Back to Home / #debian / 2019 / 03 / Prev Day | Next Day
#debian IRC Logs for 2019-03-30

---Logopened Sat Mar 30 00:00:34 2019
00:33-!-trebmuh [] has quit [Ping timeout: 480 seconds]
00:40-!-mode/#debian [+l 380] by debhelper
00:41-!-mandeepb [~mandeep@] has quit [Remote host closed the connection]
00:43-!-cnote [~cnote@] has joined #debian
00:43-!-cnote is "Donald Norwood" on #debian-hamchat #debian-paultag-fanclub #debian-lts #tor-project #debian #debian-mulheres
00:52-!-mandeepb [~mandeep@] has joined #debian
00:52-!-mandeepb is "realname" on #debian-offtopic #packaging #oftc #debian-rust #debian-next #debian-live #debian-devel-changes #debian-apt #debian
00:55-!-trebmuh [] has joined #debian
00:55-!-trebmuh is "Olivier Humbert" on #debian #debian-edu #debian-l10n-fr #debian-live #debian-multimedia #debian-next #linux-rt #oftc
01:13-!-awal1 [] has quit [Quit: Leaving]
01:32-!-cnote [~cnote@] has quit [Remote host closed the connection]
01:37-!-broseph [] has joined #debian
01:37-!-broseph is "Child of God" on #debian-next #debian
01:47-!-Seeder [] has joined #debian
01:47-!-Seeder is "Seeder" on #oftc #debian-next #debian-kde #debian
01:51-!-SkarmoutsosV [] has joined #debian
01:51-!-SkarmoutsosV is "Vangelis Skarmoutsos" on #debian-i18n #debian-next #debian
01:54-!-wavekidsjp [] has quit [Quit: bye..]
01:56-!-zxq9 [] has quit [Quit: Konversation terminated!]
02:04-!-schizo [] has quit [Ping timeout: 480 seconds]
02:09-!-cef [] has quit [Remote host closed the connection]
02:14-!-mandeepb [~mandeep@] has quit [Remote host closed the connection]
02:29<rant>I've always used mplayer & mencoder personally
02:32-!-hekatei [] has joined #debian
02:32-!-hekatei is "none" on #debian
02:41<rant>nezZario: melt is the only thing other than mplayer/mencoder and ffmpeg that I know of IN Debian, but there is also this avxsynth
02:42<rant>nezZario: flowblade, gopchop, kazam, denlive, kino, pitivi among which some were recommended and DO have abilitiy to run scripts as does avidemux IIRC, but they are all _GUI_ programs in that they have heafty X deps and will not run without an X server
02:45<rant>nezZario: oh and oggvideotools for ogg files
02:47<rant>interface::commandline use::editing works-with::video debtags FTW
02:47<dpkg>hmm... debtags is a way of categorising packages with tags (facets) that describe how a package can be used, what data it can read/write, what interfaces it has etc. This adds another dimension to package searching. Install the debtags package, then search either using "debtags" or "aptitude". Search (or add new tags) at . See also or ask me about <aptitude search>.
02:49<rant>dpkg debtags =~ s/"./". For a GUI install packagesearch. /
02:49<dpkg>OK, rant
03:04-!-milkt [] has joined #debian
03:04-!-milkt is "debian" on #debian-games #debian-offtopic #debian-next #debian
03:11-!-phylophyl [] has joined #debian
03:11-!-phylophyl is "realname" on #debian-next #debian #freedombox
03:12-!-SkarmoutsosV [] has quit [Remote host closed the connection]
03:30-!-weedloser [] has joined #debian
03:30-!-weedloser is "realname" on #debian-next #debian-offtopic #debian
03:34-!-YuGiOhJCJ [] has joined #debian
03:34-!-YuGiOhJCJ is "YuGiOhJCJ" on #oftc @#yugiohjcj #qemu #debian
03:56-!-elowmahi [] has joined #debian
03:56-!-elowmahi is "orgunedhi" on #debian
03:59-!-trebmuh [] has quit [Ping timeout: 480 seconds]
04:01-!-mcon [] has joined #debian
04:01-!-mcon is "mcon" on #debian
04:02-!-trebmuh [] has joined #debian
04:02-!-trebmuh is "Olivier Humbert" on #debian #debian-edu #debian-l10n-fr #debian-live #debian-multimedia #debian-next #linux-rt #oftc
04:14-!-Texou [] has quit [Ping timeout: 480 seconds]
04:20-!-milkt [] has quit [Ping timeout: 480 seconds]
04:26-!-milkt [] has joined #debian
04:26-!-milkt is "debian" on #debian-games #debian-offtopic #debian-next #debian
04:43-!-mcon [] has quit [Quit: mcon]
04:47-!-ao2 [] has joined #debian
04:47-!-ao2 is "ao2" on #vcs-home #debian #cell
04:53-!-phylophyl [] has quit [Ping timeout: 480 seconds]
04:57-!-sidmo__ [] has joined #debian
04:57-!-sidmo__ is "sidmo" on #debian-next #debian-offtopic #debian-kde #debian
05:14-!-elowmahi [] has quit [Quit: elowmahi]
05:23-!-oo_miguel [] has joined #debian
05:23-!-oo_miguel is "oo_miguel" on #debian #suckless
05:36-!-ansel [] has joined #debian
05:36-!-ansel is "Andreas Seltenreich" on #debian
05:46-!-CutMeOwnThroat [] has joined #debian
05:46-!-CutMeOwnThroat is "realname" on #debian #debian-offtopic
05:49-!-elowmahi [] has joined #debian
05:49-!-elowmahi is "orgunedhi" on #debian
05:50-!-mode/#debian [+l 386] by debhelper
06:03-!-wavekidsjp [] has joined #debian
06:03-!-wavekidsjp is "wavekidsjp" on #debian
06:10-!-milkt [] has quit [Remote host closed the connection]
06:15-!-Delta-One [] has joined #debian
06:15-!-Delta-One is "P.F." on #debian-offtopic #C #debian-next #debian-kde #debian
06:21-!-ach [] has joined #debian
06:21-!-ach is "KVIrc 4.2.0 Equilibrium" on #debian
06:29-!-phylophyl [] has joined #debian
06:29-!-phylophyl is "realname" on #debian-next #debian #freedombox
06:39-!-jmkim[m] [~jmkimmatr@2001:470:1af1:101::1a4c] has joined #debian
06:39-!-jmkim[m] is "" on #debian #debian-android-tools #debian-java #debian-ruby @#jmkim
06:39-!-sqrt{not} [] has quit [Ping timeout: 480 seconds]
06:43-!-thiras [~thiras@] has joined #debian
06:43-!-thiras is "Ant" on #debian #linode #tami
06:43-!-Texou [] has joined #debian
06:43-!-Texou is "Jean-Philippe MENGUAL" on #debian #debian-es #debian-devel-es #debian-devel-it #debian-l10n-fr #debian-a11y
06:52-!-CutMeOwnThroat [] has quit [Ping timeout: 480 seconds]
07:04-!-milkt [] has joined #debian
07:04-!-milkt is "debian" on #debian-games #debian-offtopic #debian-next #debian
07:05-!-dpkg [] has quit [Quit: buh bye!]
