=== five618480338 is now known as five61848033
=== EriC^ is now known as EriC^^
=== PasiZ7 is now known as PasiZ
[04:06] <junyx> Does anyone know where the default nice value is set? I noticed in my system its 5 but I may want to configure that
[04:24] <rfm> junyx, the only thing I know of is pam_umask which can set the nice value for a user based on a value in the GECOS field in /etc/passwd.
[04:24] <junyx> rfm thanks I'll look into that
[04:28] <buzz_> buzz
=== buzz_ is now known as Guest7810
[06:16] <fraxi> .
[06:20] <LuckyMan> good morning
[06:21] <liquidsnake> mornin
[06:23] <fraxi> morni
=== guiverc2 is now known as guiverc
=== remy_ is now known as Remy
[06:37] <simon_> is there an ubuntu which is considered less buggy than lubuntu and ubuntu?
[06:37] <simon_> maybe kubuntu  or xubuntu?
[06:39] <simon_> I mean I could also just ignore the fact that l- and ubunutu have severe issues.
[06:52] <momken> oerheks Good morning, Not p7zip didn't add something to nautilus right click menu!
[07:14] <LuckyMan> simon what issues?
[07:15] <LuckyMan> oh he left...
[07:15] <momken> I could open a password-protected rar file with File Roller but not with nautilus itself
[07:16] <momken> Is it even possible to open password-protected rar files with nautilus
[07:16] <LuckyMan> momken, that's a good thing, I think.
[07:16] <momken> ?
[07:16] <momken> LuckyMan why?
[07:16] <LuckyMan> why would you want to use nautilus if you have File Roller?
[07:17] <LuckyMan> It's the KISS philosophy
[07:17] <LuckyMan> you want to keep it simple
[07:17] <momken> LuckyMan Because it is easier to open files in file manager than using another program -> Better user experience
[07:18] <LuckyMan> momken, that would also mean it would be harder to catch problematic files when you open them
[07:21] <LuckyMan> momken if you really want to open rar files with a file manager that can be achieved by associating a program with that kind of file
[07:21] <LuckyMan> but I wouldn't recommend that
[07:22] <LuckyMan> btw you can use right click menu on a compressed file
[07:26] <LuckyMan> also user experience varies with what you actually do. I had problems on other OS sending a zip file over the internet because the file manager always opened the file and show it's contents instead of just showing me the .zip
=== vincejv_ is now known as vincejv
=== Lagair59 is now known as Lagair5
=== pushkarnk1 is now known as pushkarnk
[08:41] <aog> my system connects here periodically: connectivity-check.ubuntu.com -- any way to stop this?
[08:42] <sixwheeledbeast> https://ubuntu.com/core/docs/networkmanager/snap-configuration/connectivity-check
[08:44] <aog> sixwheeledbeast: that shows how to setup the check not how to remove it
[08:45] <sixwheeledbeast> "If set to 0, it disables connectivity check" ?
[08:47] <aog> though it's still present and be re-enabled by a system upgrade
[08:47] <aog> found a way to get rid of it digging more
[08:48] <aog> apt purge network-manager-config-connectivity-ubuntu
[08:50] <gebbione> anyone knows if arc graphics exist for noble yet? https://dgpu-docs.intel.com/driver/client/overview.html
=== pushkarnk1 is now known as pushkarnk
=== EriC^^36 is now known as EriC^\
=== EriC^\ is now known as EriC^^
[09:30] <trading> i have huge dick
[09:30] <trading> looking for a man to fuck
[09:31] <trading> fuck
[09:31] <trading> you
[09:31] <trading> i
[09:31] <trading> can
[09:31] <trading> fuck
[09:31] <trading> you
[09:31] <trading> really
[09:31] <trading> hard
[09:50] <zaggynl> summer trolls are out in force again I see
[09:51] <respawn> no school so kids are bored to tears
[10:00] <panos_> How can I tell if my server has been hacked by the latest ssh vuln?
[10:13] <aog> panos_: it's very hard to hack using that vuln, in test environment on local network takes over 2 days of conn attempts to break a 32bit glibc system
[10:14] <respawn> aog, IRC Guidelines: https://ubottu.com/y/gl
[10:16] <aog> respawn: are you implying something?
[10:17] <respawn> just the use of word hacking  be carefull
[10:17] <Unit193> ..."hacking" is more than fine.
[10:17] <aog> lol are you nuts respawn ?
