You are not logged in.
- Topics: Active | Unanswered
#76 Desktop and Multimedia » missing shutdown menu item in mate desktop/ panel / system menus » 2023-05-03 18:25:40
- bai4Iej2need
- Replies: 7
Hi
Recently I installed 3 computers from scratch. they should have the same desktop appearance. mate desktop, no big deal.
However they came out different. In one install the mate desktop/ panel / system menus / shutdown button is missing
Did not find out how to get it back. the other 2 have it.
All three have different HW and age. (2010 2 cores, 2017 2 cores, 2019 12 cores)
I now wonder why 2 have the shutdown button but the one of 2010 not. Although it had it before the HDD crash.
#77 Re: Installation » Chimaera Netinstall Live ISO 4.0.0 in Multibootstick » 2023-04-16 11:55:03
With a Ventoj multiboot stick never use automated install! You will need to use manual partitioning to have full control where the system goes. This works perfectly.
Unfortunately there is no way of deselecting the wrong partitioning of Ventoy stick
The choice on Ventoy stick with manual partitioning is
create LVM Partition or
create empty partition or
but there is missing point "do nothing" or "leave as is"
#78 Installation » Chimaera Netinstall Live ISO 4.0.0 in Multibootstick » 2023-04-15 19:18:52
- bai4Iej2need
- Replies: 6
I used my new and shiny VENTOY multibootstick to test the installation on a laptop Lenovo-R460, before doing a final install.
The laptop boots ventoy,
then I choose devuan_chimaera_4.0.0_amd64_netinstall.iso, which starts as with a normal boot-stick.
Arriving at the disk partition menue I choose to encrypt the whole or part of the partitions in LVM
Then the installer wants to encrypt the SSD , but also this part of /dev/sdb, the Multiboot stick Ventoy part, where the ventoy iso is installed.
The same happens in other partition menues with LVM
mount says there is no LVM Volume on /dev/sdb
So I stop using this sort of install.
It was hard enough to create this multiboot stick. Should not be destroyed.
#79 Installation » [SOLVED] chimaera live install 4.0.2 screensaver » 2023-04-12 08:19:38
- bai4Iej2need
- Replies: 5
Currently I am repairing the results of a HDD 800 badblocks affair.
I must treat 300GB 4 times, in 4 partitions
3 MBytes were damaged
a) ddrescue /dev/sda? => some_file? on to another SDD
b) cp some_file? anotherfile?
c) fsck.ext4 anotherfile?
d) mount anotherfile? @mountpoint?
e) cp -n @mountpoint?/* to whatever_placethey need on the new SDD to regain their place in the maintained directory tree
This to restore "as was"/"as is".
The ddrescue took about 4 hours.
currently the cp takes place and then the fsck
This is impeded by the screensaver kicking in and eating cpu time and my time
I changed this now to only blacken the display.
This should be the default on a live system.
Live systems used IMHO mainly for system repairs should not eat electric power, cpu time and admin time for no reason.
If s.o. want to view the screensaver, she can still do.
When doing a repair, there is little time for such games.
Best, if maintainer of live iso changes the default setting for the screen saver
#80 Re: Other Issues » Scrolling Output in the Console Window » 2023-04-11 19:20:48
bai4Iej2need wrote:Scrolled up and down on the local console and it works again.
Wait, what? Are you telling me that this stupid "nobody uses TTYs any more" regression has actually been fixed?
No sorry , I must have been in another -what ever - world
Today I have seen that busybox still can do the scroll, but pure kernel tty console cannot.
So I must take that back.
#81 Re: Hardware & System Configuration » USB Multiboot » 2023-04-10 17:30:02
rEFInd is UEFI only and does not work with some older HW of mine
Ventoy was the solution for me.
ls -hl
insgesamt 7,8G
-rwxr-xr-x 1 md md 2,6G 8. Apr 22:57 debian-live-11.6.0-amd64-xfce.iso
-rwxr-xr-x 1 md md 372M 16. Jun 2022 devuan_chimaera_4.0.0_amd64_netinstall.iso
-rwxr-xr-x 1 md md 642M 13. Jun 2022 devuan_chimaera_4.0.0_amd64_server.iso
-rwxr-xr-x 1 md md 405M 16. Jun 2022 devuan_chimaera_4.0.0_i386_netinstall.iso
-rwxr-xr-x 1 md md 1,2G 8. Apr 23:22 devuan_chimaera_4.0.2_amd64_desktop-live.iso
-rwxr-xr-x 1 md md 586M 10. Apr 23:48 devuan_chimaera_4.0.2_amd64_minimal-live.iso
-rwxr-xr-x 1 md md 856M 8. Apr 22:55 grml64-full_2022.11.iso
-rwxr-xr-x 1 md md 874K 29. Sep 2014 Memtest86-4.3.7.iso
-rwxr-xr-x 1 md md 6,0M 11. Apr 01:22 mt86plus_6.10_64.iso
-rwxr-xr-x 1 md md 816 11. Apr 00:59 SHA256SUMS_ventoy_sorted
-rwxr-xr-x 1 md md 1,3G 10. Apr 12:35 tails-amd64-5.11.img#82 Re: Installation » [SOLVED] how to reinstall a package needed for maintaining a system? » 2023-04-06 21:52:52
Does the system show any sign of life when you try to boot it?