07:05-!-dpkg [] has joined #debian
07:05-!-dpkg is "apt backup" on #debian
07:10-!-dselect [] has quit [Quit: ouch... that hurt]
07:11-!-dselect [] has joined #debian
07:11-!-dselect is "dpkg backup readonly db" on #debian ##uddmill
07:15-!-Haudegen [] has joined #debian
07:15-!-Haudegen is "AP,,," on #debian #security #debian-kde #debian-next #debian-desktop
07:16-!-cmacq2 [~prometheu@] has joined #debian
07:16-!-cmacq2 is "Johan Ouwerkerk" on #debian-next #debian-kde #debian
07:20-!-mode/#debian [+l 393] by debhelper
07:24-!-BCMM [] has joined #debian
07:24-!-BCMM is "BCMM" on #oftc #linux #debian-kde #debian #debian-next
07:27-!-BCMM [] has quit [Remote host closed the connection]
07:28-!-BCMM [] has joined #debian
07:28-!-BCMM is "BCMM" on #oftc #linux #debian-kde #debian #debian-next
07:32-!-}ls{ [] has joined #debian
07:32-!-}ls{ is "nobody" on #debian-nginx #debian-lan #debian-kde #debian-django #debian
07:35-!-BCMM [] has quit [Remote host closed the connection]
07:47-!-INeedAHandle [~INeedAHan@] has quit [Quit: Textual IRC Client:]
07:57-!-Brainium [] has joined #debian
07:57-!-Brainium is "brainium" on #debian
08:16-!-cmacq2 [~prometheu@] has quit [Remote host closed the connection]
08:17-!-dvs [] has joined #debian
08:17-!-dvs is "realname" on #debian
08:32-!-Blacker47 [] has joined #debian
08:32-!-Blacker47 is "Blacker47" on #debian-next #debian
08:37-!-ansel [] has quit [Ping timeout: 480 seconds]
08:38-!-milkt [] has quit [Ping timeout: 480 seconds]
08:40-!-thomasm [] has quit [Remote host closed the connection]
09:00-!-jemadux [~jemaduxma@2001:470:1af1:101::29af] has joined #debian
09:00-!-jemadux is "" on #debian
09:04-!-dpanter [] has quit [Remote host closed the connection]
09:07-!-MScott [] has joined #debian
09:07-!-MScott is "Kris Kristofferson" on #debian #https-everywhere #moocows #tor-project #redditprivacy
09:20-!-ee2455 [] has joined #debian
09:20-!-ee2455 is "ee2455" on #debian
09:28-!-MScott [] has quit [Ping timeout: 480 seconds]
09:34-!-weedloser [] has quit [Read error: Connection reset by peer]
09:34-!-weedloser [] has joined #debian
09:34-!-weedloser is "realname" on #debian #debian-offtopic #debian-next
09:40-!-weedloser [] has quit [Quit: Leaving]
09:43-!-lifeofguenter [~guenter@] has joined #debian
09:43-!-lifeofguenter is "realname" on #debian
09:45<lifeofguenter>stupid question: I do realise that debian-jessie was removed from mainline mirrors - which is fine, I find it under debian-archive. However I am getting the following error: E: Release file for is expired (invalid since 38d 10h 39min 8s). Updates for this repository will not be applied.
09:45<lifeofguenter>that makes sense, and I know how to get rid of it the error - but was curious if there is a better way of using the archive deb repo?
09:55-!-YuGiOhJCJ [] has quit [Quit: YuGiOhJCJ]
09:58-!-Brigo [] has joined #debian
09:58-!-Brigo is "realname" on #packaging #debian-offtopic #debian-next #debian-es #debian
09:58-!-phylophyl [] has quit [Ping timeout: 480 seconds]
10:08<rant>lifeofguenter: Debian 8 Jessie was not removed from the mirrors
10:09<lifeofguenter>correct, jessie-updates + backports though :)
10:11<rant> Valid-Until: Wed, 20 Feb 2019 02:31:54 UTC
10:11<dpkg>jessie-updates was a suite providing updates to some packages (from <proposed-updates>) prior to a <point release>. All packages from jessie-updates were included in point releases. . Not to be confused with <jessie/updates> which is for <security> updates. jessie-updates has been unsupported since 2018-05-17.