[10:17] <aog> hacking,hacking,hacking
[10:17] <respawn> the subject is against rules of channel
[10:17] <respawn> just be carefull
[10:18] <aog> bullshit
[10:18] <Unit193> respawn: If he were to try and help someone do it, if he's explaining that using the vuln worried about is much more complicated...no.
[10:19] <sixwheeledbeast> i mean context...
[10:19] <respawn> must be some command to see what version of ssh is using and witch one is afected by that
[10:21] <Unit193> https://ubuntu.com/security/CVE-2006-5051 should have the fixed versions.
[10:21] -ubottu:#ubuntu- Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051>
[10:21] <Unit193> Erm..
[10:22] <respawn> ssh -v localhost in terminal
[10:23] <respawn> to see the version
[10:24] <Unit193> Or, you know, `apt-cache policy openssh-server`..?
=== Guest8043 is now known as EriC^^
[11:37] <akatal> aog:   6-8 hours, I've read:    https://www.kaspersky.com/blog/openssh-vulnerability-mitigation-cve-2024-6387-regresshion/51603/
[11:37] -ubottu:#ubuntu- A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387>
=== sfenik989 is now known as sfenik98
[11:52] <akatal> openssh-server is already the newest version (1:9.6p1-3ubuntu13.3).  Why isn't ubuntu updating sshd and keeping the vulnerable version???
[11:54] <ravage> the version you have is patched
[11:55] <ravage> https://changelogs.ubuntu.com/changelogs/pool/main/o/openssh/openssh_9.6p1-3ubuntu13.3/changelog
[12:11] <fraxi> where can i edit keyboard shortcuts for the gnome classic desktop? "Keyboard Layout" from the "Systems Tools" menu doesnt start.
[12:14] <fraxi> found it
[12:16] <lotuspsychj3> !yay
[12:16] <ubottu> Glad you made it! :-)
[12:17] <aog> akatal: https://gnu.cat/blw
[12:19] <aog> 6-8 hours on LAN w/ max conns setup on both systems
[12:19] <aog> who knows how much it takes on 64bit systems + over the internet
[12:20] <aog> you're gonna be generating lots of traffic, which will be catched, rate limited, filtered, etc..
[12:21] <aog> as i said, it's not simple to breach a system w/ this vuln
[12:22] <BluesKaj> Hi all
[12:22] <aog> so not to worry too much about it + it's already patched; just apt upgrade
[12:26] <akatal> OK. Thanks ravage and aog.
[12:27] <aog> though even if you're vulnerable, you should have other systems in place like ufw w/ limit on 22, fail2ban, etc..
[12:28] <aog> which will make this vuln impossible to execute as it needs so many tries >10k -- which is like a brute force attack
[12:31] <gordonjcp> aog: it's a bit theoretical, isn't it?
[12:37] <aog> it's not theoretical anymore as the vuln works in test environment on 32bit systems, i'd say it's more like 'impractical' to exploit this vuln in the wild
[12:37] <lotuspsychj3> !discuss
[12:37] <ubottu> Want to talk about Ubuntu, but don't have a support question? /join #ubuntu-discuss for non-support Ubuntu discussion, or try #ubuntu-offtopic for general chat. Thanks!
=== iconoclasthero is now known as cleanEdge
=== cleanEdge is now known as iconoclasthero
=== iconoclasthero is now known as cleanedge
=== Guest67 is now known as laref
[13:32] <unknown_> hey
[13:32] <unknown_> how do you download ms office in linux
[13:35] <laref> hola buenas, hace un dia instale el ubuntu 24.04 lts pero al revisar la seguridad del sistema me aparecio un icono de alerta diciendo falto la comprobacion y en secureboot esta en verde, a alguien le paso lo mismo?
[13:39] <ravage> !es | laref
[13:39] <ubottu> laref: En la mayoría de los canales de Ubuntu, se habla sólo en inglés. Si busca ayuda en español entre al canal #ubuntu-es; escriba "/join #ubuntu-es" (sin comillas) y presione intro.
[13:40] <laref> Hello good, a day ago I installed the ubuntu 24.04 lts but when checking the security of the system I got an alert icon saying the check was missing and in secureboot it is green, did the same thing happen to anyone?
[13:42] <ravage> can you upload a screenshot of that icon. im not sure i know what you mean
[13:43] <laref> I don't think you can upload images here, or can you?
