[00:00] any recommendation on block size for dd [00:00] or just leave it default? [00:00] i always look it up since i always forget. i think 2M or 4M [00:00] yay, found solutions in lenovo's forums... :D [00:01] https://forums.lenovo.com/t5/Other-Linux-Discussions/ThinkPad-E485-E585-Firmware-bug-ACPI-IVRS-table/m-p/4328542/highlight/true#M13114 === Lord-Kam_ is now known as Lord-Kamina [00:02] jrgilman: https://stackoverflow.com/questions/6161823/dd-how-to-calculate-optimal-blocksize points to https://raw.githubusercontent.com/tdg5/blog/master/_includes/scripts/dd_obs_test.sh (unless you prefer the C there) [00:05] so in my case it'd actually be obs=128M [00:07] i assume the block size needs to be a common denominator of both of the drives [00:09] good point. :) [00:11] i'll just use 64K and call it a day [00:11] it's already gotten through 10GiB in the time it took to write that message brb === jje_ is now known as jje [00:26] lope: so i'm not sure you noticed this when reading the "Solving Linux MTRR problems" article - this memory allocation issue (which mostly seems to occur with non nvidia hardware on non-recent mainboards) can very well cause graphics performance to suffer. so this may well be why "graphics are crap" - if you see the same messages on your on-disk install. [00:54] what does it mean when you do sudo apt-get upgrade and it says "X" amount will be upgraded and "X" amount will be held back? What is the purpose of it NOT upgrading all of the packages and holding some back? [00:55] Biessie: sometimes that happens if a package update would bring in a *new* package via dependencies; or if there's no way to reconcile versioned dependencies, breaks, and what's available to install [00:55] Biessie: maybe a sudo apt upgrade would do the job -- apt upgrade uses different rules than apt-get upgrade; apt upgrade is usually better [00:56] oh i thought they were both the same! [00:56] thanks for that. ill stop using apt-get [00:56] Lol.. noob here [00:56] I've got the opposite problem; more than twenty years typing apt-get update && apt-get -u dist-upgrade [00:57] I don't think the -u even does anything any more [00:57] I'm trying to get the hang of apt update && apt upgrade, but it's hard to make changes :) [00:57] Habbits are hard to break thats for sure === [1]MrMobius is now known as MrMobius [01:05] and i'd recommend `apt full-upgrade` generally [01:05] that's what will try and resolve the "held back" packages, iirc [01:07] okay tomreyn that's done, probably finished a while back but had to go take care of a few things [01:08] so I should try running pvck on one of these [01:08] I just installed nvidia-430 and my system boots in low graphics mode. i'm to have vga_switcheroo as the default gpu is the built in intel one. VGA switcheroo worked until update [01:08] like, i could play games and just use a browser, with the screen switching between GPUs [01:10] is genewitch's problem not the exact thing lope was talking about? === zbenjamin is now known as Guest40699 === zbenjamin_ is now known as zbenjamin [01:10] I just got here unfortunately. I am running 16.04.whatever, apt ugraded [01:11] nvidia-430 [01:11] unsure [01:11] i wasn't really following but he was talking about somekind of optimus/nvidia-430 issue i believe [01:12] oh i can try 418 [01:16] i purged nvidia-430* and it boots up [01:19] genewitch: lspci -k|grep -iEA5 'vga|3d' in a pastebin and I can see what Nvidia driver is recommended . [01:19] tomreyn: well i tried pvck but it couldn't "find LVM label on /dev/mapper/encrypted" [01:20] but I had another idea, using testdisk i was able to grab the /etc/lvm folder from that drive, could i use these to rebuild LVM? [01:20] Bashing-om: http://ix.io/1QcY [01:21] genewitch: Looking :) [01:21] Bashing-om: appreciated [01:24] genewitch: Nvidia says 318 version: https://www.nvidia.com/Download/driverResults.aspx/149219/en-us . Have you also removed the old nvidia config file ? [01:24] Bashing-om: i haven't. I got 418 installed [01:24] and it reboots, perhaps i should purge the config as well [01:25] genewitch: Yeah .. and then try re-generating ' sudo nvidia-xconfig ' . [01:26] I got it. It looks like they changed automatic xrandr (or whatever vga_switcheroo uses) so i have to pick intel or nvidia [01:28] thanks [01:28] genewitch: Glad I could help - good it was a simple thing here :) [01:29] Bashing-om: when you said 318 was that a typo [01:29] ah it was. no worries. yep, had i known about that page that you linked i wouldn't have had any issue :-D [01:32] genewitch: Ouch ! yet typo .. 418 version is recommended :( [01:33] !info nvidia-driver-418 xenial [01:33] Package nvidia-driver-418 does not exist in xenial [01:34] !info nvidia-418 xenial [01:34] Package nvidia-418 does not exist in xenial [01:35] you have to do the ppa [01:35] genewitch: Hetting the 418 driver ^^ from pur trusted PPA ? [01:35] Bashing-om: yes [01:36] genewitch: Tired and not paying attention - good to go then :P === [b0b] is now known as b0b [02:32] god I really messed this thing up [02:32] tried restoring LVM with pvcreate but the uuids have changed [02:49] I still can’t find a solution to my amd A10 on an MSI fm2 board rebooting when i suspend [02:49] I’ve been looking for someone with the same problem fro a while. I’ve seen some related to Asus laptops but not an A10 or anything that helps. [02:52] jrg: what settings have you tried? [02:53] Nothing really.. I’m trying to find a setting to try. I’m guessing ACPI=off wouldn’t work because it would disable the power management altogether and probably result in a shutdown. [02:53] And i really can’t find too much related to grub settings for acpi [02:53] And tbh i’m not even sure if acpi is the issue. I disabled quickboot etc in the bios. [02:54] jrg: aha, check out systemd-sleep.conf(5) -- perhaps hibernate will work well enough, and perhaps that's sufficient for your needs [02:55] jrg: here's the documentation from the upstream kernel on the different settings that you can put into SuspendState: https://www.kernel.org/doc/Documentation/power/states.txt [02:56] sarnold: i’d really try to get actual suspend to work first if i can. [02:56] GRUB_CMDLINE_LINUX="acpi_sleep=nonvs" is one i haven’t tried yet. [02:56] Let me see if that does it. [03:03] Nope. :/ [04:09] Ugh. Seriously MSI [04:09] Their bios update is an .exe [04:09] That HAS to be run on a windows box.. instead of just putting the stupid bios files in a zip [04:25] jrg: have you tried running unzip on it? if it's a self-extracting archive then unzip might be able to handle it. I know winzip did. [04:44] Yes heh [04:44] Didn’t work. [04:44] It isn’t that.. i just don’t have a legit windows box to run it on [04:44] MSI FORCES you to run it on a windows box ON A THUMB DRIVE heh [04:44] No idea what that’s about... it’s an awful way of doing it [04:45] Could have been worse though I suppose. I could have had to dig up a floppy drive lol [04:50] morning! how could I achieve a more "stock gnome" look in ubuntu 19? Always liked Ubuntu Gnome. Before I start messing everything up.. maybe there is a theme/pack that does this in one go? thanks for any pointers [04:58] bazi, this is valid for 19.04 too https://itsfoss.com/vanilla-gnome-ubuntu/ [05:00] OerHeks: ah, good to know. Let's see if it breaks things [05:01] ty [05:02] well.. break.. the only thing that was disappointing last time was night light not working with wayland. the rest worked well [05:02] and something about fonts/hinting :) [05:02] .. and no wobbly windows [05:03] on a scale of 1-10, how hard is it to completely build ubuntu from source? i.e., i want to start with a bunch of source files, maybe some .deb files as needed, and end up with an 18.04.2 desktop iso which has a sha256sum of 22580b9f... (as proof of concept/learning experience) [05:04] OerHeks: ubuntu is still x11 IIRC [05:04] (as default) [05:04] ? [05:04] bazi, yes [05:08] OerHeks: that is pretty much what I wanted, thanks. Also: wayland now does nightlight so I am happy :P [05:17] rigel_: 11 [05:25] rigel_: you may be able