[00:54] <lagunalorre> i listened to mark shuttleworth's video today about free ubuntupro security patches for 23000 apps..and i registered for it...but after logging in at the bottom of the page it wants me to attach a machine ...what is that about
[00:55] <lagunalorre> what would i be attaching this machine to
[00:55] <arraybolt3[m]> lagunalorre: You attach your (free) Ubuntu Pro subscription to the computer you want to have Ubuntu Pro work on.
[00:56] <lagunalorre> arraybolt3 ok...this one and a backup laptop...but there is only one token on the page
[00:56] <sarnold> that's fine, you can use the token on multiple computers
[00:56] <arraybolt3[m]> lagunalorre: It's kinda like a license key, as I understand it. When you update your system, it tells Canonical "I'm using Ubuntu Pro, here's the key that proves I'm licensed to do so", and then Canonical's servers can look at that key and say "Yep, this system is ready to use Ubuntu Pro, send it the Ubuntu Pro updates."
[00:57] <lagunalorre> sarnold..oh ok
[00:57] <lagunalorre> arraybolt3 ok thanks for explaining that
[00:58] <lagunalorre> i haven't run into any security problems lately..and it would be tough since i am behind a firewall
[00:58] <lagunalorre> but i registered for it anyway
[01:00] <rob0> Firewalls can't protect you as much as you may think. If a vulnerable bit of software on your system reaches out and hits something hostile, the firewall can't block that.
[01:01] <lagunalorre> rob0 but the firewall shuts down all ports except port 80...no more ftp weakness or dns weakness or any other port....and an updated browser does a lot to protect the only open port 80
[01:02] <arraybolt3[m]> Firewalls prevent software from sending data out or receiving data in without your permission, but if a piece of software is allowed through, the firewall likely won't do anything with the data that goes through. That's the weak link.
[01:02] <arraybolt3[m]> (But then again, your browser is covered even without Ubuntu Pro, so if you apply updates, it shouldn't matter either way.)
[01:02] <lagunalorre> arraybolt3 yes but i don't allow apps to go out or anything to come in except for the browser
[01:03] <lagunalorre> arraybolt3 and all dns traffic is now passing through the port 80 to cloudflare only
[01:03] <arraybolt3[m]> Right, but if a piece of malicious data is downloaded by the browser from a website you visit, and that data glitches the browser and causes it to execute code it didn't mean to, then you're hacked. (Again, this is just the "how it would happen" scenario - keeping a system updated prevents that from happening in all but the rarest of situations, and you would be protected even without Ubuntu Pro.)
[01:04] <arraybolt3[m]> (They call it a buffer overflow vulnerability - it's both fascinating and terrifying. It's also a good part of why I'm somewhat vigilant about keeping my system updated. :P)
[01:04] <lagunalorre> arraybolt3...yes but the browser is also clamped down not only by recent updated browser code but also ublock adblock noscript and so on
[01:05] <arraybolt3[m]> Very good.
[01:05]  * arraybolt3[m] also uses an adblocker everywhere
[01:06] <lagunalorre> i tried to put sudo pro attach longtokennumber but it says pro is not an executable command
[01:07] <lagunalorre> when i tried to copy and paste the command it does not work
[01:07] <arraybolt3[m]> lagunalorre: That means you need to update the Ubuntu Advantage client. Lemme find the command...
[01:07] <arraybolt3[m]> (It should autoinstall eventually, but it's not quite there yet.)
[01:07] <sarnold> install ubuntu-advantage-tools
[01:08] <arraybolt3[m]> lagunalorre: Run `sudo apt install ubuntu-advantage-tools` first, then try again.
[01:08] <arraybolt3[m]> I just did it, now running "pro --version" works for me.
[01:09] <lagunalorre> arraybolt3 yes it is starting to install some stuff now
[01:10] <lagunalorre> arraybolt3 ok it enabled a couple of services and installed some dhcp patches...and i guess it is uptodate
[01:11] <arraybolt3[m]> You followed this whole guide, right? https://discourse.ubuntu.com/t/ubuntu-pro-beta-tutorial/31018
[01:11] <sarnold> dhcp was just coincidental, that would have been installed even without ubuntu pro https://ubuntu.com/security/notices/USN-5658-1
[01:12] <lagunalorre> arraybolt3 i am not sure why a dhcp patch was necessary as that is only local traffic between this laptop and the wifi router
[01:12] <lagunalorre> arraybolt3 but anyway it is installed
[01:12] <arraybolt3[m]> You still need to attach your system to Ubuntu Pro and then activate the extra updates.
[01:13] <lagunalorre> arraybolt3 how do you activate the updates
[01:13] <arraybolt3[m]> sudo pro attach [YOUR_TOKEN]
[01:13] <arraybolt3[m]> (Replacing [YOUR_TOKEN] as applicable.)
[01:13] <lagunalorre> arraybolt3 yes i already did that and it enabled 2 services
[01:13] <arraybolt3[m]> Then:            sudo pro enable esm-apps --beta
[01:14] <arraybolt3[m]> And you did the sudo pro enable esm-apps --beta step?
[01:14] <lagunalorre> it enabled esm-infra and livepatch
[01:15] <arraybolt3[m]> OK, then you still need to run "sudo pro enable esm-apps --beta". So far only part of Ubuntu Pro is enabled.
[01:15] <arraybolt3[m]> The above command enables the rest of it.
[01:15] <arraybolt3[m]> (Here's hoping they make this more user-friendly in the future!)
[01:16] <lagunalorre> arraybolt3 ok it says esm-apps enabled
[01:16] <arraybolt3[m]> Nice! Now you should be able to do "sudo apt update && sudo apt full-upgrade".
[01:28] <user9d> could someone survive on a 8GB RAM laptop with 1TB swap partition on the their HDD + Ubuntu 22.04 live ISO burned to a DVD that is used to boot into Ubuntu 22.04 for an average of 3.92 day uptime while using that system as a computer for daily activities of talking on irc + creating random programs in Bash 5, Perl 5, Python3, and PHP 7 for 5 years straight?
[01:28] <arraybolt3[m]> user9d: No. I see a week link here.
