Sunday, July 25, 2021

Recent Questions - Unix & Linux Stack Exchange

Recent Questions - Unix & Linux Stack Exchange

Ubuntu: hardware enumeration

Posted: 25 Jul 2021 10:37 AM PDT

I can't find an article about Ubuntu's ,v21.04, way to enumerate sound cards. Does anyone know how that happens? I have two sound cards in the computer, but only one shows up in jack2. Meanwhile, the onboard sound chip is disabled (do I also need to disable it logically? How?) and still shows up in Jack2 instead of the second card.

Too, when I try to configure jack for the second card, jack stubbornly shows the onboard chip, but with (disconnected) as a comment. Paprefs doesn't show any hardware, just a checkbox that when checked is supposed to create a virtual card for all of the present cards. I don't see that happening anywhere.

Thanks, John.

How to start the GUI in Centos 8?

Posted: 25 Jul 2021 10:06 AM PDT

I had a fresh instantiation on Centos 8. I installed Server and GUI. everything was working fine. But then, I needed to install the Nvidia drivers for my GPUs. To install the Nvidia drivers, I followed these instructions.

But now, I can't get the graphical interface to show up. When the PC boots up, I get a black screen unit I press Alt + F5 which prompts me to log in using the multi-user mode instead of graphical.

I tried to execute sudo inti 5 which did not do anything. This command usually switch to graphical interface.

I also tried systemctl isolate graphical.target

When I execute systemctl get-default I get graphical.target as expected. But when I reboot, the GUI never comes up. the only way I can get into the PC is by pressing ALT + F5 and login using the command line.

How can I bring the GUI back up?

How can force Debian 10 to set black screen but staying activated for a ssh connection

Posted: 25 Jul 2021 09:53 AM PDT

I have a Debian 10 Buster installed. I have GDM3 as window manager launcher and enlightenment e17 also installed.

I can't manage to get my monitor to black screen when I don't use it for example until 30 minutes. However, I have activated the extinction in e17 until 30 minutes but monitor remains always displayed.

I removed the boot options acpi=off and apm=off in GRUB but it does nothing.

I would like also to be able to connect by ssh on this Debian Buster even if screen is black.

Could anyone suggest me some other tricks who could allow to get this extinction ?

Ethernet-Speed only 100 Mbps

Posted: 25 Jul 2021 10:16 AM PDT

I'm currently using Pop!_OS and unfortunately I've encountered an issue with my Ethernet-Connection:

My Internet-Speed on Pop!_OS is capped at 100 Mbit/s. My Internet-Speed from my ISP is 200 Mbps in Downstream and 8 Mbps Upstream so that is not the problem. Also before Pop!_OS I used Windows and I had 200 Mbps Downstream and 8 Mbps Upstream there. It is a wired connection too so it should be pretty stable most of the time.

The Ethernet-Controller in my motherboard (MSI B550-A Pro) is the Realtek® 8111H Gigabit LAN controller.

I already did some research but couldn't really find a solution.

I hope you can help me!

Edit: The ethtool says the following:

ethtool enp42s0  Settings for enp42s0:      Supported ports: [ TP    MII ]      Supported link modes:   10baseT/Half 10baseT/Full                              100baseT/Half 100baseT/Full                              1000baseT/Full      Supported pause frame use: Symmetric Receive-only      Supports auto-negotiation: Yes      Supported FEC modes: Not reported      Advertised link modes:  10baseT/Half 10baseT/Full                              100baseT/Half 100baseT/Full                              1000baseT/Full      Advertised pause frame use: Symmetric Receive-only      Advertised auto-negotiation: Yes      Advertised FEC modes: Not reported      Link partner advertised link modes:  10baseT/Half 10baseT/Full                                           100baseT/Half 100baseT/Full      Link partner advertised pause frame use: Symmetric Receive-only      Link partner advertised auto-negotiation: Yes      Link partner advertised FEC modes: Not reported      Speed: 100Mb/s      Duplex: Full      Auto-negotiation: on      master-slave cfg: preferred slave      master-slave status: slave      Port: Twisted Pair      PHYAD: 0      Transceiver: external      MDI-X: Unknown  netlink error: Operation not permitted      Link detected: yes

Removing delimiters from bash array elements, then transferring result to another array

Posted: 25 Jul 2021 09:59 AM PDT

I am using an option variable array incl that stores filename extensions.

