The officially official Devuan Forum!

You are not logged in.

#1 Re: Documentation » HOWTO: Firefox DoH (DNS over HTTPS) » 2020-08-11 20:49:34

My own choice is to use dnscrypt-proxy, which:

1) Gives you a wide choice of DNS provider, including Cloudflare, using either DoH or Dnscrypt. You can choose from a large number of non-logging (or at least services that say they are) and/or DNSSEC and/or filtered/non-filtered DNS providers.

2) You get periodically to randomise your DNS provider, so no one service sees it all.

3) You will usually choose nearer DNS providers with a lower RTT than Cloudflare (at least here where Ii am in the UK).

4) You can cache your queries, reducing what hits your provider and proving near-instant lookups on your most used sites.

5) You can select from multiple blocklists.

6) it works for all your internet traffic, not just your browser. On mine I also provide a DNS service for other nodes on my network.

7) In the latest versions you can set up a (set of) DNS relays between you and the DNS provider, which masks your IP from them and your query form the relays.

In Firefox (about:config) you set your Network.TRR.mode to 5, so bypass the internal DoH with /etc/resolv.conf pointing to your dnscrypt-proxy. There is also an option that allows you to provide a DoH server for Firefox, which then connects to the internet using any of the other dnscrypt-proxy options.

#2 Re: Documentation » Replace GRUB with alternate bootloader: extlinux » 2020-08-06 21:15:11

Vernon wrote:

I have only seen the block device allocation change when disks were added. I have never seen the block device allocation change on a single disk system. Regardless, using UUIDs is a much safer practice long term.

It also happens if you unplug the drives and put them back in a different order.
I did this once, OK, I was adding new drives for a RAID1 install, and forgot to record which socket each disk was plugged in to originally and got some what confused for a while. However even if you don't add drives just permuting the existing drives would do it.

#3 Re: Hardware & System Configuration » [ SOLVED ] cant run command from commandsline » 2020-08-04 22:00:08

Just to provide another example.

Beowulf/Cinnamon, default terminal is gnome-terminal and I've not noticed any issues using it (including a display from the xpra server over ssh on another machine), but I'm running it from an applet, so I don't see any messages.

However:

marjorie@grendel:~$ gnome-terminal
# watch_fast: "/org/gnome/terminal/legacy/" (establishing: 0, active: 0)
# unwatch_fast: "/org/gnome/terminal/legacy/" (active: 0, establishing: 1)
# watch_established: "/org/gnome/terminal/legacy/" (establishing: 0)

and child terminal opens OK.

marjorie@grendel:~$   

And then as sudo:

marjorie@grendel:~$ sudo gnome-terminal
# posix_spawn avoided (fd close requested) 
# watch_fast: "/org/gnome/terminal/legacy/" (establishing: 0, active: 0)
# unwatch_fast: "/org/gnome/terminal/legacy/" (active: 0, establishing: 1)
# watch_established: "/org/gnome/terminal/legacy/" (establishing: 0)

and child terminal opens OK as root in my home directory.

root@grendel:/home/marjorie#      

I don't have ash, nor xterm for that matter.

#5 Re: Installation » [Solved]Grub failing to boot - grub_calloc not found » 2020-07-31 12:24:58

Logged on this afternoon and unattended-upgrade has just updated grub-common.

Start-Date: 2020-07-31  12:10:26                                       
Commandline: /usr/bin/unattended-upgrade
Requested-By: marjorie (1000)
Upgrade: grub-common:amd64 (2.02+dfsg1-20+deb10u1, 2.02+dfsg1-20+deb10u2)
End-Date: 2020-07-31  12:10:28 

Maybe this fixes the problem?

https://linuxsecurity.com/advisories/de … e-17-52-37

Package        : grub2
Debian Bug     : 966554

The update for grub2 released as DSA 4735-1 caused a boot-regression
when chainloading another bootlaoder and breaking notably dual-boot with
Windows. Updated grub2 packages are now available to correct this issue.

For the stable distribution (buster), this problem has been fixed in
version 2.02+dfsg1-20+deb10u2.

We recommend that you upgrade your grub2 packages.

For the detailed security status of grub2 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/grub2

Oddly 'grub-common' is the only grub package I have on this PC, my other (my mail server) has 'grub-common', 'grub2-common', 'grub-pc' and and 'grub-pc-bin'. Both were fresh Beowulf Beta installs.

#6 Re: Installation » [Solved]Grub failing to boot - grub_calloc not found » 2020-07-30 21:27:13

Very odd. I got the same version (2.02+dfsg1-20+deb10u1) of grub-common with unattended -upgrades (which is for security updates only) at 9:45 this morning and it works fine (legacy-bios, not EFI-signed).