10:13-!-daemonkeeper [] has quit [Ping timeout: 480 seconds]
10:14<lifeofguenter>thanks supaman for that
10:15<lifeofguenter>rant, thats clear to me, whats not clear to me: is that how it should be? it makes sense as it won't receive any updates anymore? dunno the transition to me is a bit confusing
10:15<rant>lifeofguenter: what transition?
10:15<lifeofguenter>e.g. my expectations are to switch my apt sources to archive.* and live with no updates, not with an error running apt-get update
10:16<rant>lifeofguenter: you are suppose to switch your sources to jessie and jessie/updates only or upgrade your machine
10:16<supaman>e.g. remove all references in your sources to jessie-updates and jessie-backports
10:16<lifeofguenter>that was my thought as well, however I am relying on some packages from the backports - those obvs weren't merged into main
10:17<lifeofguenter>upgrading would be the best option, but I'd like to push that out for now
10:18<rant>lifeofguenter: backports were never official to begin with and are advised to be removed prior to dist-upgrades
10:18<lifeofguenter>also jessie-updates seems empty?
10:19<rant>you seem to be expecting an aweful lot for a dist about to become oldoldstable
10:19<lifeofguenter>I am not doing a dist-upgrade though - and I am aware that backports aren't official, in that case - which channel would be more suitable for my question?
10:19<rant>there IS NO jessie-updates
10:19<rant>as the bot just said jessie-updates are things that are provided prior to a point release.. there will be no more point releases for jessie
10:20<lifeofguenter>I am confused - was there _never_ jessie-updates, or does jessie-update just not exist anymore?
10:20<rant>therefore there is no need to provide packages prior to a point release as there will never be another jessie release made
10:21<rant>8.11 was the last point release of jessie that will ever be.. LTS is just providing security updates for another few years on that last release
10:21<lifeofguenter>makes sense
10:22<rant>Debian 10 buster is fully frozen, and just waiting for its RC bugs to be delt with before it releases which will likely happen within the next 3mo tops, probably more like the next 3-6wk
10:23<rant>which means Debian 9 Stretch will become oldstable and Debian 8 Jessie will become oldoldstable and will only be getting LTS or ELTS
10:23<lifeofguenter>> you seem to be expecting an aweful lot for a dist about to become oldoldstable: nope, but I do expect old systems to still somehow work especially if its still available via http
10:24<rant>it _DOES_ work and backports was never a part of it for one thing, and for another, you can work around those issues if you really insisted upon it
10:24-!-FLD [] has quit [Ping timeout: 480 seconds]
10:25<rant>but the point being support for jessie ended like a year ago, and support for upgrade path doesn't include backports.. so they're encouraging you to not further install backports because its just going to block your ability to move foward
10:25<lifeofguenter>yup 100% - just by adding "Acquire::Check-Valid-Until "0";" - my question was though why that error is happening and if its something that needs to be fixed or not
10:25-!-FLD [] has joined #debian
10:25-!-FLD is "fld@r00t3d" on #debian-next #debian-kde #debian-desktop #debian #virt #qemu
10:26<lifeofguenter>on the mirror side - but maybe you have an idea which irc channel I should rather chat to about backports? as its not officially supported by debian
10:26<rant>yes, it needs to be fixed by you removing all backports, backports repos, changing sources to stretch, following the stretch release notes for jessie->stretch and prepping to do the same for stretch->buster
10:27<rant>lifeofguenter: you can ask about it here, but the point is you shouldnt be under the illusion that just because backports exist that they're a good idea and recieve the same level of support as debian main does
10:28<lifeofguenter>rant, I do not need backport support, I know I need to upgrade, and I know how to fix my initial problem - that was not the point of my question
10:28<rant>lifeofguenter: for one thing they are built and maintained outside normal packaging, and recieve no regular updates.. as a provision debian policy allows for them to recieve fixes directly from sid rather than going through the normal process, but thats ONLY if whoever built and maintained the backport feels like doing it
10:29<rant>just the same as if you were to backport Foo from Sid, you'd then have to monitor the CVE, DSA, etc, and provide your own patches and updates..
10:29-!-Talkless [] has joined #debian
10:29-!-Talkless is "Vincas" on #debian-next #debian
10:29<rant>you'd just be lying to yourself if you come to rely on as being the same as official sources
10:30<rant>its like ELTS, it exists only because someone is interested in providing it.. its a HUGE courtesy and not the same level of quality or support
10:30-!-dpanter [] has joined #debian
10:30-!-dpanter is "realname" on #debian-kde #debian-offtopic #debian-next #debian
10:31<lifeofguenter>yoh but I am not even complaining? no idea seems like you misinterpreted my question a bit.. I was just curious why that error was happening and if it should be happening...
10:32<rant>I answered that question every way possible
10:32<rant>I showed you the expire date within the file
10:32<rant>I told you why it would expire
10:32<rant>I told you why you should stop using it..
10:32<rant>and you yourself answered the how to work around it
10:33<rant>I cannot make judgement for you.. if you wanna keep dragging things out and using backports, thats up to you..
10:33<rant>what I did was about a year ago, I removed backports, and followed the stretch release notes Ch4 on upgrading jessie->stretch
10:34<lifeofguenter>rant, ok then a more precise question: why does lenny not have that "valid-until" ?