to compile your own distro from scratch and make it look just like the original but ending up with the same hash.. good luck :) [05:44] the vanilla-gnome-* package is neat [05:53] i don't even need to use it. or create my own operating system, just build one to check against a successful output. anyone have any resources? [05:55] rigel_, that would be beyond the scope of this channel [05:55] OerHeks: thanks for trying :) [05:55] "own operating system" [05:55] !build [05:55] Compiling software from source? Read the tips at https://help.ubuntu.com/community/CompilingSoftware (But remember to search for pre-built !packages first) [05:55] <`mist54> hey guys, any way i can install libconfuse1 on my ubuntu 18.04? I'm trying to install something called "telldus-core" but i'm getting a dependency failer and i only see libconfuse2 available [05:55] like with gentoo [05:55] good start [05:56] or maybe just a bunch of prebuilt packages, a kernel and then tie it up in an iso [05:58] never heard of telldus-core, libconfuse is in the repos https://launchpad.net/ubuntu/+source/confuse [06:00] maybe that telldus-core is absolete? [06:01] hmm https://github.com/telldus/telldus/tree/master/telldus-core [06:03] <`mist54> yeah it's a bit old but i need the software =/ do you recommend i install ubuntu 16 instead? [06:04] <`mist54> i tried symlinking the libconfuse.so.2 to libconfuse.so.0 to try and "trick" telldus, but it seems it's incompatible [06:12] `mist54: maybe there's a ppa? [06:41] Hello [06:42] does ubuntu still have systemd-udevd bug that cause a thread to run at 100%? [06:45] iamfree, if you know the CVE, look for youself as to state for each release [06:45] iamfree, ^ https://people.canonical.com/~ubuntu-security/cve/ [06:45] (sorry I forgot the url) [06:46] and maybe hardware specific? [06:47] mist54 i have no clue, other than to try to compile from source? https://launchpad.net/ubuntu/bionic/amd64/libconfuse1 [06:49] @guiverc2: how do i search? [06:51] find the CVE (bug ID), then search, eg. CVE-2019-10168 is a recent bug; you enter that into the field [06:52] iamfree, you described a symtom of a bug which probably fits 30-80 bugs, the CVE is the number given to a specific bug [06:57] iamfree, some companies (eg. microsoft) hate applying CVEs to bugs as they can easily then be tracked; if it was 'minor' and only impacted a single Ubuntu release it may only have a launchpad bug id (not a CVE); but your description made me think of generic kernel issue which would have CVE [07:03] some snapd process iirc, but that was weeks ago [07:24] guiverc2: I don't know wether it has in cve but on github there is... it because udev loop bind/unbind it even make my pop os boot longer and shut down sometimes hang. I ask because I want to install ubuntu since this bug also affect ubuntu 18, I just hope it got fix in 19... [07:25] there is workaround but only for 100% thread usage but don't fix the boot problem... [07:27] oops! sorry, not in github but laumchpad... https://bugs.launchpad.net/bugs/1759836 [07:27] Launchpad bug 1759836 in linux "systemd-udevd consumes 100% of CPU" [High,Confirmed] [07:59] hi, I can print with lp -d but not within the print menu of firefox, libreoffice or any software [08:00] I don't see any error in cups logs [08:00] any ideas ? [08:01] (what is there betweem an application trying to print and cups ? dbus ?) [08:20] Guys, I suddenly have no sound anymore on my ubuntu 18.04. Any ideas on howto best debug this? [08:22] adac: What does alsamixer say about its volume? [08:24] EoflaOE, https://ibb.co/wY8X0Sb [08:25] Should be correct or? [08:26] adac: Auto mute is enabled. Disable it, run "alsactl store", then reboot to see if sound works. [08:27] EoflaOE, Ok I see thanks so much. I cannot reboot now but only later. Coming back then! [08:28] adac: You are welcome. === macroprep_ is now known as macroprep [09:13] jrgilman: https://www.thegeekdiary.com/corruption-or-accidental-deletion-in-lvm-how-to-rebuild-lvm-from-archive-metadata-backups-in-rhel-centos/ [09:15] jrgilman: that's how you could reuse the previous /etc/lvm/archive directory to restore your LVs. [09:18] jrgilman: and hit is how you could reuse the previous /etc/lvm/backup directory to restore your LVs: https://www.assistanz.com/lvm-partitions-recover/ [09:20] how to permanently remap caps lock do home key the easy way? [09:21] http://xahlee.info/linux/linux_capslock_do_home_key.html this solution didn't work in ubuntu [09:39] Is it possible to continue reading with less where you left off after a reboot? is this possible using dtach? do socket files survive a restart? [09:44] parak0vsky: how did it "not work"? did it keep acting as caps lock? did the xmodmap command itself fail? [09:44] parak0vsky: check the output of `xmodmap -pk` to see the current mapping - maybe caps lock is a different key code on your machine (unlikely, but who knows) [09:50] Hello [09:51] Anyone could help me with this , I have 18.04.02 LTS and this morning I had an update for kernel , I did update the kernel without looking at the version , yes my mistake , and I was given Kernel 5.0 by the Updater somehow [09:51] And it did mess up my system [09:51] Any explanation how could this happen ? is it from my side or ubuntu's side? [09:51] hi nightowl1 [09:52] Hey OerHeks [09:52] And it was non-signed [09:52] i fixed 2 machines b booting kernel 5 in recovery mode, then run dpkg option to fix packages, then booting again [09:52] I fixed that by reverting to the old kernel but it was painful , because it messed up virtualbox [09:53] correct, https://paste.ubuntu.com/p/N2NZ7mmJ2M/ [09:53] I reverted to 24 [09:54] Even though as far as I know 25 was working correctly but it did surprise me a bit that I was given 5.0 and it wasn't signed [09:54] And it broke VirtualBox [09:55] oh oke, file a bugreport for that? [09:55] I belive so I will do [09:55] to VB or Ubuntu? [09:56] But now when I check for updates even with Kernel 4 24 , I get that I am up-to date [10:00] nightowl1: did you remove the kernel or just use grub to boot the older one? if grub then its still in apt so itll say you're up to date [10:20] Hi folks [10:23] EriC^^, I have solved the problem by going back to kernel 5 , removed VB 5 and install VB 6 [10:27] nightowl1: can you sum up what is / was 'the problem'? [10:28] nightowl1: i understand you're saying you're on 18.04 with HWE kernel, which upgraded to 5.0 recently. And when you booted into this new kernel image this somehow caused problem - but it's unclear which? [10:29] I will explain better : I came to my PC this morning saying there is a kernel update , I didn't check what version , I just clicked install, and indeed that was my mistake , but when the kernel installed and I have restarted , I was welcomed by a System Error message saying that there is a System Error [10:30] It was Virtual Box 5.2 not being able to load it's drivers for the kernel [10:30] VB 5.2 from Ubuntu depo [10:31] And why it was assigned as "Not Signed" the 5.0 kernel image [10:33] nightowl1: so the 'only' issue seemed to be that virtualbox modules are not secure boot signed, or were there other issues? [10:34] he is still on Kernel 4 24 if i read correct [10:34] I was at 4 25 , I was given to update to 5 , I did update without looking at the version number [10:34] Ubuntu has listed Kernel 5 as it's not signed by Ubuntu [10:35] Kernel 5 broke VirtualBox that is downloaded from Ubuntu depo itself [10:35] I reverted back to 4 24 , and then again , removed VirtualBox , installed Kernel 5 again , Installed VirtualBox 6 from Oracle [10:35] restarted [10:36] VirtualBox 6 is working fine with Kernel 5 [10:36] I am now with Kernel 5 and VirtualBox 6 [10:37] thanks. so the VB kernel modue was indeed the only issue with booting into linux 5.x for you, that's good to know. [10:37] it's not really a mistake that you went to the 5.x kernel, nothing to blame yourself for. the HWE kernel package (intentionally) points to this kernel version since recently. [10:38] I will report that to Ubuntu [10:38] But I was a little