#7 Re: Devuan » Best Practices for preinst / postinst dpkg Compatibility » 2020-07-30 20:04:14

As I understand it the correct way is to re-build the .deb package from the source using deb_helper.
There a tutorial on the overall process here: https://wiki.debian.org/BuildingTutorial.
Though the tutorial uses an example where you want to change the source code (and recompile) not just the packaging.

Essentially to create a Devuan compatible .deb you need to:
1) add a suitable init script to the files tree (your /etc/init.d/zoneminder). As has been pointed out by Head_on_a_Stick you can generate one from the systemd service file using the sysv2d.sh script.
2) Adding a Debian rule to generate the sysvinit additions to the postinst and postrm scripts.
The rule will be a parametrisation of the deb helper program dh_installinit.
3) Change the version number and annotate the change.
4) If you then want to submit as a bug to Debian create a diff on the original and submit  it with the bug report.

When you've recreated your .deb you might see in your postinst file something like this :

# Automatically added by dh_installinit/12.1.1
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
	if [ -x "/etc/init.d/chrony" ]; then
		update-rc.d chrony defaults >/dev/null
		if [ -n "$2" ]; then
			_dh_action=restart
		else
			_dh_action=start
		fi
		invoke-rc.d --skip-systemd-native chrony $_dh_action || exit 1
	fi
fi
# End automatically added section

This example (for chrony) enables (using update-rc.d) and starts (using invoke-rc.d) the init.

The corresponding addition to postrm is:

# Automatically added by dh_installinit/12.1.1
if [ "$1" = "purge" ] ; then
	update-rc.d chrony remove >/dev/null
fi
# End automatically added section

However some maintainers don't provide an init file and don't run dh_installinit, which is where we get problems.

Here is an example of the rules for another deb (nftables) that doesn't. As you can see, dh_installinit is called but just with the -n parameter and so doesn'r run. Run without any parameters it will create the postinst code to enable and start the init and the postrm code to remove it. For some programs you might not want to have enable or start (in this case for dh_installsystemd they are turned off by parameters --no-enable- -no-start).

#!/usr/bin/make -f

ifeq (,$(filter terse,$(DEB_BUILD_OPTIONS)))
export DH_VERBOSE=1
endif
export PYBUILD_NAME = nftables
export DEB_BUILD_MAINT_OPTIONS = hardening=+all

configure_opts	:= --with-xtables --with-json --with-python-bin=/usr/bin/python3

override_dh_auto_configure:
	dh_auto_configure -- $(configure_opts) --

%:
	dh $@ --with python3

override_dh_fixperms:
	dh_fixperms
	chmod a+x debian/nftables/etc/nftables.conf

override_dh_installsystemd:
	dh_installsystemd --no-enable --no-start

override_dh_installinit:
	# dh_installinit will try to mess with /etc/init.d/nftables in
	# the maintainer scripts, but we don't ship it
	dh_installinit -n

override_dh_installexamples:
	dh_installexamples -XMakefile
	# upstream examples are installed in by the 'install' target to '/etc/nftables'
	mv debian/tmp/etc/nftables/*.nft debian/nftables/usr/share/doc/nftables/examples/
	rm -rf debian/nftables/etc/nftables

#8 Re: Desktop and Multimedia » xfce4-alsa-plugin now available for Debian-based systems (0.3.0-2) » 2020-07-29 10:54:18

jobbautista9 wrote:

The sysd2v script did work, however the iwd sysvinit script generated doesn't autostart at boot, so I have to "service iwd start" as root once I logged in. I'm using openrc..

I use sysvinit not openrc, however with sysvinit you would also need to (as root, I use sudo)

1) ensure the execute bit is set for your init script

sudo chmod +x  /etc/init.d/your_script_name

though I'm guessing you must have done this for the service command to work.

2)  and run

sudo update-rc.d your_script-name defaults

this creates the sym links ( /etc/rc.x/SNNyour_script_name and /etc/rc.x/KNNyour_script_name) from your_script_name in the various (NN=00..06,S) run level directories needed to trigger starting/stopping the init script at boot.

#9 Re: Off-topic » New forum member » 2020-07-19 15:32:44

golinux wrote:

golinux misses gksu  . . .

Amen.

#10 Re: Off-topic » New forum member » 2020-07-19 12:01:23

There's obviously more than one way to skin a cat :-)

If I know exactly where a file I want to edit is:

~$ sudoedit /full/path/to/file

(having previously put

export EDITOR=/usr/bin/gedit

in my .bashrc).

