=== Tabstar is now known as Tabmow [00:18] how to install libpam-usb in Ubuntu 16.04 [00:21] !info libpam-usb bionic [00:21] Package libpam-usb does not exist in bionic [00:22] ndayalan: ^^ what is the context for "libpam-usb" ? [00:22] existed in precise and trusty, i guess it was removed [00:24] Bashing-om: i run the system and security audit lynis and it listed "libpam-usb" as "Not Installed" [00:33] ndayalan: Humm .. can not say - no idea of what relevence "lynis" results are to system performance. [00:37] Bashing-om: its a security auditing tool and checks the system and software configurations, to determine any improvements [00:40] ndayalan: Then, might see what packaging "libpam-usb" belongs too .. maybe remove as it is no longer supported? Anything from ' dpkg -L libpam-usb ' ? [00:43] Bashing-om: it shows package 'libpam-usb' is not installed === jelly is now known as Are === Are is now known as jelly [00:52] ndayalan: libpam-usb has been removed from the repositories due to lack of maintainers. Since... 15.10 or so [00:52] ndayalan: Purge the package ? See: https://wiki.debian.org/pamusb Maybe you no longer have a use case for it ? === argus is now known as argusbr [01:01] hey guys I just installed darktable from ubuntu software, i can't get it to even see my hard drive. Any idea why this is? I can access it in my files, just not in darktable === padi is now known as Guest47639 [01:08] YES [01:31] hey [01:31] so im trying to set up dnscrypt [01:31] but after installing and everything i cant resolve any domains [01:31] using ubuntu 18.04 [01:32] is there anything blindingly obvious that is missed? i set 127.0.0.1 as my dns from within network manager [01:36] filifunky, did you install it via snap? Snap software is sandboxed. [01:38] but, for the record, I just installed the snap (snap install darktable), and I can click on import and see my FS [01:41] fwiw, my issue was that i used 127.0.0.1 instead of 127.0.2.1 [01:41] seems to be working now [01:41] yay [01:41] * duoi waves [01:42] Hey I have a quick question, I want to create a user on my server that can only use it for tunneling. [01:42] how would I go about doing that? [01:47] How would one allow a snap to access an external storage drive? sudo snap connect something? [01:53] hi, I have installed realvnc server enterprise 4.6.3 and I want to always run it as service, how do i do that? [01:53] currently, I have to run it manually in order for me to get connect [01:54] Nvm, I just "mounted" the folder I wanted the snap to access into the folder it was looking at, and added the mount command to fstab. [01:54] any help is appreciated [01:54] Hulio: There's probably a better way to do it, but for my personal uses I've always just added startup scripts to /etc/rc.local [01:55] You might have to enable the rc.local service or whatever it's been renamed to since the move to systemd [01:55] Hulio: do you know if it installs a systemd unit? [01:55] not a clue man [01:55] i run install from realvnc.com provided [01:56] the .deb one i think [01:56] Hulio, we can't support that particular product, but there's good docs on systemd service files in general: https://www.freedesktop.org/software/systemd/man/systemd.service.html [01:57] i'm so noob [01:57] sending a link to me is useless anyway [01:58] Hulio: try: systemctl list-units --all | grep -v loaded and see if anything there looks like it's for vnc [01:58] lordcirth, ahh you're right! There is a ver 2.4.2-1 that doesn't use snap. but on the darktable webpage they say they are on 2.6. Are we basically supposed to go with what is in Ubuntu Software to get the most secure version of it for Ubuntu? What are the advantages of downloading from Ubuntu Software other than some repository you find online? [01:59] oceanquake, did run, but not seeing anything has vnc part of it [02:00] filifunky, trust and support, mainly. If you can get a .deb straight from the darktable website, that might work better. Or you could look into how snap allows accesses [02:03] lordcirth does "support" mean that if I download it from Ubuntu Software I can come here and people are more likely to help out? [02:04] Hulio: Try the checked answer at the following link, and add an invocation of the vnc server in rc.local: https://askubuntu.com/questions/886620/how-can-i-execute-command-on-startup-rc-local-alternative-on-ubuntu-16-10 === zenguy is now known as coffeeguy [02:05] Hulio: how noob are you? are you familiar with shell scripts? [02:05] nope [02:06] anyway thanks [02:06] i'll just install teamviewer [02:06] easy [02:06] if the package you're installing doesn't plug into systemd by default, you'll be in the same boat. [02:09] TLDR: I am experiencing hard lockups and have confidence the HW is not to blame. I suspect (on hunch, no smoking gun) the AMD graphics driver stack. How do I go about troubleshooting/getting actionable information to file a bugreport or the like? [02:10] Longform: I have a ThinkPad A485 (AMD Ryzen Pro), new in January. Running 18.04, with hwe kernel. Dedicated to Linux. I have gotten hard lockups at the wake screen after being away, and sometimes just using Firefox. The system can go days without a hard lock, and then sometimes more than once a day. When lockup occurs, screen stays up and frozen but system just does not respond, VT switching does nothing, Magic SysReq does nothing. [02:10] Sometimes the cooling fan speeds up upon lockup, but not always. I have run all the onboard diags, including a multi-hour memtest that Lenovo has built into to the EFI. No faults found. I also have a beefy laptop cooling setup, and no unusual hardware modifications. This is killing my ability to get things done, would really appreciate some help. [02:25] Hi [02:25] from which version does ubuntu's kernel 3.2 ? [02:25] 12.04? [02:25] > 3.2 [02:28] amosbird, I think you accidentally a word. [02:28] Do you mean what was the first Ubuntu version with kernel 3.2 or greater? [02:29] yes [02:31] amosbird, 12.04 had 3.13. Why do you need to know? [02:32] amosbird: Per: https://en.wikipedia.org/wiki/Ubuntu_version_history#Table_of_versions 3.2 was precise. [02:38] hmm, that table doesn't contain ubuntu's distro version? [02:40] amosbird: ?? "12.04 LTS Precise Pangolin 2012-04-26 2017-04-28 3.2 ". [02:41] hmm, ok [02:42] so in 2012 most distros got kernel >= 3.2 [02:45] amosbird: Yes and no .. 12.04 and 12.04.1 would have had the 3.2 kernel -- then HWE enters the equation where the 12.10 kernel and upward is introduced. [02:46] ok, so ubuntu 2012.10, debian 2013.5, open suse 2012.9, centos 2014.6 [02:46] 3.2 is the last supported version of current glibc === Leion1 is now known as Leion [03:47] question -- how do i stop/restart networking via netplan when networkd is the renderer [03:48] i finally just switched from NetworkManager because all of my settings were all over the place and buggy as i began configuring my br0 interface for a kvm guest [03:50] test [03:50] failed [03:51] lol [03:51] was testing ifdown -a [03:51] :p [03:51] ok [03:51] seems like a lot of stuff doesn't work without NetworkManager, so i'm trying to find my way via networkd [03:51] I'm not good for networking stuff [03:52] it's super interesting to me, but i'm not liking netplan so far but i'll get used to it. [03:52] d0tsun7: Try ' systemctl enable NetworkManager.service ; systemctl start NetworkManager.service ' . [03:53] my netplan YAML file has the backend set to networkd, not NetworkManager, though Bashing-om [03:55] d0tsun7: Looking ; Maybe with systemd-networkd.service . [03:55] i'm not quite sure what's up but i sudo service systemd-networkd stop'd and i could still browse and ping just fine [03:55] i'll give another go--if i disc (which i hope i do for the love of god lol) i'll be right back [03:56] . [03:57] so [03:57] i guess i'd have to shutdown this TTY for the connection to be lost [03:58] forgot about that aspect of linux for a sec. idiot. ok, yeah systemd-networkd stop works. [04:02] I just installed ubuntu server and why is virb0 my network interface? How can I replace this? [04:04] d0tsun7: Also when you make changes one has to "apply" : https://www.linux.com/learn/intro-to-linux/2018/9/how-use-netplan-network-configuration-tool-linux . [04:04] amazoniantoad: come join to #ubuntu-server for likeminded volunteers [04:04] lotuspsychje, thanks [04:04] definitely Bashing-om [04:08] lotuspsychje, ubuntu-server is dead ;_; [04:09] with netplan, how should i allow my kvm guest to maintain a connection, but shutdown my host connection [04:09] unsure how to do this with networkd as the backend. the networkmanager gui was nice but i'm glad to move on and learn more [04:10] amazoniantoad: patience my friend [04:20] amazoniantoad: the U.S. in the late evening/night, and most of Europe in the early morning, I'd say a majority of the users in most channels around are either going to bet, sleeping, or just about to wake up. On top of that monday morning. Have patiece