("--incl")        local incl+=("$2") ; shift 2 ;;

The function can then be called using --incl .texi --incl .org

But I want also to allow use of a separator fs

The function can then be called using --FS ";" --incl .texi;.org

If user is using FS, I need to construct an isufx array

  isufx=( '(' )    for ext in "${incl[@]}"; do      isufx+=( -name "*$ext" -o )    done    isufx[${#nmser[@]}-1]=')'

But first I have to separate the fs delimiter if they occur in tho array ${incl[@]}.

My question involves the task of constructing isufx when fs is being used, so that I can pass isufx to the find command.

find "$fdir" "${isufx[@]}" ...

iostat + how to define util disk threshold on disks

Posted: 25 Jul 2021 08:45 AM PDT

as all know the last column is %util, if that is below 100, you can still put some IO load there. Of course, you always want to have some reserve, so 60-90% is a realistic target based on the stability of the workload and the required responsiveness.

example from one of our rhel machines

iostat -x | grep "^sd"  Device:         rrqm/s   wrqm/s     r/s     w/s    rkB/s    wkB/s avgrq-sz avgqu-sz   await r_await w_await  svctm  %util  sdb               0.81     1.61    0.59    3.58    10.52   103.26    54.50     0.04   10.19    4.30   11.16   5.00   2.09  sdc               0.12    62.18   29.56   50.30  2505.93  6362.38   222.08     0.04    0.53    2.06    1.09   0.39   3.13  sdd               0.12    57.99   28.03   46.77  2340.91  5920.02   220.89     0.01    0.08    0.37    1.49   0.34   2.54  sde               0.13    62.52   30.41   50.92  2531.88  6542.31   223.15     0.01    0.09    1.55    0.67   0.46   3.75  sda               0.02    13.02    9.62   11.51  1050.47   874.16   182.18     0.04    1.80    3.07    0.73   1.53   3.23

now , we want to build a bash script that will runs on all machines and will tell us if one of the disk/s is reached the %util threshold

the Question is - how to defined the Util threshold?

can we say for example if Util is more then 95% , then we should alert this?

Postfix: sending outgoing mail through port 465/587 locally

Posted: 25 Jul 2021 08:19 AM PDT

I've got a mail server set up using postfix, dovecot, opendkim, and spamassassin. After a bit of hassle, I managed to get incoming mail working--I even set this account up using that server.

However, I've got a problem with outgoing mail. My ISP, fat as it is, blocks communications through port 25... meaning that, obviously, sending messages doesn't work. Here's logs after attempting to send to my old Protonmail account (from Neomutt on an external machine):

postfix/qmgr[653083]: 7E2BD9006AB: from=<swurl@doma.in>, size=479, nrcpt=1 (queue active)  // disconnect from external client  postfix/smtp[653086]: connect to mail.protonmail.ch[185.70.41.101]:25: Connection timed out  postfix/smtp[653093]: connect to mail.protonmail.ch[185.70.41.101]:25: Connection timed out  postfix/smtp[653086]: connect to mailsec.protonmail.ch[185.70.40.102]:25: Connection timed out  postfix/smtp[653086]: 44DED90068A: to=<oldaccount@protonmail.com>, relay=none, delay=115, delays=55/0.05/60/0, dsn=4.4.1, status=deferred (connect to mailsec.protonmail.ch[185.70.40.102]:25: Connection timed out)

So, yeah... ISP blocks port 25 (outgoing), so I need a way to bypass this. One way I saw a lot about was configuring to use an external smtpd. I'd either have to use my ISP's (not ideal) or, set up postfix on my friend's VPS (not exactly ideal either but if all else fails I'll ask him). TECHNICALLY I could ask my ISP to unblock port 25, but that, well, might not work.