[13:44] <laref> It can't be done u.u
[13:44] <ravage> you can use imgur.com for example
[13:47] <laref> https:/ -- /imgtr.ee/image/ ---  INZksD
[13:48] <laref> There's the image, just remove the hyphens
[13:50] <laref> The verification was missing, that's what he says, a colleague told me that it is surely the TPM of the BIOS but it is enabled
[13:50] <ravage> you can click on that
[13:50] <ravage> and it generates a report with details
[13:50] <ravage> i have that too
[13:51] <ravage> for example: Linux Kernel Verification:                     ! Fail (Tainted)
[13:51] <ravage> i use the nvidia kernel driver
[13:51] <ravage> that would already cause that "fail"
[13:51] <ravage> so i would not worry about it too much
[13:52] <ravage> https://fwupd.github.io/libfwupdplugin/hsi.html
[13:52] <laref> Si le doy clic y recoge toda la información de mi portátil, con un texto enorme, si solo tengo NVIDIA
[13:52] <laref> If I clicked on it and it collects all the information from my laptop, with a huge text, if I just have NVIDIA
[13:54] <ravage> it is almost impossible not to fail this check
[13:54] <laref> only that I worry a little, for security it is not that I am going to do any hacking but I did not know what I got out of
[13:54] <ravage> and i think it should be modified not to show "fail" for everything
[13:54] <ravage> your system is fine
[13:57] <laref> Yes my system is fine, and both the TPM and Secureboot are active but I got that, but then, that is an Ubuntu failure or maybe an NVIDIA failure, because that kernel, a few days ago I wanted to update it but it gave me an error so I went back to what I was
[14:01] <laref> Thanks bro, I'll read the link you shared
[15:10] <Fixarinto> im getting no TLS key found in PEM data when trying to import my certificate into the snap-store-proxy
[15:14] <leftyfb> Fixarinto: I would try asking for help in #snappy
=== bagmay904 is now known as dayzRgone
=== vmserver is now known as Hobo2023
=== meLon is now known as Guest2270
=== Guest2270 is now known as earthmeLon
=== ubuntu is now known as Guest9342
[17:19] <bondking> greets frens
[17:20] <bondking> I am on 24.04, xfce. I have tried to open links in Slack. I am getting error "Failed to execute default browser Input/Output error".
[17:21] <bondking> Anyone know what I need to do to fix this?
[17:22] <bparker> bondking: what happens if you run xdg-open www.google.com
[17:23] <bondking> xdg-open www.eff.org gives the same error
[17:24] <bparker> xdg-settings get default-web-browser
[17:24] <bparker> and which browser do you want it to use
[17:24] <bondking> firefox.desktop
[17:24] <bondking> which is what I want
[17:25] <bparker> does your menu entry for firefox execute properly?
[17:25] <bondking> I set the default application in xfce as firefox. idk why it won't use it
[17:25] <bondking> it does
[17:25] <bparker> well we don't know that it's *not* trying to use it, there may be a problem with doing so
[17:25] <bondking> find -iname firefox
[17:25] <bondking> oops
[17:26] <bparker> unfortunately further troubleshooting methods past this point are going to get extremely technical
[17:27] <bondking> that's ok. I'm a very technical
[17:27] <bparker> ok
[17:27] <bparker> well first thing I would is run xdg-open under strace and see if that gives more helpful info about why it's failing
[17:27] <bparker> I would do*
[17:27] <bondking> I was trying to find the .desktop file and see what its opening
[17:28] <bondking> ok
[17:28] <bparker> or execsnoop and/or opensnoop may be helpful as well
[17:28] <bparker> from bpftrace package
[17:28] <bondking> oh wow
[17:28] <bondking> Command '/usr/bin/firefox' requires the firefox snap to be installed.
[17:28] <bondking> Please install it with: snap install firefox
[17:29] <bondking> that's at the end of strace xdg-open www.eff.org
[17:29] <bondking> this is like a sick joke?
[17:30] <bparker> are you using the snap of firefox?