#11 Re: Off-topic » New forum member » 2020-07-18 22:42:02

If you're a system admin and don't want to use/don't have a root login/ password (I don't) then open a user terminal and type:

~$ sudo nemo

or whatever's your graphical file manager and then at the prompt enter your user password..
This work just as well.

nb. I use Cinnamon (I'm another pre-systemd Mint refugee) so my main file manager is nemo and my file editor is gedit.

I find this a particularly useful way of finding my way around/editing system files when I've ssh -X in order to work on a remote PC.

#12 Re: Other Issues » File /etc/protocols not found!!! » 2020-07-18 21:48:22

Not sure what you are doing that's not providing the expected result.

There's nothing wrong with the netbase package.
Check the files list in synaptic: /etc/protocols is listed there.
As far as I'm aware on my PCs it came with my initial, clean, Beowulf Beta installs.

#13 Re: Other Issues » [Solved] linux-5.6.0-0.bpo.2 stucks at "waiting for /dev.... udevd" » 2020-07-06 22:23:42

Head_on_a_Stick wrote:
Debuser2018 wrote:

thermald, has only systemd script /lib/systemd/system/thermald.service . No /etc/rc* or /etc/init.d/ script for startup.

You can convert a systemd unit file to a sysvinit script with sysd2v.

Then copy your_init_script to /etc/init.d/ Make it executable (+x). Change the owner:group to root:root.

You'll then need to run:

sudo update-rc.d your_init_script defaults

to set up the /etc/rc* files (which are symlinks back to your_init_script)

and

sudo invoke-rc.d your_init_script start

to start the daemon immediately.

sudo service your_init_script start

should also work.

#14 Re: Other Issues » File /etc/protocols not found!!! » 2020-07-02 21:35:50

Head_on_a_Stick wrote:

The netbase package supplies /etc/protocols.

Eaglet wrote:

ebtables

That's obsolete, use nftables instead.

See also https://www.debian.org/releases/stable/ … l#nftables

Yes, nftabes is a better system. I use it myself. However be aware that from a Devuan perspective the Debian packaging is broken, some of it by design:

1) the automatic sysvinit installer script (in the deb postinst), which should set it up if systemd is missing, it's not there. Of course it wouldn't work anyway because
2) etc/init.d/nftables is not there. There is a version provided (named nftables.init), but only as an example, and it doesn't work because the LSB header run-levels are wrong. Not too difficult to fix, but does need fixing. And the execute bit is not set.
3) However nftables itself works fine without systemd.

See our discussion at https://dev1galaxy.org/viewtopic.php?id=2889

NB. this doesn't seem to be the only non-Devuanised Debian package I've wanted to use that is not non-systemd ready. Shouldn't it be a requirement?

#15 Re: Other Issues » [Solved] linux-5.6.0-0.bpo.2 stucks at "waiting for /dev.... udevd" » 2020-06-28 22:03:54

Is this a re-emergence in the new kernel of this reported bug in Debian Buster, which has never seemed to be an issue in Beowulf?

5.1.5. Daemons fail to start or system appears to hang during boot

Due to systemd needing entropy during boot and the kernel treating such calls as blocking when available entropy is low, the system may hang for minutes to hours until the randomness subsystem is sufficiently initialized (random: crng init done). For amd64 systems supporting the RDRAND instruction this issue is avoided by the Debian kernel using this instruction by default (CONFIG_RANDOM_TRUST_CPU).

Non-amd64 systems and some types of virtual machines need to provide a different source of entropy to continue fast booting. haveged has been chosen for this within the Debian Installer project and may be a valid option if hardware entropy is not available on the system. On virtual machines consider forwarding entropy from the host to the VMs via virtio_rng.

If you read this after upgrading a remote system to buster, ping the system on the network continuously as this adds entropy to the randomness pool and the system will eventually be reachable by ssh again.

See the wiki https://wiki.debian.org/BoottimeEntropyStarvation and DLange's overview of the issue https://daniel-lange.com/archives/152-hello-buster.html for other options.

source: https://www.debian.org/releases/buster/ … starvation

#16 Re: Installation » SOLVED: Beowulf: quite good, but ...... » 2020-06-22 19:22:06

OK, so not dissimilar to mine: your is Celeron 6 gen 4 core vs the 5 gen 2 core on mine so it's not as if it has recent/high spec. hardware that could be causing problems.

Your'e operating under EFI, I'm not. However I'm assuming your previous ascii install was EFI too?