Yes, the power light still goes on and off as I press the power button.
All my data are saved personal data in my nextcloud and system settings in my rsnapshot. as personal data are synced with other laptop.
This hp625-fubar came new with a SuSE install 11 years ago. I gave it to a family member.
Then the video failed in warranty and it came back to me.
When the video worked again, I saw a windows installation.
So someone (This Family Member) put windows95 on It.
I did not return it to family member, but I put debian on it and used it myself.
However Hewlett Packard was more a Hewed baggage than a helpful notebook. The hardware is full of kinks which debian / devuan does not respond to.
So there was eternal trouble with the fan and the video chip with internal broken bonds caused crashes the last time. This caused the initiation of this thread.
https://github.com/TheAomx/HP-625-Linux-Fancontrol
A trial to repair the video chip resulted in complete darkness.
Now I took all removable items (WLAN card, 9GB memory , SSD, battery ) out of this brick and it will go the path of all electronics. back to the furnace.
BTW: The solution is a used Lenovo E460 which I bought on Monday. Together with a lexmark printer and other supplements 260€
The SSD with windows10 will be removed and this SSD put inside.
A fresh install of devuan chimaera is next. But that will be a new thread, when I put Devuan on it.
#83 Re: Installation » [SOLVED] how to reinstall a package needed for maintaining a system? » 2023-04-02 10:21:18
System FUBAR (video ATI RadeOn 4225 failed, no display. )
#84 Installation » [SOLVED] mail filtering in console » 2023-03-30 11:24:11
- bai4Iej2need
- Replies: 3
I currently have a laptop powered up to sync and filter my emails with thunderbird, push them to different mail dirs and delete e.g. older messages to keep the volume down.
The laptop must have the user logged in Xorg to run thunderbird via crontab
No I want to shift this job to a server without xorg. and very low RAM (1GB)
application should load only the mail headers, because mail will never be read there.
application should sync with the imap server, so mail will be moved or purged there as well.
It would save the laptop to be powered up 24/7. The server runs anyhow.
I have seen that package alpine could do the job.
What is the experience with suitable Filter software ?
#85 Re: Hardware & System Configuration » USB Multiboot » 2023-03-18 22:06:55
Please look at the multi-boot iso that fsmithred made for the Devuan conference in April. That may give you some hints.
404 Not Found
#86 Re: Installation » [SOLVED] fail2ban banactions, convert from iptables to nftables » 2023-03-12 13:26:21
Hi Ralph and Majorie
2 days ago I did the fixes as described by Majorie, and I observe the logs now. No complaints from logwatch until now !
One Ban action has taken place yesterday. I keep fingers crossed !
#87 Re: Installation » [SOLVED] fail2ban banactions, convert from iptables to nftables » 2023-03-10 12:02:43
@Marjorie
Wondering if you've ended up with some form of hybrid iptables/nftables fail2ban config.
Yes, this is the case.
can you post the contents of your /etc/fail2ban/jail.conf and /etc/fail2ban/jail.local file?
fail2ban-client status
Status
|- Number of jail: 12
`- Jail list: apache-auth, apache-badbots, apache-botsearch, apache-fakegooglebot, apache-modsecurity, apache-nohome, \
apache-noscript, apache-overflows, apache-shellshock, nextcloud, sshd, sshlongtermI deleted all not active settings in following (>900 lines) in jail.conf. They are for applications, which are not installed.