[17:30] <bparker> or a ppa or something
[17:31] <bondking> I am using a ppa I think
[17:31] <bparker> it firefox is working normally, I wonder what it's actually running, and what package installed it
[17:31] <bondking> the snap version of firefox is broken in some ways
[17:31] <bparker> perhaps it installed a different .desktop file
[17:31] <bparker> besides one called 'firefox.desktop'
[17:31] <bondking> hm, lets see
[17:31] <bparker> that may be the issue
[17:32] <bparker> or it's not installed in the right place or something
[17:32] <bondking> I forgot where .desktop files are at I thought it was like /usr/share/applications
[17:32] <bparker> it may depend on the DE
[17:32] <bparker> and I think there can be user-local ones too
[17:33] <bparker> I use the mozillateam ppa on 22.04, and I have a /usr/share/applications/firefox.desktop, and 'firefox.desktop' set in xdg works fine for me
[17:33] <pnutzh4x0r> the user ones are in ~/.local/share/applications
[17:36] <bondking> xdg-open /usr/share/applications/firefox-esr.desktop    opened firefox successfully
[17:36] <xangua> Why are you using Firefox ESR?
[17:37] <bondking> because the snap firefox is woefully broken
[17:37] <xangua> Huh, ok...
[17:38] <lotuspsychj3> define broken?
[17:40] <bondking> For example you can't setup smart card certificates
[17:40] <leftyfb> do you need smart card certificates?
[17:41] <bondking> obviously
[17:42] <lotuspsychj3> its true that specific bug still exist on 24.04 FF snap, in my case belgian EID still blocked
[17:42] <lotuspsychj3> using google chrome temporary as workaround
[17:43] <leftyfb> bondking: I would reach out to Mozilla for support with Firefox from their PPA. It might warrant a bug report for them
[17:45] <xangua> 11:25 AM <bondking> I set the default application in xfce as firefox. idk why it won't use it | If you're using firefox-esr, you need to setup firefox-esr as default
[17:46] <xangua> Firefox≠firefox-esr
[17:47] <bparker> bondking: you should be able to fix it then with: xdg-settings set default-web-browser firefox-esr.desktop
[17:47] <bparker> but also, the mozilla ppa has up-to-date non-ESR version if you prefer that
[17:47] <bondking> thanks bparker I think that should work.
[17:47] <bondking> Actually yeah how would I get that version?
[17:49] <bparker> https://launchpad.net/~mozillateam/+archive/ubuntu/ppa
[17:49] <bparker> it says ESR but it has both
[17:49] <bparker> if you already have that ppa maybe you just need to apt install firefox?
[17:49] <bparker> not sure where you're getting esr from
[17:51] <bondking> yeah idk either. I just grabbed it quickly after the snap failed me
[18:56] <junyx> Where are the initramfs image files located on ubuntu? I don't see them in the /boot directory
[19:01] <oerheks> sure they are in /boot
[19:01] <oerheks> initrd.img-something
[19:01] <junyx> oerheks under what name?
[19:01] <junyx> Ah ok
[19:01] <junyx> Thanks
[19:02] <leftyfb> junyx: on ubuntu 22.04 and every other release since they are in /boot called initrd.img-$(uname -r) with initrd.img pointing to the current kernel
[19:02] <junyx> thanks leftyfb
[19:02] <leftyfb> junyx: I'm curious what you were looking for in /boot/
[19:03] <junyx> leftyfb I'm doing some linux sysadmin training and we're in the grub section now
[19:08] <junyx> leftyfb in the class they said it started with the prefix initramfs. But the instructor is using Alma Linux so I guess its different there.
[19:09] <oerheks> Alma is based on RHEL, not debian
[19:10] <oerheks> so naming and numbering might confuse you
[19:10] <junyx> oerheks yeah
[19:11] <leftyfb> junyx: I'm pretty sure that is wrong
[19:11] <leftyfb> where are you doing this training exactly?
[19:12] <junyx> leftyfb its right. I can see his directory right now
[19:13] <nuala> this intel rst thing. when we don't care bout dual boot. we could just disable it (its a personal laptop, I had a hard time explaining them what RAID is already. just dont want to break their heart and hardware) so it's "safe" to disable rst?
[19:13] <leftyfb> nuala: Intel RST is fake RAID. Disable it
[19:14] <nuala> yeah! smelt like it :D thanks for affirmation!!
[19:19] <leftyfb> junyx: sure enough, I just installed Almalinux 9: https://paste.ubuntu.com/p/BbsbVS5M8j/
[19:20] <oerheks> so we name them different.
