host 
   valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qlen 1000
inet6 2a03:4000:6:52b6::/64 scope global 
   valid_lft forever preferred_lft forever
inet6 fe80::5054:9cff:fe31:f1e0/64 scope link 
   valid_lft forever preferred_lft forever
root@netcup:~# /sbin/route -6
Kernel IPv6 routing table
DestinationNext Hop   Flag Met Ref Use If
::1/128:: U256 0 0 lo
2a03:4000:6:52b6::/64  :: U256 0 0 
eth0
fe80::/64  :: U256 0 0 
eth0
::/0   :: !n   -1  1  3321 lo
::1/128:: Un   0   1   270 lo
2a03:4000:6:52b6::/128 :: Un   0   2   670 lo
fe80::5054:9cff:fe31:f1e0/128  :: Un   0   134 lo
ff00::/8   :: U256 12 0 
eth0
::/0   :: !n   -1  1  3321 lo
root@netcup:~#

Rebooting restores the routing table and makes IPv6 working again.

Has anybody an idea what is going wrong here? Any hint is welcome.

Thanks
Rainer

-- 
Rainer Dorsch
http://bokomoko.de/

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Rene Engelhard]

Hi,

On Mon, Jul 10, 2017 at 10:00:01AM +0200, Hans wrote:
> Hi Rene,
> > LO on i386 is broken when starting. What I'd bet here is that your config
> > contains "disable Java". Wheres a clean config of course would not.
> > 
> yes, I am running i386 at the moment only, as my other notebook has died some 
> weeks ago. I looked into the bugs of debian, but could not find the required 
> information. So, LO is broken, hmm, good to know. However, it is still 
> running 

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865866

Admittedly they somehow (probably because of the version tracking)
don't end up in libreoffices bug list...

> on my system with my config, as at other people will do, too. So only few 
> people will know about this bug at all.  

If you have an old config disabling Java - true. Otherwise if you have Java
enabled it will crash, too. It's not only about old vs. new config.

And yeah, people don't know, people also can't google...

They appear here and there and even in totally unrelated bugreports with this
problem only affecting a oboslete architecture...

> Yes, I guess so. Running debian/testing with 4.9.0-3 kernel. I believe, I 
> will 
> wait for the next version, which is already available in sid 
> (experimental???), as it is still running on my system. 

LO? Won't help. (And there won't be a update in unstable for LO because of 
exactly
tis bug - because it fails to build because the LO testsuite fails exactly 
because
of this problem.)

The problem is kernel and/or openjdk. But yeah, you could
try kernel 4.11, but AFAIK that one still is affected. Would be good to know
whether that really is the case.

Regards,

Rene

dhclient or network problem

[Franz Angeli]

Hi,

i have a problem with dhclient:

for example interface name eno52 (tg3, Broadcom Limited NetXtreme
BCM5719 Gigabit Ethernet PCIe (rev 01) :

root@:~# dhclient eno52 -v
Internet Systems Consortium DHCP Client 4.3.5
Copyright 2004-2016 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eno52/3c:a8:2a:e7:87:bf
Sending on   LPF/eno52/3c:a8:2a:e7:87:bf
Sending on   Socket/fallback
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 4
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 10
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 7
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 9
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 15
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 16
No DHCPOFFERS received.
No working leases in persistent database - sleeping.

tcpdump during dhclient doesn't show anything?!?

root@*:~# tcpdump -i eno52
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eno52, link-type EN10MB (Ethernet), capture size 262144 bytes


root@***:~# ip addr show eno52
9: eno52:  mtu 1500 qdisc mq state
DOWN group default qlen 1000
link/ether 3c:a8:2a:e7:87:bf brd ff:ff:ff:ff:ff:ff


if i use the same ethernet cable on my laptop all works fine...

i don't know if is a module problem...or?

Can you help me?

BR

Re: dhclient or network problem

[Dejan Jocic]

On 10-07-17, Franz Angeli wrote:
> Hi,
> 
> i have a problem with dhclient:
> 
> for example interface name eno52 (tg3, Broadcom Limited NetXtreme
> BCM5719 Gigabit Ethernet PCIe (rev 01) :
> 
> root@:~# dhclient eno52 -v
> Internet Systems Consortium DHCP Client 4.3.5
> Copyright 2004-2016 Internet Systems Consortium.
> All rights reserved.
> For info, please visit https://www.isc.org/software/dhcp/
> 
> Listening on LPF/eno52/3c:a8:2a:e7:87:bf
> Sending on   LPF/eno52/3c:a8:2a:e7:87:bf
> Sending on   Socket/fallback
> DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 4
> DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 10
> DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 7
> DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 9
> DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 15
> DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 16
> No DHCPOFFERS received.
> No working leases in persistent database - sleeping.
> 
> tcpdump during dhclient doesn't show anything?!?
> 
> root@*:~# tcpdump -i eno52
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on eno52, link-type EN10MB (Ethernet), capture size 262144 bytes
> 
> 
> root@***:~# ip addr show eno52
> 9: eno52:  mtu 1500 qdisc mq state
> DOWN group default qlen 1000
> link/ether 3c:a8:2a:e7:87:bf brd ff:ff:ff:ff:ff:ff
> 
> 
> if i use the same ethernet cable on my laptop all works fine...

Don't you think that you have enough of a clue there :P That eno52 is,
as you can see ethernet card, of course it will work when you connect it
with ethernet cable. If you want it to work with wifi, that is another
story. What is your wifi card, do you have something starting with w in
the output of ip addr show? What is the output of the lspci -v | grep -i
-A6 net?
> 
> i don't know if is a module problem...or?
> 
> Can you help me?
> 
> BR
> 

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Rene Engelhard]

{ and what is so private here that this can't be on-list so that peole
except you know? }

Hi,

Fullquoting:

On Mon, Jul 10, 2017 at 12:51:32PM +0200, Hans wrote:
> I now installed kernel 4.11 now, removed ~/.config/libreoffice and - 
> worked!
> Thanks for the hint with related to the kernel.
> 
> Best 
> 
> Hans
> 
> > The problem is kernel and/or openjdk. But yeah, you could
> > try kernel 4.11, but AFAIK that one still is affected. Would be good to know
> > whether that really is the case.
> > 
> > Regards,
> > 
> > Rene

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Hans]

Am Montag, 10. Juli 2017, 12:57:44 CEST schrieben Sie:
Ahem, maybe you misunderstood my mail. What I wanted to express, is, if people 
do just an upgrade and never delete their ~/.config/libreoffice, they will 
never 
notice that bug. This is, what I meant, that only few people will notice this, 
mostly those, who install a fresh system or install libreoffice for the first 
time. 

Sorry, if I did it not clear enough. Bad English...

Best 

Hans

> { and what is so private here that this can't be on-list so that peole
> except you know? }
> 
> Hi,
> 
> Fullquoting:
> 


-- 
Ullrich-IT-Consult
Ihr Partner für die Themen 
* IT-SICHERHEIT * IT-SERVICE * 
* LINUX * EDV-SCHULUNGEN *

Hans-J. Ullrich
Münstedter Weg 10
31246 Oberg 
 
TEL.: 0179 3666 059
FAX: 05172 930 414

E-Mail: hans.ullr...@loop.de

Re: [Stretch] apt-get has no updates?

[RavenLX]

On 07/05/2017 08:20 AM, Dejan Jocic wrote:
[snipped original message]


As explained before, settings for unattended-upgrades are in the
/etc/apt/apt.conf.d/50unattended-upgrades. You can set it to download
and install just security updates, which is default. Or, you can set it
to download and install all updates, if you uncomment certain lines, or
add new ones. Think that you can also set it from apper, or
plasma-discover, whatever kde uses these days. Or
software-properties-kde, if it is similar to software-properties-gtk.


I've uninstalled apper and plasma-discover when I did my install because 
I am not into gui-based updating of software. My bad, I guess! KDE seems 
to have installed both of those by default. If I need to make the 
changes, I think I'll go with your suggestion of editing the file.

debian stretch preseed tasksel and clock-setup not working

[Mimiko]

Hello.

I use in preseed.cfg the following:

tasksel tasksel/first multiselect standard
tasksel tasksel/first seen false
d-i clock-setup/utc boolean false
d-i clock-setup/utc seen false

I set seen as false to view the value that was selected. Nor tasksel, nor clock-setup/utc does not set I specify. Inseed tasksel/first have default 
selections and clock-setup/utc is set to true.


debconf-get tasksel/first - gives me standard
debconf-get clock-setup/utc - gives false

So seems debconf ignores this two parameters. How to specify needed?

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Hans]

Huh, first mail went accidently private! 

I now installed kernel 4.11 now, removed ~/.config/libreoffice and - worked 
only once! After stopping and restarting LO again, it will not start again. 
Sorry, the problem is not fixed with a newer kernel - as I thought before!

I will watch this.

Best 

Hans

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Rene Engelhard]

Hi,

On Mon, Jul 10, 2017 at 01:12:56PM +0200, Hans wrote:
> Am Montag, 10. Juli 2017, 12:57:44 CEST schrieben Sie:
> Ahem, maybe you misunderstood my mail. What I wanted to express, is, if 
> people 
> do just an upgrade and never delete their ~/.config/libreoffice, they will 
> never 
> notice that bug. This is, what I meant, that only few people will notice 
> this, 
> mostly those, who install a fresh system or install libreoffice for the first 
> time. 

No, I got that.

a) there's always new peopple installing it or re-installing their system for
   whatever reason (new machine, ...)
b) there's people who kept the default settings enabling Java and now are
   screwed anyway, so they are affected, too

Regards,

Rene

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Rene Engelhard]

On Mon, Jul 10, 2017 at 01:28:54PM +0200, Hans wrote:
> only once! After stopping and restarting LO again, it will not start again. 

bt? Is that the same Java crash? See
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303
and
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865866

> Sorry, the problem is not fixed with a newer kernel - as I thought before!