10:35<rant>lts is there to provide people who rely on debian for production in business type scenarios to have the additional time to plan out an upgrade, not to facilitate laziness on the average user
10:35<rant>I don't know that answer offhand but I'm willing to bet that 5 years ago apt didn't even have that feature
10:36<lifeofguenter>see - that was the answer I was looking for :)
10:36<lifeofguenter>so it seems "valid-until" is a new feature - because I don't see it with any other Release-file in
10:36<lifeofguenter>thanks, that was very helpful
10:36<rant>yes I'd imagine it is something that came out within the last 5 years cause I hadn't heard of it before either
10:37-!-sqrt{not} [] has joined #debian
10:37-!-sqrt{not} is "PP9:DSD" on #debian
10:38<lifeofguenter>so given that, unfortunately (unless I upgrade) I will have to disable that check-feature. I am curious though because does not have it either, just the -backports stuff
10:38<lifeofguenter> does not have it either
10:45<rant>because you are intended to keep using jessie and jessie/updates if following official support for LTS
10:47<rant>backports is officially unofficial, you are not suppose to even use the BTS to file bugs against it
10:47<rant>its not supported for dist-upgrades, etc..
10:48<rant>when you're in LTS you're either heading for unsupported territory or planning for a future dist-upgrade, so being pushed to stop using backports would be a good thing
10:49<rant>if you still have them, thats fine.. maintaining the repo will offer you no benefit in this.. because it will not be getting updated.. but further installing NEW stuff from it is just a bad idea
10:50<rant>if I have foo-2.3.4-deb8u1 and it has a security bug, it'll be patched via lts/updates with foo-2.3.4-deb8u2 but if I have foo-3.4.5-bpo8-1 and it also has the same bug, its not going to be fixed
10:51<rant>so keeping the source is not going to be of any utility
10:53<rant>this is why, for the only jessie machine under me I had, my fathers desktop, I upgraded it to stretch as soon as jessie reached EOL last year.. because I wanted to make sure it kept getting security fixes rather than using stale backports
11:08-!-bfree [] has joined #debian
11:08-!-bfree is "Niall Walsh" on #debian #aptosid-dev
11:09-!-bfree [] has left #debian [Konversation terminated!]
11:11-!-phebus [] has joined #debian
11:11-!-phebus is "Jonathan Phebus" on #debian
11:15-!-phylophyl [] has joined #debian
11:15-!-phylophyl is "realname" on #debian-next #debian #freedombox
11:20-!-rant [] has quit [Read error: Connection reset by peer]
11:23-!-rant [] has joined #debian
11:23-!-rant is "Katy" on #debian #debian-offtopic #debian-next
11:26-!-nvz [] has joined #debian
11:26-!-nvz is "Katy" on #debian #debian-offtopic #debian-next
11:27-!-nvz [] has quit []
11:31-!-someusername [] has quit [Remote host closed the connection]
11:32-!-oo_miguel [] has quit [Quit: WeeChat 1.6]
11:59-!-thiras [~thiras@] has quit [Ping timeout: 480 seconds]
12:11-!-Brainium [] has quit [Ping timeout: 480 seconds]
12:27-!-semeion [] has joined #debian
12:27-!-semeion is "semeion" on #help #oftc #lxde #debian-br #debian #bitlbee
12:31-!-mandeepb [~mandeep@] has joined #debian
12:31-!-mandeepb is "realname" on #debian-offtopic #packaging #oftc #debian-rust #debian-next #debian-live #debian-devel-changes #debian-apt #debian
12:31-!-semeion [] has quit [Read error: Connection reset by peer]
12:32-!-semeion is "semeion" on #bitlbee
12:32-!-semeion [] has joined #debian
12:47-!-ansel [] has joined #debian
12:47-!-ansel is "Andreas Seltenreich" on #debian
12:53-!-dvs [] has quit [Quit: Outta here!]
13:00-!-xellophane [~xellophan@] has joined #debian
13:00-!-xellophane is "realname" on #debian #debian-apt
13:05-!-milkt [] has joined #debian
13:05-!-milkt is "debian" on #debian-games #debian-offtopic #debian-next #debian
13:16-!-Brigo [] has quit [Ping timeout: 480 seconds]
13:33-!-m42 [~pribeiro@] has joined #debian
13:33-!-m42 is "Pedro Ribeiro" on #debian #debian-i18n
13:37-!-tm [] has joined #debian
13:37-!-tm is "tm" on #debian #ceph
13:43-!-cmacq2 [~prometheu@] has joined #debian
13:43-!-cmacq2 is "Johan Ouwerkerk" on #debian-next #debian-kde #debian
13:57-!-milkt [] has quit [Ping timeout: 480 seconds]
14:04-!-SkarmoutsosV [] has joined #debian
14:04-!-SkarmoutsosV is "Vangelis Skarmoutsos" on #debian-i18n #debian-next #debian
14:09-!-gordonfish [] has joined #debian
14:09-!-gordonfish is "Gordon Fish" on #debian #qemu #perl
14:10-!-mode/#debian [+l 399] by debhelper
14:12-!-Haudegen [] has quit [Remote host closed the connection]
14:22-!-ansel [] has quit [Ping timeout: 480 seconds]
14:23-!-sakax [] has joined #debian
14:23-!-sakax is "skx" on #tor-project #debian-live #debian-offtopic #debian
14:26-!-zyley [] has quit [Quit: Leaving]
14:38-!-Texou [] has quit [Ping timeout: 480 seconds]
14:53-!-lifeofguenter [~guenter@] has quit [Ping timeout: 480 seconds]
14:57-!-Bodiro [] has joined #debian
14:57-!-Bodiro is "Frag halt" on #debian
14:58-!-trebmuh [] has quit [Ping timeout: 480 seconds]
15:03-!-trebmuh [] has joined #debian
15:03-!-trebmuh is "Olivier Humbert" on #debian #debian-edu #debian-l10n-fr #debian-live #debian-multimedia #debian-next #linux-rt #oftc
15:06-!-zyley [] has joined #debian
15:06-!-zyley is "zylyey" on #oftc #moocows #debian-offtopic #debian-next #debian
15:09-!-traumschule [] has quit [Remote host closed the connection]
15:13-!-traumschule [] has joined #debian
15:13-!-traumschule is "" on #tor-l10n #debian-blends #freedombox #tor-mobile #tor-bots #onionbalance #tor-project #tor-dev #tor-de #debian-next #debian #oftc
15:13<broseph>So I'm trying to get php files to load in apache, but they come up as plaintext. I tried a2enmod php7.3 but it says the module is already loaded. I'm not sure what to do next.
