[00:28] <Guest34> Hello
[00:29] <Guest34> Just found a VPN website using Cloudflare HTTPS cert, and Google Analitics :o
[00:29] <Guest34> I'm seriously distrusting most VPNS I see now
[00:30] <Guest34> Nord, PIA, Ivacy's site all look the same lol
[00:30] <Guest34> I think the only choice is to self-host lol
[00:33] <new> oiii
[00:33] <new> seus noia
[00:44] <sarnold> Guest34: oh yeah, that's 1000% shady market. I think there's two big companies that own dozens of brands.
[00:45] <sarnold> Guest34: but hey, that's what it takes to watch netflix from other countries
[00:45] <Guest34> yeah, i want to self-host, but I get DNS leaks randomly
[00:59] <highrate> no man page for itoa() ?
[00:59] <highrate> not used anymore?
[01:03] <sarnold> highrate: I don't think I've ever seen one; sprintf or asprintf are the usual tools
[01:09] <JanC> or some variation thereof
[03:12] <jholman> Good day.  I'm trying to follow https://help.ubuntu.com/community/Full_Disk_Encryption_Howto_2019 and am seeking help with that.      I need to have a VM with FDE, and I'm using Oracle Virtualbox.  I chose Xubuntu 22.04.2 , DLed the install ISO, and followed the Howto.  It all seemed to work, as far as I could tell, until I got to the end.
[03:12] <jholman> Now that I have rebooted, I get prompted for the passphrase for the master key, which seeeeeeems to go okay as far as I can tell, but in the fullness of time I get 'Volume group 'vgxubuntu" not found' and "Cannot process volume group vgxubuntu" and eventually a busybox shell.  Help?
[03:19] <Guest34> Get got a live one boys
[03:19] <Guest34> we got*
[03:20] <Guest34> oh
[03:20] <Guest34> jsut want to encrypt ur disk
[03:20] <Guest34> very easy
[03:20] <Guest34> Is the VM.. KVM?
[03:20] <jholman> No, it's Oracle VirtualBox
[03:20] <jholman> Host OS is Windows 10
[03:21] <Guest34> idk, ive only ran linux in real system
[03:21] <jholman> Well, as far as I can tell, it shouldn't matter.  Virtualbox should be presenting to the guest OS as if it was just any ol' (crappy, slow, mediocre) hardware.
[03:22] <Guest34> yeah
[03:22] <Guest34> but the filesystem way be different
[03:22] <Guest34> may
[03:22] <jholman> I'm concerned that there's an error in the Howto that I'm not savvy enough to troubleshoot.
[03:22] <Guest34> or something about how it works
[03:22] <jholman> That howto should be *creating* the filesystem.
[03:23] <jholman> And, I mean, I think it is.
[05:10] <karl> Hello
[05:36] <Guest34> hi
[05:36] <Guest34> Im getting two answers
[05:36] <Guest34> ls /etc/openvpn
[05:36] <Guest34> I see both update-resolv-conf  update-systemd-resolved
[05:36] <Guest34> theres supposed to be just 1
[05:36] <Guest34> not both
[05:40] <Guest66> Hi guys, Im trying to setup a self-hosted VPS VPN, and Im having problems with DNS for both OPenVPN and Wireguard. With OPenVPN, it connects, changes my IP, but DNS is unchanged home ISP DNS, with wireguard, DNS changes to servers DNS, for a while, then reverts back entirely to home ISP DNS. I belive this is do to resolv.conf or systemd-resolve or
[05:40] <Guest66> whatever changing my DNS. How do I encrypt my DNS queries to the VPN server during the VPN connection? Literally hundereds of VPN companies do this, so I know its possible, but I can't figure out how to do that. I don't want plaintext DNS traversing the network so home ISP can't see the sites I'm loading. Help pls.