As "you" thought? Ah, well, I leave you in that belief.

Anyway, I marked those bugs as also found in linux 4.11.6-1.

Regards,

Rene

Re: Debian install preseed passing parameters.

[Brian]

On Mon 10 Jul 2017 at 09:01:50 +0300, Mimiko wrote:

> Hello.
> 
> I want to preseed a Debian Strech installation. I pass different parameters 
> via params to kernel and other from preseed.cfg using a netboot setup.
> 
> This is how I start install:
> 
> initrd 
> http://${next-server}/linux/debian/9.0.0/netboot-amd64/debian-installer/amd64/initrd.gz
> && chain 
> http://${next-server}/linux/debian/9.0.0/netboot-amd64/debian-installer/amd64/linux
> vga=788 net.ifnames=0 biosdevname=0 priority=low language=en country=US
> locale=en_US.UTF-8 keyboard-configuration/xkb-keymap=us
> netcfg/disable_autoconfig=true netcfg/disable_dhcp=true
> netcfg/dhcp_options="Configure network manually" netcfg/get_ipaddress=${ip}
> netcfg/get_netmask=${netmask} netcfg/get_gateway=${gateway}
> netcfg/get_nameservers=${dns} netcfg/get_hostname=${hostname}
> netcfg/get_domain=${domain} netcfg/confirm_static=true
> ethdetect/prompt_missing_firmware=false hw-detect/load_firmware=false
> hw-detect/load_media=false netcfg/link_wait_timeout=3 DEBCONF_DEBUG=5
> preseed/url=http://${next-server}/linux/debian/9.0.0/preseed.cfg --- text
> net.ifnames=0 biosdevname=0
> 
> I specify full network config but I still get the screen with question 
> "Auto-configure networking?": , . Where  is selected.

netcfg/use_autoconfig=false
 
> How to get rid of this screen? I do not specify network config in 
> preseed.cfg, as it is loaded after network is configured.

Are you sure? The preseed file is loaded before network configuration here.

Re: pop-up windows all the time in Firefox, Stretch

[Anil Duggirala]

On Mon, Jul 10, 2017, at 02:43 AM, Dejan Jocic wrote:
> On 09-07-17, Anil Duggirala wrote:
> > hello,
> > Ever since I moved to Stretch I have had pop-up windows popping up all
> > the time (clicking on various items on various types of pages). I am
> > posting here, since this is only happening in my Debian installation.
> > Was anything changed in the default configuration of Firefox. It feels
> > like Windows with all of these pop-ups, this is the first time I
> > experience anything like this in a linux installation.
> > thanks,
> > 
> 
> In firefox you have option to block pop-up windows. Go to preferences,
> it is under content. And install some add blocker. For me, best is :
> 
> https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
> 
> You can also install script blocker, like this one:
> 
> https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss
> 
> With all that on, you will be pretty safe against pop-ups.
> 

Thanks for the suggestion for add blockers. What I guess I am saying is;
even in websites that I know would never include pop-up ads, when
clicking on something, I am getting a pop-up with some add. It feels
like a virus, like something that is affecting Firefox (I havent tested
other browsers) at the system level, or at least at the program level.
It feels like some bad software is affecting Firefox. For example, when
clicking on a dropdown box, a new window is opened with some ad, I know
this is not being done by the website I am navigating.
thanks a lot,

Re: Debian 8: Postfix -> amavisd-new -> spamassassin -> Bayes : not scanning?

[Frantisek Rysanek]

Dear fellow Debian users,

it seems that I've found the correct answer.

In /etc/spamassassin/local.cf, 
in addition to the aforementioned:
  use_bayes 1
  bayes_auto_learn 1
I have added:

  use_bayes_rules 1

Found when trawling the  /usr/share/perl5/Mail directory,
namely discovered in SpamAssassin/Conf.pm.
Looked promising, so I tried it. How silly.

That one line has caused some difference on the inside,
as a result of which, I now have a BAYES score in the
X-Spam-Status header in every message.
A remaining trouble is that all the scores so far come out as
BAYES_00 :-) so I may have to work on that some more.
No SPAM has arrived yet, to provide a proper test.
(I get 2-3 a day in my inbox - the rest is taken care of
by greylisting and the general SpamAssassin scoring rules.)

Other possibly interesting options:
   bayes_use_hapaxes
   bayes_auto_expire
   bayes_token_ttl
   bayes_seen_ttl

Actually I've managed to get a backtrace from one function that I 
could identify as getting called:
in /usr/share/perl5/Mail/SpamAssassin/BayesStore/DBM.pm :
sub tie_db_readonly {
...
  my $iii = 1;
  print dbg("Stack Trace:");
  while ( (my @call_details = (caller($iii++))) ){
  dbg( $call_details[1].":".$call_details[2]." in function" . \
$call_details[3] );
  }

...which did produce a neat stack trace. I'm attaching it, if 
anyone's interested.
The code was taken almost verbatim from
https://stackoverflow.com/questions/229009/how-can-i-get-a-call-stack-
listing-in-perl

In the stack trace I could see that something inside Amavis goes 
"have this message scanned", but some lower layers (across several 
indirections) got asked "is_scan_available" and 
"learner_is_scan_available". Funny, that...

I've also noticed that 
/usr/share/perl5/Mail/SpamAssassin/Bayes.pm contains a note, saying

# This is the general class used to train a learning classifier with 
# new samples of spam and ham mail, and classify based on prior 
# training.
# 
# Prior to version 3.3.0, the default Bayes implementation was here; 
# if you're looking for information on that, it has moved to
#Mail::SpamAssassin::Plugin::Bayes   .

And yes indeed, there's another file:
/usr/share/perl5/Mail/SpamAssassin/Plugin/Bayes.pm
containing the function  check_bayes() where I'd previously
put my dbg() trap...

...so I thought: "maybe SpamAssassin.pm was 'requiring' the wrong 
module?"  
But that doesn't seem to be the case... (I've tried :-)

Instead, after I added  
 use_bayes_rules 1
I started to get BAYES scores in the mail headers.
That's probably a good start :-)

Thanks to everyone who has responded to reassure me :-)

Frank


On 9 Jul 2017 at 23:26, debian-user@lists.debian.org wrote:
>
> Dear polite people in the debian-users mailing list,
> 
> I would appreciate any help with the following setup.
> For the record, I'm sending this same text to the 
> SpamAssassin "users" mailing list - I'm not technically
> cross-posting, as that would probably earn me a bad
> reputation (or a kick).
> 
> I've just built a new mailserver based on Debian 8.8,
> with Postfix + Cyrus. I have a long history of using
> Amavis with SpamAssassin for SPAM filtering.
> On the newly installed machine, there is 
> SpamAssassin 3.4.0-6 = the current version for Jessie.
> 
> And within SpamAssassin, my previous server (based on
> Debian Squeeze) was using the Bayesian filter.
> Using 
>   sa-learn --backup 
>   sa-learn --restore=...
> I have migrated the Bayes database to the new machine,
> and after a few path tweaks and privilege adjustments,
> I got sa-learn-cyrus to do its job.
> 
> Curiously to me, I don't see any BAYES scores
> in the X-Spam-Status header. I suspect that the Bayes
> plugin does not actually get called to evaluate
> the messages passing through my server.
> 
> In /etc/spamassassin/local.cf, I have the following:
> use_bayes 1
> bayes_auto_learn 1
> bayes_path /var/lib/spamassassin/.spamassassin/bayes
> ...a couple of whitelist_from rules, and 
> add_header all Report _REPORT_
> 
> 
> In /etc/amavis/conf.d/15-content_filter_mode, I have UNcommented this:
> 
> @bypass_spam_checks_maps = (
>\%bypass_spam_checks, \@bypass_spam_checks_acl, 
> \$bypass_spam_checks_re);
> 
> 
> In /etc/amavis/conf.d/50-user , I have the following:
> 
> $DO_SYSLOG = 0;
> $LOGFILE = "/var/log/amavis.log";
> $sa_tag_level_deflt = -; # always add spam info headers
> 
> $log_level = 1;
> $sa_debug = 1;
> 
> I've also tried log_level = 2, which showed me a privilege problem,
> where the SA's Bayes plugin couldn't create a lock file... so that's
> handled too. I'm getting *some* notes about the Bayes plugin in the
> amavis log:
> 
> Jul  9 21:25:54 mail.x.y.z /usr/sbin/amavisd-new[8868]: (08868-01) SA
> dbg: bayes: tie-ing to DB file R/O
> /var/lib/spamassassin/.spamassassin/bayes_toks Jul  9 21:25:54
> mail.x.y.z /usr/sbin/amavisd-new[8868]: (08868-01) SA dbg: bayes:
> tie-ing to DB file R/O /var/lib/spamassassin/.spamassassin/bayes_seen
> Jul  9 21:25:54 mail

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Henrique de Moraes Holschuh]

On seg, 10 jul 2017, Rene Engelhard wrote:
> On Mon, Jul 10, 2017 at 01:28:54PM +0200, Hans wrote:
> > only once! After stopping and restarting LO again, it will not start again. 
> 
> bt? Is that the same Java crash? See
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303
> and
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865866

It is related, yes.  LO does something rather unexpected (and arguably
Not Good) to its stack on i386, and that clashes with the added kernel
protection against the "stack clash" vulnerability.

Fixes are being prepared on kernel upstream, on the grounds that
userspace regressions are Bad, but in the end it is likely that we will
want to fix both LO and the kernel.

As for java, what it does is actually reasonably sane and there are
already two or three kernel fix alternatives upstream, I think they
settled on one already and merged it.  If it proves stable, it should
end up in a stable kernel and Debian kernels soon.