15:13-!-m42 [~pribeiro@] has quit [Ping timeout: 480 seconds]
15:18-!-keycollector [] has joined #debian
15:18-!-keycollector is "KeyCollector" on #debian
15:18-!-Bodiro [] has quit [Quit: - Chat comfortably. Anywhere.]
15:21-!-CutMeOwnThroat [] has joined #debian
15:21-!-CutMeOwnThroat is "realname" on #debian #debian-offtopic
15:23-!-keycollector [] has quit [Quit: Konversation terminated!]
15:24-!-BCMM [] has joined #debian
15:24-!-BCMM is "BCMM" on #oftc #linux #debian-kde #debian #debian-next
15:35-!-mnemonic is "semeion" on #bitlbee
15:35-!-mnemonic [] has joined #debian
15:35-!-kcunac [] has quit [Remote host closed the connection]
15:36-!-kcunac [] has joined #debian
15:36-!-kcunac is "kcunac" on #debian
15:39-!-semeion [] has quit [Ping timeout: 480 seconds]
15:40-!-izh [] has joined #debian
15:40-!-izh is "purple" on #debian
15:52-!-jacr [] has joined #debian
15:52-!-jacr is "jacr" on #debian
15:55-!-csle [] has joined #debian
15:55-!-csle is "Charlotte Lewer" on #debian
15:58-!-csle [] has quit []
16:00<supaman>broseph: I aint no apache specialist but I would check apache error logs /var/log/apache2/error.log
16:01<broseph>I got it figured out. By default, PHP is disabled with user directories, so I commented out those lines.
16:01<broseph>Thank you, though :)
16:01<broseph>The logs didn't say anything, btw.
16:01<supaman>ah, ok, good you figured it out :-)
16:01-!-keycollector [] has joined #debian
16:01-!-keycollector is "KeyCollector" on #debian
16:03<keycollector>How can i ensure that a encrypted volume is indeed encrypted? is "blkid /dev/sdb1" showing TYPE="crypto_LUKS" enough to verify?
16:06-!-trebmuh [] has quit [Quit: Parti]
16:08<supaman>keycollector: yes, that is enough
16:08-!-trebmuh [] has joined #debian
16:08-!-trebmuh is "Olivier Humbert" on #oftc #linux-rt #debian-next #debian-multimedia #debian-live #debian-l10n-fr #debian-edu #debian
16:09<rant>keycollector: you could shake a bean rattle and rub it with a raw egg.. do some chanting, etc..
16:09<supaman>and rant about something also ;-)
16:09<keycollector>i have fresh eggs from this morning, ill give it a try, thanks
16:10<rant>keycollector: /dev/sdb1 is just a crypt container a container could be a drive, partition, file anything.. the container must be opened (decrypted and mapped) and then filesystems can be placed inside it
16:11-!-Haudegen [] has joined #debian
16:11-!-Haudegen is "AP,,," on #debian #debian-kde #debian-desktop #security
16:12<rant>if you were to try mounting /dev/sdb1 it would fail. you have to cryptsetup luksOpen /dev/sdb1 mycrypt and use one of the keys in the header to unlock it and then it will be mapped to /dev/mapper/mycrypt unencrypted where you can then format/mount it from there
16:18<keycollector>This makes sense, a "df" shows my three drives all in /dev/mapper and mounted elsewhere where i specified during install. I was worried because during first boot, it only asked for two paraphrases ( I was expecting 3 ). All paraphrases are the same.
16:25<rant>keycollector: have a look at your /etc/fstab and /etc/crypttab files and/or upload them to or if you have netcat installed run (cat /etc/fstab;cat /etc/crypttab)|nc 9999
16:25<rant>keycollector: there is probably an explaination in there for why you only supply a password for 2 of them
16:26<rant>actually wouldn't hurt to include the output of blkid if you want us to look at it for you
16:26<rant>(blkid;cat /etc/crypttab;cat /etc/fstab)|nc 9999
16:27<rant>erm not blkid
16:30<rant>keycollector: if I had to guess, you probably have more than one filesystem in the same crypt container, possibly a crypt container with lvm containing multiple volumes
16:32<keycollector>(cat /etc/fstab;echo;cat /etc/crypttab;echo;blkid)|nc 9999
16:32<keycollector>I did not know you could use netcat like that, or the ";". Cool stuff.
16:35<keycollector>Id have to read more into this so i understand whats going on i suppose. I know i configured a encrypted LVM, and then two encrypted volumes.
16:36<keycollector>I thought the encrypted volumes were completely seperate from the LVM, even though i have them mounting ontop of each other.