[01:29] <arraybolt3[m]> user9d: If you used an Ubuntu 22.04 live ISO as your main operating system solely for five years, you won't get any security updates during that time as the DVD is read-only and won't accept the security updates.
[01:29] <arraybolt3[m]> user9d: As a result, it would be just as bad as using an EOL version of Ubuntu.
[01:29] <arraybolt3[m]> What would work would be to install Ubuntu directly to a USB drive that can accept updates. Then I can see this working (though a 1 TB swap partition?!?!?! That's quite overkill.)
[01:30] <arraybolt3[m]> However, even with a USB drive installation, you probably wouldn't last for 5 years as the USB drive would likely wear out before then.
[01:32] <arraybolt3[m]> Since you'll never need the 1 TB of swap for anything (due to the speed of the partition and the intended use cases), I'd just install Ubuntu to a large portion of the hard drive, and leave yourself some swap space to cope with the 8 GB of RAM. Probably 8 GB of swap would help here, more if you intend on really pushing the system (though it will get slower when it starts swapping to disk).
[01:34] <user9d> why does linux care as much about security as windows os because my android 7 smartphone hasn't system updated in 5 years?
[01:35] <arraybolt3[m]> user9d: Because cellphone manufacturers don't care to keep their hardware from going obsolete and would rather make it so people have to upgrade or risk getting hacked.
[01:37] <user9d> what's the point of preventing getting hacked on Ubuntu when 99.9% of the time you are hacked it feels like you're 99.9% secure because it's so fast?
[01:37] <arraybolt3[m]> user9d: Good question, but I think this would be more on-topic in #ubuntu-discuss. Care to ask it over there?
[01:39] <rob0> DNS over https (DoH) is port 443; DNS over TLS (DoT) is port 853.
[01:39] <rob0> lagunalorre: ^^
[02:08] <lagunalorre> rob0 why is an extraport being opened for dns when all traffic could be handled through port 80 only
[02:09] <rob0> most web traffic has been https (443) for a long time
[02:09] <lagunalorre> rob0 yes i remember the port 443 for https compared to http at port 80
[02:10] <lagunalorre> rob0 but why don't they shut everything down except port 80..since all video communications can be handled directly through the browser
[02:11] <lagunalorre> as well as secure sockets
[02:12] <lagunalorre> rob0 nobody uses ssh,ftp,gopher,udp, or any of that other stuff anymore that was present 30 years ago
[02:12] <rob0> nobody?  I sure do.
[02:12] <rob0> well,not much ftp, and gopher is gone
[02:13] <lagunalorre> rob0 well you do so at your own risk...because opening your ports to the world leaves you vulnerable for exploits that can take advantage of inadequate buffer issue
[02:15] <lagunalorre> rob0 then they can install malicious code, rootkits, and trojan horses and all kinds of crap which are real headaches to deal with
[02:15] <rob0> I'm aware of risks, thanks. I don't lose sleep over sshd.
[02:18] <lagunalorre> rob0 i have even seen them try to embed code in simple email docs
[02:19] <lagunalorre> rob0 or use emailed links to try to lure the browser into unsafe sights of malicious coders
[02:22] <lagunalorre> rob0 that typically take advantage of buffer issues or sometimes take advantage of javascript or jre's...that is why everybody uses noscript and turns javascript off in the browser and never installs java runtime environments
[02:23] <lagunalorre> rob0 and most people try to even limit browser activites in a sandboxed fashion
[02:24] <lagunalorre> rob0 where the sandbox is isolated from the rest of the directories of your system
[02:25] <sean> hello all
[02:26] <sean> what do you all think of the ubuntu DDE ??
[02:27] <lagunalorre> sean..what is DDE the old dynamic data exchange topic
[02:27] <lagunalorre> sean when you use acronyms..we have no idea what you are referring to
[02:29] <arraybolt3[m]> I think he means Deepin Desktop Environment.
[02:29] <lagunalorre> arraybolt3 oh
[02:33] <lagunalorre> arraybolt3 i am surprised mark shuttleworth is such a young man that i saw in the video...i knew he had been around for a long time with ubuntu...so i thought he was much older like bill gates
[03:08] <ice9> why skypeforlinux process have 119 threads??
[03:11] <sarnold> probably one for every button, one for the camera, microphone, one for smoothing and compressing video, one for compressing audio, a bunch for dns lookups, a bunch for network communications..
[03:22] <oerheks> how many treads has vscode?
[03:36] <noarb> what are the benefits of using the evdev subsystem versus libusb and hidapi? I have a feeling the differences are historical and how they were developed, but I'm not sure
[04:04] <jhutchins> lagunalorre: I think you have an unrealistic sample of "everybody" who is paranoid about web browsing.
[04:05] <jhutchins> Most people do not take elaborate precautions, they just install a browser and browse.
[04:05] <lagunalorre> hutchins well the online world is full of victims who weren't paranoid
[04:06] <jhutchins> lagunalorre: Again,  I am suspicious of your sampling method.  You appear to be suffering from selection bias.
[04:07] <lagunalorre> jhutchins...well i have a small sample size of careful people....namely 1 me..i am not sure it is biased...because of so many naive victims of the hostile internet
[04:08] <jhutchins> lagunalorre: How have you determined that there are "many naieve victims"?
[04:08] <lagunalorre> jhutchins nearly every day you hear of internet victims falling prey to all kinds of malicious code and other scams
[04:09] <jhutchins> lagunalorre: How do we know if these are actually common, or are edge cases that make a sensational story?
[04:10] <lagunalorre> jhutchins...no they are real...i have encountered lots of attempts to sabotage or steal info/monetary assets over the last 50 or so years
[04:11] <jhutchins> lagunalorre: This does not indicate that they were successful.
[04:12] <lagunalorre> jhutchins no they haven't been so far as i am concerned but i have heard of many other victims that did not take adequate action to protect themselves against an incredibly hostile internet
[04:12] <jhutchins> lagunalorre: I am aware of a fairly large number of users who simply are reasonably careful about what they click on and where they disclose sensitive information and have not had any trouble over the years.
