The officially official Devuan Forum!

You are not logged in.

#201 Re: Other Issues » [SOLVED] Security update delays » 2019-06-16 17:00:12

Here's my result:

$ date && apt policy thunderbird
Sun Jun 16 12:56:56 EDT 2019
thunderbird:
  Installed: 1:60.7.0-1~deb9u1
  Candidate: 1:60.7.0-1~deb9u1
  Version table:
     2:52.9.1-2~mx17+2 50
         50 http://mxrepo.com/mx/repo stretch/main i386 Packages
 *** 1:60.7.0-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/main i386 Packages
        100 /var/lib/dpkg/status
     1:60.6.1-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii/main i386 Packages

#202 Re: Other Issues » [SOLVED] Security update delays » 2019-05-18 21:18:47

Here's some more data:

$ apt policy intel-microcode:amd64
intel-microcode:amd64:
  Installed: (none)
  Candidate: 3.20190514.1~deb9u1
  Version table:
     3.20190514.1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/non-free amd64 Packages
     3.20180807a.2~deb9u1 500
        500 http://deb.devuan.org/merged ascii/non-free amd64 Packages
$ apt policy intel-microcode
intel-microcode:
  Installed: 3.20180807a.2~deb9u1
  Candidate: 3.20180807a.2~deb9u1
  Version table:
 *** 3.20180807a.2~deb9u1 500
        500 http://deb.devuan.org/merged ascii/non-free i386 Packages
        100 /var/lib/dpkg/status
     3.20180807a.1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/non-free i386 Packages

So, the package for 64-bit systems is up to date, but the one for 32-bit systems is not. Although I am by no means an expert on Devuan, this seems to suggest that Amprolla is not working properly.

Phil

#203 Re: Other Issues » [SOLVED] Security update delays » 2019-05-18 00:11:23

Here's another example:

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4447-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 15, 2019                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : intel-microcode
CVE ID         : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
                 CVE-2019-11091

This update ships updated CPU microcode for most types of Intel CPUs. It
provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware
vulnerabilities.

To fully resolve these vulnerabilities it is also necessary to update
the Linux kernel packages as released in DSA 4444.

For the stable distribution (stretch), these problems have been fixed in
version 3.20190514.1~deb9u1.

We recommend that you upgrade your intel-microcode packages.

For the detailed security status of intel-microcode please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/intel-microcode

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

More than 60 hours later and the update has not shown up yet:

$ apt policy intel-microcode
intel-microcode:
  Installed: 3.20180807a.2~deb9u1
  Candidate: 3.20180807a.2~deb9u1
  Version table:
 *** 3.20180807a.2~deb9u1 500
        500 http://deb.devuan.org/merged ascii/non-free i386 Packages
        100 /var/lib/dpkg/status
     3.20180807a.1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/non-free i386 Packages

Phil

#204 Re: Installation » Interested in installing devuan, couple questions before I do » 2019-05-11 14:01:01

krauser wrote:

While I doubt Debian repositories work as intended on Devuan, let's say I want to install Lutris. The most common way to do that under Debian is to add a repo and then update and install. Could I add that Debian repo on Devuan?

Yes. The instructions for Debian found on this web page should also work for Devuan:

https://lutris.net/downloads/

Phil

#205 Re: Other Issues » [SOLVED] Security update delays » 2019-03-18 05:24:04

fsmithred wrote:

/etc/apt/preferences.d/mxrepo (or some other file name)

Package: *
Pin: origin "mxrepo.com"
Pin-Priority: 400

I think that will work. The man page for apt_preferences says that origin can match a hostname. I don't know if you need to make a separate entry for la.mxrepo.com or if the one will get both.

It turned out that a pin priority of 400 is too high. Even 100 is too high. I lowered it to 50 and now it works; 99 probably would have also worked, but I didn't bother testing it since the problem was already solved.

EDIT:

I thought I had this working, but further testing (via routine usage of the system) proved me wrong. I believe I have it working now, though, using this configuration:

Package: adobe-flashplugin
Pin: origin "mxrepo.com"
Pin-Priority: 100

Package: *
Pin: origin "mxrepo.com"
Pin-Priority: 50

Phil

#206 Re: Other Issues » [SOLVED] Security update delays » 2019-03-05 20:52:12

@fsmithred: That works. Thank-you!

@anonymous: Try running aptitude update or apt-get update and then check again.