[06:33] <guiverc> jholman, why not use Lubuntu 22.04 ?   It offers full-disk encryption by default using the installer (using `calamares` it has newer install scripts that the ubiquity installer uses)
[06:35] <MoistSenpai> i agree Lubuntu is good
[06:35] <weedmic> jholman: i missed the original conversation, but some computers have encryption available at the bios level.  you will have to type a password each time you turn it on though, before it load the os.
[06:35]  * guiverc said ^ as its a flavor that offers full disk encryption 'out of the box' (since 18.10)
[06:38] <jholman> yyyyyyyeah, I guess I'm fine with lxde.  xfce/lxde/whatever.
[06:40] <jholman> I dunno, I'm kinda wondering if I'm overcomplicating, I think the xubuntu installer also had an option to encrypt, though I don't know quite what it does.  the Howto I linked above was also linked by the "compliance" documents from the company I'm trying to do contract work for
[06:42] <MoistSenpai> Lubuntu is very light its great
[06:42] <jholman> so I kinda wanted to be as faithful to that as it's possible to be...  at least, without me having to learn what all that cryptsetup stuff is actually doing, or what that pvcreate stuff is actually doing...
[06:52] <guiverc> jholman, fyi:  Lubuntu hasn't used LXDE for years...   (18.10 was first LXQt when they upgraded install scripts to include full.disk.encryption out-of-the-box)...   You can change desktop though if needed
[06:59] <MoistSenpai> it just uses default sus crypto
[06:59] <MoistSenpai> aes-128 etc
[07:06] <andrew_> lol
[08:24] <jholman> Well, I used the out-of-the-box Xubuntu installer's FDE, which I probably should have tried first, and it did seem to work without complimcations.  However, can see why the Howto ( https://help.ubuntu.com/community/Full_Disk_Encryption_Howto_2019 ) doesn't use it: as far as I can tell the swap and boot partitions are not encrypted.  I guess I'll
[08:24] <jholman> just hope that's good enough for the people who I'm trying to satisfy with this whole FDE business.
[08:26] <akik> jholman: "It is focused on modifying the Ubuntu Desktop installer process in the minimum possible way to allow it to install with an encrypted /boot/ and root file-system." efi esp can't be encrypted
[08:27] <jholman> What are you quoting?
[08:27] <akik> jholman: https://help.ubuntu.com/community/Full_Disk_Encryption_Howto_2019
[08:28] <jholman> Sorry, that makes more sense.  Hmn, yes, you're right, it's pretty clear about that and yet I missed it.
[08:28] <jholman> And to be clear, what I meant was that the *default installer* (which I have now used) does not seem to leave the swap and boot encrypted.
[08:29] <jholman> And that's why the Howto doesn't simply say "use the default installer"
[08:29] <jholman> (I mean, perhaps that's why.  Perhaps that's part of why.)
[08:30] <jholman> This is all following up to my long question a few hours ago, about how following the Howto failed me.  *shrug*
[08:30] <MoistSenpai> Are u still trying to encrypt ur disk
[08:30] <MoistSenpai> It takes 5 minutes
[08:30] <MoistSenpai> Just reformat and install
[08:30] <MoistSenpai> select Encrypt Installation
[08:31] <akik> jholman: the guide you linked makes the boot work so, they you need to enter the decryption password before even getting the grub menu
[08:31] <jholman> akik: yeah, I did all that.  and it still doesn't boot.
[08:32] <weedmic> jholman: did you check to see if your machine supports "BIOS encryption is a feature that encrypts the data on your hard drive using a key that is stored in the BIOS. This means that even if someone removes your hard drive and connects it to another device, they will not be able to access your data without the key."
[08:32] <jholman> weedmic: I did not, because I need it to be demonstrable in a screenshot of a partition editor
[08:33] <jholman> again, the reason I'm doing all this is to be inline with a corporate security-compliance requirement
[08:33] <jholman> they want a screenshot of a partition editor (gparted or equiv)
[08:34] <yukiup> will snaps in the future be installable without an assert file? its just not as elegant.