[04:13] <jhutchins> lagunalorre: I should also point out that by citing a sample extending 50 years you are straying from your original topic which was web browsing.
[04:14] <lagunalorre> jhutchins...yes but thieves and saboteurs and conmen existed way back in the old bbs days before the internet
[04:14] <jhutchins> I just realised that this is #ubuntu and we are WAY off-topic, I'm going to drop it.
[04:14] <arraybolt3> jhutchins: I actually am kind of paranoid about internet security also, not because of sample sizes of people who were or weren't pwned, but because of knowing that tools for pwning exist and that they have been deployed in terrifying ways in the past.
[04:15] <arraybolt3> For instance, the Blackhole Exploit Kit exists, and one time a malicious advertisement that I believe did a drive-by download ended up on Spotify.
[04:15] <lagunalorre> jhutchins and got worse and more plentiful when the lines were open to the world wide web of many hostile countries and gangs
[04:15] <arraybolt3> My way of protection is - a) Only visit trusted sites on my main computer, b) use an adblocker, and c) visit untrusted sites in a QEMU virtual machine.
[04:15] <arraybolt3> jhutchins: Oh, just saw your thing about off-topic. I was going to say something, but I thought discussing how to secure Ubuntu and if it was necessary was on-topic.
[04:16] <arraybolt3> (Maybe only kinda on-topic, but still...)
[04:16] <jhutchins> arraybolt3: That may be, but we've gone beyond "how" into "why".
[04:17] <lagunalorre> jhuthins don't set people up to be victims because of laxadaisical attitudes....let them know it is better safe than sorry
[04:20] <jhutchins> Just because you're paranoid doesn't mean they're not out to get you.
[04:22] <lagunalorre> jhutchins i am a qualified doctor and i don't believe in giving information that would cause some people to be harmed
[04:22] <lagunalorre> jhutchins as a doctor i don't take advantage of people nor do i want to see that happen to them by anyone else
[04:24] <jhutchins> lagunalorre: This is still  off-topic here.
[04:24] <lagunalorre> jhutchins well i guess security issues can be discussed elsewhere
[04:24] <jhutchins> lagunalorre: Perhaps ubuntu-offtopic.
[05:39] <jhutchins> If your system has a sync interval of 34m, and you suspect that something has caused drift in less than that time, is there any way (using only systemd/timesyncd) to request an immediate sync?
[05:43] <ice9> what's the difference between a package in "jammy" and "now"?
[05:53] <tarzeau> are people using jammy with or without jammy-updates?
[05:54] <tomreyn> tarzeau: hopefully with?
[05:54] <tarzeau> is with recommended?
[05:54] <tarzeau> i was refering to the sources.list entry, not whether one updates or not
[05:54] <tarzeau> is without possible and supported too?
[05:54] <tomreyn> having bug and security fixes makes sense to me
[05:55] <jhutchins> tarzeau: I suppose it depends on what you want out of it.
[05:55] <tarzeau> osn
[05:55] <tarzeau> isn't security in jammy-security separately?
[05:55] <tarzeau> jhutchins: i want stable computers for a lot of users
[05:56] <tarzeau> and i appear to have a problem with phased updates and jammy-updates that packages disappear (get moved to phased updates), while i have phased updates participation disabled
[05:56] <arraybolt3> !phasedupdates | tarzeau, you might find some info to help with that here
[05:56] <tarzeau> thus some xymon-client/hobbit-plugins reports packages not installed from repo
[05:56] <arraybolt3> There's instructions on how to make your system ignore update phasing, as well as some reasoning behind why it's not necessary.
[05:57] <tarzeau> arraybolt3: thank you for the link, all read, and got it finally as wanted: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1981672
[05:57] <tomreyn> tarzeau: https://wiki.ubuntu.com/SecurityTeam/FAQ#How_are_the_.22-updates.22_and_.22-security.22_pockets_different.3F
[05:57] <tarzeau> arraybolt3: it might not be necessary, but it's a wanted way simply because we don't have auto-app-crash-reporter running, we don't want to take part on phased updates
[05:58] <arraybolt3> tarzeau: Whatever works for you. If you know the risks and are like, "Yeah, I want to install it anyway", then great. That's what the setting is there fore.
[05:59] <tarzeau> tomreyn: that faq entry explains the difference between -updates and -security, and we have -security, but no phased updates nor -updates. what am i not seeing?
[06:00] <tarzeau> arraybolt3: the most annoying part about phased updates is they can get updated while some already have it, some other machines don't, and they start from 0% with another new version again - me ending with machines with 3 different versions of software (happened shortly with systemd)
[06:00] <tomreyn> tarzeau: so, for security updates, my understanding is that they are published on -security first, then also on -updates. but this would not matter to you if you have -security, i guess. but what matters to you, you said, is stability, which probably means you want bug fixes. those surely can go to 'jammy-updates' months before they hit 'jammy'
[06:01] <tomreyn> tarzeau: i don't know about / can't comment on the phased updates issue you're dicsussing.
[06:02] <arraybolt3> tarzeau: There's a setting for making machines all "phase together", which I didn't document in the above link. Info on that is here: https://askubuntu.com/a/1431742/1598467
[06:03] <tarzeau> arraybolt3: i was aware of that setting, thanks for pointing out
[06:05] <tomreyn> jhutchins: sudo kill -1 $(pgrep --full --oldest systemd-timesyncd)
[06:08] <tomreyn> jhutchins: tcpdump tells me this make timesyncd connect to ntp.canonical.com:123
[06:21] <jhutchins> tomreyn: Thanks.  Seems pretty roundabout.
[07:06] <marcin_> Hi, I have xubuntu-22.04 but I am pretty sure the issue is related to ubuntu. I am trying to import gpg public key, and I am receving an error
[07:06] <marcin_> gpg --import public.key
[07:06] <marcin_> gpg: nie odnaleziono poprawnych danych w formacie OpenPGP.
[07:06] <marcin_> gpg: Ogółem przetworzonych kluczy: 0
[07:06] <marcin_> on another ubuntu station, I can import it
[07:07] <marcin_> I did not find anything in the net :(
[08:00] <SteelRose> marcin_: can you please translate the error to English?
