| se7en | I am having trouble with apt | 06:32 |
|---|---|---|
| se7en | apt is set up to use the deb url | 06:32 |
| se7en | Which apparently is a pool | 06:32 |
| se7en | But the only pool member it is connecting to is prod.debian.map.fastly.net | 06:32 |
| se7en | This url seems down | 06:33 |
| gnarface | even on multiple retries? | 06:33 |
| se7en | Wait, it finally started | 06:34 |
| se7en | It took a long time | 06:34 |
| gnarface | i'm guessing you have a dual problem here; unlucky hit of a bunk mirror coinciding with high DNS load at your ISP | 06:35 |
| gnarface | (the second problem you can easily work around by just using a local DNS) | 06:35 |
| se7en | I am using OpenNIC though | 06:38 |
| gnarface | what's that? | 06:39 |
| se7en | And it already resolved the IP | 06:39 |
| gnarface | oh, alternic | 06:39 |
| gnarface | uh, i wouldn't necessarily suggest that's a good idea in the first place, but i would assume that it's only a minor change to make any of the existing dns servers/cachers use opennic instead | 06:40 |
| gnarface | it would in either case eliminate nearly all delays in DNS resolution | 06:40 |
| gnarface | at least then that rules that out | 06:41 |
| gnarface | (keep in mind those DNS lookups aren't typically cached locally unless you make it so. only firefox does that by default, and only until you restart it) | 06:49 |
| g0zzy | Is there any reason to prefer a standalone installer over the install-from-live option? | 14:17 |
| KatolaZ | g0zzy: if you don't want to have exactly the same stuff that's in the live, then you need a "standalone" installer | 14:19 |
| g0zzy | Well i don't mind that. Do i get the normal partitioner though with from-live? | 14:21 |
| g0zzy | Or to put it another way, is it JUST the packages that differ? I normally use the netinst | 14:22 |
| gnarface | no partitioner in the live version. it literally just clones itself | 14:22 |
| g0zzy | Thanks for that. Question answered ;) | 14:23 |
| gnarface | np | 14:23 |
| gnarface | if you want to see how it does it, it's based on some part of refracta | 14:23 |
| g0zzy | Ah thanks | 14:25 |
| g0zzy | Slightly more recherché question: i got "No packages found that can be upgraded unattended" after installing unattended-upgrades. A manual upgrade found loads to do. I know that there have been upgrades since and i've had no mail notification | 14:31 |
| gnarface | i've never used that, so i'm not sure what it's hanging up on, but you need to have a mail server installed locally for the system to be able to send mail to itself | 14:33 |
| gnarface | (for personal use, i recommend exim4-daemon-light) | 14:34 |
| gnarface | which packages count as installable "unattended" may be affected by your debconf priority setting | 14:36 |
| gnarface | someone else in here a few days ago had been mentioning having problems getting unattended-upgrades up and running too, but i forget who it was. i think they did get it worked out... | 14:37 |
| g0zzy | Could have been me ;) exim4 configged and working btw | 14:53 |
| gnarface | you made sure to tell it to answer local-only, right? | 14:54 |
| g0zzy | Don't fully get you there | 14:54 |
| g0zzy | I installed it the same way as i do in Stretch and tested a mail to root. It came to my phone | 14:55 |
| gnarface | didn't it ask you any questions? | 14:56 |
| gnarface | before install? | 14:56 |
| gnarface | or right after, actually? | 14:56 |
| gnarface | well, since you're mailing your phone with it, i'm just gonna assume it's doing what you ant | 14:57 |
| gnarface | what you want* | 14:57 |
| gnarface | it can be configured to only send and receive mail locally | 14:58 |
| gnarface | like as in, within the computer itself | 14:58 |
| g0zzy | Oh yes, i see. root is aliased to me email address | 14:59 |
| g0zzy | s/me/my | 14:59 |
| gnarface | if you want to change the main settings at any time, just run this: dpkg-reconfigure exim4-config | 14:59 |
| gnarface | (in general, "dpkg-reconfigure" will do the same thing for any package that asks debconf questions, but remember that debconf does have a priority threshold that can adjust how many questions it asks) | 15:00 |
| gnarface | i think it normally by default aliases root to your main local user | 15:02 |
| gnarface | and then system mails won't leave the system | 15:02 |
| gnarface | but you know it depends on what you want to do | 15:02 |
| g0zzy | Yes. Anyway the main problem is unattended. I wonder if it WAS me that was the person you had in mind. I suppose i could check the chat history? | 15:03 |