[08:34] <weedmic> one culd take a pic of the comptuer booting, stopping as it says you must type in password, then continuing - we have done this to all olaptops
[08:34] <yukiup> for offline install, etc
[08:35] <jholman> Again, I was only coming back to report having *solved it*, though perhaps somewhat inadequately.  My bad, maybe reports of solutions aren't wanted here.
[08:36] <akik> jholman: ubuntu will be the only os on the ssd?
[08:36] <jholman> When I was a more active member in the community a few decades ago, that was just considered good form.  My apologies.
[08:36] <jholman> Ubuntu is the only OS in the virtual "HDD".  The host OS is another matter entirely.
[08:37] <jholman> Anyway, that's all.  Have a good evening.
[08:37] <akik> jholman: what boots it?
[08:37] <jholman> What boots what?
[08:37] <akik> jholman: the virtual hdd
[08:37] <jholman> It's called Virtualbox, it's virtualization software that is Oracle-branded these days, I believe they bought it a long time ago.
[08:38] <akik> jholman: and you've configured it for uefi booting?
[08:39] <jholman> No, currently it's configured for BIOS.
[08:39] <jholman> VirtualBox does have a checkbox to use "EFI" (it doesn't *say* UEFI, which made me a little nervous, so I left it default, which was unchecked)
[08:40] <jholman> The checkbox says "Enable EFI (special OSes only)".  Amusing wording.
[08:40] <akik> jholman: ok that should be possible
[08:40] <jholman> Again, it's not only possible, it's working.
[08:40] <akik> jholman: oh i thought it failed boot
[08:41] <jholman> The old thing failed boot.  I have changed strategy, and the new strategy is working, and that's what my message of 16 minutes ago says.
[08:41] <akik> jholman: but /boot remained unencrypted?
[08:42] <akik> jholman: i did that setup some months ago, but on an uefi booting lapto
[08:43] <jholman> Four hours ago I was trying to use the Howto, I came in to ask for help, no one had any suggestions other than "Did you try Lubuntu instead", eventually I gave up on the howto and used the default installer.  And, as I reported just now, the difference between the Howto and the default installer seems to be that the default installer does NOT
[08:43] <jholman> encrypt /boot (but it is working for me), whereas the Howto is definitely encrypting /boot (it did encrypt it, but then it failed booting for some reason involving being unable to find /vgxubuntu or something like that)
[08:43] <jholman> So.
[08:43] <jholman> Instead of the Howto, which seems to have been aim-higher-and-miss, I'm just using the default installer, which seems to be aim-lower-but-works.
[08:44] <jholman> I'm sure the Howto is overall pretty good, and I don't know what I did wrong, or what's wrong, or whatever, which is why I was asking 4 hours ago.  IRC used to be more active than this, I guess.
[08:44] <jholman> Anyway.  Sorry for coming back to report on my alternate approach and success, it seems to have created confusion rather than been helpful.  As I say, the community used to be different.
[08:45] <jholman> Have a good night/day/whatever!
[11:00] <weedmic> I was informed by "updates discover" that there is a dell system firmware Latitude_5430_1.13.1 udpate.  I am correct that it is not downloaded in anyway and I must go to dell and fetch it myself?
[11:00] <weedmic> or, is is somewhere other than ...Downloads ?
[11:11] <ravage> sudo fwupdmgr update
[11:14] <weedmic> ravage ty, i see that in my notes pencilled in from 1.12, but not typed into the database
[13:07] <Chaapp> Anyone using Ubuntu Pro?
[13:07] <lotuspsychje> hats your actual question Chaapp
[13:07] <lotuspsychje> *whats
[13:10] <Crin> Hello
[13:10] <Chaapp> Hello
[13:10] <tarzeau> Hello
[13:15] <Crin> I have an issue with reloading udev rules
[13:15] <Crin> "sudo udevadm control --reload-rules && sudo udevadm trigger"gives permision denied
[13:17] <weedmic> Crin: doesn't udevadm require a path?
[13:18] <Crin> all the things i could find online said no
[13:19] <Crin> also i get a huge list of paths with permission denied as i used the command so it recursivly goes through them?