grep -nv (.... many items) jail.conf
33:[INCLUDES]
36:before = paths-debian.conf
41:[DEFAULT]
92:ignoreip = 127.0.0.1/8 ::1 192.168.4.0/24 192.168.178.0/24
98:ignorecommand =
101:bantime = 10m
105:findtime = 10m
108:maxretry = 5
111:maxmatches = %(maxretry)s
132:backend = auto
143:usedns = warn
150:logencoding = auto
158:enabled = false
162:mode = normal
167:filter = %(__name__)s[mode=%(mode)s]
178:destemail = root@localhost
181:sender = root@<fq-hostname>
186:mta = sendmail
189:protocol = tcp
192:chain = <known/chain>
196:port = 0:65535
199:fail2ban_agent = Fail2Ban/%(fail2ban_version)s
208:banaction = iptables-multiport
209:banaction_allports = iptables-allports
212:action_ = %(banaction)s[port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
215:action_mw = %(action_)s
216: %(mta)s-whois[sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
220:action_mwl = %(action_)s
221: %(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]
227:action_xarf = %(action_)s
228: xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"]
232:action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"]
233: %(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]
243:action_blocklist_de = blocklist_de[email="%(sender)s", service="%(__name__)s", apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"]
253:action_badips = badips.py[category="%(__name__)s", banaction="%(banaction)s", agent="%(fail2ban_agent)s"]
257:action_badips_report = badips[category="%(__name__)s", agent="%(fail2ban_agent)s"]
263:action_abuseipdb = abuseipdb
268:action = %(action_)s
279:[sshd]
285:port = ssh
286:logpath = %(sshd_log)s
287:backend = %(sshd_backend)s
...
297:[selinux-ssh]
299:port = ssh
300:logpath = %(auditd_log)s
307:[apache-auth]
309:port = http,https
310:logpath = %(apache_error_log)s
313:[apache-badbots]
316:port = http,https
317:logpath = %(apache_access_log)s
318:bantime = 48h
319:maxretry = 1
322:[apache-noscript]
324:port = http,https
325:logpath = %(apache_error_log)s
328:[apache-overflows]
330:port = http,https
331:logpath = %(apache_error_log)s
332:maxretry = 2
335:[apache-nohome]
337:port = http,https
338:logpath = %(apache_error_log)s
339:maxretry = 2
342:[apache-botsearch]
344:port = http,https
345:logpath = %(apache_error_log)s
346:maxretry = 2
349:[apache-fakegooglebot]
351:port = http,https
352:logpath = %(apache_access_log)s
353:maxretry = 1
354:ignorecommand = %(ignorecommands_dir)s/apache-fakegooglebot <ip>
357:[apache-modsecurity]
359:port = http,https
360:logpath = %(apache_error_log)s
361:maxretry = 2
364:[apache-shellshock]
366:port = http,https
367:logpath = %(apache_error_log)s
368:maxretry = 1
...
581:[postfix]
583:mode = more
584:port = smtp,465,submission
585:logpath = %(postfix_log)s
586:backend = %(postfix_backend)s
589:[postfix-rbl]
591:filter = postfix[mode=rbl]
592:port = smtp,465,submission
593:logpath = %(postfix_log)s
594:backend = %(postfix_backend)s
595:maxretry = 1
598:[sendmail-auth]
600:port = submission,465,smtp
601:logpath = %(syslog_mail)s
602:backend = %(syslog_backend)s
605:[sendmail-reject]
610:port = smtp,465,submission
611:logpath = %(syslog_mail)s
612:backend = %(syslog_backend)s
...
675:[postfix-sasl]
677:filter = postfix[mode=auth]
678:port = smtp,465,submission,imap,imaps,pop3,pop3s
682:logpath = %(postfix_log)s
683:backend = %(postfix_backend)s
...
825:[pam-generic]
827:banaction = %(banaction_allports)s
828:logpath = %(syslog_authpriv)s
829:backend = %(syslog_backend)s
...
855:tcpport = 27030,27031,27032,27033,27034,27035,27036,27037,27038,27039
856:udpport = 1200,27000,27001,27002,27003,27004,27005,27006,27007,27008,27009,27010,27011,27012,27013,27014,27015
857:action_ = %(default/action_)s[name=%(__name__)s-tcp, port="%(tcpport)s", protocol="tcp"]
858: %(default/action_)s[name=%(__name__)s-udp, port="%(udpport)s", protocol="udp"]
860:[softethervpn]
861:port = 500,4500
862:protocol = udp
863:logpath = /usr/local/vpnserver/security_log/*/sec.log
865:[gitlab]
866:port = http,https
867:logpath = /var/log/gitlab/gitlab-rails/application.log
...