indeed. [04:21] SysGhost, thanks [04:36] What are dxvk deps on ubuntu? [04:36] I can't find the list. [04:40] !details | fling [04:40] fling: Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information; for example, we might need errors, steps, relevant configuration files, Ubuntu version, and hardware information. Use a !pastebin to avoid flooding the channel. [04:46] !pastebin # Configuration file for /sbin/dhclient. [04:46] # [04:46] # This is a sample configuration file for dhclient. See dhclient.conf's [04:46] # man page for more information about the syntax of this file [04:46] # and a more comprehensive list of the parameters understood by [04:46] poutine: I am only a bot, please don't think I'm intelligent :) [04:46] # dhclient. [04:50] apt --fix-broken install -> dpkg: error processing archive /var/cache/apt/archives/policykit-1_0.105-20ubuntu0.18.04.5_amd64.deb (--unpack): new policykit-1 package pre-installation script subprocess returned error exit status 1 [04:50] How to make it more verbose? ^ [04:50] Can I also prevent policykit from being installed? :> [04:51] Bashing-om: about dxvk: I installed dxvk via winetricks to a wineprefix and not via apt. But dlls depend on something related to vulkan so I need to install all the deps by hand as there is no (meta?) deb for dxvk. [04:53] fling: Sorry, I know nothing of wine. #winehq might be a better palce to ask. [04:53] !wine | fling [04:53] fling: WINE is a compatibility layer for running Windows programs on GNU/Linux - More information: https://help.ubuntu.com/community/Wine - Search the !AppDB for application compatibility ratings - Join #winehq for application help - See !virtualizers for running Windows (or another OS) inside Ubuntu [04:54] Do you know about tricking dpkg? ^ [04:55] fling: Perhaps I xan help with the apt sutuation, pastebin ' sudo apt update ; sudo apt full-upgrade ' see where we go then. [04:56] * fling doing [04:57] !virtualizers [04:57] There are several solutions for running other operating systems (or their programs) inside Ubuntu, while using the native CPU as much as possible: !QEmu (with !KQemu), !VirtualBox, !VMWare, as well as !WINE and !Cedega for Windows applications [04:58] Bashing-om: https://bpaste.net/show/b79a54a2f5ae [04:59] fling: Looking ^ . [05:00] I want to upgrade it to 18.10 but it wants me to fix-broken first [05:02] fling: do you have external ppa's installed? [05:02] lotuspsychje: I had but I dropped them. === Leion1 is now known as Leion [05:03] fling did you remove them with !ppapurge? [05:03] lotuspsychje: gallium nine ones for mesa and wine [05:03] lotuspsychje: no ppapurge does not work for 17.10 [05:03] !sources | fling doublecheck here please [05:03] fling doublecheck here please: The packages in Ubuntu are divided into several sections. More information at https://help.ubuntu.com/community/Repositories - See https://wiki.ubuntu.com/RecommendedSources for the recommended way to set up your repositories. [05:03] I just removed them and upgraded to 18.04 [05:04] lotuspsychje: also the current problem is probably systemd related as the preinstallation script wants to connect to some bus which is not running because of systemd [05:04] fling: Package manager is unhappy with the installed version. Pastebin ' apt policy policykit-1 ' . See where it came from. [05:05] Bashing-om: https://bpaste.net/show/5e81a24001e5 [05:05] lotuspsychje: I don't want to mess with systemd until I switch to 18.10 :> [05:11] fling: " *** 0.105-18ubuntu0.1 100" Let's try 'sudo apt clean ; sudo apt update ; sudo apt full-upgrade ; sudo apt install --reinstall policykit-1 '. [05:12] Bashing-om: the same error -> new policykit-1 package pre-installation script subprocess returned error exit status 1 [05:13] systemctl is not working, need to restart systemd somehow [05:14] /sbin/init is there but no systemd in 'ps ax' [05:17] init 3 -> Failed to connect to bus: No such file or directory Failed to talk to init daemon. [05:21] looks like I need newer packages to fix systemd issue -> https://github.com/lxc/lxc/issues/2168 [05:21] But to get newer packages I need to upgrade to 18.10 [05:21] But to upgrade to 18.10 I need to fix apt not upgrading [05:21] But to fix apt I need to workaround systemd issue haha [05:21] * fling got stuck === Leion1 is now known as Leion [06:03] lol [06:11] not funny at all!! === lotuspsychje__ is now known as lotuspsychje [06:17] fling: did you fix it? [06:18] lotuspsychje: no [06:18] I'm not sure what to do