[13:19] <weedmic> what happens when you do something simple like "udevadm info"?
[13:22] <Crin> ok i know the issue
[13:23] <Crin> i used 2 command on 1 line with && but didnt add sudo to "udevadmn trgger" >.>
[13:23] <Crin> thanks anyway
[13:53] <ogra> Crin, on a sidenote, this is completely useless in recent udev ... it uses inotify to watch the rules dirs anyway and will do the reload iternally in an automatic way once it detects changes in /etc/udev/rules.d or /lib/udev/rules.d, so you dont really need the above anymore (that was true 10y ago though)
[13:55] <bot> hello
[13:56] <Guest1329> chatGPT here
[15:04] <geosmile> https://dpaste.org/nPZPd - anyone knows why "sudo -i" wont work for me? how to fix this?
[15:21] <nteodosio> geosmile, do you have more context?
[15:22] <geosmile> usermod -aG sudo john - ran this twice already. note that the error is not "not in sudoers file" or "incorrect password". It has to do something with the PKCS module.
[15:25] <nteodosio> Can you use your smart card for other sort of authentication as normal?
[15:26] <geosmile> nteodosio, this machine has no smart card - not sure how to remove it
[15:27] <nteodosio> You use no smart card on that machine, nor have you ever used one?
[15:27] <geosmile> nteodosio, correct
[15:28] <nteodosio> Then what about apt remove libpam-{p11,pkcs11}?
[15:29] <nteodosio> Ah nevermind you don't have sudo access apparently
[15:30] <geosmile> nteodosio, i do have sudo access - just not as the user i need
[15:32] <nteodosio> I'd try removing those packages then.
[15:32] <geosmile> nteodosio, thanks! That helped. the error messages went away. It wont take my password - let me double check that though
[15:33] <nteodosio> Great, but is the problem considered solved if it won't take your password?
[15:34] <geosmile> nteodosio, something is wierd. I change the password using passwd john. Then I paste that exact password in sudo -i--and i get incorrect password?
[15:34] <geosmile> any ideas ?
[15:35] <geosmile> nteodosio, https://dpaste.org/TZHa8
[15:36] <nteodosio> Hmm you set up john's password, not root's.
[15:36] <jhutchins> nteodosio: Cut-and-paste can pick up non-display characters like a return at the end.  Try pasting the password into a terminal, then copy and paste that.
[15:37] <geosmile> jhutchins, trying
[15:37] <jhutchins> nteodosio: Also, many apps return "incorrect password" for most authentication falures, no matter what the cause.  Make sure you are a member of the sudo(ers?) group.
[15:37] <nteodosio> Maybe I'm remembering wrong because I don't activate root anymore, but aren't you supposed to passwd root?
[15:39] <jhutchins> nteodosio: Yeah, that's right, sudo requires user password, su - requires root.
[15:39] <geosmile> jhutchins, I tried again, this time by even typing it manually - same problem!
[15:39] <jhutchins> geosmile: See above.
[15:40] <jhutchins> nteodosio: I'm always picking the wrong nick, sorry.  I think you've got it.
[15:40] <nteodosio> jhutchins, ah true su - is for root password, thanks for the refresher
[15:40] <nteodosio> yeah no problem about that, I got it :)
[15:42] <geosmile> jhutchins, I typed the password manually this time, same problem. And I did add john to the sudoers group multiple times.
[15:43] <geosmile> usermod -aG sudo john - to be precise
[15:43] <nteodosio> geosmile, has john been in sudoers since the start of your session, or have you added him during the session?
[15:43] <geosmile> could it be some setting on the machine that does not allow users to become root?
[15:44] <geosmile> nteodosio, I've run that command before i came here
[15:45] <nteodosio> Well the fact that you can "sudo" otherwise but only not "sudo -i" makes that moot as far as I can tell... I'm out of ideas.
[15:45] <jhutchins> geosmile: Did you log out and log back in after you added the group?  What does "groups" say?