948:[phpmyadmin-syslog]
949:port = http,https
950:logpath = %(syslog_authpriv)s
951:backend = %(syslog_backend)s
...conf_grep.bash /etc/fail2ban/jail.d/jail.local
1:[sshlongterm]
2:port = ssh
3:logpath = %(sshd_log)s
4:backend = %(sshd_backend)s
5:banaction = nftables-multiport
6:maxretry = 35
7:findtime = 259200
8:bantime = 608400
9:enabled = true
10:filter = sshd@ralph.ronnquist
you could also just install iptables, couldn't you?
Yes I could, but the information of debian says, that iptables expires and nftables is the replacement and now the default for bullseye.
Why invest into the history ?
I was expecting to get a neat installation without leftovers from >=4 upgrades. (3 debian..2debianbuster,1 debianbuster2devuanbeowulf
and skipped the upgrade bewulf2chimaera,which was already pending.
And I expected to have a working OOTB interaction between fail2ban and nftables due to debians annoncement of nftables as default.
So as I made a fresh chimaera install anyhow, I cover this change (ip 2 nf) in the tables in the fresh chimaera installation too.
#88 Installation » [SOLVED] fail2ban banactions, convert from iptables to nftables » 2023-03-09 12:09:10
- bai4Iej2need
- Replies: 8
Hi
i have this chimaera fresh install, apache2 ,
with fail2ban and nftables
iptables is purged, as it was pulled in (IIRC)
but many fail2ban ban actions are set up to be iptables-<something>
and the log complains about functions not found:
-- exec: iptables -w -N f2b-apache-auth: 1 Time(s)
-- stderr: '/bin/sh: 1: iptables: not found': 1 Time(s)
Failed to execute ban jail 'apache-auth' action 'iptables-multiport' info '...: 1 Time(s)
Failed to execute ban jail 'apache-noscript' action 'iptables-multiport' in...: 1 Time(s)
Failed to execute ban jail 'apache-overflows' action 'iptables-multiport' i...: 1 Time(s)How to convert all references to iptables into the fitting references to nftables ?
BTW : I took the server off the WAN, to avoid problems.
#89 Installation » [SOLVED] how to reinstall a package needed for maintaining a system? » 2023-02-28 10:40:36
- bai4Iej2need
- Replies: 8
Hi
devuan chimaera
Due to a crash libunistring.so.2 /usr/lib/x86_64-linux-gnu/libunistring.so.2.1.0 is missing
this is needed from various apps needed for maintaining the system.
aptitude (and similar maintenance tools) run into an infinite loop complaining about the missing file.
How do I reinstall the package (and maybe others) in rescue mode ?
apt-file search libunistring.so
libunistring2: /usr/lib/x86_64-linux-gnu/libunistring.so.2
libunistring2: /usr/lib/x86_64-linux-gnu/libunistring.so.2.1.0
rescue mode
no apt, no apt-get , no aptitude !
edit:
no dpkg in rescue mode!
wget relies on libunistring.so.2
a multitude of packages rely directly or indirectly on libunistring2 !
#90 Re: Other Issues » Scrolling Output in the Console Window » 2023-01-24 15:47:12
My headless X-less server sent me a mail this morning, it had a new kernel from unattended upgrades in the last night.
Told me I should restart. Which I did. Which failed.
I had to move the server to a place with kbd mouse and monitor. Fixed it. Scrolled up and down on the local console and it works again.
Explanation : The unattended upgrade was not the cause of the failure. This would have happened on any restart. It was an error in one of my scripts. (file not found)
new is 5.10.0-21-amd64
Wonder still happen.
Server is now back in place.
#91 Re: Desktop and Multimedia » No microphone sound in Librewolf and Firefox too » 2023-01-23 21:22:52
It seems that after changes of the X user (#1 logout, s/o else logs in, s/o logs out, #1 login back ) settings might be confused
run in *terminal as user
/usr/sbin/alsactl initin cli
alsamixercheck all volume settings
check all mute positions
set "digital" other than 0 zero , to make microphone work.
This seems to have it fixed for me.
#92 Re: Forum Feedback » mail from flux@dev1galaxy.org » 2023-01-16 21:10:53
Are you subscribed to any threads on this forum?
Yes
I have 9 threads, which are abonements.
Maybe that's notification of a new post?
most likely that is.
#93 Re: Forum Feedback » mail from flux@dev1galaxy.org » 2023-01-14 16:50:11
I get one remainder every day.
#94 Re: Hardware & System Configuration » [SOLVED] postfix dynamic ipv6 interfaces » 2023-01-14 16:46:43
Do you have two NICs (eth0 and eth1)?