[19:20] <junyx> Very interesting to see the subtle differences
[19:20] <leftyfb> even ob redhat releases I don't remember them being named like that
[19:20] <leftyfb> ob/on
[19:22] <oerheks> same on fedora, AFAIK
=== karenw is now known as karenthedorf
=== Sidewyz1 is now known as Sidewyz
=== Sidewyz1 is now known as Sidewyz
[20:03] <junyx> leftyfb wanna hear something even funnier? The recovery command for recreating your initramfs is called mkinitramfs on ubuntu and mkinitrd on alma linux. Complete the opposite of what the files are called. lol
[20:04] <leftyfb> junyx: ok. Good luck with your training. Since you're using Almalinux, you'll have to discuss and seek support elsewhere. We can only support Ubuntu here.
[20:04] <junyx> leftyfb I'm not asking for support on Alma Linux. My original question was on ubuntu. I wanted to share something interesting with you, human to human. I guess you're not open to that
[20:05] <leftyfb> junyx: we try to keep this channel to support topics only. For anything else, there's #ubuntu-offtopic
[20:06] <junyx> leftyfb are you an op of this channel?
[20:06] <leftyfb> junyx: no
[20:06] <junyx> Ok then. Just a jerk I guess
[20:06] <leftyfb> junyx: lets not
[20:06] <oerheks> ..
[21:36] <ali__> خلا
[21:36] <ali__> سلام عليكم
[21:39] <bombastick> Hi. I have a single drive Windows laptop that I want to dual-boot on. It came with 3 partitions: EFI, Windows C:\ (950GB, Bitlocker protected), and Windows Recovery (2GB). Using Windows' disk manager, I shrunk the main partition down to 300GB, leaving the rest as an Unformatted entry like this: https://i.imgur.com/3Thdncf.png . When Linux proposes to install alongside Windows, without letting me
[21:39] <bombastick> select the partition, it says I need to disable Bitlocker according to  help.ubuntu.com/bitlocker . Will I be able to re-enable Bitlocker later on the Windows partition once Linux is installed, and both OSes work?
[21:40] <bombastick> My goal is to have: 1) UEFI, 2) 300GB Windows with Bitlocker, 3) 650GB Linux, 4) Windows Recovery. Basically intall Linux in the unformatted area which would be in 3rd slot.
[21:43] <xypron> bombastick: Changes made by the installer result may result in changed TPM measurements which would stop you from logging into Windows with the the long recovery key (which some user may not have printed out). By stopping bitlocker before the installation and reenabling (manually) afterwards locking yourself out of Windows is avoided.
[21:44] <xypron> bombastick: Changes made by the installer may result in changed TPM measurements which would stop you from logging into Windows without the the long recovery key (which some user may not have printed out). By stopping bitlocker before the installation and reenabling (manually) afterwards locking yourself out of Windows is avoided.
[21:44] <bombastick> xypron: nice, so I can re-enable it after. Good to know, thanks. Was worried I'd need to leave it off.
[21:44] <bombastick> xypron: you can say that again!
[21:45] <bombastick> oh crap, Bitlocker has an error (on Windows). I think maybe because I created a local account and didnt give in to Microsoft's online account nonsense.
[21:46] <bombastick> i cant seem to even disable it, it's stuck in this limbo
[21:46] <bombastick> I'm gonna try asking #windows but those guys really drink the MS koolaid and I might get muted for asking how to use it without a MS account
[22:20] <oerheks> there is some tool to mount bitlocker volumes, to save data .. not sure it can undo the bitlocker partition
[22:21] <oerheks> https://itsfoss.com/mount-encrypted-windows-partition-linux/
[22:21] <oerheks> !info dislocker
[22:21] <ubottu> dislocker (0.7.3-3.1build2, noble): read/write encrypted BitLocker volumes. In component universe, is optional. Built by dislocker. Size 21 kB / 91 kB
[22:35] <bombastick> oerheks: I just winged it. You disable Bitlocker, install Linux, re-enable Bitlocker. Worked fine. Full steps here: https://paste.debian.net/plain/1322444
[22:35] <bombastick> I just wish I remembered to leave like 100GB as a shared partition, in case I ever need to transfer files
[22:35] <bombastick> (between the two OSes)
[22:45] <junyx> bombastick you can't just mount the windows partition while logged in to ubuntu?
[22:49] <bombastick> junyx: it's asking for Bitlocker password which I dont have
[22:50] <junyx> Ah ok
[22:57] <topcat001> bombastick: You can create a recovery key (should do that in any case) and use that.
[22:58] <topcat001> I'm assuming the main bitlocker key is stored in the TPM.
[23:00] <bombastick> OK I'll give it a driveby