bit surprised , looking at the earlier Kernels , they are all signed by Ubuntu , and then looking at Kernel 5 finding it not signed [10:38] I thought the update was kind of a mistake [10:39] https://usn.ubuntu.com/4069-2/ [10:40] Thank you [10:40] thanks OerHeks [10:41] guiverc2, i fixed the failing boot with recovery > dpkg fix packages [10:41] but i see an unsigned kernel too [10:43] I have done exactly like this instructed by another user from ubuntu-mate channel : [10:44] "uninstall virtualbox, then run `apt install linux-generic-hwe` to install the meta package that you removed, then install vbox 6 from oracle site" [10:44] Yes I have purged 5.0 images and headers [10:44] before trying to back to 5.0 [10:44] to go back * [10:48] ayekat: it didn't survive reboot or sleep mode [10:49] parak0vsky: well yeah, you'll need to reload the config when you restart X - but it should usually survive sleep (unless sleep kill X as well) [10:51] I've got to admit I'm actually not quite sure how xmodmap interacts with display managers (like gdm or lightdm) - maybe sleep modus triggers the DM, and this resets the xmodmap settings...? [10:59] nightowl1: i think if you read the ATTENTION paragraph at https://usn.ubuntu.com/4069-2/ this may explain what you experienced there. [11:03] Yes I did read that tomreyn , I just didn't know all of that before the update :( , lesson learned I guess [11:16] Guys, my syslog on 18.04 rotates every day. But right now I'm having missing exactly 1 day of logs between the tail of syslog.2 and the head of syslog.1... how is that possible? [11:16] http://paste.debian.net/1093831/ [11:17] I'm missing exactly 1 day* [11:18] courrier: did you copy those files from /var/log to ~/debug then? [11:18] tomreyn: yes I scp-ed them from the server [11:18] does the systemd journal also show this gap? [11:19] Does ubuntu supports openrc? [11:20] mmmmh I don't know tomreyn, I have to move to another building to check because the server is not connected to the net [11:20] Can it be linked to this DNS error? [11:21] kreyren: i don't think so. at least i can't find any packages using "apt search openrc" on ubuntu 18.04 [11:21] tomreyn, any way to get openrc on ubuntu? [11:21] usecase: frankendebian [11:22] (devuan is considered already) [11:24] Self-correction: no it's not related, the server is disconnected from the net so it's normal it can't reach 208.67.222.222, and it shouldn't prevent it from logging properly [11:24] courrier: i don't know how the dns server would be relevant there, unless the system logs remotely. but you're saying it doesn't have a network connection, so i guess that's not it. [11:24] ;) [11:25] kreyren: i don't know, i never looked into openrc. [11:26] Might be due to a temporary power outage though, could it behave that way? [11:26] The server reboots automatically in cse of power outage [11:27] It's very strange that it matches the exact time of log rotation 6AM though... but maybe if journald has no time to dump the logs on disk? [11:33] Hi all! I'm trying to install some packages on 18.04 during CI builds, but apt is prompting whether to restart services or not. I am invoking it with `DEBIAN_FRONTEND=noninteractive sudo apt install -y --force-yes ...` which I assumed would prevent any prompts from appearing. What am I doing wrong? :) [11:36] Xano: Can you export DEBIAN_FRONTEND? Do "export DEBIAN_FRONTEND=noninteractive". If finished, try the sudo command again, but pass -E before the command [11:38] Hi. A friend's ubuntu machine fails to boot. Is there a way to interrupt the grub process. Is grub timeout by default set to 0? [11:39] frikinz: If Ubuntu is the only OS, then I think it sets timeout to 0. [11:39] Xano: use apt-get, not apt, for automation (as apt tells you every time you use it - unless you discard stderr, which you probably should not) [11:39] EoflaOE: ok. so the recovery menu is not reachable. Weird. He'll probably access it from a live disk [11:40] frikinz: hold down shift while booting to bring up the grub menu on (legacy) BIOS boots. On UEFI boots, repeatedly hit Escape during boot instead. [11:41] tomreyn: he told me he tried both shift and escape. Left shift? [11:41] frikinz: and he will need to mount necessary partitions to chroot to his installation and go to grub configuration file and set the timeout. [11:42] frikinz: i think both would work, but left shift definitely should on bios booting systems) [11:42] I guess he'll just used the livecd, mount /boot and change timeout and reboot. [11:43] frikinz: I recommend setting timeout to 30 secs [11:44] Yes, I find it a bit weird that by default its 0 unless you have a physically secured system. [11:44] Ok thanks, I forwarded him your advices. a nearly 60 years old guy :) And he doesn't even have windows on the machine. [11:45] frikinz: I confirmed this on my Ubuntu 19.10. You are welcome [12:04] EoflaOE, -E did the trick. I should have known. Thanks a lot! [12:05] hi, I can't print with sorftwares, only with lpstat. Nothing in cups logs, any ideas ? [12:05] tomreyn, Hah, I have no excuse. Thanks for bothering to point that out :) [12:05] Anyone here can point me in the right directions to install debug symbols for libgdk-3.so? https://wiki.ubuntu.com/Debug%20Symbol%20Packages shows me how to add repos, but I cant find the right package [12:17] freddyb: many of these questions are easier to answer with installing 'apt-file' [12:19] Ah. Yeah. [12:19] freddyb, http://ddebs.ubuntu.com/ubuntu/ubuntu/dists/bionic/main/binary-amd64/Packages [12:19] freddyb: for example it tells me: "libgtk-3-0-dbg: /usr/lib/debug/usr/lib/x86_64-linux-gnu/libgdk-3.so.0.1800.9" [12:19] got it [12:19] thanks! [12:21] Xano: You are welcome. [12:32] Xano: :) you're welcome! === janco_ is now known as janco === im0nde_ is now known as im0nde [13:37] i'm trying to upgrade from 'Ubuntu 16.04.6' [13:37] sudo do-release-upgrade is give me 'Please install all available updates for your release before upgrading.' [13:37] giving* [13:41] the system isnt up to date, then? [13:41] sudo apt update, then sudo apt full-upgrade [13:42] compdoc: I did everything update to step 3 https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-ubuntu-18-04 [13:42] up to* [13:42] compdoc: I did everything up to* to step 3 https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-ubuntu-18-04 [13:43] codecutter>, did you reboot after? [13:43] yes [13:44] after reboot [13:44] 0 packages can be updated. [13:44] 0 updates are security updates. [13:45] codecutter: Does it still ask to update all packages? [13:45] no [13:45] you mean after reboot? [13:46] codecutter: After updating all the packages and rebooting [13:46] no [13:46] its only when i do :sudo do-release-upgrade [13:46] Checking for a new Ubuntu release [13:46] Please install all available updates for your release before upgrading. [13:47] here is what i see after reboot [13:48] 0 packages can be updated. [13:48] 0 updates are security updates [13:48] New release '18.04.2 LTS' available. [13:48] Run 'do-release-upgrade' to upgrade to it. [13:49] codecutter: looks like you upgraded to 18.04 already [13:49] either fully, or partially [13:49] oh actually not, i misread, sorry [13:49] you miread [13:49] misread* [13:50] right, sorry ;) [13:50] codecutter: can you show sudo /bin/true && cat &>/tmp/aptlog < <(sudo apt-get -qqy update 2>&1; apt-cache policy 2>&1; sudo apt-get -syV full-upgrade 2>&1;); nc termbin.com 9999 just run it, it'll produce a http address to share [13:50] what does this do? [13:52] it updates the list of available package updates, prints the apt policy, pretends to install all pending updates (but does not do it). then gatheres all those outputs and uploadds them to termbin.com [13:52] any personal info? [13:52] codecutter: apt is not getting personal info. It's safe [13:53] none but your installed packages, i would think. let me try quickly [13:53] here's mine: https://termbin.com/zlrp [13:53] https://termbin.com/vu6y [13:54] so the pending cloud-init upgrade will be the cause for the message [13:54] codecutter: Did you lock cloud-init? [13:55] i would have to know what it is first [13:55] apt-mark showhold [13:55] ^ does this output anything? [13:55] yes [13:55] cloud-init [13:56] you (or some software you installed) seem to have chosen to hold the cloud-init package on the very version it is on now [13:56] i.e. version 0.7.9-113-g513e99e0-0ubuntu1~16.04.1 [13:56] !info cloud-init xenial [13:56] cloud-init (source: cloud-init): Init scripts for cloud instances. In component main, is extra. Version 19.1-1-gbaa47854-0ubuntu1~16.04.1 (xenial), package size 387 kB, installed size 1925 kB [13:57] how do i fix it? [13:58] anyway to check which software ? [13:58] codecutter: if you are not aware of a reason why cloud-init is being held on this outdated version, you can allow the upgrade by using: sudo apt-mark unhold cloud-init [13:58] then sudo apt update && sudo apt full-upgrade [13:59] before you upgrade, as a general precaution, also ensure you have complete, proven restorable backups. [13:59] https://www.digitalocean.com/community/questions/do-i-need-cloud-init [14:02] so apparently digitalocean marks this package as held on their ubuntu installations. this faq does not explain why they would need to use this outdated version. [14:03] you can probably remove it safely, but this may break some functionality which can be controlled from their web interface, such as assigning a fixed ip address to the system, or changing its hostname. [14:03] https://www.digitalocean.com/community/questions/why-cloud-init-is-kept-back-in-a-new-droplet-with-ubuntu-16-04-while-doing-an-apt-upgrade [14:04] "I had the same problem and it seems like a strange situation to me. Anyway, I fixed this by installing the cloud-init package: sudo apt install cloud-init." === Grayson is now known as GraysonBriggs [14:04] do i install it? [14:05] codecutter: Remove hold first then install it. [14:05] Ubuntu 18.04.3 is supposed to be released today where is it ??? [14:06] will this fix issue? [14:06] analogical: and a wonderful day to you as well. a day, which is not over, yet. [14:06] i.e. no side effects? [14:06] analogical: This should be on releases.ubuntu.com. Can't you find it? [14:07] EoflaOE, if I could I wouldn't be asking would I? [14:07] codecutter: you'd need to check with DO on this. they chose to deviate from standard ubuntu there. [14:07] yes you maybe =, right [14:07] analogical: yes [14:09] https://wiki.ubuntu.com/BionicBeaver/ReleaseSchedule [14:09] codecutter: personally, i would not be worried. worst case, what could happen is that the system will have incorrect ip configurations, something which can be solved via serial console or other out of band access. i *think* DO provides such, but you'd best check this works beforehand. [14:12] analogical: it is delayed for a week [14:13] EoflaOE, how do you know that? [14:13] analogical: Looked at #ubuntu-devel and saw that tjaalton said that it is delayed for one week [14:14] analogical: Everyone in this channel is a volunteer and does not know the exact schedule of Ubuntu releases. Also, wouldn't it stand to reason that you would wwant something released that is working late, rather than something that is buggy or broken released now just because the calendar says so? [14:16] javaJake [14:16] bashu: yes? [14:17] This is a curiosity question more than anything else, but I used the "Software Update" graphical interface and got most updates. I then restarted as prompted, and ran "sudo apt upgrade" in the console and noticed apparmor, gnome-shell, and a few others hadn't been updated. Is there any reason I shouldn't update those? [14:17] i have just installed hexdump and trying to figure out the things, could you tell me what all this is about [14:19] contacted DO [14:19] thanks [14:21] bashu, what is your question? [14:21] bashu: give a complete description of your question with an example command or printout in a https://paste.ubuntu.com/ pastebin to get answers. You tagged me but I may not be able to help. [14:21] javaJake: there is upgrade, which installs security updates and critical bug fixes (only) and there is full-upgrade, which installs those and also standard bug fixes and rolling updates (where those aren't security fixes, but they almost always are). there's no reason not to also install the bug fixes unless you're worried of those somehow interfering with your work. [14:22] javaJake: the idea there is that you can plan to have larger updates cycles when you want them, but get security and critical bug fixes as soon as possible. [14:24] tomreyn: I like that. Does the Software Updater ever make a decision to bring everything up-to-date, or does it only install critical bug fixes and security updates? [14:26] javaJake: depends on your choices at software-properties-gtk --open-tab 2 [14:27] (that's assuming you're on a desktop installation - /join #ubuntu-server for servers) === GraysonBriggs is now known as Grayson [14:28] replace -gtk by -qt if you run kubuntu / a QT based WM [14:28] Everything is checked. I always check "all the things" ;) [14:32] javaJake: if everything on tab 2 is selected, that would be bad [14:32] 18.04 with Thunar (file-manager) which uses GVFS backends. Sometime in the last week it began hanging with no response for long periods and 'journalctl -fb' revealed it is repeatedly trying to mount one of its listed 'Places' which is a remote (CIFS) network auto-mount that is only available when a specific VPN is active. Prior to a week ago this didn't cause Thunar a problem but I'm struggling to figure out [14:32] what has changed that is causing it (or one if its dependencies such as a GVFS backend) to want to access the 'Place' and therefore trigger the automount. There were security patches to GVFS early in July but I'm reasonably confident this has worked correctly since they were installed (11th July). Any ideas what I may be missing? [14:34] was there any updates to Thunar since July 11th? [14:35] pragmaticenigma: check the changelog of the package? [14:36] tarzeau: I'm not asking for myself, that was directed to TJ- [14:36] pragmaticenigma: indeed not; that was the 1st thing I looked for [14:37] javaJake: see what the drop down fields are set to, too, though [14:38] TJ-: Is there some script that could be triggering it to attempt the mount? The VPN isn't leaving a flag "on" indicating the VPN is active when it isn't? stale lock file? [14:43] pragmaticenigma: nothing of that sort... the automount is active (from an entry in fstab) and is never triggered until the user (or some process) tries to access it. The issue seems to be that Thunar is trying to access it because it is in its "places' list... times out, then repeatedly tries again and again whilst blocking in its main GUI thread, so user loses any interaction for a minute or so and this [14:43] repeats. [14:50] analogical: so 18.04.3 will indeed not release today due to some kernel issues testing brought up last minute. the exact release date is not yet fixed (but it *may* be 2019-08-08). === Grayson_ is now known as Grayson [14:58] tomreyn: check for updates daily, download and install security updates automatically, and when there are other updates display weekly. Notify me of any new version. [15:00] tomreyn: the complete set of updates not grabbed are "apparmor gnome-shell gnome-shell-common libapparmor1" per a "sudo apt upgrade". [15:00] javaJake: so those will be on the weekly cycle then [15:00] i.e. non security fixes [15:01] Ah, OK, cool. [15:01] Thanks tomreyn for your help :) I appreciate it. [15:02] javaJake: :) you're welcome [15:03] TJ-: Sounds almost like the bug I have with KDE/Dolphin ... though in that case I have the opposite issue, I can't unmount and attempting to reboot creates a hung system [15:03] TJ-: In my case I traced the issue to what I think is an issue between udiskctl and something in dolphon/KDE [15:04] vlc says DVDRead could not open the disc "/dev/sr0". what the heck do i do to fix this [15:05] i tried the instructions in /usr/share/doc/libdvdread4/README.css but that doesn't fix it [15:07] is