[08:04] <marcin_> @steelRose: gpg: no correct/proper data found in OpenPGP format
[08:06] <SteelRose> marcin_: how did you transfer the file over to the affected Ubuntu system?
[08:07] <marcin_> copied form 1password, where I store it, and try to store it with echo, echo -n, vi & nano
[08:07] <marcin_> none worked
[08:09] <SteelRose> marcin_: why don't you scp the file?
[08:10] <SrainUser111> Hi
[08:10] <SrainUser111> How do I add a sudo user, and i must be administrator??
[08:10] <marcin_> SteelRose: i can not do it with scp
[08:10] <SteelRose> marcin_: another option would be to select everything with the mouse, save it to the clipboard... then, on the target host run: cat > foobar.gpg   and paste everything... then hit ctrl-d to save
[08:11] <SteelRose> SrainUser111: you must be either root to do it or have your user already added to the sudoers file
[08:11] <SrainUser111> ok
[08:12] <marcin_> SteelRose: I will try
[08:12] <SteelRose> SrainUser111: if regular users could promote themselves to root that would be a security flaw...
[08:12] <marcin_> and let you know
[08:12] <SteelRose> marcin_: OK
[08:29] <marcin_> SteelRose: I did: gpg --import, pasted everything. pressed enter, then Ctrl + D and still the same
[08:34] <SteelRose> marcin_: did you paste the contents to a file before doing the import?
[08:34] <marcin_> yes, then cat it
[08:36] <SteelRose> marcin_: no :-) Please take a look at this: https://pastebin.com/amJSsSS0
[09:16] <nikolam> I can't ser Other os to boot as defaut in XUbuntu's GNOME. I think I tried all I found.
[09:26] <alkisg> nikolam: run `sudo -i` first, and then:
[09:26] <alkisg> mkdir -p /etc/default/grub.d &&
[09:26] <alkisg> wget https://gitlab.com/sch-scripts/sch-scripts/raw/main/share/sch-scripts/grub.cfg -O /etc/default/grub.d/sch-scripts.cfg && update-grub
[09:26] <alkisg> It makes grub show the menu, REMEMBER the last default, and boot it in 5 seconds
[09:27] <alkisg> So if you reboot from windows, it'll boot windows, if you reboot from linux, it'll boot linux
[09:38] <ikonia> anyone know if ubuntu is shipping their work on microk8 anywhere outside of snap packages ?
[09:59] <nikolam> alkisg: I'll try it and report. I think I used to try saved and savedefault, will try it his way.
[09:59] <nikolam> Thanks
[10:00] <alkisg> 👍️
[10:25] <Rico> hello. using ubuntu-mate 22.04, how can I start an application (from terminal) on a specific display ? (I have 2 screens)
[10:27] <agent_white> Rico: I would look into xdotool.
[10:27] <SteelRose> Rico: do an "echo $DISPLAY" on each screen... then set it as needed before starting the application
[10:28] <agent_white> ^ that too.
[10:28] <Rico> SteelRose: it returns :0 on each screen
[10:29] <SteelRose> Rico: that's normal... try setting it to :0.0 and :0.1
[10:29] <SteelRose> DISPLAY=:0.1 ; firefox
[10:29] <SteelRose> for example
[10:30] <SteelRose> Rico: other than that, you can tell MATE to remember where the windows were when you close the session
[10:30] <Rico> only :0.0 works and it opens app on the current screen
[10:33] <ogra> Rico, https://ubuntu-mate.community/t/open-application-on-current-workspace/13504
[10:35] <Rico> ogra: thanks, but that's not what I asked for
[10:35] <ogra> Rico, yu want tuy app to be tied to a certain screen (workspace) don't you ?
[10:36] <ogra> *you want your app ...
[10:36] <agent_white> Rico: This is a more intense option, but if you use a tiling window manager, opening under your mouse cursor (or having the abiliity to quickly move/do this) is the default.
[10:36] <Rico> ogra: no. I want to be able to chose the screen on which my app will popup when I start it via terminal
[10:37] <ogra> "close the screen" ?? you mean unplug the monitor ?
[10:37] <ogra> bah, can't read
[10:37] <ogra> sorry
[10:37] <agent_white> I would whip up a little script using xdotool.
[10:37] <agent_white> and xrandr.
[10:37] <ogra> Rico, and according to that discussion you can only do this with compiz
[10:38] <agent_white> To take in the screens available, resolution, shift your mouse and spawn it... is one option.
[10:38] <ogra> agent_white, how would xrandr help here ?
[10:38] <agent_white> Just for measuring screens. Ideally, you take that full width, shift 75% either way and you will hop screens.
[10:38] <ogra> it wont manage anything application specific ...
[10:39] <agent_white> Correct, which is why it's good.
[10:39] <agent_white> Use output from xrandr to feed xdotool which can be used to manipulate x11 windows.
[10:39] <agent_white> Or since your monitors don't change all the time, hardcode it.
[10:39] <agent_white> (excluse xrandr)
[10:39] <Rico> strange thing that xrandr only shows one screen
[10:39] <ogra> well, ten you should probably rather use something like devilspie and simply tell your WM where to place it ...
[10:40] <agent_white> Rico: That's my point.
[10:40] <agent_white> It sees multiple displays as one single screen. They compose it.
[10:40] <agent_white> xdotool can help you narrow down to a specific place on your desktops to place it. Just look into it.
[10:41] <Rico> ok thanks
[11:25] <marcin_> SteelRose: the same unfortunately :(
[11:27] <TomyLobo> I just found out the docker snap auto-updates daily, if there's an update available. is anyone using that in production?
[11:36] <TomyLobo> you can probably turn that off, but that's not a nice default. desktop users already have a different auto-update mechanism, so that should be used. server users can install unattended-upgrades if they so choose
[12:17] <SteelRose> marcin_: can you compare the files on one server where it works and on the other where it doesn't?
[12:17] <SteelRose> marcin_: run an md5sum private.key on both (where "private.key" is the file you want to check)
[12:56] <alkino> Hello, I want to know if it is possible to have several "desktops" with basic ubuntu?