-- 
  Henrique Holschuh

Re: metamail now misbehaving

[Steve Kleene]

On, Sun, 9 Jul 2017 14:12:07 -0400, I wrote:

>> I run Wheezy with fvwm (window manager).  I prefer to use the command line
>> when possible, and for mail I have bsd-mailx with sendmail.  To read e-mails
>> sent as HTML or base64, I use metamail (which was last distributed with Etch,
>> I think), as follows:
>> ...
>> Coincindent with my upgrade to firefox-esr 52, metamail no longer quite
>> works.  If no firefox window is up, it does succeed.  But if (as usual) a
>> firefox window already exists, it opens a new firefox tab with the error
>> "Firefox can't find the file at /tmp/Mu6MRTf".  And there is in fact no such
>> tmp file.

On, Mon, 10 Jul 2017 04:01:28 +0200 =?ISO-8859-1?Q?=C1ngel?= 
 replied:

> I suspect metamail launches the browser and, after the launched program
> is closed, automatically deletes the temporary file.
> The problem is that when a window already exists, control is transfered
> to that window, and the original program is closed, thus leading to a
> race condition between the deletion of the temporary file and its
> loading by the firefox process.
>
> First option would be looking for a way not to have metamail remove the
> file, leaving the file to be cleaned up later (you may want to dedicate
> a subfolder for metamail temp files).
>
> Another option would be to replace the call to /usr/bin/iceweasel with a
> wrapper that launches iceweasel and waits a few seconds, which would
> hopefully make the browser win the race. It's not a particularly elegant
> solution (the race is still there, after all), but is probably good
> enough for you.

A clever idea.  Option 2 was quick and successful.  In ~/.mailcap, I changed

text/html; /usr/bin/iceweasel '%s'; description=HTML Text; test=test -n 
"$DISPLAY";  nametemplate=%s.html

to

text/html; /usr/bin/iceweasel '%s'\; sleep 1; description=HTML Text; test=test 
-n "$DISPLAY";  nametemplate=%s.html

and now the tmp file hangs around long enough.

Thanks also to David Wright for the suggestions on setting up mutt.  I may
get to that, since bsd-mailx + metamail still has some real limitations.

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Hans]

> bt? Is that the same Java crash? See
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303
> and
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865866
> 

No, it is not the same. Strace output differs from the one in the bugreport.

> Anyway, I marked those bugs as also found in linux 4.11.6-1.
> 

That is great. Good to know, there is a problem and is accepted as a problem.
> Regards,
> 
> Rene

Best

Hans
-- 
Ullrich-IT-Consult
Ihr Partner für die Themen 
* IT-SICHERHEIT * IT-SERVICE * 
* LINUX * EDV-SCHULUNGEN *

Hans-J. Ullrich
Münstedter Weg 10
31246 Oberg 
 
TEL.: 0179 3666 059
FAX: 05172 930 414

E-Mail: hans.ullr...@loop.de

Re: N’hésites pas de commencer une conversation avec moi Jade

[JOEL BOSCHERON]

J attend ton appel

Envoyé de mon iPhone

> Le 4 juil. 2017 à 12:15, Jade Sovansi  a écrit :
> 
> Je ne mords pas tu sais. Bon, sauf si t le demande… 
> http://bit.ly/2sHRIiy

Re: pop-up windows all the time in Firefox, Stretch

[Fungi4All]

> UTC Time: July 10, 2017 12:27 PM
> From: anilduggir...@fastmail.fm
> To: debian-user@lists.debian.org
> On Mon, Jul 10, 2017, at 02:43 AM, Dejan Jocic wrote:
>> On 09-07-17, Anil Duggirala wrote:
>> > hello,
>> > Ever since I moved to Stretch I have had pop-up windows popping up all
>> > the time (clicking on various items on various types of pages). I am
>> > posting here, since this is only happening in my Debian installation.
>> > Was anything changed in the default configuration of Firefox. It feels
>> > like Windows with all of these pop-ups, this is the first time I
>> > experience anything like this in a linux installation.
>> > thanks,
>> >
>>
>> In firefox you have option to block pop-up windows. Go to preferences,
>> it is under content. And install some add blocker. For me, best is :
>>
>> https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
>>
>> You can also install script blocker, like this one:
>>
>> https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss
>>
>> With all that on, you will be pretty safe against pop-ups.
>>
> Thanks for the suggestion for add blockers. What I guess I am saying is;
> even in websites that I know would never include pop-up ads, when
> clicking on something, I am getting a pop-up with some add. It feels
> like a virus, like something that is affecting Firefox (I havent tested
> other browsers) at the system level, or at least at the program level.
> It feels like some bad software is affecting Firefox. For example, when
> clicking on a dropdown box, a new window is opened with some ad, I know
> this is not being done by the website I am navigating.
> thanks a lot,

Check your addons in firefox and your homepage. This sounds like a hijacking
activity. But there is a difference between pop-up and ad-blocking. Ad-blocking
works whether they pop or are within the page. Pop-ups may not necessarily
be ads. You can also add the No-Script addon to only allow what you want
scripts on. But this is all browser related, not system.

Re: pop-up windows all the time in Firefox, Stretch

[Cindy-Sue Causey]

On 7/10/17, Anil Duggirala  wrote:
> On Mon, Jul 10, 2017, at 02:43 AM, Dejan Jocic wrote:
>> On 09-07-17, Anil Duggirala wrote:
>> > hello,
>> > Ever since I moved to Stretch I have had pop-up windows popping up all
>> > the time (clicking on various items on various types of pages). I am
>> > posting here, since this is only happening in my Debian installation.
>> > Was anything changed in the default configuration of Firefox. It feels
>> > like Windows with all of these pop-ups, this is the first time I
>> > experience anything like this in a linux installation.
>> > thanks,
>> >
>>
>> In firefox you have option to block pop-up windows. Go to preferences,
>> it is under content. And install some add blocker. For me, best is :
>>
>> https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
>>
>> You can also install script blocker, like this one:
>>
>> https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss
>>
>> With all that on, you will be pretty safe against pop-ups.
>>
>
> Thanks for the suggestion for add blockers. What I guess I am saying is;
> even in websites that I know would never include pop-up ads, when
> clicking on something, I am getting a pop-up with some add. It feels
> like a virus, like something that is affecting Firefox (I havent tested
> other browsers) at the system level, or at least at the program level.
> It feels like some bad software is affecting Firefox. For example, when
> clicking on a dropdown box, a new window is opened with some ad, I know
> this is not being done by the website I am navigating.
> thanks a lot,


That's odd. That sounds like something got added on. On rare occasion,
I've seen some kind of offer that says you can add something that
feeds off of browsing related actions such as highlighting text.

If this was me experiencing this, I would check all possible settings
related to browser add-ons and extensions. That would be to make sure
something wasn't accidentally (or possibly even unscrupulously) added
on. I would be looking for anything that looks unfamiliar to my normal
computing habits.

Years ago I had success blocking something like this by tracking down
and then blocking website links found in the popups. Kind of a "nanny"
deal, I guess. I'm not immediately finding a way to do this in
Firefox, but deliberately blocking cookies would at least be a start
there. No pun of any kind intended when I say there's likely a nanny
surfing monitor add-on available in some *trusted* Mozilla repository.

Under Preferences, the Security tab has a "General" section that
includes an option to be warned about sites adding add-ons behind our
backs. That section also has options to be warned about dangerous
downloads and unwanted or uncommon software.

That's all I can think of right now... Good luck blocking it out of
your system..

Cindy :)

-- 
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with duct tape *

Re: pop-up windows all the time in Firefox, Stretch

[Matthew Crews]

Back up your ~/.mozilla folder, delete it and reopen Firefox. This will
create a fresh Firefox profile. Make sure that Firefox's built in pop up
blocker is enabled. Then navigate to websites that are generating pop-ups
that normally don't.

If the pop-ups persist, then either your computer has been hijacked (wiping
your HD and re-installing the OS might fix) , your modem/router has been
hijacked (check your modem/router for firmware updates), or shenanigans are
occuring through your ISP (which you probably can't do anything about).

On Jul 10, 2017 5:58 AM, "Fungi4All"  wrote:


UTC Time: July 10, 2017 12:27 PM
From: anilduggir...@fastmail.fm
To: debian-user@lists.debian.org

On Mon, Jul 10, 2017, at 02:43 AM, Dejan Jocic wrote:
> On 09-07-17, Anil Duggirala wrote:
> > hello,
> > Ever since I moved to Stretch I have had pop-up windows popping up all
> > the time (clicking on various items on various types of pages). I am
> > posting here, since this is only happening in my Debian installation.
> > Was anything changed in the default configuration of Firefox. It feels
> > like Windows with all of these pop-ups, this is the first time I
> > experience anything like this in a linux installation.
> > thanks,
> >
>
> In firefox you have option to block pop-up windows. Go to preferences,
> it is under content. And install some add blocker. For me, best is :
>
> https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
>
> You can also install script blocker, like this one:
>
> https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss
>
> With all that on, you will be pretty safe against pop-ups.
>

Thanks for the suggestion for add blockers. What I guess I am saying is;
even in websites that I know would never include pop-up ads, when
clicking on something, I am getting a pop-up with some add. It feels
like a virus, like something that is affecting Firefox (I havent tested
other browsers) at the system level, or at least at the program level.
It feels like some bad software is affecting Firefox. For example, when
clicking on a dropdown box, a new window is opened with some ad, I know
this is not being done by the website I am navigating.
thanks a lot,


Check your addons in firefox and your homepage.  This sounds like a
hijacking
activity.  But there is a difference between pop-up and ad-blocking.
Ad-blocking
works whether they pop or are within the page.  Pop-ups may not necessarily
be ads.  You can also add the No-Script addon to only allow what you want
scripts on.  But this is all browser related, not system.