Yes
use one of the "Private internets" ranges
I take this as a solution, and will remove the portion which propagates the ipv6 range to the subnet
I felt, this was necessary, but is not in view of the existence of private subnets
I used this advice
https://subnettingpractice.com/how-to-subnet-ipv6.html
BTW the idea of having private ipv6 subnets is 
and contrary to the original Idea of worldwide ipv6 numbers.
Thank you
#95 Re: Hardware & System Configuration » [SOLVED] postfix dynamic ipv6 interfaces » 2023-01-13 15:32:55
These statements appear to be contrary to each other.
No contradiction within
the ISP provides a prefix range /56 or /64, of which a portion is assigned through propagation into the subnets behind.
e.g. when I unplug the WWW router and reconnect it, my subnet has new ipv6 numbers.
I still want postfix to listen only on the LAN and localhost for local messages. So postfix must know the actual IPv6 numbers of the LAN interface
netstat -tulpen | egrep "master|PID"
Proto Recv-Q Send-Q Local Address Foreign Address State Benutzer Inode PID/Program name
tcp 0 0 127.0.0.1:465 0.0.0.0:* LISTEN 0 6565139 20047/master
tcp6 0 0 ::1:465 :::* LISTEN 0 6565140 20047/master on Ipv4 postfix listens only locally, on ipv6 postfix listens on all interfaces.
anyone knowing the ipv6 address may try to use postmaster (fortunately behind a router blocking the port)
#96 Hardware & System Configuration » [SOLVED] postfix dynamic ipv6 interfaces » 2023-01-12 18:08:55
- bai4Iej2need
- Replies: 4
I have succeded with installing propagation of Ipv6 subnet numbers.
/etc/postfix/main.cf:
inet_interfaces = all
inet_interfaces = all (DEFAULT)
inet_interfaces = 127.0.0.1
inet_interfaces = 127.0.0.1, [::1] (Postfix version 2.2 and later)
inet_interfaces = 192.168.1.2, 127.0.0.1
inet_interfaces = localhostPostfix shall listen on eth1,(LAN) but not on eth0 (World).
what is missing here:
inet_interfaces = eth0
inet_interfaces = eth1with ipv6 I do not have fixed ip numbers, because these will change dynamically
Starting Postfix Mail Transport Agent: postfixpostmulti: fatal: config variable inet_interfaces: host not found: eth1The ipv6 numbers will change dynamically , what ever I receive from my ISP .
They (dhcpv6) might last 3 months or 1 hour. Both I had already.
How do I have postfix bind to an interface such as eth1 without mentioning the ipv6 numbers ?
#97 Forum Feedback » mail from flux@dev1galaxy.org » 2023-01-11 22:53:31
- bai4Iej2need
- Replies: 3
Liebe Posteo-Nutzerin, lieber Posteo-Nutzer,
wir haben soeben einen unsicheren E-Mail-Empfang vom Absender flux@dev1galaxy.org (dev1galaxy.org, 5.135.82.176) abgelehnt. Wir haben die E-Mail wie gewünscht nicht angenommen, weil Sie die TLS-Empfangs-Garantie aktiviert haben.
Mit freundlichen Grüßen,
das Posteo-TeamI received above message from my Mail provider twice already:
It says :
unsecured mail from flux@dev1galaxy.org has been refused by us (posteo.de), because of missing TLS ...
I have choosen to activate the feature TLS Reception on my mail account, as this feature throws out a lot of spam already before the reception in the mail server.
It might be sensible to provide TLS for dev1galaxy.org mailing activities. That surely is not spam.
Best regards
#98 Re: Other Issues » (Unattended-upgrades) Apparently I'm running Debian... Again. » 2023-01-08 15:03:36
Tested this at beowulf and after
aptitude show unattended-upgrades
Paket: unattended-upgrades
Version: 2.8vi 50unattended-upgrades%s/debian/devuan/g
%s/Debian/Devuan/g
:wqunattended-upgrade --debug | wc -l189 lines showed up (many) of debs, which can be upgraded.
In Devuan beowulf the problem is not fixed yet
#99 Re: Desktop and Multimedia » [SOLVED] eom called from Thunderbird fails to display svg » 2023-01-08 14:41:41
o wonderous world, wone week it worked
and ever since
#100 Re: Installation » FAI (Fully Automatic Installation) from debian to devuan » 2022-12-24 18:36:26
i think, the trick is to modify
/usr/share/doc/fai-doc/examples/simple/basefiles/mk-basefile
and to include devuan amongst the other distros.
probably needs a contact to upstream
merry Christmas
Board footer