[12:57] <alkino> in tiling we call it "tag" sometimes
[12:58] <SteelRose> alkino: yes
[12:58] <SteelRose> alkino: do you mean virtual desktops?
[12:58] <alkino> SteelRose: maybe, I find nothing because I don't know the name under ubuntu
[12:58] <alkino> I will lool for that ;)
[13:03] <alkino> it works with gnome-tweaks
[13:03] <alkino> thanks ;)
[13:09] <BluesKaj> Hi all
[13:21] <SteelRose> alkino: np
[15:01] <eddu> hola
[15:02] <oerheks> :-)
[15:04] <eddu> :)
[17:00] <alkisg> Some teachers have managed to move their "Public" dir around in the file manager, so that `grep PUBLIC /home/teacher/.config/user-dirs.dirs` now shows `XDG_PUBLICSHARE_DIR="/home/teacher"` (their home dir instead of the Public subfolder).
[17:00] <alkisg> E.g. if you move "Public" into "Documents" in nautilus or caja, you'll see user-dirs.dirs automatically reflecting the change.
[17:00] <alkisg> I'm testing moving around "Public", but I can't reproduce that exact outcome, to make it the same as the home folder... any bright ideas on how to reproduce it?
[17:01] <alkisg> Whoops I just got it. Deleting the "Public" folder and logging in again, runs xdg-user-dirs-update, which then says "reassigning PUBLICSHARE to homedir"
[17:28] <PRETEXTATO> HeLLo! I Am Using UBUNTU 20.04.05 and THis VerSion has OpenSSL.v1.1.1.F InsTalled BY DEFAULT. I TRied Upgrade To 1.1.1.O BuiLding From SourCe CodE And I AlMosT BroKe THe OS. So... I WouLd LiKe To InsTall OpenSSL.v3.0.5 From SourCe CodE On /OPT DIrecTorY And Use iT WITH AnoTHer CURL VerSion I WILL BuILd On /OPT DIrecTorY. WHo CouLd HeLp Me WITH THaT TasK?
[17:30] <PRETEXTATO> I WANT THaT OpenSSL.v1.1.1.F ConTine being THe DEFAULT.
[17:30] <cbreak> what you need is a working shift key
[17:31] <lotuspsychje> PRETEXTATO: we dont advice to build packages from source, use the packages from the official repos
[17:31] <cbreak> and when you compile alternative software, set a fitting install prefix
[17:31] <cbreak> do not mess with the OS paths
[17:31] <cbreak> do not install self-compiled things directly into /usr, that's bound to end up badly
[17:31] <PRETEXTATO> I SaW.
[17:32] <PRETEXTATO> I almosT broke THe OS.
[17:32] <leftyfb> PRETEXTATO: please fix your shift/caps lock key
[17:32] <PRETEXTATO> I Fixed.
[17:32] <cbreak> must have smashed his monitor with his keyboard. I've seen this happen in other cases (on youtube :)
[17:33] <PRETEXTATO> OpenSSL.v1.1.1.F is NormaL NoW.
[17:33] <PRETEXTATO> OH!
[17:33] <cbreak> so, read the manual for the software you want to install
[17:33] <PRETEXTATO> I WRITE THIS WAY.
[17:33] <iomari891> greetings, is there a timeout option for fstab to avoid long delays when a drive is not present?
[17:33] <PRETEXTATO> :)
[17:33] <leftyfb> PRETEXTATO: please stop intermittently hitting shift/caps
[17:34] <leftyfb> PRETEXTATO: do not write that way
[17:34] <PRETEXTATO> I HaVe DisLexia.
[17:34]  * ogra just doesnt read this way ... 
[17:35] <leftyfb> PRETEXTATO: Dislexia does not cause you to randomly hit shift. More than likely you're using some application/plugin that is doing this. Please disable it
[17:35] <PRETEXTATO> I Am Serious, DudE.
[17:36] <cbreak> iomari891: I'm assuming you're already using nofail
[17:36] <cbreak> iomari891: do you have to use fstab?
[17:37] <cbreak> you could use https://www.freedesktop.org/software/systemd/man/systemd.mount.html instead
[17:39] <PRETEXTATO> I BuiLd A OpenSSL.v3.0.5 Using THis Command...
[17:39] <PRETEXTATO> "/config  --prefix=/opt/OPEN-SSL.v3.00.05.RELEASE/  --openssldir=/opt/OPEN-SSL.v3.00.05.RELEASE/  zlib  enable-md2   enable-rc5   enable-gost   shared"
[17:40] <PRETEXTATO> AFTer THaT... MaKe, MaKe TesT And MaKe InsTaLL
[17:40] <cbreak> that's not going to work
[17:40] <PRETEXTATO> WHY?
[17:40] <cbreak> your shell is case sensitive.
[17:40] <ogra> PRETEXTATO, ths is really offtopic here ...
[17:41] <PRETEXTATO> So, WHeRe SHouLd I GeT SoMe HeLp
[17:41] <PRETEXTATO> ?
[17:41] <ogra> PRETEXTATO, dunno, perhaps here is some openssl channel
[17:42] <ogra> *there
[17:43] <PRETEXTATO> NoT THe oFFiciaL One.
[17:43] <ogra> wel, this isnt either the official openssl channel, nor a channel to talk about building random stuff
[17:44] <PRETEXTATO> I See.
[17:46] <leftyfb> that was painful and unnecessary
[17:55] <alexiafox> hi all :)
[17:55] <arraybolt3> o/
[17:56] <alexiafox> this my first time using irc, liking it so far. hope everyone's well
[17:57] <arraybolt3[m]> alexiafox: Nice!
[17:57]  * arraybolt3 is using both IRC and Matrix, thus why there's two similar but different nicks that both look like me because they both are me
[17:58] <lotuspsychje> alexiafox: welcome, this channel can be used to ask ubuntu related issues if you want to know something
[17:58] <alexiafox> :)
[17:58] <alexiafox> thanks!
[18:43] <other_rick> Hi, How do I get a kernel package to test OpenSSL with 'enable-fips'?