next. [06:18] flying_sausages: could you pastebin again: sudo apt update && sudo apt full-upgrade ? [06:18] I could probably try telling dpkg to skip pre-install thing somehow. [06:19] lotuspsychje: https://bpaste.net/show/b79a54a2f5ae [06:19] fling: we strongly reccomend, before upgrading your apt spits out no issues anymore [06:19] fling: pastebin your sources.list please? [06:20] lotuspsychje: https://bpaste.net/show/1fa03bd63fe7 [06:22] fling: ok, lets try a dpkg force purge on your policykit [06:22] How to do so? [06:24] fling: try sudo dpkg -P policykit-1 [06:25] fling: or dpkg --purge --force-all policykit-1 [06:26] lotuspsychje: got it removed Removing policykit-1 (0.105-18ubuntu0.1) ... [06:26] but the error is still there [06:27] fling: sudo apt update && sudo apt full-upgrade again [06:27] lotuspsychje: the same error [06:28] fling: can you pasetbin again? [06:28] pastebin [06:29] lotuspsychje: https://bpaste.net/show/03770468d4a0 [06:31] ok thats pretty weird [06:31] fling: did dpkg purge work? [06:31] yes [06:32] lotuspsychje: why weird? systemctl is not working because some bus is not running [06:32] lotuspsychje: which is causing 'new policykit-1 package pre-installation script subprocess returned error exit status 1' === anders is now known as Guest22484 [06:34] fling: https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1782951 [06:34] Launchpad bug 1782951 in policykit-1 (Ubuntu) "package policykit-1 0.105-20 failed to install/upgrade: new policykit-1 package pre-installation script subprocess returned error exit status 1" [Undecided,Confirmed] [06:34] fling: can you affect yourself on this bug please [06:36] fling: and here's another https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1823380 [06:36] Launchpad bug 1823380 in policykit-1 (Ubuntu) "package policykit-1 0.105-14.1ubuntu0.4 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] [06:38] fling: im going to ask around on it, idle a bit okay [06:44] fling: did you try the uninstall command on: https://github.com/doitsujin/dxvk [07:24] lotuspsychje: thanks. [07:25] lotuspsychje: I don't have setup_dxvk.sh [07:32] lotuspsychje: good news is policykit removal allowed me to do-release-upgrade [07:33] fling: how did you remove please? [07:33] dpkg --purge --force-all policykit-1 [07:33] (the way you told me) [07:33] oh [07:34] ubuntu is full of tinkering!! :D [07:35] fling: dependecy hell is mostly caused by the user itself :p [07:35] nothing systemd related in the ppas I used. [07:35] Only gallium nine stuff. [07:36] like wine and libgl replacements [07:36] with broken deps to ncurses and mesa but this is another story! :D [07:39] lotuspsychje: the main problem is Failed to connect to bus: No such file or directory Failed to talk to init daemon. [07:40] /msg NickServ VERIFY REGISTER nikitau ufsnkpmqqonc [07:40] haha [07:41] lotuspsychje: issue gone in one container after the upgrade, systemd works now. [07:41] lotuspsychje: but it is still present in another container hmm hmmm need to investigate, compare /etc/inittab and other things… [07:43] lotuspsychje: missing deps in ppa are libd3dadapter9-mesa:i386 libncurses6:i386 === Class7_ is now known as Class7 === steve295 is now known as Ssstevv [07:54] I don't have /etc/inittab [07:58] fling: are you chatting from the computer right now? === lotuspsychje_ is now known as lotus|NUC [07:59] how can I mount a win10 share (everyone has all permissions there) from ubuntu when my windows-user has no password? [07:59] I tried [08:00] sudo mount -t cifs /192.168.0.XXX/drive_e/ /media/mnt/driver_e/ -o user=user [08:00] and I get mount error (13) Permission denied [08:00] any help [08:04] tatertots: yes [08:04] pragomer: should probably enter the workgroup or use smbfs instead [08:05] pragomer: or smbnetfs [08:05] fling: sudo apt install inxi sosreport [08:05] fling: let me know when done [08:05] why? :P [08:06] fling: oh excuse me, i'm sure you can address the matter yourself personally [08:06] fling: carry on [08:12] I am consistantly getting this error message upon booting ... [08:12] https://i.imgur.com/8wddC26.png [08:12] Everytime... [08:13] Taking a look at the icon being presented on the system tray, it seems to be the update-notifier ... https://i.imgur.com/bMpwpp0.png [08:14] is there a way to check what the error is? [08:29] tatertots: dxvk zombified battle.net in another container which caused this on the host -> INFO: task journal-offline:7725 blocked for more than 120 seconds. [08:30] which