16:37<rant>keycollector: well, you DO have an lvm inside one of the crypt containers with the rootfs and swap in the same container, but it appears you def do have 3 seperate crypts.. is the /media/Samsung_850_EVO-1TB mounted ?
16:37<rant>keycollector: does it show up in df output on boot?
16:40<keycollector>I can confirm all my drives are mounted properly. Yes it show up. /media/Samsung is also one of the two i used a paraphrase for. /home i didnt have to give a paraphrase.
16:40<keycollector>"/home didnt give a paraphrase" *
16:43<keycollector>Did i set this up incorrectly? I want to be able to control which drive i store data on, hence why i didnt merge them all into a single LVM, unless theres another way to do this.
16:43-!-Blacker47 [] has quit [Quit: Life is short. Get a V.90 modem fast!]
16:44<rant>keycollector: check the output of this command, and compare in particular the keyslots with one of your other two crypt devices..
16:44<rant>keycollector: cryptsetup luksDump /dev/sda1
16:47-!-Talkless [] has quit [Quit: Konversation terminated!]
16:47<keycollector>cryptsetup luksDump /dev/sdc1 resulted in Device /dev/sdc1 is not a valid LUKS device.
16:47<keycollector>the other two have all 7 key slots disabled
16:48<rant>yes well /dev/sdc1 is the /media/samsung one I asked about eariler :P
16:48<rant>because its the only one that wouldnt be absolutely required for booting
16:49<keycollector>huh, yeah im following. let me check again
16:49<rant>well technically /home isn't *required* either
16:49<rant>because if the rootfs is mounted /home is on the rootfs
16:50<rant>keycollector: yes and look closer cause there are 8 keyslots, slot 0 is the first one :P
16:50<rant>keycollector: if you have no keys enabled, you have no way to unlock the device
16:52<keycollector>im feeling so dumb rn. Yes, i see that they have a key slot 0 enabled. Also i forgot i had a external hdrive in the back pluged in, so ignore sdc, it is unrelavant.
16:53<keycollector>So yes, all three have keys
16:54<keycollector>and are mounted.
16:54-!-dpalacio [] has joined #debian
16:54-!-dpalacio is "dpalacio" on #debian-kde #debian-co #debian-es #debian
16:55<keycollector>actually, im so confused rn
16:55<keycollector>sdc is a crypt device
16:56<rant>so you encrypted the disk not a partition?
16:57<rant>keycollector: you don't have any data on there yet do you?
16:59-!-dreamer [] has quit [Read error: Connection reset by peer]
16:59-!-sakax [] has quit [Quit: Leaving]
16:59-!-dreamer [] has joined #debian
16:59-!-dreamer is "fuck dalnet and their shitty service" on #debian #debian-next @#puik. #wesp
16:59<rant>it says /dev/sdb1 is currently the crypt container that has /media/Samsung_850_EVO-1TB on it
17:00<keycollector>I removed sdc
17:00<keycollector>This crypt has me all confused.
17:01<keycollector>why is it showing "/dev/mapper/sdc1_crypt /media/Samsung_850_EVO-1TB" in FSTAB?
17:01<rant>yes well lsblk or df or mount or something wouldn't hurt that shows what's actually mounted and where right now
17:01<keycollector>but then no sdc in BLKID?
17:02-!-Tempesta [] has quit [Quit: See ya!]
17:02<rant>keycollector: /dev/mapper are names you arbitrarily assign via the dm its assigned in /etc/crypttab
17:02<rant>keycollector: crypttab is looking up the device by UUID and assigning it that name
17:04<rant>the actual device is /dev/sdb1: UUID="0cbc4a6f-c604-41e1-ac92-2d6ed690ef3d" TYPE="crypto_LUKS" which is assigned sdc1_crypt as a mapper name identified by its UUID in crypttab and then mounted via that mapper name in fstab
17:05<rant>crypttab handles the cryptsetup side of things, it does cryptsetup luksOpen <device node> <mapper name> and fstab handles the mount <mapper name> <mountpoint> kinda deal
17:07<keycollector>Okay, yes im following along. I can follow it now.
17:07<keycollector>Still odd its sdc, but im following the assingments. Makes sense.
17:08<rant>you can change those if you wish.. those two files are the only two that use the mapper names and they're totally arbitrary
17:08<rant>as long as the mapper names line up between crypttab and fstab they are irrelevant
17:09<rant>keycollector: thats a lil redundant, only one of those commands was needed to see that info.. its also in /etc/mtab fwiw
17:10<rant>personally I like the lsblk output th best.. easy to read and understand
17:10<keycollector>lsblk is the one im not familiar with
17:10<rant>but for details mount or /etc/mtab are more detailed.. lsblk you can get more detailed but you need to read the manpage on output columns and stuff
17:10<keycollector>looks similar to df
17:12<rant>you def show 3 seperate crypt containers mounted and should have at some point had to supply passwords for all 3 of them
17:12<rant>and by the look of your setup, none are noauto or anything, so it should have been during boot at some point
17:12<rant>usually you'd unlock that lvm first with the rootfs right after grub from initramfs, then unlock the others later via a systemd hook
17:14<rant>keycollector: since they are non-essential filesystems you could always drop to single user (stop your display manager if you use one and goto tty and login as root) and just umount /home; cryptsetup luksClose sda1_crypt
17:15<rant>keycollector: then try do it again manually with cryptsetup luksOpen /dev/sda1 sda1_crypt; mount /dev/mapper/sda1_crypt /home
17:15<rant>you should get a password dialog on each when doing the luksOpen
17:16-!-Tempesta [] has joined #debian
17:16-!-Tempesta is "ChoiKyuSang" on #debian
17:16<rant>keycollector: unless the installer if thats what created these, somehow did some magic where it put a key for /home on the rootfs so once the rootfs is unlocked it contains the key (passwordless) for /home
17:17<rant>which I'm not sure about that because I never did it that way.. I have my stuff all on one crypt with lvm inside and my other crypts are removable drives
17:17<keycollector>The paraphrase is decrypting a key, which the decrypts the drive on-the-fly right? I assume the keys are stored in ram after unlock?