However, I'd instead like to route all outgoing mail to port 465 or 587 of external servers, not 25, using only my local postfix setup. I couldn't find anything about this online, and changing the outgoing smtp port to an alternate port in master.cf still sends stuff through 25. So, how should I go about doing this? Keep in mind, if there's literally nothing I can do then I can just ask my friend for his VPS

postconf -n:

alias_database = $alias_maps  alias_maps = hash:/etc/postfix/aliases  command_directory = /usr/bin  compatibility_level = 3.6  daemon_directory = /usr/lib/postfix/bin  data_directory = /var/lib/postfix  debug_peer_level = 2  debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5  home_mailbox = Mail/Inbox/  html_directory = no  inet_protocols = ipv4  mail_owner = postfix  mailbox_command = /usr/lib/dovecot/deliver  mailq_path = /usr/bin/mailq  manpage_directory = /usr/share/man  meta_directory = /etc/postfix  milter_default_action = accept  milter_protocol = 6  mydestination = $myhostname $mydomain localhost localhost.localdomain  mydomain = doma.in  myhostname = mail.doma.in  mynetworks = 127.0.0.0/8 [::1]/128 MY.IP/32 192.168.86.1 192.168.86.0/24  newaliases_path = /usr/bin/newaliases  non_smtpd_milters = inet:127.0.0.1:12301  queue_directory = /var/spool/postfix  readme_directory = /usr/share/doc/postfix  relay_domains = $mydestination  sample_directory = /etc/postfix  sendmail_path = /usr/bin/sendmail  setgid_group = postdrop  shlib_directory = /usr/lib/postfix  smtp_tls_CAfile = /etc/letsencrypt/live/doma.in/cert.pem  smtp_tls_loglevel = 1  smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1  smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1  smtp_tls_security_level = may  smtpd_milters = inet:127.0.0.1:12301  smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination  smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination  smtpd_sasl_auth_enable = yes  smtpd_sasl_path = private/auth  smtpd_sasl_security_options = noanonymous  smtpd_sasl_tls_security_options = noanonymous  smtpd_sasl_type = dovecot  smtpd_tls_auth_only = yes  smtpd_tls_cert_file = /etc/letsencrypt/live/doma.in/fullchain.pem  smtpd_tls_exclude_ciphers = aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5, DSS, ECDSA, CAMELLIA128, 3DES, CAMELLIA256, RSA+AES, eNULL  smtpd_tls_key_file = /etc/letsencrypt/live/doma.in/privkey.pem  smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1  smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1  smtpd_tls_security_level = may  tls_preempt_cipherlist = yes  unknown_local_recipient_rject_code = 550

How can I apply a patch file to the kernel of my current Linux installation?

Posted: 25 Jul 2021 07:23 AM PDT

I want to apply a patch file to my current Ubuntu install (patch file example). What is the process to properly apply a patch file to my Linux kernel?

Do I need to go through the whole process of applying the patch to a disk image file, flashing that to a USB and installing a new copy of Linux? Can I just patch the current install? Or can I patch a disk image and then use that to upgrade my current install?

What I've tried:

  1. Figure out which kernel version I'm running:
$ uname -srm  Linux 5.11.0-25-generic x86_64
  1. Go to my kernel directory (I think):
cd /lib/modules/5.11.0-25-generic/kernel
  1. Apply the patch file
patch -p1 < ~/my-patch-file.patch

But no patch is applied, the output is:

can't find file to patch at input line 23  Perhaps you used the wrong -p or --strip option?  The text leading up to this was:  ...  File to patch:

What is the right way to do this?

Note: this question is different than how to patch any random file. I know how to do that. The question is specifically about how to patch the currently installed kernel.

Split ZIP files from Linux to Windows

Posted: 25 Jul 2021 07:00 AM PDT

Zip in Linux generally supports the splitting of archive files into fractional zip files. They can then be readily recombined in Linux to form the original larger zip file.

Is there a method which works with Windows and does not require scripts or CL directives?

Wine click & drag not working with Adobe Fireworks.exe

Posted: 25 Jul 2021 06:54 AM PDT

I have Adobe FIreworks installed and everything seems to work flawlessly. Expect however being able to click and hold things down.