[15:45] <geosmile> groups => john sudo
[15:46] <geosmile> jhutchins, on the same machine, I can run sudo -i using a different user, but not john.
[15:47] <jhutchins> nteodosio: If you want a root shell you can either set a password for the root account, or use something like sudo -i to open a root shell as a regular user.
[15:48] <jhutchins> I learned on systems where there wasn't a mechanism for a regular user to do admin tasks, you had to log in as an admin (root).
[15:48] <nteodosio> ...which provides a new idea: Do you have the root password, geosmile? Can you su?
[15:48] <geosmile> I've another user on that machine which is in the sudoers group - and that user works perfectly.
[15:49] <geosmile> I've not touched root password/login
[15:52] <jhutchins> I suppose another problem could be non-printing characters actually IN the password.
[15:52] <jhutchins> geosmile: How are you accessing theis system?  Is this a physical, one console direct login?
[15:53] <geosmile> jhutchins, I'm sshing to the system using ssh mylogin@ip - then i do sudo -i - then i do su john - that works. But when i do sudo -i from john's account - incorrect password
[15:53] <jhutchins> geosmile: What system are you connecting FROM?
[15:56] <jhutchins> geosmile: How about su - ?  Become root? You can become john from sudo -i because you're root.
[15:56] <jhutchins> geosmile: Are you sure the root password is set?  Can you open a console (Ctrl-Alt-F1) and log in as root?
[15:56] <jhutchins> Um, that assumes physical access...
[15:57] <jhutchins> What about ssh root@system?
[15:57] <jhutchins> (root login is probably blocked, but it's worth a try.
[16:02] <geosmile> jhutchins, let me try
[16:02] <geosmile> jhutchins, if i do passwd root - it says NewPassword - which means its not set?
[16:16] <jhutchins> geosmile: I think that's what it means.
[16:18] <micha_> IIRC `passwd $username` is used by root to reset a user's password
[16:19] <jhutchins> As a user it prompts for current password, as root I think it just prompts for the new one.  Figures you're already god, why bother with more passwords.
[16:19] <micha_> The old password prompt is for normal users calling `passwd` without a username to change their own password
[16:19] <jhutchins> micha_: Right.
[16:47] <aymeric> hello
[16:47] <aymeric> what can i do!
[16:50] <lotuspsychje> aymeric: you can ask an ubuntu question here
[16:51] <aymeric> how does it work
[16:53] <hggdh> aymeric: this is an Ubuntu community support channel. People pop in and present their problem/question and -- hopefully -- someone knows the answer
[16:53] <hggdh> on the other hand, this is not a generic chat channel
[17:33] <spmkde> Hey guys, is anyone of you aware of a good introduction/documentation of the package workflow from debian to ubuntu? I.e. when and how packages are propagated from debian to ubuntu?
[17:58] <jhutchins> Don't we send people in ninja costumes to break in at night and steal the Debian packages?
[17:59] <jhutchins> spmkde: Is there a particular package you're interested in?
[17:59] <ogra> it used to be like that ... but after 19y working from home we all got fat and lazy and stopped fitting the ninja costumes
[17:59] <jhutchins> Oohh, right.
[18:01] <ogra> packages are auto-imported from debian unstable into launchpad (and thus the archive) from the start of a release cycle until debian import freeze (see the respective release schedules for a certain ubuntu release for when this is)
[18:01] <spmkde> jhutchins: I am interested in the versions for package ufw. I just stumbled upon the rmadison script which gives a good idea on which releases contain different package version
[18:01] <ogra> packages that have ubuntu changes (indicated by an -XubuntuX in the version string) will have to be manually merged by developers
[18:03] <spmkde> ogra: thank you! what's the debian import freeze? is this a date determined by ubuntu?
[18:05] <ogra> it is a planned date when a new rlease schedule is established ahead of starting a release ... see https://discourse.ubuntu.com/t/mantic-minotaur-release-schedule/34989 for the currently in-develppment release
[18:49] <jhutchins> Isn't the freeze somewhat flexible, depending on how testing is going?