anyone alive here [15:07] Nah. [15:07] figures [15:07] pragmaticenigma: yeah, udisks can be a problem if you don't know about the Hints that can be applied to volumes such as HintIgnore [15:07] loganrun: it can take someone knowledgeable 30m to an hour to respond sometimes. Best to be patient and do research meanwhile. [15:07] loganrun, what does 'lsblk -f /dev/sr0' show? [15:08] ok [15:08] NAME FSTYPE LABEL UUID MOUNTPOINT [15:08] sr0 [15:10] pragmaticenigma: I'm going to dig into the Thunar/GVFS source see if this 'attempt to access' Places (a.k.a GTK3 bookmarks) is unconditional - which would to the problem being lower down the stack [15:11] loganrun: have you found https://help.ubuntu.com/community/RestrictedFormats/PlayingDVDs [15:11] https://pastebin.com/D0M5wD0j [15:12] there is no install-css.sh script [15:12] it looks like the package does not include that [15:12] loganrun: check the page I linked. As of 15.10, the process changed. You are following old advice I think. [15:13] o.k. yeah I tried sudo apt install libdvd-pkg && sudo dpkg-reconfigure libdvd-pkg [15:15] loganrun: can you send a pastebin with the output of "groups" and "ls -l /dev/sr0" commands in a shell? [15:15] brw-rw----+ 1 root cdrom 11, 0 Aug 1 09:40 /dev/sr0 [15:17] loganrun: and what about the "groups" command? [15:17] groups has adm cdrom sudo dip plugdev lpadmin and the user accounts on my machine, no cdrom if that is what you are looking for [15:17] i mean it has cdrom [15:17] TJ-, maybe too old, but it might hint at something: https://bugzilla.xfce.org/show_bug.cgi?id=7373 [15:17] bugzilla.xfce.org bug 7373 in General "g_file_new_for_uri ("network://") seems to slow down Thunar's startup" [Normal,Resolved: fixed] [15:19] if I do members cdrom it does list my username from which i am running vlc [15:19] loganrun: So you have access to your drive, and, according to what you've told us, you've properly installed the software necessary to read the DVD. At this point I am just reading the page I linked and guiding you through the troubleshooting steps. There could be a hardware issue (the drive itself is defective) or the drive is set for a region that the DVD is not originally from. [15:20] javaJake: hmm, let me try another disk [15:20] loganrun: also, this page suggests that rebooting "may be necessary" [15:20] Though why that is true is beyond me. [15:23] ok seems like it is something with the disk. weird but not be able to decode it or something [15:23] thanks for the help [15:23] hey guys. Going to switch from nvidia to amd graphics next week. uninstalling the nvidia proprietary driver/switching to nouveau before sticking the amd graphics card in should be enough, right? Just want to make sure i dont end up with a black screen or something :P [15:24] loganrun: the page says you can change the region of the drive to match the currently inserted DVD, but there is a strong warning: "On delivery, most DVD drives have no region code set. The drive firmware allows you to change the region code, but on nearly all drives you are limited to five (5) changes. After the fifth change, the DVD drive will stay fixed on that code..." [15:25] that is really crazy, wonder why there is no work around for it, but it could be the issue [15:30] ioria: I checked that earlier, thanks, but it isn't applicable. In this case the URI is file:///mnt/SLBS/Data (so local as far as GTK GFile is concerned). I've checked the Thunar source-code now and there's no conditionals in the path. If there's a file:// bookmark it will always try to add a gfile_monitor watch (which uses inotify) for mounts or moved, so I'm at a loss as to what changed. Still, now I [15:30] understand it at least I know how to work around it (delete the bookmark, bring the VPN up, or disable the automount!) [15:41] padarc: you'll 'only' need to undo any hard wiring to nvidia that's been done by you or nvidia-settings or the like. [15:43] I'm having a problem with KVM kernel not booting; I get black screen that seemingly never does anything. [15:43] Log only has "Nested Paging Enabled" [15:44] padarc: i.e. move /etc/X11/xorg.conf* out of the way. undo nvidia specific changes to /etc/default/grub and /etc/mod* and /etc/environment (if any). personally i'd also uninstall the nvidia drivers but that's not strictly necessary. [15:48] padarc: make sure you have no (non module specific) "nomodeset" kernel option set (cat /proc/cmdline ; sudoedit /etc/default/grub). and switching to nouveau is a good way to prepare for it, yes. [15:48] rapidwave: what's "KVM kernel"? [15:49] Two of the alternative boot options say kvm [15:49] Oh...it's Kernel-based Virtual Machines [15:50] rapidwave: do you have "linux-kvm" installed then? [15:50] I need to either get it working or get it removed. [15:50] According to package managers....no [15:51] or linux-image-kvm ? [15:51] or any linux-image-*-kvm ? [15:51] and is this actually a KVM guest? [15:56] How do I modify grub config to just make it so the first boot option is only a comment [15:59] the easiest and cleanest method to remove a kernel off the grub menu is to not have it installed. alternatively, you can override which kernel will be booted, but this will effectively fix the kernel that is booted to a specific version. [16:02] How can I disable gdm and my gnome session without uninstalling them on 18.04? [16:03] emilsp: if you disable gdm, what would you like to boot to instead? [16:07] tomreyn: straight to my tty [16:12] hello, I'd like to use ansible on ubuntu target nodes with docker, which package do I need to install for that? [16:12] there's no `apt search` returns no results for `docker-py` and `python-docker`, Server Ubuntu 18.04 [16:12] what do? [16:13] I figured it out [16:13] I deleted the kvm kernel and updated grub [16:14] emilsp, you can run 'sudo systemctl set-default multi-user.target' ; it should be enough [16:15] pomeha, docker is in snap, i think [16:17] crap is snap [16:19] I thought snap was a great idea, but it takes forever to launch a program from there [16:25] emilsp: systemctl get-default; systemctl set-default multi-user [16:26] emilsp: to undo it later, set it back to what it is now, probably "graphical.target" [16:32] Hey all, is anyone using Ubuntu on a Dell XPS 13 9370? Do you experience wifi drops? If so how did you solve them [16:39] maldoinc: i don't, but maybe we can help you nevertheless if you'll provide more details, such as your wireless chipset + driver [[ lspci -knn | grep -EA3 '(Network controller|Wireless)' | nc termbin.com 9999 ]] and Ubuntu version [[ nc termbin.com 9999 < <(lsb_release -ds;cat /proc/{version,cmdline};echo "$XDG_CURRENT_DESKTOP ($XDG_SESSION_TYPE)";echo Shell: $SHELL) ]]. [16:42] maldoinc: did you spot my response then? [16:42] > Yes, [16:42] > 02:00.0 Network controller [0280]: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter [168c:003e] (rev 32) [16:42] > Subsystem: Bigfoot Networks, Inc. QCA6174 802.11ac Wireless Network Adapter (Killer 1435 Wireless-AC) [1a56:143a] [16:42] > Kernel driver in use: ath10k_pci [16:42] > Kernel modules: ath10k_pci [16:42] > 6e:00.0 Non-Volatile memory controller [0108]: Toshiba America Info Systems Device [1179:0116] [16:42] !paste [16:42] For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. [16:43] https://termbin.com/e74ap https://termbin.com/rd0k [16:44] It seems many people are having issues with the killer wifi card. Unfortunately on this model it is soldered on so replacing it with another seems difficult unless I can get Dell to do it === deathonater is now known as Smeef === mkv is now known as m4v [16:49] thanks tomreyn [16:50] maldoinc: does the output of sudo iw reg get match your country / locale? [16:51] tomreyn: Yes, seems to be ok [16:55] maldoinc: i'm not sure which hardware version yours is (it says "rev 32"), but you could try updating your firmware in /lib/firmware with those: https://github.com/kvalo/ath10k-firmware/tree/master/QCA6174 [16:55] The wifi module is Killer 1435 (QCA6174A) accodring to Arch Wiki [16:56] so those firmwares would go into /lib/firmware/ath10k/QCA6174/ specifically [16:56] I did do that, have the following script for it https://termbin.com/7d1n [16:57] https://termbin.com/gjzu [16:57] a script which does "wifipatch"? [16:57] this one rather, did echo instead of cat haha [16:57] oh ok [16:57] or maybe I can just replace the entire directory, I got that from someone's github repo that had another model with the same wifi card [16:58] chances are these urls with question marks may fail. [16:58] Guys I tried to install openvpn via openvpn package source but that failed. I now tried to remove it and try to reinstall, but it always fails: https://pastebin.com/jr3DGLmX How can force the removal of this broken package? [16:59] tomreyn: I'll replace the entire directory with the one from the repo instead and will reboot. Be back here in 5 [17:00] maldoinc: it also looks like your script (if it works) would not download all the files which may be needed. [17:00] cool [17:02] adac: what's on line 63 of /var/lib/dpkg/info/openvpn.postinst ? [17:04] !info openvpn bionic [17:04] openvpn (source: openvpn): virtual private network daemon. In component main, is optional. Version 2.4.4-2ubuntu1.3 (bionic), package size 488 kB, installed size 1276 kB [17:05] adac: which ubuntu version are you running? there is no "openvpn" package version "2.4.7-bionic0" in ubuntu. [17:05] if you don't know: nc termbin.com 9999 < <(lsb_release -ds;cat /proc/{version,cmdline};echo "Session: $XDG_CURRENT_DESKTOP ($XDG_SESSION_TYPE)";echo Shell: $SHELL) [17:06] ubuntu 19.04 , trying to compile driver for Epson Perfection 2480, after ./configure I get "No package 'gtk+' found" even though gtk-3 is installed (both dev and runtime), do I need gtk2 to compile this driver? [17:07] tomreyn: am back, let's see if it loses the connection [17:08] tomreyn, ubuntu bionic [17:08] but this openvpn comes from https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos [17:08] franklinl: since you're building some software there, should we assume that this is not software included in ubuntu? either way, you should probably explain which software you're using there (downloaded where, which preparatory steps have you taken etc.). [17:09] I previously had installed that repository and then installed the package [17:09] adac: you're welcome to point such out when you ask questions here. [17:10] but that failed since there is no package for bionic. I removed the repository gain adn tried to remove the package [17:10] adac: can you answer my initial question then? [17:10] adac: what's on line 63 of /var/lib/dpkg/info/openvpn.postinst ? [17:10] tomreyn, fair enough, I have installed document-imaging and XSane beforehand, after which I got the error message that my scanner was not found (Can't find device snapscan:libusb:002:004) [17:11] !info document-imaging [17:11] Package document-imaging does not exist in bionic [17:11] !info XSane [17:11] xsane (source: xsane): featureful graphical frontend for SANE (Scanner Access Now Easy). In component universe, is optional. Version 0.999-5ubuntu2 (bionic), package size 290 kB, installed size 1035 kB [17:12] tomreyn, after that I went to the Epson website to download the Linux driver, which was only available as rpm, so I converted it to tgz with alien (deb wouldn't work as it was a 32-bit rpm) [17:13] tomreyn, following the README in the driver after unpacking it, I unpacked the tarball, cd'd to the directory and tried to configure it, yielding only the error No package 'gtk+' found [17:14] franklinl: which ubuntu version are you on? [17:14] tomreyn, 19.04 64 Bit, new install, no upgrade [17:17] tomreyn: hey thanks for those links, I'm pretty sure that I broke the drive beyond repair even with the LVM files [17:17] franklinl: Can you try to follow the instructions (in German, try translating with DeepL or Google Translate) at https://wiki.ubuntuusers.de/Scanner/Epson_Perfection/ - thos are for 18.04, but I assume may also work with 19.04 [17:17] I think when I was messing around with testdisk, before I made that dd backup, I wrote the ext4 partition table to the drive [17:17] I just rescued some files off the drive [17:17] and I think I'll just wipe it [17:18] tomreyn, German is no problem for me to read, thank you so much for the link provided :-) [17:19] jrgilman: there's no such thing as an "ext4 partition table". if you had testdisk recreate the file systems within the PV, this may have deleted more data, though, that's true. but you may still be able to recover most of the data by restoring the LVM superblock. i see how this is pretty advanced, though. [17:20] franklinl: oh this certainly helps ;) [17:21] tomreyn: I mean I'd love to try to get this working [17:21] I just have other work i need to get done first [17:21] tomreyn, yes. Sorry for the delay. ON line 63 we have this: file /sbin/init|grep "/systemd$" > /dev/null [17:21] but as you see i clearly have no idea what i'm talking about with file systems [17:21] just enough to be dangerous and break my own crap [17:22] franklinl: the reason for the gtk+ warning is that you're dealing with an rpm package which defines dependencies on packages found in rpm based distributions, where they have a package called "gtk+", but there's no package by this very name in ubuntu. [17:25] is there any kind of reading or video series you would recommend on the stuff we've generally covered while talking over the last few days tomreyn? I'd like to know more about this, but not really sure where to start with searching... [17:25] adac: what's the output of "which file" and of "ls -l /sbin/init" ? [17:27] jrgilman: i think lvm was developed by redhat, who also have some nice documentation on it. other than that i'd recommend you read the !man pages for all of the lvm related commands, and have a spare disk where you can safely test all of this as well. [17:28] jrgilman: just reading is not sufficient there, you really need to test this out. could also be in a VM if that's easier than a separate storage. [17:28] yeah [17:28] !man [17:28] The "man" command brings up the Linux manual pages for the command you're interested in. Try "man intro" at the command line, or see https://help.ubuntu.com/community/UsingTheTerminal | Manpages online: http://manpages.ubuntu.com/ [17:28] it'd be cool if there was a lab with various broken/corrupt drives [17:28] and you had to fix them [17:30] breaking it isn't that difficult if you use dd to overwrite the first and last blocks of a block device. [17:30] hmm ok [17:30] tomreyn, https://pastebin.com/vGefAkv6 [17:30] jrgilman: maybe start with "man lvm" and continue withthe commands on the bottom ("See also"). [17:31] what about file systems in general [17:31] so like ext4 etc [17:31] adac: can you check whether you can "sudo apt install file" despite of this error? [17:32] jrgilman: what about ext4? are you asking how to break or recover it, or something else? [17:32] uh any good reading on filesystems in general [17:32] not LVM specific [17:33] books etc you'd recommend [17:33] jrgilman: https://help.ubuntu.com/community/LinuxFilesystemsExplained [17:34] tomreyn, seems that that worked [17:34] tomreyn, thank you for your help, I have read through the forum article and tried all the steps mentioned there, but no dice, even after installing the udev rule and restarting the udev service [17:35] and apt-get remove --purge openvpn removed the package! [17:35] thanks so much man! [17:36] lotuspsychje: appreciate it [17:36] adac: you're welcome. and be careful about using packages which don't match your ubuntu release. [17:37] franklinl: you also downloaded the firmware, right? [17:40] Of course, here it is: /usr/share/sane/snapscan/esfw41.bin with permissions to read by group and world, so that the sane(d) groups should be able to read it. Yet I get the error snapscan] Cannot open firmware file /usr/share/sane/snapscan/your-firmwarefile.bin. upon executing scanimage -n [17:40] tomreyn, ^ [17:41] tomreyn, the command scanimage -L does find it: device `snapscan:libusb:002:005' is a EPSON EPSON Scanner