Re: Please help with #865382

[Steve McIntyre]

Phil wrote:
>-=-=-=-=-=-
>
>On Mon, 2017-07-10 at 00:04 +0100, Steve McIntyre wrote:
>> Hey folks,
>> 
>> We have a big problem with our Stretch KDE live images, and the
>> problem seems to be KDE-specific. None of the other desktops show
>> the same problem. Can you help please?
>
>Hi,
>
>Can you indicate some of the issues as you know them at this time?

Hi Phil,

The issues I'm aware of currently are listed in

  http://get.debian.org/images/release/current-live/amd64/iso-hybrid/

but specifically the one I'm hoping to get help with from the KDE
folks is issue #1 there:

  KDE live desktop unstable on some (tested) hardware

  Status: still a problem with 9.0.1

  There is a segmentation fault in kmanage - the first obvious symptom
  will be a failure to automatically log in. A workaround is to switch
  to VT1 and wait for the desktop to start there. This has been
  reproduced on hardware (using Intel graphics?), but not when testing
  in a virtual machine.

  See #865382.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"Because heaters aren't purple!" -- Catherine Pitt

Re: debian wiki

[Eduardo M KALINOWSKI]

On Dom, 09 Jul 2017, tomas wrote:

So I think the top menu only reacts to the preferred language set in
the browser. The wiki content itself obeys both the URL (i.e. the
intercalated /fr/ element) and to the browser preference.

Does this correspond with your findings?


That's also what happens here.

--
Eduardo M KALINOWSKI
edua...@kalinowski.com.br

Where would I make a request to update the Stretch Release Notes?

[Jason Cohen]

Per Bug #861683, xserver-xorg-legacy is a "recommend" for xserver-xorg, and as 
such, is likely to be installed by default.  Section 2.2.10 of the Debian 
Stretch Release Notes indicates that Xorg will now run as a non-root user for 
most setups, indicating 3 requirements for this to function correctly.  
However, there is no mention of the need to remove xserver-xorg-legacy. The 
Releases Notes currently indicate that Xorg will run as a regular user if:

1) logind and libpam-systemd are installed

2) The system supports Kernel Mode Setting

3) GDM3 is used as the display manager (if X is started from the DM)

However, after spending 30 minutes trying to figure out why a newly
installed Debian Stretch system refused to start Xorg as a regular user,
I realized it was *also* necessary to remove xserver-xorg-legacy (I
didn't realize this package was installed).  This is not
documented in the Release Notes or at https://wiki.debian.org/Xorg. 
Rather, the release notes gives the strong impression that the
aforementioned items are sufficient to ensure Xorg will not run as root.

I replied to Bug # 861683 but the mail bounced back as this bug is now 
archived.  My question is how do I go about requesting that the Release Notes 
be updated to make this issue more clear to new users.
 



signature.asc
Description: OpenPGP digital signature

Re: P.S. Re: Debian 9 in a VM with Proxmox 5 system

[Luca Filipozzi]

I have dropped debian-de...@lists.debian.org.
I have added debian-user@lists.debian.org.

In previous emails, Maximilian complaned that Debian 9 had no 'route'
command. Having been advised to use 'ip route', he has offered this
snippet from this interfaces file for discussion.

On Mon, Jul 10, 2017 at 02:53:23PM +0200, Maximilian Althaus wrote:
> This is the config for (/etc/network/interfaces)
> 
> auto lo
> iface lo inet loopback
> 
> auto ens18
> allow-hotplug ens18
> iface ens18 inet static
> addressIP.V4.ADDR.ESS
> netmask 255.255.255.255
> broadcastIP.V4.ADDR.ESS
> post-up route addROOTER.IPV4.ADDR.ESSdev ens18
> post-up route add default gwROOTER.IPV4.ADDR.ESS
> pre-down route delROOTER.IPV4.ADDR.ESSdev ens18
> pre-down route del default gwROOTER.IPV4.ADDR.ESS

Maximilian, why are you using 'route' in those post-up and pre-down
directives?

If you're going to use post-up and pre-down, then they need to be more
like (untested) the following, using 'ip route':

post-up ip route add A.B.C.D dev ens18
post-up ip route add default via A.B.C.D
pre-down ip route del default via A.B.C.D
pre-down ip route del A.B.C.D dev ens18

More importantly, why are you using post-up and pre-down directives to
add default routing? Is there a reason why your netmask is
255.255.255.255?

Assuming that you're on a /24 subnet (meaning, the netmask is
255.255.255.0), then try something like this, instead:

auto ens18
iface ens18 inet static
address IP.V4.ADDR.ESS
netmask 255.255.255.0
gateway ROOTER.IPV4.ADDR.ESS

-- 
Luca Filipozzi

Re: debian wiki

[David Wright]

On Mon 10 Jul 2017 at 13:32:00 (+), Eduardo M KALINOWSKI wrote:
> On Dom, 09 Jul 2017, tomas wrote:
> >So I think the top menu only reacts to the preferred language set in
> >the browser. The wiki content itself obeys both the URL (i.e. the
> >intercalated /fr/ element) and to the browser preference.
> >
> >Does this correspond with your findings?
> 
> That's also what happens here.

… which is as I would expect it.

However, I'm only _guessing_ that these pages are active in some way,
and that that activity generates the menus at the top. If so, then the
language to use for that activity is English, as set in preferences.
One would also expect the activity itself (rather than the language
it is expressed in) to be the same in all the languages supported.

The contents of the page in each language might be quite different.
The translators might modify cultural and language references in ways
that they feel are appropriate for their readers. Those sorts of
differences wouldn't be expected in the menu generation.

I haven't seen an actual problem expressed by anyone about what is
displayed. Is there one, other than a casual observation?

Cheers,
David.

Re: Where would I make a request to update the Stretch Release Notes?

[Brian]

On Mon 10 Jul 2017 at 09:53:33 -0400, Jason Cohen wrote:

> I replied to Bug # 861683 but the mail bounced back as this bug is now
> archived.  My question is how do I go about requesting that the
> Release Notes be updated to make this issue more clear to new users.

File a bug against the release-notes package.

Re: Where would I make a request to update the Stretch Release Notes?

[Greg Wooledge]

On Mon, Jul 10, 2017 at 09:53:33AM -0400, Jason Cohen wrote:
> Per Bug #861683, xserver-xorg-legacy is a "recommend" for xserver-xorg, and 
> as such, is likely to be installed by default.

Because some hardware chipsets require it.

> Section 2.2.10 of the Debian Stretch Release Notes indicates that Xorg will 
> now run as a non-root user for most setups, indicating 3 requirements for 
> this to function correctly.

Mm hmm.

> However, there is no mention of the need to remove xserver-xorg-legacy.

There isn't, at least on my chipset.

wooledg:~$ pgrep X
3079
wooledg:~$ ps -fp 3079
UIDPID  PPID  C STIME TTY  TIME CMD
wooledg   3079  3078  0 Jul07 tty1 00:08:24 /usr/lib/xorg/Xorg -nolisten tcp
wooledg:~$ dpkg -l xserver-xorg-legacy
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name   Version  Architecture Description
+++-==---=
ii  xserver-xorg-l 2:1.19.2-1+d amd64setuid root Xorg server wrapper

-legacy is installed, but it isn't used by this chipset.

00:02.0 VGA compatible controller [0300]: Intel Corporation HD Graphics 530 
[8086:1912] (rev 06)

> 3) GDM3 is used as the display manager (if X is started from the DM)
> 
> However, after spending 30 minutes trying to figure out why a newly
> installed Debian Stretch system refused to start Xorg as a regular user,
> I realized it was *also* necessary to remove xserver-xorg-legacy (I
> didn't realize this package was installed).

Oh, are you using gdm3?  I'm not.  I'm using startx.

> This is not
> documented in the Release Notes or at https://wiki.debian.org/Xorg. 
> Rather, the release notes gives the strong impression that the
> aforementioned items are sufficient to ensure Xorg will not run as root.

So... are you saying that you use gdm3, and your X server is started
as root if -legacy is installed, and started as non-root if -legacy
is not installed?

Out of curiosity, what graphics chipset is it?

Re: pop-up windows all the time in Firefox, Stretch

[Fungi4All]

> From: mattcr...@mattcrews.com
> To: Fungi4All 
> debian-user@lists.debian.org
>
> Back up your ~/.mozilla folder, delete it and reopen Firefox. This will 
> create a fresh Firefox profile. Make sure that Firefox's built in pop up 
> blocker is enabled. Then navigate to websites that are generating pop-ups 
> that normally don't.
> If the pop-ups persist, then either your computer has been hijacked (wiping 
> your HD and re-installing the OS might fix) , your modem/router has been 
> hijacked (check your modem/router for firmware updates), or shenanigans are 
> occuring through your ISP (which you probably can't do anything about).
>
>>> Thanks for the suggestion for add blockers. What I guess I am saying is;
>>> even in websites that I know would never include pop-up ads, when
>>> clicking on something, I am getting a pop-up with some add. It feels
>>> like a virus, like something that is affecting Firefox (I havent tested
>>> other browsers) at the system level, or at least at the program level.
>>> It feels like some bad software is affecting Firefox. For example, when
>>> clicking on a dropdown box, a new window is opened with some ad, I know
>>> this is not being done by the website I am navigating.
>>> thanks a lot,
>>
>> Check your addons in firefox and your homepage. This sounds like a hijacking
>> activity. But there is a difference between pop-up and ad-blocking. 
>> Ad-blocking
>> works whether they pop or are within the page. Pop-ups may not necessarily
>> be ads. You can also add the No-Script addon to only allow what you want
>> scripts on. But this is all browser related, not system.

You are top-posting, which you will have to learn to respect the choice not to,
and you are responding to me personally as I am having the problem. I don't
even use Mozilla anymore.
Any reference on hijacking trojans on Debian would be most interesting.

Re: Where would I make a request to update the Stretch Release Notes?