[18:51] <ogra> not rally
[18:51] <ogra> *really
[18:53] <ogra> the schedule is usually pretty stictly sticked to ... IIRC we only had one or two releases where dates slipped
[18:54] <ogra> ... or if you count in 6.06 where it was re-done mid-cycle to extend the cycle by 2 months for the very first LTS ...
[19:04] <hans_> what happened to libapache2-mod-cgi
[19:04] <hans_> and how do i enable the cgi module in apache on ubuntu 22.04?
[19:06] <jhutchins> ogra: You're talking about the Ubuntu schedule, not the Debian schedule, right?
[19:07] <hans_> dunno what happened to the package, but it seems "a2enmod cgid " works now, without that package being installed
[19:07] <jhutchins> hans_: They shuffled some components around with the different engines being more accessible now.
[19:10] <hans_> i ran `sudo apt install apache2` and edited /etc/apache2/sites-enabled/000-default.conf from "VirtualHost *:80"  to "VirtualHost *:82", why is apache still trying to bind to port 80? (i got nginx on port 80)
[19:10] <hans_> jhutchins: oh i see, thanks
[19:11] <jhutchins> hans_: sometimes the port's defined in more than one place/file.
[19:12] <jhutchins> (Obviously you've restarted...)
[19:12] <hans_> restarted? the OS, no. the apache server? it never started in the first place, crashed while trying to bind to port 80.
[19:13] <hans_> but `sudo service apache2 start` doesn't start it, still crashes trying to bind to port 80. trying to look for 80 in the conf files tho
[19:14] <hans_> ohh found it: Listen 80  in /etc/apache2/ports.conf
[19:15] <hans_> .. i think the Listen directive is a new thing in Ubuntu? iirc previously the ports to listen to would be inferred by just the VirtualHost directives
[19:15] <hans_> .. previously is probably years ago tho
[19:16] <hans_> anyhow works now :)
[19:17] <ogra> jhutchins, yes, indeed
[21:41] <xMopx> that news about red hat is so crazy
[21:41] <xMopx> no longer open source lol
[21:42] <xMopx> it's a good day to be a debian/ubuntu user
[21:43] <banta> Wait what the hell happened
[21:44] <xMopx> they are locking their source code behind paid subscriptions
[21:44] <xMopx> https://www.phoronix.com/news/Red-Hat-CentOS-Stream-Sources
[21:45] <gordonjcp> oh well
[21:45] <gordonjcp> wonder what that'll do for DaVinci Resolve
[21:45] <gordonjcp> they killed CentOS
[21:46] <banta> rip
[21:46] <gordonjcp> that caused rumblings in the DR community
[21:47] <banta> I've never messed with redhat so far, just moved from Arch to Mint on the main desktop
[21:48] <xMopx> i've only ever used it at work
[21:49] <gordonjcp> I used redhat 6
[21:49] <gordonjcp> not RHEL 6
[21:49] <gordonjcp> redhat 6
[21:49] <gordonjcp> in the late 90s
[21:49] <gordonjcp> PHP3 was still very new and shiny then
[21:50] <banta> I briefly distro-hopped to fedora for a week or so, if that counts
[22:03] <Guest5694> have a serious issue. I have 3 OS's. Windows 10, Ubuntu 22.04 and ParrotOS. On ubuntu I installed a grub theme and now I cant boot into any OS's from the grub menu. Any guidance on resolving this. I'm currently on chat using the live CD
[22:11] <Guest5694> any ideas on fixing grub from the live CD
[22:19] <meanin> install boot repair,
[22:20] <meanin> !bootrepair
[22:48] <seer__> NitNot officially an ubuntu question but how do I find the list of keyboard shortcuts in chrome (too many tabs to see them all and no way to slide down to the end, grr)
[22:49] <seer__> duh, google it. https://support.google.com/chrome/answer/157179?hl=en&co=GENIE.Platform%3DDesktop
[22:53] <seer__> lol celticfrog (misreading)