I using sysVinit. There have been problems reported on Beowulf with shutdown with OpenRC.

Are you certain your Beowulf install iso (btw which one did you use?) hasn't become corrupted. Have you checked it?

#17 Re: News & Announcements » Beowulf 3.0.0 is here! » 2020-06-22 14:48:38

Somewhat Reticent wrote:

Looks like it's been this week's DistroWatch Weekly review.

to save seaching for it, it's here:

https://distrowatch.com/weekly.php?issu … 622#devuan

#18 Re: Installation » SOLVED: Beowulf: quite good, but ...... » 2020-06-22 14:22:19

I also have a NUC running Beowulf without issue, albeit it's my mailserver, running headless and rarely rebooted: the last time was was for a kernel image upgrade to 4.19.0.9 (which was unproblematic).

Mine's a very basic NUC5CPYH 85254, 4GB, 120 GB SSD, mbr, LVM apart from /boot and I run it in legacy bios mode, not EFI.

#19 Re: Installation » Beowulf and Legion y540 » 2020-06-21 10:25:29

I had this problem with nvidia-persistenced back in April when I upgraded to Beowulf-Beta.

It's caused by an error in etc/init.d/nvidia-persistenced that happens when it is started and there is already another copy running.

nvidia-persistenced is not really needed unless you use CUDA.

If you's rather keep it you can patch it so that it doesn't misbehave (with the patch it checks if there is already a copy running and just exits if there is).

See https://dev1galaxy.org/search.php?actio … w_as=posts for details.

My patched version is in post #3, also shown below:

#!/bin/sh -e
#
# NVIDIA Persistence Daemon Init Script
#
# Copyright (c) 2013 NVIDIA Corporation
#
# Permission is hereby granted, free of charge, to any person obtaining a
# copy of this software and associated documentation files (the "Software"),
# to deal in the Software without restriction, including without limitation
# the rights to use, copy, modify, merge, publish, distribute, sublicense,
# and/or sell copies of the Software, and to permit persons to whom the
# Software is furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
# DEALINGS IN THE SOFTWARE.
#
# This is a sample System V init script, designed to show how the NVIDIA
# Persistence Daemon can be started.
#
# This sample does not rely on any init system functions, to ensure the
# widest portability possible.
#
# chkconfig: 2345 99 01
# description: Starts and stops the NVIDIA Persistence Daemon
# processname: nvidia-persistenced
#
### BEGIN INIT INFO
# Provides:         nvidia-persistenced
# Required-Start:   $local_fs
# Required-Stop:    $local_fs
# Default-Start:    2 3 4 5
# Default-Stop:     0 1 6
# Short-Description: Starts and stops the NVIDIA Persistence Daemon
# Description:      Starts and stops the NVIDIA Persistence Daemon
### END INIT INFO


NVPD=nvidia-persistenced
NVPD_BIN=/usr/bin/${NVPD}
NVPD_RUNTIME=/var/run/${NVPD}
NVPD_PIDFILE=${NVPD_RUNTIME}/${NVPD}.pid
NVPD_USER=nvpd
NVPD_ACTION=${1}

# Gracefully exit if the package has been removed.
test -x $NVPD_BIN || exit 0

# Get the value of the PID
if [ -f ${NVPD_PIDFILE} ]; then
 read -r NVPD_PID < "${NVPD_PIDFILE}"
# Is the daemon already running?
 if [ "${NVPD_PID}" ] ;then 
  if [ -d /proc/${NVPD_PID} ]
# Daemon is running, so stop it then start a new instance
   then
    case "${1}" in
     start)
      echo "NVIDIA Persistence Daemon already running" 
      NVPD_ACTION=restart
      ;;
     *)
      ;;
    esac
# Daemon not running, but there is a stale PID
   else
    echo "NVIDIA Persistence Daemon, stale PID removed"			
    unset NVPD_PID
    rm -rf "${NVPD_RUNTIME}"
  fi
 fi
fi

case "${NVPD_ACTION}" in
 start)
  echo "Starting NVIDIA Persistence Daemon"
# Execute the daemon as the intended user
  ${NVPD_BIN} --user ${NVPD_USER}
  ;;
 stop)
   echo "Stopping NVIDIA Persistence Daemon"
# Stop the daemon - its PID should have been read in
   [ ! -z "${NVPD_PID}" ] && kill ${NVPD_PID} &> /dev/null
    ;;
  restart)
   $0 stop
   sleep 2
   $0 start
    ;;		
  *) echo "usage: $0 {start|stop|restart}"
    ;;
esac

exit 0

#20 Re: Off-topic » desktop / workspaces » 2020-06-20 11:00:39

Looks like my Cinnamon applet is based on wmctrl.