[Jason Cohen]

>> This is not
>> documented in the Release Notes or at https://wiki.debian.org/Xorg. 
>> Rather, the release notes gives the strong impression that the
>> aforementioned items are sufficient to ensure Xorg will not run as root.
> So... are you saying that you use gdm3, and your X server is started
> as root if -legacy is installed, and started as non-root if -legacy
> is not installed?
>
> Out of curiosity, what graphics chipset is it?
>
I had this issue last night with a system that used an NVIDIA GTX770
graphics card with the open source nouveau driver.  I thought the driver
might be the problem so I also tried using the proprietary nvidia-driver
(375.66), but the behavior was the same.  In both cases, Xorg was
started as root so long as xserver-xorg-legacy was installed.  I'm
pretty sure I also saw the same behavior with a more modern system
running an NVIDIA GTX1070 with the proprietary nvidia-driver (375.66).

However, as you note, this does not occur with Intel graphics.  I just
tested on a machine with an Ivy Bridge Core i5-3470 and integrated Intel
HD Graphics 2500.  This system loads Xorg as a non-root user with
xserver-xorg-legacy installed.  I didn't realize this until you
mentioned it.  So, maybe the bug is that Nvidia hardware is using the
setuid wrapper when it's not actually necessary?

NOTE: Resending response to the list as I accidentally responded to Greg 
directly.  Sorry :/




signature.asc
Description: OpenPGP digital signature

Re: debian wiki

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Jul 10, 2017 at 08:57:35AM -0500, David Wright wrote:
> On Mon 10 Jul 2017 at 13:32:00 (+), Eduardo M KALINOWSKI wrote:
> > On Dom, 09 Jul 2017, tomas wrote:
> > >So I think the top menu only reacts to the preferred language set in
> > >the browser. The wiki content itself obeys both the URL (i.e. the
> > >intercalated /fr/ element) and to the browser preference.
> > >
> > >Does this correspond with your findings?
> > 
> > That's also what happens here.
> 
> … which is as I would expect it.
> 
> However, I'm only _guessing_ that these pages are active in some way,

You mean... server-side active, I guess.

[...]

> I haven't seen an actual problem expressed by anyone about what is
> displayed. Is there one, other than a casual observation?

Not a real problem. Just a behaviour that confused the original
poster (I think it was Fungi4All): if  your browser lang is "X"
and you click on the page's link for lang "Y" and you get a top
menu in "Xish" and a content in "Yish". The link provided by (was
it Brian?) in this thread seems to indicate that this confusion
happens more than once.

For people who don't know the browser has a language preferences
setting (and perhaps have no idea about all that HTTP content
negotiation stuff), that might be a bit... surprising, leading
some to guess that there is an IP-based shenanigan behind the
scenes.

The confused are hardly to be blamed, given the tendency of
late to keep users as stupid as possible :-/

Regards
- -- tomás
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlljkAsACgkQBcgs9XrR2kYUswCfaaZqUgajPyOnnywMwTOWM5Kv
LFEAnA+NO2m1PBiDaSbqKmGdX40zQOEr
=Sexv
-END PGP SIGNATURE-

Re: P.S. Re: Debian 9 in a VM with Proxmox 5 system

[Maximilian Althaus]

Hi!


Maximilian, why are you using 'route' in those post-up and pre-down
directives?

This is not updated to ip route, sorry!


More importantly, why are you using post-up and pre-down directives to
add default routing? Is there a reason why your netmask is
255.255.255.255?
My hoster says in a wiki that when I want to add my ip address to a VM 
over a bridged network I must use this netmask.



Assuming that you're on a /24 subnet (meaning, the netmask is
255.255.255.0), then try something like this, instead:

auto ens18
iface ens18 inet static
 address IP.V4.ADDR.ESS
 netmask 255.255.255.0
 gateway ROOTER.IPV4.ADDR.ESS


I tried it, but I still the network is unreachable.

Now, this is my config:

auto eth0
allow-hotplug eth0
iface eth0 inet static
addressA.B.C.D
netmask 255.255.255.255
broadcastA.B.C.D
post-up ip route addA.B.C.ROOTERdev eth0
post-up ip route add default viaA.B.C.ROOTER
pre-down ip route delA.B.C.ROOTERdev eth0
pre-down ip route del default viaA.B.C.ROOTER

And I also tried this:

auto eth0
allow-hotplug eth0
iface eth0 inet static
addressA.B.C.D
netmask 255.255.255.255
broadcastA.B.C.D

And this:

auto eth0
allow-hotplug eth0
iface eth0 inet static
addressA.B.C.D
netmask 255.255.255.255
broadcastA.B.C.D
gateway A.B.C.ROOTER

And this:

auto eth0
allow-hotplug eth0
iface eth0 inet static
addressA.B.C.D
netmask 255.255.255.0
broadcastA.B.C.D
gateway A.B.C.ROOTER

And finally this:

auto eth0
allow-hotplug eth0
iface eth0 inet static
addressA.B.C.D
netmask 255.255.255.0
broadcastA.B.C.D
gateway A.B.C.ROOTER



BUT all of this configs where accepted with no error by the networking 
service, but I do not get any connection to the server or from the server!!!


Cheers,
Maximilian

Stretch errors in log

[tony mollica]

I'm just gonna throw this out here for comment because I have no idea 
where to look to fix this.  Maybe different drivers, maybe a setting 
that I'm not aware of, maybe wait for updates.  I had none of these 
problems with Jessie but I was using the driver from the Nvidia site, 
not the Debian package.  There's two errors that pop up.   A lot.  And 
with frequent system lock-ups.  The log is filled with this nouveau 
error, hundreds, in fact.  I have not problem going with either the 
Nvidia website driver or the Debian package but until I finish about two 
weeks worth of work I can't chance another upgrade/meltdown scenario.


>[159234.542074] nouveau :00:12.0: gr: intr 0010 [ERROR] 
nsource 0001 >[DMA_VTX_PROTECTION] nstatus 0500 [INVALID_STATE 
PROTECTION_FAULT] >ch 4 [0005d000 Main[3888]] subc 7 class 4497 mthd 
1810 data 00155f1d


This chrome/nouveau occurs with much less frequency, it appears that it 
may be concurrent with a webgl failure indicated by a pop up window, it 
freezes any input but the mouse pointer moves and the system monitor 
graph in the panel keeps moving.  Only a hard reset and reboot returns 
control.


> [167661.907394] chrome[18935]: segfault at 0 ip 7f1b1ed325b5 sp 
>7ffc404a3eb0 error 4 in nouveau_dri.so[7f1b1e8b6000+93c000]

>
>[168116.156488] chrome[24624]: segfault at 0 ip 7f371593a5b5 sp 
>7ffe83f7f100 error 4 in nouveau_dri.so[7f37154be000+93c000]

>
>[168502.610128] chrome[25248]: segfault at 0 ip 7ff06a1165b5 sp 
>7ffdf8da4040 error 4 in nouveau_dri.so[7ff069c9a000+93c000]






tony

FYI: systemd session logging - no solution

[Václav Ovsík]

Lately I found this:
https://github.com/systemd/systemd/issues/1291
so no nice solution unfortunately :(.
-- 
Zito

Re: stop your mail

[Sébastien Gautrin]

 Original Message 
Subject: Re: stop your mail
From: Andy Smith 
To: debian-user@lists.debian.org
Date: 2017-07-09


Hello,

On Sat, Jul 08, 2017 at 07:50:38PM +0200, Nicolas George wrote:

These messages are the spam, themselves. The pretend "leave me
alone" prologue is just to disguise that status and attract your
attention until you read the quoted text.


I think it is far more likely that these people are responding to
spam that has been sent to them with the list's address as the from
address. The recipients do not know or care that the from address of
an email is not trustworthy¹, nor that they should not respond to
spam, so they just reply to express their anger.


The "stop your mail" and "PLEASE STOP YOUR MAILS" messages are 
definitely not created by the owners of the email, though it might be 
done by a mobile app as suggested.


The proof of this is that they all have nearly the exact same content 
(some add the list mail, some don't), all being HTML messages formatted 
the same way.


To be noted that the last two the list received are from email users of 
Orange France, thus most likely French, and that it is clear from the 
wording of those messages that they very unlikely to have been written 
by a French person.


The source of those emails also clearly show that they are not sent by a 
traditional mailer, but most likely by a java-written automated program 
on windows, as seen in the message id, which for this last one was


773946604.1112.1499496543913.JavaMail.www@wwinf1f28

In this we can see that the system user sending this mail with JavaMail 
is “www” and that the server sending the message is name “wwinf1f28”. 
The previous mail of such type (PLEASE STOP YOUR MAILS) was sent by the 
exact same server, with the following message id:


1662938282.1128.1499496664949.JavaMail.www@wwinf1f28

We can thus definitely conclude that those requests to unsubscribe are 
indeed spam themselves, though it is still really unclear what their 
true purpose are.

Re: stretch not booting, on DELL machines

[bw]

>>
>>Thanks to him, a guy (kozaki) has done thorough research (see 1&2) to
>>solve this problem. It is caused by a failed attempt to restore the LCD
>>backlight at boot. Passing 'systemd.restore_state=0' kernel parameter at
>>boot is a solution.
>>
>>1) https://bugs.archlinux.org/task/47509
>>2) https://bbs.archlinux.org/viewtopic.php?id=201523&p=2


Hilarious thread here, appears to be a very old issue
https://bugzilla.redhat.com/show_bug.cgi?id=1253523

Thanks for finding the solution.

Re: Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?

[Bruce Perens]

Thank you. I did not have a copy of the Grsecurity Stable Patch Access
Agreement before, and I've linked it to my article
.
IMO it's quite imprudent of them to put down in writing how they restrict
your GPL rights.

Re: Debian 8: Postfix -> amavisd-new -> spamassassin -> Bayes : not scanning?