prevented init from proceeding in one of containers I upgraded to 18.10. [08:30] tatertots: everything works just fine after sysrq reboot [08:30] lotuspsychje: upgrading to 18.10 fixed the systemd not starting btw [08:33] 01:11:57 not funny at all!! [08:33] it's 3:30...that was funny [09:11] Gnome keeps crashing when changing between workspaces. Any ideas on how to debug/resolve this? [09:15] Get one of those internal error pop-ups. ExecutablePath => /usr/bin/gnome-shell. Cause seems to be in meta_window_actor_is_destroyed() [09:17] hey, my syslog+kern is being filled up with audit messages even though auditd id not running [09:22] n8w___: for AppArmor? yeah, that's normal. auditd is just to listen for and separate them out in logging. [09:23] blackflow: aight, but i cant find a way to turn it off... [09:25] blackflow: so the question is how do i completely turn it off? [09:27] n8w___: I don't think you can [09:30] blackflow: now it logs a lot of stuff that it didnt before, like chrome etc...so smth must b wrong [09:30] n8w___: pastebin what you think is wrong, and note that AppArmor profiles are constantly evolving. [09:32] n8w___: btw, iirc if you install auditd then audit trails are being logged only by that, though I'm not sure if that's the case now with systemd. you can also filter them out at the syslog level (which doesn't affect the journal though). [09:34] blackflow: ok, thx i will look into it [09:58] hi people as soon I remove a drive my setup my ubuntu doesn't start normal I have checked the disk is not even in fstab or no installed grub on. what shall do next to solve this? :S [09:58] very annoying :( [09:59] XsiSec: define "normal" [10:00] I have lvm encryption on my OS it load some text stuff and then its a time loader and tr to slice xxx [10:00] try* [10:00] XsiSec: I don't understand what you mean. Can you pastebin an example from logs or something? [10:01] I could but how can I post to logs when I am not able to start normal if it goes almost into rescue mode? [10:03] XsiSec: well "goes into rescue mode" is the vital clue here you only just mentioned now. Was that disk a PV in the LVM? [10:03] lvm [10:03] XsiSec: yes, the drive you're removing, was it a PV in that setup? [10:03] PV? [10:04] physical volume [10:04] yeah [10:04] was it part / a member of, the volumes [10:04] I could give u some output hold on [10:04] well yeah, you can't do that without removing it as a PV [10:06] the disk is fully encryped with veracrypt and not automounted [10:09] XsiSec: if the disk was a PV element in the LVM setup, you need to remove it as a PV element from the LVM setup. look into `pvmove` and `vgreduce` commands. [10:09] XsiSec: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/logical_volume_manager_administration/disk_remove_ex [10:09] blackflow, I have looked into those commands but I couldn't find any command that fit my needs. [10:09] also it says the disk doesn't exists [10:09] XsiSec: and what are your needs? [10:09] I want to remove the PV but keep data [10:10] you might could give me some support [10:10] XsiSec: you can't just yank out the disk without first demoting it from the PV status [10:10] if you do, you create an error state and data corruption [10:10] ok [10:10] I _am_ giving you support. This is all I have based on info you're providing. [10:10] ok [10:11] so to be able to remove the harddrive what is the first command I need to run within 'vg*'? [10:11] XsiSec: read the document I linked above, it's a step by step explanation. [10:12] Hiyas all [10:12] XsiSec: in short, you must first `pvmove` the extents, before you can `vgreduce` the VGs and remove the disk/PV as their provider. [10:13] Hi - I have install ubuntu server on a machine on my local network at home. I changed it over to a static IP (since it seems my router can't do port forwards based on host name), but since that I cannot ssh to it. [10:13] something quite interesting though when i run ' pvs -o+pv_used' I only see one drive that means I guess its not even in the vg-group? [10:13] XsiSec: but that assumes the disk is online and any encryption first unlocked, if the LVM is atop of encryption [10:13] I have purged an reinstalled openssh-server a few times [10:13] XsiSec: is the disk online and attached? [10:13] If I try to ssh from the server to localhost it is fine [10:14] Same if I ssh to the ip address [10:14] However, from any other machine in the house it fails [10:14] blackflow, I dont get exactly what online means but