This is the sorted output (stripping Col 1) of wmctrl. The applet  formats this, though in a different order within workspace (and pulls in an app icon). Workspace -1 is my Desktop (shown on all the others too), Workspace 3 and 4 are unused.

$ sudo wmctrl -l | cut -b 11- | sort -n
 -1 grendel Desktop
  0 grendel Inbox (3 unread) — Evolution
  0 grendel John Martyn - Outside In (Paused)
  0 grendel /var/log/syslog.1
  1 grendel BBC iPlayer - Mozilla Firefox
  1 grendel BiPAC 8900X R2 - Mozilla Firefox
  1 grendel Calculator
  1 grendel desktop / workspaces / Off-topic / Dev1 Galaxy Forum - Mozilla Firefox
  1 grendel e-post.meeble.net/rspamd/ - Rspamd Web Interface - Mozilla Firefox
  1 grendel How to create an AppArmor Profile | Ubuntu - Mozilla Firefox
  1 grendel How to enable hibernate option in Ubuntu 20.04? - Ask Ubuntu - Mozilla Firefox
  1 grendel marjorie@grendel: ~
  1 grendel marjorie@grendel: ~
  1 grendel marjorie@grendel: /etc/apparmor.d
  1 grendel Newest 'nftables' Questions - Server Fault - Mozilla Firefox
  1 grendel Online Challenges & Races - British Rowing - Mozilla Firefox
  1 grendel Redis configuration – Redis - Mozilla Firefox
  1 grendel Sound
  1 grendel /var/log/syslog
  1 grendel Your account | PremierPlayer.tv - Mozilla Firefox

#21 Re: Off-topic » desktop / workspaces » 2020-06-19 16:36:01

The "Windows Quick List" applet in Cinnamon shows this information (list of names and an icon, by Workspace).
I've never found any source code for these applets though.

#22 Re: Off-topic » On this day - UNIX calender » 2020-06-16 19:27:03

Not so quick there - it's still 16 June here in the UK.

#23 Re: Other Issues » Devuan and privacy » 2020-06-14 09:27:58

There is an /etc/cron.daily program 'popularity contest' that logs and reports weekly which packages you have/use.

It is optional (you can turn it off) and anonymous in intent.

Firefox can be configured to provide telemetry (but you can turn it off) and it can check for updates to add-ons you have installed (also optional). You can install  other browsers that promise more.

To can install programs or configure your browser to encrypt DNS queries, so you only share them with your chosen DNS provider (but you still have to trust them not to log, etc). I use dnscrypt-proxy.

#24 Re: Other Issues » [SOLVED] Security update delays » 2020-06-14 09:20:57

Maybe working again?

On my mail-server unattended-upgrades (beowulf-security updates only)  downloaded an intel-microcode package at 03:45 BST.

Unattended upgrade result: All upgrades installed 

Packages that were upgraded:
 intel-microcode 

Package installation log:
Log started: 2020-06-14  03:45:13
apt-listchanges: Reading changelogs...
Preparing to unpack .../intel-microcode_3.20200609.2~deb10u1_amd64.deb ...
Unpacking intel-microcode (3.20200609.2~deb10u1) over (3.20191115.2~deb10u1) ...
Setting up intel-microcode (3.20200609.2~deb10u1) ...
update-initramfs: deferring update (trigger activated)
intel-microcode: microcode will be updated at next boot
Processing triggers for initramfs-tools (0.133+deb10u1) ...
update-initramfs: Generating /boot/initrd.img-4.19.0-9-amd64
Log ended: 2020-06-14  03:45:24

Unattended-upgrades log:
Enabled logging to syslog via daemon facility 
Initial blacklist : 
Initial whitelist: 
Starting unattended upgrades script
Allowed origins are: o=Devuan,n=beowulf-security
Packages that will be upgraded: intel-microcode
Writing dpkg log to /var/log/unattended-upgrades/unattended-upgrades-dpkg.log
All upgrades installed

#25 Re: Off-topic » system info practice script » 2020-06-13 14:09:36

Works for me, but I had to install the wmctrl package as it's not there by default.

user@hostname
-------------------------------------
os:   	Devuan GNU/Linux 3 (beowulf)
kernel:	4.19.0-9-amd64
uptime:	22 hours, 44 minutes
pkgs: 	2102
memory:	3.1Gi / 7.8Gi
wm:   	Mutter
shell:	/bin/bash
editor:	/usr/bin/gedit

Board footer

Forum Software