[Frantisek Rysanek]

...but wait, there's more, 
seems like that wasn't the end-game yet :-)

Just after I sent the previous optimistic message, 
I got a cold shower: the BAYES scores were gone again.
So I went back to some serious level of debug,
tried removing some config related to auto-expiry
that I was playing with at the same time, but even 
as I got the config back to where it used to work,
the Bayes was gone again. Same symptoms.

While I was fumbling sadly through the debug log, I noticed another 
promising warning:
 _WARN: plugin: eval failed: Insecure dependency in sprintf while 
running with -T switch at 
/usr/share/perl5/Mail/SpamAssassin/Logger.pm line 241.

Now what the hell is the -T switch...
man perl
cannot find it right there (wish I knew the right chapter).
The source code wasn't much help either.
But after a bit of Googling, after I narrowed down the query, 
I got this:
http://search.cpan.org/~bdfoy/PerlPowerTools-1.012/bin/printf
And several other pointers to an
"Insecure dependency in eval while running setuid"
Same thing? Probably.
The -T switch is for "taint mode".
https://perldoc.perl.org/perlsec.html#Taint-mode
And it's a security measure, so that your casual "evals with a printf 
inside" are not easily hijacked for "code injection".

Now where the hell does that -T switch get into play.
SpamAssassin is running as a module of Amavis. 
I already knew that Amavis was really a Perl script.
The Perl interpreter probably gets called using the #! shell 
specification on the first line in /usr/sbin/amavisd-new .
You betcha.
>From there, the workaround is simple.
But ... OOPS!
I probably shouldn't tell anyone :->

Still... I don't understand why it suddenly worked for a while,
and then suddenly no longer, not anymore. Where's the hidden state?
I did restart Amavis after each change in the config files,
meaning I restarted the Perl interpreter all over each time...
"This is some spooky $#|t we got here, sarge..."
(to paraphrase Henry Rollins in the Lost Highway)

Frank


On 10 Jul 2017 at 14:44, debian-user@lists.debian.org wrote:

> Dear fellow Debian users,
> 
> it seems that I've found the correct answer.
> 
> In /etc/spamassassin/local.cf, 
> in addition to the aforementioned:
>   use_bayes 1
>   bayes_auto_learn 1
> I have added:
> 
>   use_bayes_rules 1
> 
> Found when trawling the  /usr/share/perl5/Mail directory,
> namely discovered in SpamAssassin/Conf.pm.
> Looked promising, so I tried it. How silly.
> 
> That one line has caused some difference on the inside,
> as a result of which, I now have a BAYES score in the
> X-Spam-Status header in every message.
> A remaining trouble is that all the scores so far come out as
> BAYES_00 :-) so I may have to work on that some more.
> No SPAM has arrived yet, to provide a proper test.
> (I get 2-3 a day in my inbox - the rest is taken care of
> by greylisting and the general SpamAssassin scoring rules.)
> 
> Other possibly interesting options:
>bayes_use_hapaxes
>bayes_auto_expire
>bayes_token_ttl
>bayes_seen_ttl
> 
> Actually I've managed to get a backtrace from one function that I
> could identify as getting called: in
> /usr/share/perl5/Mail/SpamAssassin/BayesStore/DBM.pm : sub
> tie_db_readonly { ...
>   my $iii = 1;
>   print dbg("Stack Trace:");
>   while ( (my @call_details = (caller($iii++))) ){
>   dbg( $call_details[1].":".$call_details[2]." in function" . \
>  $call_details[3] );
>   }
> 
> ...which did produce a neat stack trace. I'm attaching it, if 
> anyone's interested.
> The code was taken almost verbatim from
> https://stackoverflow.com/questions/229009/how-can-i-get-a-call-stack-
> listing-in-perl
> 
> In the stack trace I could see that something inside Amavis goes "have
> this message scanned", but some lower layers (across several
> indirections) got asked "is_scan_available" and
> "learner_is_scan_available". Funny, that...
> 
> I've also noticed that 
> /usr/share/perl5/Mail/SpamAssassin/Bayes.pm contains a note, saying
> 
> # This is the general class used to train a learning classifier with
> # new samples of spam and ham mail, and classify based on prior
> # training.
> # 
> # Prior to version 3.3.0, the default Bayes implementation was here;
> # if you're looking for information on that, it has moved to
> #Mail::SpamAssassin::Plugin::Bayes   .
> 
> And yes indeed, there's another file:
> /usr/share/perl5/Mail/SpamAssassin/Plugin/Bayes.pm
> containing the function  check_bayes() where I'd previously
> put my dbg() trap...
> 
> ...so I thought: "maybe SpamAssassin.pm was 'requiring' the wrong
> module?"  But that doesn't seem to be the case... (I've tried :-)
> 
> Instead, after I added  
>  use_bayes_rules 1
> I started to get BAYES scores in the mail headers.
> That's probably a good start :-)
> 
> Thanks to everyone who has responded to reassure me :-)
> 
> Frank
> 
> 
> On 9 Jul 2017 at 23:26, debian-user@lists.debian.org wrote:
> >
> > Dear polite people in the debian-users mailing list,
> > 
> > I would 

Re: debian wiki

[Fungi4All]

> From: to...@tuxteam.de
> To: debian-user@lists.debian.org
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> On Mon, Jul 10, 2017 at 08:57:35AM -0500, David Wright wrote:
>> On Mon 10 Jul 2017 at 13:32:00 (+), Eduardo M KALINOWSKI wrote:
>> > On Dom, 09 Jul 2017, tomas wrote:
>> > >So I think the top menu only reacts to the preferred language set in
>> > >the browser. The wiki content itself obeys both the URL (i.e. the
>> > >intercalated /fr/ element) and to the browser preference.
>> > >
>> > >Does this correspond with your findings?
>> >
>> > That"s also what happens here.
>>
>> … which is as I would expect it.
>>
>> However, I"m only _guessing_ that these pages are active in some way,
> You mean... server-side active, I guess.
> [...]
>> I haven"t seen an actual problem expressed by anyone about what is
>> displayed. Is there one, other than a casual observation?
> Not a real problem. Just a behaviour that confused the original
> poster (I think it was Fungi4All): if your browser lang is "X"
> and you click on the page"s link for lang "Y" and you get a top
> menu in "Xish" and a content in "Yish". The link provided by (was
> it Brian?) in this thread seems to indicate that this confusion
> happens more than once.
> For people who don"t know the browser has a language preferences
> setting (and perhaps have no idea about all that HTTP content
> negotiation stuff), that might be a bit... surprising, leading
> some to guess that there is an IP-based shenanigan behind the
> scenes.
> The confused are hardly to be blamed, given the tendency of
> late to keep users as stupid as possible :-/
> Regards
> - -- tomás

I, the OP, have no abilities in German of French, nor do I have these
languages in my browser. I noticed that the wiki, while it was displaying
the default Englsh text, the menus were on a 4th language. Upon the
suggestion to disable scripts, I used my trusty secure browser with a French IP
and tried. When I selected French just for testing, the menus remained
English. When I selected German it was all German, to me. The more
languages you select the funkier and more inconsistent the results were.
In some languages you may click a link and revert back to English, possibly
because of the page being in another english default server.
No matter what is at fault the wiki server results are inconsistent.

Re: pop-up windows all the time in Firefox, Stretch

[Anil Duggirala]

On Mon, Jul 10, 2017, at 09:19 AM, Fungi4All wrote:
> 
>> From: mattcr...@mattcrews.com
>> To: Fungi4All 
>> debian-user@lists.debian.org
>> 
>> Back up your ~/.mozilla folder, delete it and reopen Firefox. This will 
>> create a fresh Firefox profile. Make sure that Firefox's built in pop up 
>> blocker is enabled. Then navigate to websites that are generating pop-ups 
>> that normally don't.>> 
>> If the pop-ups persist, then either your computer has been hijacked (wiping 
>> your HD and re-installing the OS might fix) , your modem/router has been 
>> hijacked (check your modem/router for firmware updates), or shenanigans are 
>> occuring through your ISP (which you probably can't do anything about).>> 
 Thanks for the suggestion for add blockers. What I guess I am saying 
 is; even in websites that I know would never include pop-up ads, when
 clicking on something, I am getting a pop-up with some add. It feels 
 like a virus, like something that is affecting Firefox (I havent 
 tested other browsers) at the system level, or at least at the program 
 level. It feels like some bad software is affecting Firefox. For 
 example, when clicking on a dropdown box, a new window is opened with 
 some ad, I know this is not being done by the website I am navigating.
 thanks a lot,
>>> 
>>> Check your addons in firefox and your homepage.  This sounds like a 
>>> hijacking>>> activity.  But there is a difference between pop-up and 
>>> ad-blocking.  Ad-blocking>>> works whether they pop or are within the page. 
>>>  Pop-ups may not necessarily>>> be ads.  You can also add the No-Script 
>>> addon to only allow what you want>>> scripts on.  But this is all browser 
>>> related, not system.
>>> 
> 
> You are top-posting, which you will have to learn to respect the choice not 
> to,> and you are responding to me personally as I am having the problem.  I 
> don't> even use Mozilla anymore.
> 
> Any reference on hijacking trojans on Debian would be most interesting.> 

hello everyone, thanks for your responses,
I have checked my add-ons, there are only 2 well known ones installed, IcedTea 
and some video Codec.No extensions are installed.
I will try deleting the .mozilla folder shortly and report,
Subsequently I will try to install some pop-up blocker, even though I have 
never had the need for this, and as I said it looks something beyond usual 
pop-ups.thanks again,

delete my email !

[Nadine Masson]

Please delete my email address from your files = harassed from unpleasant
mails!

HSTS preload lists in Debian's Chromium, Firefox, and IceCat packages

[Sam Kuper]

Have I found a bug in Debian Jessie's package for Chromium?


## Preamble

IIUC, both Chromium and Mozilla Firefox ship with a list of domains
with which they will never communicate via HTTP, always preferring to
use HTTPS instead. These lists are based upon Google Chrome's "HSTS
Preload List".[1][2]


Google says[3] that in Chrome, one can query the browser's HSTS
Preload List contents by navigating to:

chrome://net-internals/#hsts

AFAICT, this is also true in Chromium.