Everything else works without any flaws. I do however have an issue that Fireworks is "On Top" of everything unless I minimise.

It is not clear, but when I use the eraser I am clicking and dragging, but only the first click is registered: https://www.youtube.com/watch?v=3vC5zOjDZV4

I believe that ERROR PlugPlugDispatchEvent is an error directly related to fireworks rather than wine?

base) hutber@hutber:~/.wine/drive_c/Program Files (x86)/Adobe Fireworks CS6$ wine Fireworks.exe   000d:err:module:__wine_process_init L"C:\\windows\\system32\\winemenubuilder.exe" not found  000b:err:wineboot:process_run_key Error running cmd L"C:\\windows\\system32\\winemenubuilder.exe -a -r" (126).  0016:err:ntoskrnl:ZwLoadDriver failed to create driver L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\NDIS": 00000001  0009:err:shell:HCR_GetFolderAttributes should be called for simple PIDL's only!  0009:err:ntlm:ntlm_LsaApInitializePackage no NTLM support, expect problems  2021-07-25 14:55:59 : ERROR PlugPlugDispatchEvent: PlugPlugErrorCode_internalError (PlugPlugSetup must be called first)  wine: Read access denied for device L"\\??\\Z:\\", FS volume label and serial are not available.  wine: Read access denied for device L"\\??\\Z:\\", FS volume label and serial are not available.  0056:err:module:__wine_process_init L"C:\\windows\\system32\\winemenubuilder.exe" not found  wine: Read access denied for device L"\\??\\Z:\\", FS volume label and serial are not available.  wine: Read access denied for device L"\\??\\Z:\\", FS volume label and serial are not available.  0058:err:module:__wine_process_init L"C:\\windows\\system32\\winemenubuilder.exe" not found

How to loop through the for loop and calculate the results of for loop?

Posted: 25 Jul 2021 07:11 AM PDT

I am trying the below script in which I am expecting to receive two files in the filesdir folder on date1. If the date is 1 then it should check if two files are received or not, so thats why I m trying to increment a counter "count" each time it iterates and checks the loop. If the date is 1 and file not received then it should wait for few seconds and check again(because surely files will get received). If date is not 1, then it should remove those files and come out of the while loop. I am trying the below.

#!/bin/bash    filesdir=/dir1/dir2/dir3  expectedFiles=2  dayToDelete=1    ## Get the current day of the month  day_of_month=$(date '+%d')    while true; do    ## If this is not the 1st day of the month, just delete the files    ## and exit    if [ "$day_of_month" != "1" ]; then      find "$filesdir" -name '*.txt.gz' -type f -mmin -1 -delete      exit    ## If this is the first day of the month    else      fileCount=$(find "$filesdir" -name '*.txt.gz' -type f -mmin -1 -printf '.\n' | wc -l)      if [[ "$fileCount" == "$expectedFiles" ]]; then        echo "All $expectedFiles files received!"        exit       else        echo "No data received yet!"        sleep 5      fi    fi  done

I am not getting what I exactly want. Instead getting errors in the if else part.

Unix PAM module fails on login/lock screen - Permission denied - exit code 13

Posted: 25 Jul 2021 07:20 AM PDT

How it works?

I'm back with yet another issue I can't figure out by myself. Basically what I have is 2 factor authentication (2FA) module based on Python PAM and with NFC card reader. Once user is prompted for password 2FA Zenity dialog pops up asking for PIN code, user enters it and auth is successful.

When it breaks?

This solution works great while user is logged in, when saving files and being asked for password or using sudo in terminal. Once user is locked out (displayed lock screen) or has to login after restart, this solution fails to display Zenity dialogs.