17:17-!-tinoco [] has joined #debian
17:17-!-tinoco is "Rafael David Tinoco" on #debian #kvm #qemu
17:18<keycollector>so even though they are all the same pharaphrase, they all have different keys right?
17:18<rant>keycollector: well.. they SHOULD but thats why I said compare the luksDump where it says keys
17:19<keycollector>Am i suppose to be comparing the salts?
17:19<rant>because you can put up to 8 keys in the header, and they dont all have to be on the drive itself.. the keys can be external and on another device
17:19<rant>i.e. one key could be used for all the crypts
17:20<rant>you could even have a master key with no password on a thumbdrive or something that just bypasses the passworded keys when its plugged in
17:23<keycollector>So if im understanding correctly, each one of my drives have the keys on the drive themself currently, cause it looks like each LUKS header for my devices have a key.
17:23<keycollector>I could set this up better by using a single key for all three, and even my external drives
17:24-!-schizo is "me without a mic is like a beat without a snare" on #oftc #moocows
17:24-!-schizo [] has joined #debian
17:25<keycollector>rant: I learned alot, thanks for the help. Ill read some more on this.
17:25<keycollector>Seems like a better solution
17:28<rant>keycollector: well I'd like to make another point/clarification
17:28<rant>you had said earlier the crypt was on sdc that was just a misunderstanding I would assume but the reason that alarmed me has to do with the headers
17:30<rant>sdc would be the 3rd disk, legacy pc allowed for 4 physical partitions which would be sdc1-sdc4 and there is whats called an extended partition which is sdc5 and any "logical" partitions which allow you to have more than 4 partitions extending the limit of 4 physical ones
17:30-!-SkarmoutsosV [] has quit [Remote host closed the connection]
17:30<rant>the header of a crypt container contains all the information about the container, the encryption type, hashes, keys that are allowed to unlock it, etc.. if this header becomes corrupted the crypt container is unuable and you will lose access to the data
17:31<rant>if you put a crypt container on a disk i.e. sdc rather than a partition like sdc1, its more likely something like grub, gparted, fdisk, etc that write to the mbr or partition table portions of the disk could corrupt that header
17:32<rant>due to the fact these headers are essential to the container, cryptsetup has an option to backup and restore the headers
17:33<rant>if you value your data you always want the headers and crypt containers safely inside of a partition and want to keep a backup of them in case something happens.. but its best to secure these backups either locked away in a safe on a removable media or in other crypt containers as they could be used to brute force the container as well if obtained by a hacker
17:39-!-x032cx [] has joined #debian
17:39-!-x032cx is "lxuser" on #debian
17:43<keycollector>So i should be making a backup of the entire header to USBS and storing them safely
17:46-!-sidmo__ [] has quit [Quit: Konversation terminated!]
17:47<keycollector>thanks again rant. Ill be reading the manpage for this. Im sure ill see you here again.
17:49-!-sidmo__ [] has joined #debian
17:49-!-sidmo__ is "sidmo" on #debian-next #debian-offtopic #debian-kde #debian
17:49<rant>keycollector: yes the headers are not very large.. it'd be a farily small file cryptsetup luksHeaderBackup <device> --header-backup-file <file>
17:50<rant>and fwiw in regard to lsblk, there are a lot of fairly new utils out there like lspci, lsusb, lsblk, lscpu, etc that all start with ls.. can do ls<tab><tab> to see a list of them
17:50-!-Texou [] has joined #debian
17:50-!-Texou is "Jean-Philippe MENGUAL" on #debian #debian-es #debian-devel-es #debian-devel-it #debian-l10n-fr #debian-a11y
17:50<rant>they all have much nicer output than some of the older methods of accessing the same data and more command line options
17:52-!-izh [] has left #debian []
18:00-!-dvs [] has joined #debian
18:00-!-dvs is "realname" on #debian
18:09-!-mischief [] has quit [Quit: WeeChat 2.2]
18:15-!-CutMeOwnThroat [] has quit [Ping timeout: 480 seconds]
18:24-!-x032cx [] has quit [Quit: leaving]
18:28-!-cmacq2 [~prometheu@] has quit [Ping timeout: 480 seconds]
18:35-!-jacr [] has quit [Quit: leaving]
18:36-!-SuperDale [] has joined #debian
18:36-!-SuperDale is "dale" on #debian
18:51-!-mandeepb [~mandeep@] has quit [Ping timeout: 480 seconds]
19:05-!-ao2 [] has quit [Remote host closed the connection]
19:05-!-dust [] has quit [Remote host closed the connection]
19:06-!-mandeepb [~mandeep@] has joined #debian
19:06-!-mandeepb is "realname" on #debian #debian-apt #debian-devel-changes #debian-live #debian-next #debian-rust #oftc #packaging #debian-offtopic
19:06-!-gattuso [] has quit [Remote host closed the connection]
19:08-!-dust [] has joined #debian
19:08-!-dust is "dust" on #debian-games #debian #debian-next #debian-science #linux-rt
19:08-!-gattuso is "Got ZNC?" on #xen #virtualization #uml #qemu #polimi #llvmlinux #kvm #ii #i2p
19:08-!-gattuso [] has joined #debian
19:08-!-ynakao [] has joined #debian
19:08-!-ynakao is "Yuji Nakao" on #debian #debian-next #pwmt
19:11-!-uforek [] has joined #debian
19:11-!-uforek is "OFTC WebIRC Client" on #debian
19:11<uforek>how do i install openjdk-8 on unstable?