The Chromium project states that Chromium's list is this one, here:[1]

https://src.chromium.org/viewvc/chrome/trunk/src/net/http/transport_security_state_static.json


## Steps to reproduce

- Visit the list at
https://src.chromium.org/viewvc/chrome/trunk/src/net/http/transport_security_state_static.json
.

- Pick a domain from that list (e.g.  whonix.org ).

- In an up-to-date installation of Debian Jessie, install the Chromium
package if you have not already done so (e.g. via `sudo apt-get
install chromium`).

- Run that Chromium instance, and navigate to chrome://net-internals/#hsts .

- In the resulting page's "Query domain" section, enter a domain from
the list above (e.g. whonix.org ) into its text box and press the
"Query" button.


## Observed result

- The text "Not found" is shown below the text box.


## Expected result

- The text "Found" would be shown below the text box, probably along
with some information about the HSTS implementation for that domain.


## Postamble

I have several questions:

1. Is the observed result intended behaviour in Debian? I.e. does
Debian, when packaging Chromium, disable the HSTS Preload List
intentionally?

2. Where on a Debian Jessie system would Chromium's HSTS Preload List be found?

3. Does Debian's Firefox ESR package ship with an HSTS Preload List,
and if so, where can this be found?

4. Does Debian's GNU IceCat package ship with an HSTS Preload List,
and if so, where can this be found?


Please CC me in your reply, as I am not currently subscribed to the
debian-user list.

Many thanks!



[1] https://www.chromium.org/hsts/

[2] https://blog.mozilla.org/security/2012/11/01/preloading-hsts/

[3] https://hstspreload.org

is there package that convert qr code to url?

[Long Wind]

thanks!

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Rene Engelhard]

On Mon, Jul 10, 2017 at 09:47:09AM -0300, Henrique de Moraes Holschuh wrote:
> On seg, 10 jul 2017, Rene Engelhard wrote:
> > On Mon, Jul 10, 2017 at 01:28:54PM +0200, Hans wrote:
> > > only once! After stopping and restarting LO again, it will not start 
> > > again. 
> > 
> > bt? Is that the same Java crash? See
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303
> > and
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865866
> 
> It is related, yes.  LO does something rather unexpected (and arguably
> Not Good) to its stack on i386, and that clashes with the added kernel
> protection against the "stack clash" vulnerability.

No. Java does. LO just calls into the JVM. Other stuff having the JVM
in-process (in contrast to calling "java") is also affected. See the reports.

Regards,

Rene

Re: WARNING: Libreoffice - Do not remove ~/.config/libreoffice

[Henrique de Moraes Holschuh]

On Mon, 10 Jul 2017, Rene Engelhard wrote:
> On Mon, Jul 10, 2017 at 09:47:09AM -0300, Henrique de Moraes Holschuh wrote:
> > On seg, 10 jul 2017, Rene Engelhard wrote:
> > > On Mon, Jul 10, 2017 at 01:28:54PM +0200, Hans wrote:
> > > > only once! After stopping and restarting LO again, it will not start 
> > > > again. 
> > > 
> > > bt? Is that the same Java crash? See
> > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303
> > > and
> > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865866
> > 
> > It is related, yes.  LO does something rather unexpected (and arguably
> > Not Good) to its stack on i386, and that clashes with the added kernel
> > protection against the "stack clash" vulnerability.
> 
> No. Java does. LO just calls into the JVM. Other stuff having the JVM
> in-process (in contrast to calling "java") is also affected. See the reports.

I did, but maybe I have misunderstood something...

What I got from LKML is that LO (but not java) has a rwx weird
stack-guard page (Bad Idea), while the JVM has PROT_NONE stack-guard
pages between each thread-local stack.

Obviously, LO with java support would *also* trigger any issues the JVM
has with the stack-guard kernel changes.

-- 
  Henrique Holschuh

Re: stop your mail

[Andy Smith]

Hello,

On Mon, Jul 10, 2017 at 05:18:54PM +0200, Sébastien Gautrin wrote:
> The "stop your mail" and "PLEASE STOP YOUR MAILS" messages are definitely
> not created by the owners of the email, though it might be done by a mobile
> app as suggested.

I've replied off-list to some of them to explain what (I think) is
happening and they carry on conversation exactly as if they are very
confused humans who just want the spam to stop.

I've also had my own email address used as the from address of
similar spam, thus forcing me to receive hundreds of "STOP THE MAIL"
responses that look similar to these. At that time I came up with a
boilerplate explanatory email to send back to these complainants,
and any replies I got seemed similarly human-generated.

> The proof of this is that they all have nearly the exact same content (some
> add the list mail, some don't), all being HTML messages formatted the same
> way.

It may come as a shock to you but most non-technical email users use
HTML email.

> The source of those emails also clearly show that they are not sent by a
> traditional mailer, but most likely by a java-written automated program on
> windows, as seen in the message id, which for this last one was
> 
> 773946604.1112.1499496543913.JavaMail.www@wwinf1f28

That is simply a Java mail-sending library, so could very well be a
mobile email app. Lots of normal people read and respond to email on
their phones.

> We can thus definitely conclude that those requests to unsubscribe are
> indeed spam themselves, though it is still really unclear what their true
> purpose are.

I'm sorry but I don't think we can definitely conclude that. For me
the simplest explanation is merely that spam runs are taking place
with random addresses of real people and mailing lists used as the
from address. It is something I have seen happen for going on 2
decades now, and had happen to me from time to time (as in, my
addresses were used as the from address).

I have no need to concoct scenarios where the list is being
deliberately targeted in order to explain the behaviour we see.
Spammers generally send a lot of email and are not interested in
responding to any replies they get. They just want people to click
on links.

But if one were to believe that it is some sort of attack, there
isn't very much that one could do about it anyway, aside from
completely ignoring all of those emails. There's no real downside in
ignoring them so I'm not going to get worked up about people taking
it so personally!

Cheers,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Remote GUI Instance + Debian 9

[Sam Smith]

For years I've used KDE on on my computers. I used to just have one 
desktop about 10 years ago but have since added many other laptops to my 
collection (all running debian of course). My now 10 year old desktop 
sits in the corner all by it self and rarely gets turned on. But my wife 
still uses it sometimes, and I've added many VMs for testing under my 
user account. So normally if I want to test some software under windows 
or something, I'd just make a wake-on-lan call to my desktop, wait a 
minute and then point Xephyr to its IP, and presto I'm then sitting at a 
KDM login prompt. I've done this for probably 5+ years.


And then I upgraded to Stretch... I read the release notes and not much 
was said about any changes that I thought would effect me.


But apparently remote graphical logins are now a thing of the past... 
But I hope not.


After booting into my new Stretch upgrade, I noticed that it looked 
different from the live cd that I first tested with. I tracked that down 
to KDM not being part of KDE anymore and the live cd used sddm. So I 
installed sddm (all this was over console) and then tried to Xephyr over 
to the box. But I got nothing. A little research later and apparently 
XDMCP isn't even part of sddm. So I reached for lightdm. Tried xephry 
again, got a loading scree, and got my hopes up. But then I was met with 
a "plasma failed to start opengl 2" message and a blank desktop. A bunch 
of research later and apparently plasma5 now only runs if you have 
actual opengl capabilities (which running over xephry or any remote 
desktop apparently kills).


I just about gave up, but hey this is linux, I should be able to do what 
ever I want right? Why can't I just start a second X instance in the 
background and plug x11vnc into that? Well that didn't work either due 
to some permission issues:


>startx -- :2 vt5
>(EE) xf86OpenConsole: Cannot open virtual console 5 (Permission denied)

So more research later, and I install "xserver-xorg-legacy" and drop:

>allowed_users=anybody
>needs_root_rights=yes

into /etc/X11/Xwrapper.config and I re-run startx -- :2 vt5 in one 
console and "x11vnc -display :2 -noxrecord" in another console and now I 
can vnc from my laptop and see the desktop.


Everything is working! Whew!

But what the heck? KDM with XDMCP was a feature. And it just worked. 
Maybe I missed something, but am I seriously reduced to using this 
complete "run X as setuid root so I can run startx as a normal user so I 
can run x11vnc to use my desktop" hack??


Or is there a better way?

Thanks,
Sam

Re: is there package that convert qr code to url?

[Celejar]

Perhaps zbar-tools (no experience with it)?

On Tue, 11 Jul 2017 04:51:19 +0800
Long Wind  wrote:

> thanks!
> 


Celejar

Re: Remote GUI Instance + Debian 9

[Felix Miata]

Sam Smith composed on 2017-07-10 22:12 (UTC-0500):
...
> But what the heck? KDM with XDMCP was a feature. And it just worked. 
> Maybe I missed something, but am I seriously reduced to using this 
> complete "run X as setuid root so I can run startx as a normal user so I 
> can run x11vnc to use my desktop" hack??

LightDM and SDDM feature sets fall short of KDM's.

> Or is there a better way?