[19:26] <oerheks> !info linux-image-fips
[19:27] <arraybolt3> oerheks: That might require that Ubuntu Advantage/Ubuntu Pro be enabled?
[19:28] <oerheks> arraybolt3, yes, i see now
[19:28] <oerheks> other_rick, you need UA to enable https://ubuntu.com/security/certifications/docs/fips-faq
[19:29] <oerheks> normally one does that in a container, tons of howtos
[19:29] <oerheks> https://canonical.com/blog/fips-ubuntu-container-security-updates
[19:38] <samy1028> Thinking of FIPS - I saw this last night:  https://ubuntu.com/blog/ubuntu-pro-beta-release
[19:38] <samy1028> they now provide up to 5 free Ubuntu Pro licenses which include FIPS 140-2 packages.
[20:05] <aib18> hello
[20:06] <lotuspsychje> welcome aib18
[20:28] <fluxcapacitor> Has anyone had any luck installing minimal gnome over the standard snaps? I am trying to avoid instability but, at the same time, my system has become bloated and I am looking for a quick fix to avoid a full reinstall ...
[20:29] <oerheks> what is ' bloated'?
[20:29] <other_rick> thanks oerheks and samy1028
[20:31] <fluxcapacitor> Well, it depends on who you ask. For me, it means that unnecessary packages have broken the system through updates I did not ask for. Snap will update without asking and that itself may have caused weird issues. In my case, there are weird issues with my browser that I had to fix through a cheap hack in the way of installing imwheel. But that's not
[20:31] <fluxcapacitor> the best way to fix things. I am thinking about just throwing on a different variant of gnome ...
[20:31] <explodes> One of my disks is sometimes just not mounted (manifested by Steam not being able to access the SteamLibrary folder on that disk)
[20:31] <oerheks> gnome minimal, that does not have unnecessary packages.
[20:32] <explodes> I have checked "Disks" to ensure the disk is set to mount on boot, but it just "disconnects" periodically after boot.
[20:32] <oerheks> snap updates itself, that is normal.
[20:32] <explodes> I have to click on it from the sidebar and then it is available
[20:33] <oerheks> explodes, add that disk to fstab, to have it automounted https://help.ubuntu.com/community/Fstab
[20:34] <oerheks> https://help.ubuntu.com/community/InstallingANewHardDrive#Automatic_Mount_At_Boot
[20:34] <explodes> why does it mount at boot but disconnect randomly?
[20:34] <explodes> Is this possibly a loose wire or smth?
[20:35] <oerheks> if you did not add it to fstab, it should not automount.
[20:37] <explodes> UUID=2a5c9033-65d7-4d4c-907b-1bdf80501699/media/libraryext4rw,nosuid,nodev,relatime,data=ordered,uhelper=udisks2 0 0
[20:38] <explodes> It already is in fstab
[20:38] <explodes> ...tabs got eaten
[20:38] <oerheks> oke, that clears up why it is mounted
[20:38] <oerheks> only when that (ntfs?) partition is closed dirty, it will fail automount
[20:39] <oerheks> else yes, power, not enough power, wonky connector, everything is possible
[20:45] <morgan-laptop>  ubuntu what is fstab
[20:45] <wez_hn> file system table?
[20:45] <explodes> Try `cat /etc/fstab` to see what you have
[20:46] <oerheks> read back for the wiki
[20:46] <explodes> It defines which disks to mount and how
[20:53] <fluxcapacitor> Snaps are bad, I think. I'm not a snap hater like some but I think they are unpopular for a reason. Lots of people will not use Ubuntu simply because of the Canonical Snap craze. There is an anti-Snap culture you could say. I hear riots have broken out and citizens have found themselves in a state of social unrest - all over the great difficulties
[20:53] <fluxcapacitor> of Snap
[20:54] <leftyfb> fluxcapacitor: or you could just go with your own experience and try them and decide for yourself instead of buying into the FUD
[20:55] <fluxcapacitor> I've been using Ubuntu for about five years as a daily - maybe eight years as a dual boot if not longer
[20:55] <fluxcapacitor> I am not new to Ubuntu, my friend. I am a die hard user.
[20:56] <oerheks> if one wants to avoid snaps, change distro?
[20:56] <leftyfb> then even more reason not to buy into the FUD and decide for yourself
[20:56] <fluxcapacitor> I am the alpha of Ubuntu. Your grandchildren whom you chaperone into the distro will ask me what it was like in the golden days.
[20:56] <fluxcapacitor> I was here long before this channel was a fart in the wind
[20:56] <oerheks> from hearsay we have no answer to, mostly unfounded claims
[20:56] <ravage> fluxcapacitor, do you have an Ubuntu support question? if yes please ask. if not use the other rooms provided for chat like #ubuntu-discuss or #ubuntu-offtopic. thanks!
[20:57] <fluxcapacitor> join #ubuntu-discuss
[20:57] <fluxcapacitor> wrong command - no slash
[20:57] <fluxcapacitor> Sorry
[21:00] <Auctus> has anyone else seen an issue in 22.04 where if youre using, say, firefox, and you press "ctrl+S", it opens like a thousand file save dialogs and you have to close them all
[21:01] <Auctus> this has been happening over and over since i installed 22.04 last week (upgrade from 20.04)
[21:02] <Auctus> its ONLY if you ctrl+s, not right click -> save as
[21:02] <oerheks> Auctus, just tested: confirmed!
[21:03] <oerheks> i just kill firefox over that :-(
[21:06] <oerheks> i find no simular bugreports..
[21:07]  * ogra can't reproduce ... 
[21:08] <ravage> only one dialog here too
[21:09] <oerheks> cancel, save, or change type does not respond
[21:10] <Auctus> it doesnt happen every time, to me, but on certain links it will
[21:10] <ravage> yep
[21:12] <ogra> well, right after i typed the above i actually *could* repro it ... lol
[21:12] <ogra> this is a horrid bug
[21:13] <WeeBey> Quick question frens. If I want to use dd to clone my computer drive (nvme on a laptop), I should boot from a live disk to do it, correct?