Here are my results:

$ apt policy openssh-client
openssh-client:
  Installed: 1:7.4p1-10+deb9u6
  Candidate: 1:7.4p1-10+deb9u6
  Version table:
 *** 1:7.4p1-10+deb9u6 500
        500 http://deb.devuan.org/merged ascii-security/main i386 Packages
        100 /var/lib/dpkg/status
     1:7.4p1-10+deb9u5 500
        500 http://deb.devuan.org/merged ascii/main i386 Packages

Phil

#207 Re: Other Issues » [SOLVED] Security update delays » 2019-03-05 02:23:28

The reason I set ASCII as the default release was because I am using an MX Linux repo for their adobe-flashplugin package.

Contents of /etc/apt/sources.list.d/mx-17.list:

# MX Community Main and Test Repos

deb http://mxrepo.com/mx/repo/ stretch non-free #main

#deb http://la.mxrepo.com/mx/testrepo/ stretch test

However, with the MX-17 repo enabled, APT tries to pull in other packages:

$ aptitude upgrade -s
The following packages will be upgraded: 
  intel-microcode unrar 
2 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,557 kB of archives. After unpacking 9,216 B will be used.

Note: Using 'Simulate' mode.
Do you want to continue? [Y/n/?]

If I lower the priority of the MX-17 repo to 400, will that solve this problem? If so, how do I do that?

#208 Re: Other Issues » [SOLVED] Security update delays » 2019-03-05 00:00:36

I am not using apt pinning. This directory is empty:

/etc/apt/preferences.d

However, I have this...

// Set ASCII as the default release
APT::Default-Release "ascii";

...in this directory:
/etc/apt/apt.conf.d

Could that be the reason?

#209 Re: Other Issues » [SOLVED] Security update delays » 2019-03-04 22:05:10

Thanks for the reply. Here's that info:

$ apt policy libssl1.0.2
libssl1.0.2:
  Installed: 1.0.2q-1~deb9u1
  Candidate: 1.0.2q-1~deb9u1
  Version table:
     1.0.2r-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/main i386 Packages
 *** 1.0.2q-1~deb9u1 990
        990 http://deb.devuan.org/merged ascii/main i386 Packages
        100 /var/lib/dpkg/status

That's an interesting (but puzzling) result.

#210 Other Issues » [SOLVED] Security update delays » 2019-03-04 02:15:35

pcalvert
Replies: 38

Is it normal for security updates to take several days to show up in Devuan? I am notified when there are security updates for Debian, and I've noticed that it often takes several days for those updates to show up in Devuan.

For example:

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4400-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 28, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openssl1.0
CVE ID         : CVE-2019-1559

Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding
oracle attack in OpenSSL.

For the stable distribution (stretch), this problem has been fixed in
version 1.0.2r-1~deb9u1.

We recommend that you upgrade your openssl1.0 packages.

For the detailed security status of openssl1.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openssl1.0

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

My amd64 Devuan system received that update today, though it might have been available earlier because that system is in a VM and runs only periodically. However, my i386 Devuan system still thinks that 1.0.2q-1~deb9u1 is the latest version of that package:

$ aptitude upgrade libssl1.0.2 -s
libssl1.0.2 is already installed at the latest version (1.0.2q-1~deb9u1), so it will not be upgraded
No packages will be installed, upgraded, or removed.
0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B of archives. After unpacking 0 B will be used.
Would download/install/remove packages.

Is this normal behavior?

Phil

#211 Re: Desktop and Multimedia » [SOLVED] Firefox 60 (ESR) poor print quality » 2018-12-17 22:50:11

I created a new Firefox profile to see if that would help, but it did not. I also have Devuan ASCII (64-bit) in a VM, and I tried the same test with that system. No problem there.

The Devuan ASCII system with the problem, the one that I am using right now, started out as Debian Squeeze, so it's an old system that (likely) has a considerable amount of cruft. Since I am planning to reinstall the system some time next year, I now consider this problem as solved. Thank you all for your help.

Phil

P.S. I unchecked "Allow pages to choose their own fonts, instead of your selections above", and the problem is now gone.

#212 Re: Desktop and Multimedia » [SOLVED] Firefox 60 (ESR) poor print quality » 2018-12-16 07:50:44

golinux wrote:

It looks fine to me too. BTW, I am using "Document Viewer", which I believe is Evince.