I never do remote GUI logins myself, but you could try the only DM I have
installed on any of my Stretch installations, the current incarnation of the
same *old* way:
http://mirror.xcer.cz/trinity-sb/pool/main-r14/t/tdebase-trinity/tdm-trinity_14.0.5~pre18-0debian10.0.0+3~a_amd64.deb
https://www.trinitydesktop.org/about.php
https://wiki.trinitydesktop.org/Preliminary_Stable_Builds

>From tdmrc:

[Xdmcp]
# Whether TDM should listen to incoming XDMCP requests.
# Default is true
Enable=false
# The UDP port on which TDM should listen for XDMCP requests. Do not change.
# Default is 177
#Port=177
# File with the private keys of X-terminals. Required for XDM authentication.
# Default is ""
#KeyFile=/etc/trinity/tdm/tdmkeys
# XDMCP access control file in the usual XDM-Xaccess format.
# Default is "/etc/trinity/tdm/Xaccess"
#Xaccess=
# Number of seconds to wait for display to respond after the user has
# selected a host from the chooser.
# Default is 15
#ChoiceTimeout=10
# Strip domain name from remote display names if it is equal to the local
# domain.
# Default is true
#RemoveDomainname=false
# Use the numeric IP address of the incoming connection on multihomed hosts
# instead of the host name.
# Default is false
#SourceAddress=true
# The program which is invoked to dynamically generate replies to XDMCP
# DirectQuery or BroadcastQuery requests.
# If empty, no program is invoked and "Willing to manage" is sent.
# Default is ""
Willing=/etc/trinity/tdm/Xwilling
-- 
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/

Debain 9 dhclient or network problem

[Franz Angeli]

Hi,

i have a problem with dhclient:

for example interface name eno52 (tg3, Broadcom Limited NetXtreme
BCM5719 Gigabit Ethernet PCIe (rev 01) :

root@:~# dhclient eno52 -v
Internet Systems Consortium DHCP Client 4.3.5
Copyright 2004-2016 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eno52/3c:a8:2a:e7:87:bf
Sending on   LPF/eno52/3c:a8:2a:e7:87:bf
Sending on   Socket/fallback
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 4
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 10
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 7
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 9
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 15
DHCPDISCOVER on eno52 to 255.255.255.255 port 67 interval 16
No DHCPOFFERS received.
No working leases in persistent database - sleeping.

tcpdump during dhclient doesn't show anything?!?

root@*:~# tcpdump -i eno52
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eno52, link-type EN10MB (Ethernet), capture size 262144 bytes


root@***:~# ip addr show eno52
9: eno52:  mtu 1500 qdisc mq state
DOWN group default qlen 1000
link/ether 3c:a8:2a:e7:87:bf brd ff:ff:ff:ff:ff:ff

interface eno52 seems to be disconnected but cable is plugged and
working (i tried with other pc)

obviously ethernet cable is connected...
Debian 8 works fine with this hw
Debian 9 doesn't work

Server is ProLiant DL380 Gen9 (719064-B21)

root@***:~# lspci -v | grep -A10 Ethernet
02:00.0 Ethernet controller: Broadcom Limited NetXtreme BCM5719
Gigabit Ethernet PCIe (rev 01)
Subsystem: Hewlett-Packard Company Ethernet 1Gb 4-port 331i Adapter
Flags: bus master, fast devsel, latency 0, IRQ 16, NUMA node 0
Memory at 92c9 (64-bit, prefetchable) [size=64K]
Memory at 92ca (64-bit, prefetchable) [size=64K]
Memory at 92cb (64-bit, prefetchable) [size=64K]
[virtual] Expansion ROM at 9310 [disabled] [size=256K]
Capabilities: [48] Power Management version 3
Capabilities: [50] Vital Product Data
Capabilities: [58] MSI: Enable- Count=1/8 Maskable- 64bit+
Capabilities: [a0] MSI-X: Enable+ Count=17 Masked-
Capabilities: [ac] Express Endpoint, MSI 00
--
02:00.1 Ethernet controller: Broadcom Limited NetXtreme BCM5719
Gigabit Ethernet PCIe (rev 01)
Subsystem: Hewlett-Packard Company Ethernet 1Gb 4-port 331i Adapter
Flags: bus master, fast devsel, latency 0, IRQ 17, NUMA node 0
Memory at 92c6 (64-bit, prefetchable) [size=64K]
Memory at 92c7 (64-bit, prefetchable) [size=64K]
Memory at 92c8 (64-bit, prefetchable) [size=64K]
[virtual] Expansion ROM at 9314 [disabled] [size=256K]
Capabilities: [48] Power Management version 3
Capabilities: [50] Vital Product Data
Capabilities: [58] MSI: Enable- Count=1/8 Maskable- 64bit+
Capabilities: [a0] MSI-X: Enable- Count=17 Masked-
Capabilities: [ac] Express Endpoint, MSI 00
--
02:00.2 Ethernet controller: Broadcom Limited NetXtreme BCM5719
Gigabit Ethernet PCIe (rev 01)
Subsystem: Hewlett-Packard Company Ethernet 1Gb 4-port 331i Adapter
Flags: bus master, fast devsel, latency 0, IRQ 16, NUMA node 0
Memory at 92c3 (64-bit, prefetchable) [size=64K]
Memory at 92c4 (64-bit, prefetchable) [size=64K]
Memory at 92c5 (64-bit, prefetchable) [size=64K]
[virtual] Expansion ROM at 9318 [disabled] [size=256K]
Capabilities: [48] Power Management version 3
Capabilities: [50] Vital Product Data
Capabilities: [58] MSI: Enable- Count=1/8 Maskable- 64bit+
Capabilities: [a0] MSI-X: Enable- Count=17 Masked-
Capabilities: [ac] Express Endpoint, MSI 00
--
02:00.3 Ethernet controller: Broadcom Limited NetXtreme BCM5719
Gigabit Ethernet PCIe (rev 01)
Subsystem: Hewlett-Packard Company Ethernet 1Gb 4-port 331i Adapter
Flags: bus master, fast devsel, latency 0, IRQ 17, NUMA node 0
Memory at 92c0 (64-bit, prefetchable) [size=64K]
Memory at 92c1 (64-bit, prefetchable) [size=64K]
Memory at 92c2 (64-bit, prefetchable) [size=64K]
[virtual] Expansion ROM at 931c [disabled] [size=256K]
Capabilities: [48] Power Management version 3
Capabilities: [50] Vital Product Data
Capabilities: [58] MSI: Enable- Count=1/8 Maskable- 64bit+
Capabilities: [a0] MSI-X: Enable- Count=17 Masked-
Capabilities: [ac] Express Endpoint, MSI 00
--
04:00.0 Ethernet controller: Broadcom Limited NetXtreme BCM5719
Gigabit Ethernet PCIe (rev 01)
Subsystem: Hewlett-Packard Company Ethernet 1Gb 4-port 331FLR Adapter
Flags: bus master, fast devsel, latency 0, IRQ 16, NUMA node 0
Memory at 92b9 (64-bit, prefetchable) [size=64K]
Memory at 92ba (64-bit, prefetchable) [size=64K]
Memory at 92bb (64-bit, prefetchable) [size=64K]
[virtual] Expansion ROM at 9300 [disabled] [size=256K]
Capabilities: [48] Power Management version 3
Capabilities: [50] Vital Product Data
Capabilities: [58] MSI: Enable- Count=1/8 Maskable- 64bit+
Capabilities: [a0] MSI-X: Enable- Count=17 Masked-
Capabilities: [ac] Express Endpoi

Re: Debain 9 dhclient or network problem

[Johann Spies]

On 11 July 2017 at 07:48, Franz Angeli  wrote:
> Hi,
>
> i have a problem with dhclient:
>
> for example interface name eno52 (tg3, Broadcom Limited NetXtreme
> BCM5719 Gigabit Ethernet PCIe (rev 01) :
>
> root@:~# dhclient eno52 -v
> Internet Systems Consortium DHCP Client 4.3.5
> Copyright 2004-2016 Internet Systems Consortium.
> All rights reserved.
> For info, please visit https://www.isc.org/software/dhcp/
>
...
> if i use the same ethernet cable on my laptop all works fine... (DHCP
> lease and so on)

My first guess would be that the order of the network interfaces
differ between Debian 8 and 9 and that you should try the cable on the
other interfaces.

In the past (many years ago) it was a known problem that eth0 on the
new system used for another interface.  I don't know whether this is
still the case. It had been some time that I had to build a server.

Regards
Johann
-- 
Because experiencing your loyal love is better than life itself,
my lips will praise you.  (Psalm 63:3)

Re: Re: Changing Monitor that gdm uses

[D Geis]

In case anyone else finds this through an internet search,
I've figure out how to make the fix work;
gdm3 uses the 'monitors.xml' format that gnome3 uses,
so if you are set to a different desktop manager (cinnamon, in my case) the
fix won't work.

Solution:
In the gdm login, click the gear and change to 'GNOME'
In gnome, click upper right corner and enter System Settings > Display
Configure Display as you like (you must make some sort of change to
recreate monitors.xml)
`sudo cp ~/.config/monitors.xml /var/lib/gdm3/.config/monitors.xml`
Reboot/relog and gdm should be on the correct monitor,
and you can switch back to the desktop manager of your choice.

Re: Debain 9 dhclient or network problem

[Franz Angeli]

Hi,

i tried every other interface butt it's the same

i tried also to disable interface renaming but doesn't work.

2017-07-11 8:02 GMT+02:00 Johann Spies :
> On 11 July 2017 at 07:48, Franz Angeli  wrote:
>> Hi,
>>
>> i have a problem with dhclient:
>>
>> for example interface name eno52 (tg3, Broadcom Limited NetXtreme
>> BCM5719 Gigabit Ethernet PCIe (rev 01) :
>>
>> root@:~# dhclient eno52 -v
>> Internet Systems Consortium DHCP Client 4.3.5
>> Copyright 2004-2016 Internet Systems Consortium.
>> All rights reserved.
>> For info, please visit https://www.isc.org/software/dhcp/
>>
> ...
>> if i use the same ethernet cable on my laptop all works fine... (DHCP
>> lease and so on)
>
> My first guess would be that the order of the network interfaces
> differ between Debian 8 and 9 and that you should try the cable on the
> other interfaces.
>
> In the past (many years ago) it was a known problem that eth0 on the
> new system used for another interface.  I don't know whether this is
> still the case. It had been some time that I had to build a server.
>
> Regards
> Johann
> --
> Because experiencing your loyal love is better than life itself,
> my lips will praise you.  (Psalm 63:3)
>