[21:13] <ravage> all on wayland? im trying different configs atm
[21:13] <Auctus> ravage: yes wayland
[21:13] <ravage> still trying to reproduce it with xorg
[21:13] <murmel> WeeBey: especially when talking about boot drive
[21:13] <oerheks> WeeBey, yes, when not in use
[21:13] <Auctus> i think wayland broke a whoooole bunch of stuff, sometimes some windows wont "resize", theyll just turn black on the area that was "resized"
[21:14] <WeeBey> murmel, oerheks ; cool.  ok ok. It doesn't look complicated. I'm excited.
[21:14] <oerheks> and after cloning, the UUID changes on the target drive.
[21:14] <ogra> "gnome-shell[10437]: Key repeat discarded, Wayland compositor doesn't seem to be processing events fast enough!"
[21:14] <WeeBey> oerheks, ooooh. Interesting. So, it would not be immediately bootable?
[21:14] <ogra> i see a lot of this in my journal for the time the FF issue happened
[21:14] <WeeBey> (given that grub may not find the 'old' drive?)
[21:15] <oerheks> WeeBey, indeed, patition UUID does not match fstab anymore
[21:15] <oerheks> https://help.ubuntu.com/community/Fstab
[21:15] <ravage> ok so it may be wayland related. i tried about 10 sites on xorg and could not reproduce it. i also run xorg on my main system and could not reproduce
[21:15] <oerheks> blkid would show them correct
[21:17] <WeeBey> oerheks, thanks for the input. End goal is to install Windows 10, update my bios, and revert back to my Ubuntu system.
[21:18] <ravage> WeeBey, maybe just look for a bootable windows PE usb drive and do the upgrade from there?
[21:18] <murmel> no way in linux?
[21:18] <ravage> "Hiren's BootCD PE" for example
[21:18] <ravage> there are a few
[21:19] <WeeBey> sadly no murmel. It's a Razer. Very windows-centric.
[21:19] <murmel> ya
[21:20] <WeeBey> (It still can't suspend without losing trackpad. I'm even running kernel 5.19.5 and still can't make it suspend without losing touchpad. That's why I think bios update may help.
[21:23] <oerheks> read the changelog of that biosupdate, it might give a clue
[21:24] <WeeBey> good idea. I'll have a look
[21:25] <gurki> WeeBey: well. does suspend without loosing touchpad work from windows?
[21:26] <gurki> if yes, what makes you think that a bios update is changing the situation?
[21:26] <WeeBey> gurki, I read some similar issues from users under windows.
[21:26] <WeeBey> But I cannot be sure if it would help.
[21:27] <gurki> i wouldnt tinker around my bios on a hunch, i would verify that if i were you
[21:27] <gurki> ultimately its your hardware, so your call :3
[21:27] <murmel> eh, firmware updates are not that scary anymore
[21:27] <gurki> until theyre not.
[21:27] <WeeBey> :p
[21:28] <gurki> im fine with flashing bios chips manually, ive been there. but for your average person that might brick a device.
[21:28] <murmel> idk, since i tinkered with technology, I never had issues, and that was true in the 90s
[21:28] <gurki> i wont be mad about you not having issues :)
[21:28] <murmel> :)
[21:29] <murmel> on the other hand, I don't have keyboards/touchpads which need firmware updates xD
[21:29] <gurki> :D
[21:30] <WeeBey> there's no changelog on the bios update.
[21:30] <WeeBey> :-/
[21:30] <oerheks> maybe in the package/zip?
[21:30] <murmel> yeah, that's normal nowadays
[21:31] <ogra> oerheks, Auctus, did one of you open a bug for the firefox issue ?
[21:32] <wez_hn> gurki: there's a nice jbod tool you can buy
[21:32] <wez_hn> unbricking device
[21:32] <WeeBey> It's an .exe app with the update baked in somewhere
[21:33] <WeeBey> I ran it in a VM and said, "just told me it's not a razer device. lol"
[21:33] <WeeBey> improper use of quotes there...
[21:34] <murmel> WeeBey: did you pass through the device? not sure if it's possible with your config
[21:34] <WeeBey> murmel, I don't think it is. I was using the VM just to see if it would extract the update and i would get a change log.
[21:34] <wez_hn> WeeBey: .exe doesn't sound portable.
[21:35] <murmel> WeeBey: I was just trying to say that you shouldn't pass through devices for firmware updates, as things can go _very_ wrong
[21:36] <oerheks> ogra, no, i was waiting
[21:36] <WeeBey> Yep. I'm with you.
[21:37] <oerheks> the firmware tool in ubuntu is pretty neat
[21:38] <arraybolt3[m]> WeeBey: Sometimes you can update the BIOS from within the BIOS itself. What's your system's model?
[21:38] <murmel> yeah only if more hw would be supported :S
[21:38] <murmel> arraybolt3[m]: firmware of touchpad, not bios bios
[21:39] <arraybolt3[m]> (FreeDOS can also do the trick in some instances but that's scary IMO.)
[21:39] <arraybolt3> murmel: I'd probably have known that if Matrix hadn't just slowed to a crawl. It got so bad I just had sarnold mute my Matrix account in #ubuntu-discuss because it was taking so long for messages to get through and stuff that made no sense any longer was in the queue.
[21:39] <arraybolt3> In fact, you're seeing messages I sent quite a bit ago coming through now.
[21:39] <murmel> arraybolt3: yeah, I read that ;)
[21:39] <murmel> ahh makes sense
[21:39] <arraybolt3[m]> WeeBey: But at any rate, if you're looking to clone your drive so you can install Windows for a BIOS upgrade, there's no need to make the drive bootable.
[21:40] <arraybolt3> At least this time my messages actually make some degree of sense.
[21:41] <arraybolt3[m]> WeeBey: Clone the whole entire drive (like /dev/sda, not the partition /dev/sda1) into a file on an external drive. Then install Windows over the top of Ubuntu, do your BIOS update (carefully!), then boot into the live USB and reflash your disk image back over the top of the drive.
[21:42] <arraybolt3[m]> (Note that this is somewhat of a strain on the drive since you'll be overwriting the whole thing. How old is the system's internal drive?)