flatbed scanner [17:41] franklinl: does it really say "/usr/share/sane/snapscan/your-firmwarefile.bin" verbatim? [17:42] ah, it finds it now, and that's a different usb port than it was looking on previously, so you made progress there at least [17:42] tomreyn, actually I had bionic in the line echo "deb http://build.openvpn.net/debian/openvpn/ main" > /etc/apt/sources.list.d/openvpn-aptrepo.list [17:42] tomreyn, after that line which was literally copy-pasted from my terminal [17:42] franklinl: i have to leave now, i'm afraid. maybe you can get more hepl from someone else here or in #ubuntu-de if you sum up the issue again. [17:42] but only later I saw that bionic wasn't supported yet by openvpn :/ [17:43] don't know why it even got installed then [17:43] at least half [17:43] tomreyn, Thank you for all your help, I am called to dinner now [17:43] yw [17:43] adac: well, be careful when using a !PPA ;) [17:44] or third party repos rather [17:46] franklinl: see step 8 here https://askubuntu.com/questions/68806/how-do-i-get-an-acer-flatbed-scanner-22-working [18:04] can somebody recommend a webdav package for 16 LTS that works with windows' webdav client? I tried nginx-extras and it didn't work; it looks like they added support for LOCK later [18:07] TJ, I have tried the steps above which has worsened the situation to the point that scanimage -n and scanimage -L can no longer find the scanner [18:11] TJ, nevermind, I was to quick to draw my conclusions, after replugging my device a second time, my scanner now works :-) [18:12] TJ, thank you for the link and your help. tomreyn, thank you for the first links, they were quite helpful when combined with the hints by TJ [18:15] franklinl: the clue was the default "your-firmwarefile.bin" [18:15] Hello, this process is chewing my process about 584.80% "aVbIu5" The process is owned by postgres user but I can't seem to find any path. any idea what this could be? [18:16] wasanzy: is this an Internet-facing system, a server maybe? [18:16] TJ, yes, well seen, I should have spotted that myself. Still, I am not an expert at SANE, thanks again :-) [18:16] wasanzy: get the process ID and check the info on it from "ls -l /proc/$(pidof aVbIu5)/" [18:17] franklinl: nor me but that screamed "placeholder text" :) [18:17] Specifically, /proc//exe should be a symlink to the binary [18:17] wasanzy: it's possible the system has been compromised and is running a 'miner' or some other piece of malware. [18:17] Is a cloud server, but port is blocked [18:18] wasanzy: check what it's parent-process is (PPID) [18:19] lrwxrwxrwx 1 postgres postgres 0 Aug 1 12:22 exe -> '/var/tmp/�J�l0f (deleted)' [18:19] A deleted executable in /var/tmp? That's suspicious [18:21] wasanzy, what ports are open or have ever been open? [18:22] the port was not really opened, we have ssh and http opened [18:22] this sure smells like an exploited system to me [18:22] wasanzy, ssh with passwords, or keys only? What is running on http? I am 95% sure that's malware. [18:23] ssh with passwords [18:23] That's generally a bad idea. Passwords can be bruteforced. [18:24] Or grabbed from elsewhere if they were ever used elsewhere [18:26] wasanzy: does your HTTP server host some dynamic code that uses Postgresql as a DB back-end? if so I'd suspect it was the compromise route [18:27] wasanzy: if the process is running as the postgresq user that suggests that was the only vector the attacker was able to utilise [18:28] yes we have codes using the db as back-end [18:28] wasanzy: You ought to examine the web-server logs for unusual activity, like QueryStrings with embedded SQL injection attempts [18:29] wasanzy: ^^^ this might reveal *how* the system was compromised. [18:29] wasanzy: .. and if you find nothing, realize that means nothing, because it's common for attackers to wipe logs once they're in [18:29] If you're lucky, the process is just a crypto miner or something that doesn't care about your data. But don't bet on it. [18:30] lordcirth: why not both ;) [18:31] lso, sudo lsof on this process, and look for any remote connection [18:31] wasanzy: Have you done an "iptables -I OUTPUT 1 -d -j ACCEPTl iptables -I OUTPUT 2 -j DROP" to prevent this process exfiltrating data? AND use netstat or ss to check for existing connections from that process and break them if so [18:31] i'm surprised it didn't lock them out of their own system [18:31] if it only has postgres user perms it can't do much [18:31] ahhh [18:32] i didn't see that part [18:32] it can of course exfiltrate all the databases/tables etc [18:34] you should be able to make firewall rules based on executable path, I'm pretty sure, I'm not sure exactly what you're suggesting that rule [18:34] Why are executables being allowed in /var/tmp/ though? I always mount that as a separate tmpfs with "noexec" etc [18:34] mdemo: I'm suggesting blocking everything outgoing except to the administrator's current IP address [18:36] ah, if it's a cloud server it might be better to use security groups to isolate it [18:37] or whatever the security group equiv is for your cloud [18:37] because you can still fix those firewall rules if you mess up :) [18:40] mdemo: I'd hope there's an out-of-band local console access mechanism [18:40] On my 18.04 desktop, /var/run is a symlink to /run, which is a noexec tmpfs [18:41] TJ, thanks again, I'll see if this config survives a reboot. Signing off [18:41] but /var/tmp/ isn't [18:41] I'm pretty sure EC2 doesn't have an interactive OOB console [18:42] could be wrong [18:42] I think you can look at a non-interactive console via the web ui [18:42] is it AWS? I didn't notice that mentioned [18:43] I dunno, I was trying to be general by saying security group or equivalent [18:48] Is a Linode server [18:48] wasanzy: Good, so you can use 'lish' [18:48] am rebooting the server now [18:49] could my db be infected? [18:49] wasanzy: you have to assume anything postgresql related could be suspect [18:49] are you letting your DB listen to the internet? that's considered bad practice [19:09] mdemo: The DB is listening on all interfaces but connection from Internet is blocked. Though one of our server located in other data center is allowed connection to the databse [19:09] I have changed the database password [19:19] might want to double check that [19:20] I don't know if linode has a VPC equivalent [19:20] but I think that's probably a more auditable way of setting that stuff up vs firewall rules on hosts [19:25] looking at docs, it seems like you've only got host firewalls on linode === ricks__ is now known as rtfm_ [20:47] does ubuntu enfore local hash checking for every package that is installed? [20:50] looks like yes https://askubuntu.com/a/239574 [20:50] for packages from the apt repositories, yes [20:52] when does my computer get the hash to compare it to the installation? [20:53] from `apt update` I get the public gpg keys beforehand? [20:57] is there an ubuntu 1804 release for the raspberry pi 4 [20:57] good afternoon [20:59] hays, we are working on mate for rpi4 https://ubuntu-mate.community/t/support-for-raspberry-pi-4/19757/7 [20:59] what is mate? appropriate for a server? [20:59] seven-eleven: the public gpg keys come pre-installed, and you can add new ones with the apt-key command, for third-party repositories and such [20:59] hays, MateDE [20:59] "Right now there is a memory limitation of 1 GB in 64 bit mode on the Raspberry Pi 4. This is apparently due to the SD card driver breaking when more than 1 GB of RAM is present" [20:59] so wait and see [21:00] geirha, yeah, ubuntus package management is good. im currently researching pypa (pip), it doesn't look safe, there is some development, i wonder if they fixed their vulnerabilities by now [21:00] https://github.com/pypa/pip/issues/425 [21:02] OerHeks: hadn't heard of that. is that true of the buster release too? [21:03] hays, that i do not know, you could try the server edition, see https://jamesachambers.com/raspberry-pi-ubuntu-server-18-04-2-installation-guide/ === guiverc2 is now known as guiverc [21:19] when I hit backspace