Here's mine:
https://transfer.sh/Ui8xn/Firefox-print-to-PDF-test.pdf

Phil

#213 Re: Desktop and Multimedia » [SOLVED] Firefox 60 (ESR) poor print quality » 2018-12-15 23:01:57

If anyone wants to test this, visit this web page:
Tamiflu Prices and Tamiflu Coupons - GoodRx

Click on one of the green buttons that read "GET FREE COUPON". After the page with the coupon loads, print the page to a PDF file.

Phil

#214 Re: Desktop and Multimedia » [SOLVED] Firefox 60 (ESR) poor print quality » 2018-12-15 20:19:36

Thank you for your reply.

guuml.dev1 wrote:

I'm just assuming, you have saved a file named "pfd.js" instead of printing to a file "pdf.pdf".

Your assumption is incorrect.

Phil

#216 Desktop and Multimedia » [SOLVED] Firefox 60 (ESR) poor print quality » 2018-12-04 18:19:24

pcalvert
Replies: 14

When I print a web page to a PDF file using Firefox, the print quality is inconsistent. Sometimes the text is okay, but other times it's jagged-looking and barely readable. Has anyone else encountered this problem?

BTW, I had the same problem in Firefox 52 (ESR), and I was hoping that the problem wouldn't still be there in the newer version. As a workaround, I've been using Chromium, which prints to PDF just fine.

Note: The problem may possibly be related to this bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=932289

Phil

#217 Re: Other Issues » (Un)Limited TTL for mirror Release files » 2018-11-28 17:08:04

Dutch_Master wrote:

A few weeks ago I made the decision to switch over to Devuan instead. Regrettably, for a novice the default DE is too spartan, so I wanted Mate instead. But that can't be installed from the install DVD (missing policykit packages) as well as quite a few machines can't boot from DVD at all.

Why don't you connect a DVD drive via USB? You won't need to boot from it since you'd only be pulling packages from the DVD(s). And, yes, it can be done because that's what I used to do for an old laptop that wouldn't reliably boot from a DVD, even though it had a DVD-ROM drive. With this solution, installing the additional packages from the DVD(s) would need to be done post-installation.

Here's the command you would need to make this work:

# apt-cdrom -d <path-to-the-USB-DVD-drive>

After installation and set-up is complete, you would need to edit sources.list to remove the reference(s) to the DVD(s).

Phil

#218 Re: Other Issues » Frequent aptitude upgrade error » 2018-11-28 15:54:13

I did a little more detective work on this today. I found three packages from Jessie that were, for some reason, never removed when I upgraded to ASCII.

$ apt-show-versions -u
remmina:i386/ascii-backports 1.1.1-2 upgradeable to 1.2.32.1+dfsg-1~bpo9+1
remmina-common:all/ascii-backports 1.1.1-2 upgradeable to 1.2.32.1+dfsg-1~bpo9+1
remmina-plugin-rdp:i386/ascii-backports 1.1.1-2 upgradeable to 1.2.32.1+dfsg-1~bpo9+1

After removing them the problem seems to have gone away, at least for now.

Phil

#219 Re: Other Issues » Frequent aptitude upgrade error » 2018-11-21 11:41:39

golinux wrote:

Thank you for the suggestion. Yes, I did, and the problem remains.

Phil

#220 Other Issues » Frequent aptitude upgrade error » 2018-11-21 06:38:22

pcalvert
Replies: 4

I often encounter this error when using aptitude to upgrade my Devuan ASCII system:

# aptitude update && aptitude upgrade
Get: 1 http://pkgmaster.devuan.org/merged ascii InRelease [25.6 kB]
Get: 2 http://pkgmaster.devuan.org/merged ascii-updates InRelease [25.6 kB]
Get: 3 http://pkgmaster.devuan.org/merged ascii-security InRelease [24.9 kB]
Get: 4 http://pkgmaster.devuan.org/merged ascii-backports InRelease [25.6 kB]
Hit http://download.virtualbox.org/virtualbox/debian stretch InRelease
Get: 5 http://pkgmaster.devuan.org/merged ascii-backports/main i386 Packages [510 kB]
Get: 6 http://pkgmaster.devuan.org/merged ascii-backports/main amd64 Packages [516 kB]
Fetched 1,128 kB in 7s (148 kB/s)                                                                                                                             
                                         
Resolving dependencies...                
Internal error: found 2 (choice -> promotion) mappings for a single choice.
No packages will be installed, upgraded, or removed.
0 packages upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
Need to get 0 B of archives. After unpacking 0 B will be used.