if I run fdisk -l I can see 'dev/sda'. but I havent mounted it within veracrypt === ervin is now known as Guest2682 [10:15] They are all behind the same router, and all machines have internet access (including the server) [10:15] geekosaurus: what's the exact error message you get when you try to connect? [10:15] XsiSec: attached and a working part of the groups [10:15] Just a sec: [10:16] XsiSec: well yes, if LVM is atop of encryption, you _first_ have to unlock encryption [10:16] blackflow, I could send you some output to answer your question tell me what to run i terminal. [10:16] XsiSec: I have no idea how to use veracrypt [10:16] oh - a new one now since I rebooted: [10:16] debug3: load_hostkeys: loaded 1 keys from 192.168.1.201 [10:16] @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [10:16] @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ [10:16] @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ [10:16] IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! [10:16] !paste | geekosaurus [10:16] geekosaurus: For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. [10:17] but since its unmounted just recognized in as 'dev/dev/sda1' why do I need to use pvmove? [10:17] if its not even in the vg group [10:17] I guess [10:17] geekosaurus: this is on your client side. well yes, if you reinstalled openssh (and it re-created host keys), then you must remove the previous keys from ~/.ssh/known_hosts (just delete the line) [10:18] ok. i will follow the instructions in the error msg. [10:18] XsiSec: 1) unlock the encryption, 2) do the steps as described in that document, primarily `pvmove` to move the extents first. if there's no room for them, you'll have to add a new PV (new disk) to take over the extents. [10:18] ok [10:20] so now I get the same message I have been fighting since yesterday [10:20] blackflow, https://pastebin.com/hfmKb3k9 [10:20] :S [10:20] I pasted it at past.ubuntu.com [10:21] machine [10:21] https://paste.ubuntu.com/p/4q8j2rjTTg/ [10:22] XsiSec: you have to UNLOCK it first. then it becomes probably something under /dev/mapper/ I don't know what veracrypt does [10:22] you mean decrypt? :/ [10:22] XsiSec: yes [10:22] geekosaurus: did you change the server-side openssh config? sshd_config? [10:23] yes, I have set AllowPasswordAuthentication to yes [10:24] geekosaurus: that's not a valid directive. do you mean PasswordAuthentication ? [10:24] Yes, sorry, typing from memory - the server is downstairs in the basement [10:25] geekosaurus: you'll have to pastebin the server side logs [10:25] ok. give me a few minutes pls. [10:29] blackflow, did you mean temporary? [10:30] XsiSec: temporary what? look. I think we're going in circles here. you have to unlock the drives IF the encryption is UNDER the LVM. can you confirm that? That it is, and that you have unlocked the drive? [10:31] we talking to different languages here I think I think I might been unclear unfortunately sorry [10:31] XsiSec: please if volunteers ask you things, be specific [10:32] XsiSec: the more info we get from you, the better we can help [10:32] lotuspsychje, really? [10:32] no shit sherlok [10:32] I put the discussion on ice thanks ^ [10:32] thanks for help blackflow [10:35] XsiSec: you're welcome [10:37] u [10:38] blackflow: i think ive moved on a bit...so, i think my first problem is that auditd.conf file is missing, but auditctl -s is returning config parameters... [10:38] I restarted the ssh service (with debug3) and tried to log in again. The log is here: https://paste.ubuntu.com/p/R83MVMNGzn/ [10:38] Note: I can ssh from the server to other machines if that helps [10:39] blackflow: ive tried reinstalling auditd, but it didnt help...auditd.conf is still missing... [10:39] n8w___: does it not start and work automatically upon installation? [10:41] geekosaurus: there's no log in attempt logged there. are you sure you're trying the _correct_ machine and/or port? you mentioned ip addresses changed... [10:41] blackflow: when i installed auditd for the first time, it was there, but then i made a purge and tried to compile the newest version of auditd and since then all problems started... [10:42] n8w___: compile? yeah well, now you broke something because you polluted your system with files that might be clashing with teh packaged software. I'm sorry, but that's not supported here in #ubuntu [10:42] blackflow: this is what confuses me beyond belief. the ip of the server as of now is 192.168.1.201. I have verified this via