[21:42] <WeeBey> arraybolt3[m], Oh, ok. That's what I was going to do--the entire drive, not the partition.
[21:42] <WeeBey> arraybolt3[m], like 1 year
[21:43] <WeeBey> arraybolt3[m], I read that there's issues when cloning and loading onto other partitions/drives but a copy of itself back onto itself should be OK... even grub should be intact, i reckon
[21:43] <arraybolt3> WeeBey: Exactly.
[21:43] <arraybolt3> WeeBey: If you're cloning *partitions*, things get very messy very quickly, but for whole drives, it should be simple.
[21:44] <WeeBey> Nice nice. Ok, sounds like a 'fun' project for when I get some time.
[21:45] <WeeBey> Side story. When I got this laptop (razer 15 2021). Before first boot, I formatted and installed 20.04... No wifi and a bunch of issues. Then formatted and installed 21.10 (or whatever) and wifi and boatload of issues. Finally fixed most and now at 22.04 and a 90% happy camper.
[21:46] <WeeBey> But.. i should have let it boot and updated the bios. Haha.
[21:46] <murmel> yeah, that's always the first thing I do, then wipe :)
[21:52] <Macwinner> Hi, i was wondering if someone could point me to the process of reporting a missing config parameter during building of the saslauthd package.  We are migrating to Ubuntu from Centos.  We noticed that the Ubuntu package doesn't have a configure flag set
[21:53] <Macwinner> I'm wondering if there is a standard ticketing system to report this and see if it could be added
[21:53] <ogra> Macwinner, ubuntu-bug sasl2-bin
[21:54] <ogra> run that in a terminal
[21:54] <Macwinner> wow!
[21:55] <webchat56> Hello I'm back
[21:58] <Macwinner> thanks ogra
[21:58] <ogra> Macwinner, you're welcome 🙂
[22:44] <mko_> how can I merge two files by adding only the missing lines and preventing the lines that are existing in one to be added? I have a list of configurations that I want to add to sysctl.config. But some of the lines are already in the original config file
[22:45] <ash_worksi> what's the easiest way to install a set of packages previously installed on another machine on a new one?
[22:45] <ash_worksi> (sans conf-mgmt tool)
[22:46] <ash_worksi> I think there's a dpkg command that can just list everything you should `apt-get install`
[22:46] <murmel> ash_worksi: dpkg --get-selections // dpkg --set-selections
[22:52] <brkroot> how can I merge two files by adding only the missing lines and preventing the lines that are existing in one to be added? I have a list of configurations that I want to add to sysctl.config. But some of the lines are already in the original config file
[22:53] <ednash> you could do cat file1 file2 | sort | uniq
[22:59] <brkroot> do you reckon it will work. Please have a look the both files https://pastebin.com/DYJ14cTY ----> https://pastebin.com/MKsKhdVR
[23:03] <brkroot> Its for virtual machines and I don't want to manually add all these lines to each machine.
[23:05] <brkroot> So i need to copy all lines after sudo vi/etc/sysctl  and paste them in to the original file in the new vm
[23:05] <brkroot> or even to remove the #explanations and just add the lines
[23:06] <murmel> brkroot: huh, why not do everything with echo >> file
[23:06] <murmel> if you have multiple settings for one, the last one applies
[23:07] <murmel> it's literally one command to put all the lines in the file
[23:07] <brkroot> well thats great, how do i do this with echo?
[23:08] <murmel> brkroot: echo -e "setting1\nsetting2\netc" >> file
[23:08] <murmel> eh with spaces between \n and next line
[23:09] <brkroot> ok will copy file1 to the virtual machine and will try the command
[23:13] <brkroot> murmel, does tboth files have to be in same dir to run this command? should I place my new file with the settings to the existing /etc/?
[23:13] <brkroot> or do I add the paths for both files?
[23:13] <murmel> brkroot: no, there is no second file, you just throw in that echo command, what you want to have in the sysctl.conf
[23:13] <brkroot> oh ok
[23:14] <murmel> brkroot: as I said, if you have for example net.ipv4.conf.all.log_martians = 1 and net.ipv4.conf.all.log_martians = 0, the second "overwrites" the first one
[23:16] <brkroot> okay, thats great! But then will it add new line as well, or just overrides the existing ones?
[23:17] <murmel> it just adds everything at the end of the file
[23:17] <brkroot> ok
[23:17] <brkroot> ill try
[23:24] <Lartza> Hi! 22.04, upgrades kept back, full-upgrade doesn't work either, no reason given? Kind of rusty with deb systems at this point
[23:24] <Lartza> Just a few packages to be clear not all upgrades, libnfsidmap1 nfs-common ubuntu-advantage-tools
[23:25] <murmel> !phasedupdates
[23:25] <murmel> Lartza: ^
[23:25] <brkroot> OMG! murmel it worked perfectly! :)
[23:25] <brkroot> thank you!
[23:25] <murmel> brkroot: yw
[23:25] <Lartza> Aaah so also not just a deb thing but an Ubuntu thing, thank you
[23:26] <brkroot> so all that happened tnx to echo? I should learn about it!
[23:30] <murmel> brkroot: it's defintely more versatile than most people think ;)
[23:31] <chindor> hello anyone can help me fix a mixrophone problem plz
[23:31] <VMGuy23> Hi, what's the issue?
[23:32] <ednash> yeah
[23:33] <chindor> the mic just not work
[23:34] <chindor> i id use it as usual, but this time not working i dont know why
[23:34] <brkroot>  murmel thanks a ton! one last thing please, is there a difference in the syntax (in regards to the spacing in front of the values) --> between ""net.ipv4.icmp_echo_ignore_broadcasts = 1"" and ""net.ipv4.icmp_echo_ignore_broadcasts=1""
[23:34] <VMGuy23> chindor: is the volume of the microphone turned up? Check in settings.
[23:35] <murmel> brkroot: there is no difference, with spaces looks better that's why most people do it
[23:35] <chindor> yes it is
[23:36] <brkroot> murmel, oh okay, well yeah, kind of looks neat with the space! thanks.