oftentimes it takes several times (sometimes a lot) to actually erase any caracters. It seems like there are invisible characters being typed in between that have to be erased.. Is there anyway to diagnosi/fix this? also, my h key is it or miss, like 50% (varies by te day) [21:19] thanks for help [21:27] hi [21:29] hi [21:30] is there 32bit of 18.04 ? [21:30] i cant find in the ubuntu website [21:31] lubuntu, server, and mini iso gives 32 bit versions, 32 bit is going to be dropped in the future [21:31] hi B|ack0p [21:31] oh, and mate [21:31] how is mini iso? what can i do with mini ? [21:31] !mini [21:31] The Minimal CD image is very small in size, and it downloads most packages from the Internet during installation, allowing you to select only those you want. The installer is text based (rather than graphical as used on the Desktop DVD). See https://help.ubuntu.com/community/Installation/MinimalCD [21:32] that one requires internet [21:32] make sure you have ethernet [21:32] yes [21:32] is it actual ubuntu 18.04 but requires internet to install? [21:32] B|ack0p: yes [21:32] well i wanna install to old laptop 2006 model [21:32] it gives any supported desktop and server options during install [21:33] 32 bit core duo 1.83ghz with 2gb ddr2 ram [21:33] oh, lubuntu will work on such old hardware [21:33] but has ssd [21:33] sounds good [21:33] other day i tried 16.04 without ssd, it was really slow [21:33] do u think ssd makes difference? [21:34] .. only you can tell with that hardware [21:34] never tried.. [21:34] B|ack0p: always hehe [21:34] is lubuntu light weight? [21:35] it is, lxqt is [21:35] xfce is too [21:36] i wanna use for self studies for coding (python ..etc) and surfing and watching videos online etc. [21:37] ok i will give lubuntu a try [21:39] maybe it will run youtube, but the age, 2006.. no guarantees [21:40] well i installed XP and it shows youtube videos well. just having problem with HTML5 and flash based websites [21:40] about streaming video [21:40] i dont think hardware will give much trouble. [21:40] try lubuntu :p [21:40] that s one of the reasons why i want to install ubuntu or lubuntu [21:40] or try a minimal iso [21:40] and install what ever you want [21:40] i wanna watch movies, netflix ..etc [21:40] I would try openbox [21:41] jwm [21:41] etc [21:41] windows managers [21:41] hmm [21:41] n-iCe i will give it a try [21:41] thanks === ElFerna_ is now known as ElFerna [21:51] does ubuntu's gpg package integrity auth also secure the user if one of ubuntu's repository is rogue? i think yes, because the preinstalled gpg public key allows `apt install` to check the authencity of the fingerprint [21:51] and only the owner of the package can create the package's valid certificate, a rogue ubuntu repository server couldn't [21:52] seven-eleven: with apt, repositories are signed; not packages [21:53] seven-eleven: run apt-key list to see which keys your system is configured to support [21:54] sarnold, oh I thought each package is signed [21:55] yes they are .. and rogue repositories, what do you mean about that? [21:55] seven-eleven: the repository generates sha256sums (among others) for all the packages that it hosts, and then signs the *lists* of hashes -- the packages in the repository could come from anywhere [21:55] just adding some 3rd party repo , you are on your own [21:56] ( but then they are not ubuntu repositories) [21:56] sarnold, gotcha [21:57] seven-eleven: it's a small point, for most people it doesn't matter, but if you're asking the questions, then I assume you want to know :D [21:57] sarnold: Sorry, I haven't seen the beginning of the questions. But, I have a similar question: Does anybody at Canonical review code that's in the official repositories? [21:58] so i have to trust the repository and the package creator, not just the package creator :-) [21:59] plujon: not as much as I would like -- ubuntu imports automatically from debian when our devel release is open; debian packagers do some reviews, and debian's FTP team does reviews of new packages, but probably not every upload after that [21:59] plujon: there's some reviews involved when people ask packages to be moved from universe to main [21:59] OerHeks, i was thinking that a package creator submits a unharmful package to ubuntu's repository, on a ubunut's repository it gets tampered with, now with package signing by the original owner i could have noticed that :-) [22:00] plujon: .. but once that review is over, we won't constantly re-review packages in main each release [22:00] sarnold: Ah. So, is anybody on the hook if a malicious package is discovered? [22:01] plujon: not as things currently stand, but I can imagine it wouldn't go over well [22:03] seven-eleven, interesting theory [22:04] I wonder in what countries creating a malicious package and being discovered leads to jail time or the like. I don't know what the laws are in the US about such things. [22:05] oh it is tinfoilhat time .. [22:05] i think more dangerous are pip packages; Im going to get rid of all that were installed by root, those are non reviewed packages; ubuntu has much more review and its not easy to get your package to the main repos like with pip where everybody can upload freely :-) [22:05] * OerHeks afk [22:07] i find those to be relevant points to know, and to discuss. but it's more of a discussion (thus should probably take place in #ubuntu-discuss rather than here) [22:07] seven-eleven: the penalties can be substantial; https://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act [22:13] i keep getting this error, and i dont know why. (xfdesktop:18462): garcon-CRITICAL **: 12:47:32.428: garcon_menu_item_action_unref: assertion 'GARCON_IS_MENU_ITEM_ACTION (action)' failed [22:13] Its apart of: /home/user/.local/share/Trash/files/.vnc/user:1.log file is like 30gb [22:14] i've googled garcon, and the garcon_is.... error im not coming up with anything i understand [22:20] subcool: /home/user/.local/share/Trash/files/.vnc/user:1.log is a file system object (maybe a normal file) which has been placed in your trash. [22:21] subcool: so this suggests you used a grpahical file browser to move this to the trash (instead of deleting it) === jeremy31_ is now known as jeremy31 === DuncanT_ is now known as DuncanT === TsynkVoin_ is now known as TsynkVoin === briar_ is now known as briar === timeless_ is now known as timeless === zorael^ is now known as zorael [23:27] Does anyone know of a way/gnome extension that removes the text/title under icons when alt + tab switching? So that only icons are shown? [23:27] In Ubuntu 18.04. [23:52] Tried to wipe out my LAMP stack and start fresh. Uninstalled and reinstalled mysql but the previous configuration still seems to be in place. How can I erase the mysql config and start fresh so I can run mysql_secure_installation again? [23:52] apt purge instead of apt remove [23:52] "apt purge ..." instead of "apt remove ..." [23:53] yeah that's what I did [23:53] but when I try to run sudo mysql_secure_installation it asks me for the password for the root@localhost user [23:53] but I forgot what i had the password set to before [23:53] which is part of why I'm trying to wipe it out [23:54] maybe there are some more mysql* packages you needed to purge [23:54] I even deleted /etc/apache2, /etc/mysql, /etc/php, which were still there after the purge [23:54] but I guess that wasn't it [23:54] at some pointit should have asked you whether you want it to delete the databases, too [23:55] After all that trouble of updating the bios. The system still reboots when put into sleep mode. [23:55] the mysql data directory is /var/lib/mysql by default. if you no longer need the data you can clear this directory after purging all mysql* and libmysql* packages [23:55] purge mysql* did the trick [23:55] Lol. I can’t figure it out. [23:55] hadn't done that before [23:55] did it without the wildcard [23:55] thanks [23:55] you're welcome. [23:56] jrg: canyou post journalctl -b | nc termbin.com 9999 [23:58] Missing port number. [23:58] jrg: you missed "9999"