19:19-!-dvs [] has quit [Remote host closed the connection]
19:19<ais-admin>uforek, #debian-next is where the sid experts hang - someone there might be able to help
19:20-!-uforek [] has left #debian []
19:29-!-phylophyl [] has quit [Ping timeout: 480 seconds]
19:39-!-Uforek [~Uforek@] has joined #debian
19:39-!-Uforek is "realname" on #debian #debian-next
19:39<Uforek>can't figure out how to install openjdk-8 on unstable.
19:40<Uforek>package not found though its listed in the repo
19:40-!-hekatei [] has quit [Quit: Quit: Leaving]
19:40<Uforek>what am i doing wrong?
19:46-!-mischief [] has joined #debian
19:46-!-mischief is "mischief" on #debian
19:47<mischief>hey, does anyone know of a usb 3 to hdmi adapter working with debian/mainline kernel?
19:52-!-skle [~Lunar@] has joined #debian
19:52-!-skle is "*" on #debian
20:11-!-AfroThundr [] has quit [Ping timeout: 480 seconds]
20:26-!-AfroThundr [] has joined #debian
20:26-!-AfroThundr is "Eddie J Carswell II" on #debian #debian-next #debian-offtopic
20:29-!-hurricanehrndz [~hurricane@2604:3d09:417f:a783::2] has quit [Quit: GoodBye!]
20:30-!-hurricanehrndz [~hurricane@2604:3d09:417f:a783::2] has joined #debian
20:30-!-hurricanehrndz is "Got ZNC?" on #virt #debian
20:43-!-Brigo [] has joined #debian
20:43-!-Brigo is "realname" on #packaging #debian-offtopic #debian-next #debian-es #debian
20:47-!-BCMM [] has quit [Quit: Konversation terminated!]
21:00-!-Brigo [] has quit [Read error: Connection reset by peer]
21:09-!-cef [] has joined #debian
21:09-!-cef is "Cefiar" on #debian #debian-next
21:12-!-sidmo__ [] has quit [Ping timeout: 480 seconds]
21:16-!-mendelmunkis [] has joined #debian
21:16-!-mendelmunkis is "realname" on #debian
21:20-!-elowmahi [] has quit [Remote host closed the connection]
21:21-!-phebus [] has quit [Ping timeout: 480 seconds]
21:22-!-sarvad [~sarvad@] has joined #debian
21:22-!-sarvad is "sarvad" on #debian
21:23-!-ansel [] has joined #debian
21:23-!-ansel is "Andreas Seltenreich" on #debian
21:25-!-sarvad [~sarvad@] has quit []
21:33-!-elowmahi is "orgunedhi" on #oftc
21:33-!-elowmahi [] has joined #debian
21:37-!-mendelmunkis [] has quit [Ping timeout: 480 seconds]
21:42-!-ansel [] has quit [Ping timeout: 480 seconds]
21:55-!-thomasm [] has joined #debian
21:55-!-thomasm is "tm" on #debian #ceph
21:56-!-tm [] has quit [Ping timeout: 480 seconds]
21:56-!-ee2455 [] has left #debian [Leaving]
22:02-!-mandeepb [~mandeep@] has quit [Remote host closed the connection]
22:04-!-balrog [] has quit [Quit: Bye]
22:06-!-Haudegen [] has quit [Remote host closed the connection]
22:10-!-mode/#debian [+l 392] by debhelper
22:12-!-milkt [] has joined #debian
22:12-!-milkt is "debian" on #debian-games #debian-offtopic #debian-next #debian
22:18-!-balrog is "balrog" on #qemu #oftc #msys2 #kernelnewbies #https-everywhere #bcache
22:18-!-balrog [] has joined #debian
22:42-!-andys_ [] has quit [Read error: Connection reset by peer]
22:45-!-andys_ [] has joined #debian
22:45-!-andys_ is "Andy Smith" on #debian-hams #debian
22:54-!-ach [] has quit [Ping timeout: 480 seconds]
23:02-!-keycollector [] has quit [Ping timeout: 480 seconds]
23:05-!-mandeepb [~mandeep@] has joined #debian
23:05-!-mandeepb is "realname" on #debian-offtopic #packaging #oftc #debian-rust #debian-next #debian-live #debian-devel-changes #debian-apt #debian
23:14-!-dvs [] has joined #debian
23:14-!-dvs is "realname" on #debian
23:32-!-cyphase [] has quit [Ping timeout: 480 seconds]
23:33-!-cyphase [] has joined #debian
23:33-!-cyphase is "Cyphase" on @#PrisonBreak #virt #quodlibet #debian #ceph-devel #ceph #qemu @#p4xriddle @#heroes #guardianproject #debian-next @#lost
23:44-!-dvs [] has quit [Remote host closed the connection]
23:46-!-Uforek [~Uforek@] has quit [Quit: Leaving]
23:53-!-}ls{ [] has quit [Ping timeout: 480 seconds]
23:55-!-}ls{ [] has joined #debian
23:55-!-}ls{ is "nobody" on #debian-nginx #debian-lan #debian-kde #debian-django #debian
---Logclosed Sun Mar 31 00:00:35 2019