If I comment out backports and try again, the problem goes away. My guess is that someone has messed up and did not properly rename one of the packages in backports. Of course, I could be wrong. Any thoughts?

Phil

#221 Re: Documentation » HOWTO: lightdm (with libpam-elogind) + xfce4 (ASCII/Stable) » 2018-11-13 00:23:27

I thought I should post a follow-up to my previous message to explain my situation a little better. Back in 2017 I created a customized live CD based on Debian Jessie, but without systemd. While testing my live CD, I discovered that the "Restart" and "Shut Down" buttons in Xfce were not working properly. Since I built my live CD with "Recommends" (recommended packages) disabled, I figured that I must be missing some semi-important package(s). After a little research, I guessed that installing policykit-1 might fix the problem, and I was right.

To reiterate, this solution worked for me:

# aptitude update
# aptitude install policykit-1

That's it!

That systemd-free Debian Jessie was installed in a VM, and later on it was dist-upgraded to Devuan ASCII. The upgrade went smoothly, and afterward LightDM continued to work normally. I don't know what the best solution to this problem is, but I thought I should chime in with my experience in case the information is helpful to someone.

Phil

#222 Re: Documentation » HOWTO: lightdm (with libpam-elogind) + xfce4 (ASCII/Stable) » 2018-11-11 02:58:13

fred43 wrote:

Step 1:
Check that
   libpam-elogind, elogind, libelogind0, libpolkit-backend-elogind-1-0,
   libpolkit-gobject-elogind-1-0 and policykit-1
is *installed*.

I am using LightDM and I don't have those packages installed, except for policykit-1. I am also using Xfce, and the "Restart" and "Shut Down" buttons work fine. Is there something else broken that I've missed?

Phil

#223 Re: Other Issues » [SOLVED] Strange aptitude error: "...ifstream (13: Permission denied)" » 2018-06-07 09:10:00

Hi devuser,

Thank you for your efforts to try to determine possible causes for this error. Your reply prompted me to think more intensively about other possible causes for the error message, so it was definitely helpful.

I found the culprit: VirtualBox. I recently upgraded a Debian Stretch VM to Devuan ASCII. I created the new sources.list on the host system, and copied it to the guest via a shared directory. That's how the permissions got changed. Oddly enough, when I copied a test file from the guest to the host, via the same shared directory, the permissions were not changed. From now on, I'll have to remember to tar or zip files before copying them to guest systems.

Phil

#224 Other Issues » [SOLVED] Strange aptitude error: "...ifstream (13: Permission denied)" » 2018-06-07 03:32:59

pcalvert
Replies: 3

OS: Devuan ASCII

Error messages:

$ aptitude install gtk2-engines -s
E: Opening /etc/apt/sources.list - ifstream::ifstream (13: Permission denied)
E: Opening /etc/apt/sources.list - ifstream::ifstream (13: Permission denied)
E: The list of sources could not be read.

$ aptitude search gtk2-engines
E: Opening /etc/apt/sources.list - ifstream::ifstream (13: Permission denied)
E: Opening /etc/apt/sources.list - ifstream::ifstream (13: Permission denied)
E: The list of sources could not be read.

This appears to be the reason:

-rwxrwx--- 1 root root  227 Apr 22 00:56 sources.list

(Something changed the permissions for sources.list.)

An older copy of the file has the correct permissions:

-rw-r--r-- 1 root root 336 Jun 29  2017 sources.list

This corrected the problem:

# chmod 644 /etc/apt/sources.list

This is the last operation performed before discovery of the error:

# aptitude upgrade
The following packages will be upgraded: 
  base-files clearlooks-phenix-darkpurpy-theme curl google-chrome-stable 
  libcurl3 libcurl3-gnutls libpcsclite1 libpolkit-agent-1-0 
  libpolkit-backend-1-0 libpolkit-backend-consolekit-1-0 
  libpolkit-gobject-1-0 libpolkit-gobject-consolekit-1-0 libprocps6 
  policykit-1 procps tasksel tasksel-data xdg-utils 
The following packages are RECOMMENDED but will NOT be installed:
  gtk2-engines laptop-detect libfile-mimeinfo-perl libnet-dbus-perl 
  libx11-protocol-perl 
18 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 54.4 MB of archives. After unpacking 722 kB will be used.
Do you want to continue? [Y/n/?]

Perhaps one of those packages is the culprit?

Phil

Board footer

Forum Software