| gnarface | ah, maybe it was you | 15:04 |
| gnarface | or else my scrollback just doesn't go back that far | 15:05 |
| gnarface | did you see this wiki page? https://wiki.debian.org/UnattendedUpgrades | 15:05 |
| g0zzy | Yes. Funnily enough i had no problem with Stretch ;) | 15:06 |
| gnarface | interesting. that suggests a permissions issue | 15:06 |
| gnarface | nothing else relevant should have changed | 15:07 |
| gnarface | but it might also just be that there's one or two packages you need to install first manually | 15:07 |
| g0zzy | I was root in a terminal when i tried the (wiki-suggested method of running unattented-upgrade manually | 15:07 |
| gnarface | you did get the part about uncommenting this line, right? Unattended-Upgrade::Mail "root"; | 15:08 |
| g0zzy | Shall check | 15:08 |
| gnarface | dpkg-reconfigure -plow unattended-upgrades | 15:09 |
| gnarface | ^ this might be worth trying too, if you haven't | 15:09 |
| g0zzy | Oh gawd. Not 100% sure. Could have missed it. The box is currently about 15 miles away | 15:10 |
| gnarface | "-plow" is for low priority | 15:11 |
| g0zzy | Yes. | 15:11 |
| gnarface | which i think means it'll pretty much ask every possible question? | 15:11 |
| gnarface | but the default threshold is high, according to this wiki... | 15:12 |
| g0zzy | I could do with some kind of uPnP shh setup | 15:12 |
| gnarface | which in some cases, might be too high to ask the questions you need to set up unattended | 15:12 |
| * g0zzy finds that clients can easily undo remote access - changing router, resetting same etc. | 15:13 | |
| gnarface | all i can say at this point is read over https://wiki.debian.org/UnattendedUpgrades again, and then if nothing on there answers the question, check the bug reports | 15:15 |
| g0zzy | Thanks | 15:15 |
| gnarface | no problem, sorry i couldn't be more help. | 15:15 |
| g0zzy | Anyone know anything about uPnP facilities for sshd btw? | 15:15 |
| gnarface | not that will survive the customer replacing their router without notice | 15:16 |
| gnarface | you could approach the problem differently though | 15:16 |
| xinomilo | unattended-upgrades default configuration updates only *-security packages. maybe there were none? | 15:16 |
| gnarface | you could set up a server of your own and make the client's box persistently connect to that instead, which *can* survive a router swap, if set up right | 15:17 |
| g0zzy | >>unattended-upgrades default configuration updates only *-security packages. maybe there were none? OOps - didn't notice that. | 15:18 |
| g0zzy | As for your suggestion, sounds interesting, but how would i get a shell to _their_ box? | 15:19 |
| gnarface | well you'd have ssh tunnel out to your box, then you'd ssh to your box, and then from your box back through their tunnel | 15:21 |
| gnarface | but it would also be a very traditional use case for a VPN | 15:21 |
| gnarface | but it could be done entirely with some clever ssh tunneling and a cron job | 15:22 |
| gnarface | most default router configurations don't restrict outbound connections, so that would remove the need for port forwarding or uPnP | 15:25 |
| g0zzy | Yes. Sounds interesting. I think maybe just set up a script on wicd trigger to set up the tunnel to me from my client's box perhaps? | 15:26 |
| g0zzy | IOW a permanent tunnel | 15:26 |
| gnarface | yea that probably would work too | 15:26 |
| gnarface | i mentioned the cron job because i was thinking more along the lines of something that checks every few minutes if the tunnel is still up, then attempts to reconnect it if it is not | 15:27 |
| gnarface | (something a VPN would do automatically) | 15:27 |
| g0zzy | Yes, i see | 15:27 |
| gnarface | a wicd trigger could work too | 15:27 |
| gnarface | i bet there's a dozen different subsystems you could use to trigger it in fact | 15:28 |
| gnarface | but only you can decide if this technical challenge is less trouble than the management challenge of just convincing the customers to leave the router settings alone | 15:28 |
| g0zzy | Well it would be wicd in Devuan that would know when the tunnel can be established | 15:28 |
| gnarface | that is true, but a cron job can as easily check that | 15:29 |
| gnarface | i'm old-fashioned | 15:29 |
| g0zzy | Trouble is that they can always do something with their router. Some are domestic and actually buggy. | 15:29 |
| * g0zzy is looking at BT 'fibre' hubs | 15:30 | |