ifconfig on the server, and it shows up just fine in the router. [10:43] blackflow: ye ok...fair enough [10:43] n8w___: all I can tell you is try to `apt purge auditd`, then try to identify any files your local make install (did you use that?) overwrote. maybe there's an alternate location for the conf file that the daemon is trying first? I don't recall, haven't used it in ages [10:44] blackflow: yep...will do so... [10:44] blackflow:if i try to ssh to the old address i get no route to host, which is some comfort at least [10:45] n8w___: also try forcing new config for apt/dpkg. apt install -o Dpkg::Options="--force-confask" auditd [10:47] blackflow: ok [10:47] blackflow:if I run ssh with extra verbosity, then the logs indicate that I do connect to the server: https://paste.ubuntu.com/p/rstZSw72yx/ [10:47] geekosaurus: not sure how to help you there. if you're trying to log-in to the correct machine, that machine will be logging the attempts, so please confirm that first, that the machine is correct and the attempts are logged. [10:48] geekosaurus: and are there corresponding entries on the server side? [10:49] blackflow: no. the log is as I pasted. really frustrating, usually these things work and I can figure it out (slowly) with some help from google. [10:50] geekosaurus: then that's not the machine :) you can confirm connection attempts with tcpdump. run (As root) tcpdump 'port 22' on the server, try connecting again, and tcpdump should produce output. if it odesn't, then you're 100% on the wrong machine. [10:50] geekosaurus: earlier you mentioned port forwarding. you sure that's not still in effect and you _think_ you're connectign to one IP while it's being forwarded to another? [10:52] Have an internal repository added to my machine, apt keeps reporting that it's signature is invalid, however I can use gpg directly against /etc/apt/trusted.gpg to verify the Release using the Release.gpg file, how do I debug what apt is doing differently? [10:53] blackflow:The port forwarding is set up on the router from the WAN ip only, pointing to this machine, and port 22 is not one of the ports I am forwarding. Good point though: I will bring the router back to the config from before the troubles and see what happens. [10:53] blackflow: thank you [10:53] geekosaurus: you're welcome [10:53] hi@ll, fail@SRCIPT: searching for port....if found:ITsRUNNING else:startMyScript lsof -P | if grep -q 58999; then echo ITsRUNNING /home/user/folder/script.sh fi something is going wrong. :/ [10:55] geekosaurus: one other point, are you consulting correct logs on the server? journalctl -fu ssh.service will tail the service logs directly from the journal. otherwise I think syslog is logging those to /var/log/auth.log [10:55] hi@ll, fail@SRCIPT: searching for port....if found:ITsRUNNING else:startMyScript lsof -P | if grep -q 58999; then echo ITsRUNNING else /home/user/folder/script.sh fi something is going wrong. :/ [10:56] 'gpg --no-default-keyring --keyring /etc/apt/trusted.gpg --verify /var/lib/apt/lists/partial/ /var/lib/apt/lists/partial/.FAILED' works with an exit code of 0 and reports "Good signature from ...." so why doesn't apt accept this? [10:57] tempy: can you upload the line in a pastebin exactly as what you're using? [10:57] There is a warning about the key is not certified with a trusted signature, is that warning sufficient to cause an issue? === BurekzFinezt is now known as Burek [11:08] blackflow: ok, so ive got all the configs etc....now it behaves as expected, but i keep gettin thse anoyin seccomp msgs [11:08] blackflow: type=SECCOMP msg=audit ... syscall=273 [11:09] blackflow: the initiator is chrome.... [11:09] n8w___: why are you so concerned that those are logged, unless you want to amend the profile? [11:10] if it's even possible, some software is ..... designed to do insecure or impossible to confine tasks ..... [11:10] blackflow: bcause everytime i open a tab or a new window a bunch of those pops up [11:10] blackflow: in the audit.log [11:10] n8w___: so? [11:11] n8w___: also, can you pastebin exactly the audit entries? [11:12] blackflow: yep hang on [11:14] need help in formatting the "date format", displayed by an application (deluge torrent client). i have modified regional format , that doesn't seems to effect it. any suggestion ? === gislaved64 is now known as gislaved [11:18] i have configures date format in locales as , < d_t_fmt "%d.%m.%Y %I:%M %p" > [11:19] but application is still displaying in format :