| gnarface | yes, and if they start getting paranoid and restricting outbound connections, there's nothing you can do to stop that type of sabotage | 15:30 |
| gnarface | at a certain point they have to have SOME clue about what they should not do | 15:30 |
| golinux | gnarface: For future reference there are installation guides with screenshots starting here: https://devuan.org/os/documentation/install-guides/start-here.html | 15:37 |
| golinux | g0zzy: ^^^ | 15:38 |
| golinux | Navigation is at the bottom. g0zzy You can see the options for the -live installer there. | 15:38 |
| g0zzy | Thanks for that | 15:40 |
| gnarface | thanks golinux, i keep forgetting about that | 15:42 |
| golinux | gnarface: But you remember so many other pointers! | 15:52 |
| gnarface | i even remember stuff i don't want to remember. it's strange the things i can't. | 15:52 |
| golinux | g0zzy: You can also install the -live isos from the cli but we haven't gotten around to doing the screenshots yet. | 15:53 |
| golinux | That's my preferred method for the -live install. | 15:54 |
| golinux | gnarface: The mind is illogical in what it grabs on to. | 15:55 |
| g0zzy | Thanks folks for the help | 17:19 |
| golinux | This just posted on dev1galaxy. Title is Burnt burnt burnt... https://dev1galaxy.org/viewtopic.php?id=2729 | 19:18 |
| g0zzy | Personally i think that systemd is likely just going to need more and more patches to keep systems running. Breakages are likely | 19:38 |
| sixwheeledbeast | uPnP should be disabled IMO. VPN is the only secure solution i can think of that will suit. I would also never use an ISP provided router | 19:42 |
| xinomilo | just upgraded kernel and boot process is full of these : kernel: [ 65.391209] PKCS#7 signature not signed with a trusted key | 19:42 |
| xinomilo | linux-image-4.19.0-4-amd64 | 19:43 |
| xinomilo | from ceres | 19:43 |
| g0zzy | sixwheeledbeast: I agree. afaics most ISP routers have UPnP by default | 19:52 |
| DonkeyHotei | routers provided by at&t are not even capable of UPnP as an option | 19:53 |
| DonkeyHotei | progress? | 19:54 |
| sixwheeledbeast | Yes and also they often leave ACS access open to the ISP too | 19:54 |
| DonkeyHotei | as well as ssh | 19:55 |
| xinomilo | ok, debian kernel bug, reported earlier today : https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924574 | 19:55 |
| sixwheeledbeast | g0zzy: DrayTek are BT SIN compliant if you are looking for something more commercial that's FTTC/FTTN compatible | 19:56 |
| DonkeyHotei | BT HomeHub Type 5A can run OpenWrt | 19:58 |
| g0zzy | Yes, i've noticed that the later models can do OpenWrt. Might be an option | 20:00 |
| g0zzy | Unfortunately i think Draytek are not movable to OpenWrt | 20:01 |
| DonkeyHotei | not "later models" | 20:04 |
| DonkeyHotei | just the 5A | 20:04 |
| sixwheeledbeast | Draytek is closed OS if you are looking for something more open then look on the openwrt forums for recommended models. Your most likely to get a Smarthub now which has Broadcom with no drivers | 20:04 |
| sixwheeledbeast | no open drviers anyway | 20:04 |
| gnu_srs1 | golinux: More and more people are being aware :) | 20:41 |
| sokan | buZz: I got it!! It's on my hands :3 | 22:19 |
| sokan | Man.. thinkpad T420 is beyond incredible... You can actually feel and understand how solid it is | 22:20 |
| sokan | quality all over | 22:20 |
| buZz | woot! | 22:20 |
| buZz | congratz | 22:20 |
| sokan | general test passed. time to install dev1 now :3 | 22:23 |
| sokan | dev1 supports uefi right? | 22:27 |
| sokan | buZz: can I pm you? | 22:28 |
| buZz | yes | 22:29 |
| buZz | devuan does support uefi | 22:29 |
| sokan | buZz: I should get the bios to have uefi priority right? | 22:31 |
| buZz | ehw, whatever the default is should be fine | 22:31 |
| buZz | plug in installer usb, make it boot from that | 22:31 |
| buZz | done ? | 22:31 |
| sokan | going with dvd xD | 22:31 |
| sokan | classic installer is so neat | 22:33 |
| buZz | oh right, t420 is big enough to host a cd drive :P | 22:37 |
| sokan | haha | 22:47 |
| sokan | yes sir! | 22:47 |
| sokan | this is probably too noob a question but I want to just make 100% sure. The warning I have about another system being on BIOS (pobably defauly w7 installation) and devuan installer being on UEFI should be ignored if I plan on going pure devuan right? | 22:48 |
| sokan | does popcon help devuan at all? | 23:18 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!