Code examples:

  • Here is my PAM config file /usr/share/pam-config/pprfid_pam.config that contains:
    Name: 2FA PAMpy RFID Authorization      Default: yes      Priority: 192      Auth-Type: Primary      Auth:          [success=end default=ignore]    pam_exec.so seteuid debug log=/var/log/pprfid.log /usr/local/bin/pprfid_pam.py      Auth-Initial:          [success=end default=ignore]    pam_exec.so seteuid debug log=/var/log/pprfid.log /usr/local/bin/pprfid_pam.py
  • Here is my Python PAM module file /usr/local/bin/pprfid_pam.py that does the magic of 2 factor authentication.. and here is the part of Zenity command, that doesn't work:
    # ...      Popen("/usr/bin/zenity --forms --width=199 --height=100 --title '2FA' --text='Authorization' --add-password='PIN' --ok-label='Authorize' --cancel-label='Cancel' --separator=',' --display=:0.0", shell=True, stdout=PIPE )      # ...

Error!

As mentioned above, once I'm locked out or restarting machine and trying to login via lock/login screen I get this error in /var/log/auth.log:

    Jul 24 18:13:14 ubuntu unix_chkpwd[46760]: password check failed for user (testuser)      Jul 24 18:13:14 ubuntu kcheckpass[46747]: pam_unix(kde:auth): authentication failure; logname= uid=1000 euid=1000 tty=:0 ruser= rhost=  user=testuser      Jul 24 18:13:14 ubuntu kcheckpass[46761]: pam_exec(kde:auth): open of /var/log/pprfid.log failed: Permission denied      Jul 24 18:13:14 ubuntu kcheckpass[46747]: pam_exec(kde:auth): /usr/local/bin/pprfid_pam.py failed: exit code 13

My attempts to fix this:

  1. Obviously first thing I did was checking permissions and setting them as follows:
    root@ubuntu:~# chown -R root:root /usr/local/bin/pprfid_pam.py      root@ubuntu:~# chown -R root:root /var/log/pprfid.log      root@ubuntu:~# chmod 0755 /usr/local/bin/pprfid_pam.py      root@ubuntu:~# chmod 0755 /var/log/pprfid.log
  1. I double checked that DISPLAY was set correctly, and it indeed was set to :0.0.

Question!?

What am I doing wrong? I'm really new to PAM module development, but I have feeling that permissions are being denied due to fact I'm running GUI as root, but I'm not willing to shoot blindly.. so I'm reaching out to Unix gurus - please help!

Thanks in advance, @richardev

Update #1

Reading related articles and comments, and talking on some other forums it seems that the issue here is most likely due to Zenity or the PAM module itself not being able to run as GUI. To do that I'm supposed ti integrate it via display manager - in my case I have SDDM. I will try to test some scenarios in /etc/pam.d/* config files and see if I can force it to run.

Update #2

/usr/share/pam-config/pprfid_pam.config covers all the auth points.. but Zenity won't display outside session (on login/lock screen), so I guess I really need to integrate this module into SDDM GUI directly :thinking:.

Why I am getting error in the else part of my shell script? [duplicate]

Posted: 25 Jul 2021 06:54 AM PDT

I am trying the below script in which I am expecting to receive two files in the filesdir folder on date1. If the date is 1 then it should check if two files are received or not, so thats why I m trying to increment a counter "count" each time it iterates and checks the loop. If the date is 1 and file not received then it should wait for few seconds and check again(because surely files will get received). If date is not 1, then it should remove those files and come out of the while loop. I am trying the below.

day_of_month=$(date +%d)  export filesdir=/dir1/dir2/dir3  local count=0  numFilesReceived=0  while true; do      files=$(find $filesdir -name '*.txt.gz' -type f -mmin -1)      if [ "$day_of_month" == "1" ]; then          if [ -f "$files" ]; then              count=$((count + 1))              break              if [ "$numFilesReceived" == "$count" ]; then                  echo "All $count data received!"                  break 3              fi          fi          else              echo "No data received yet!"           fi          fi           else          rm $files      fi       done

I am not getting what I exactly want. Instead getting errors in the if else part.

Kubuntu: Keyboard behaving weirdly

Posted: 25 Jul 2021 06:56 AM PDT

This happened all of a sudden. l

pressing. L = L + ENTER.
ENTER = L + ENTER

DOwN = 9 + DOwN

UP = o + UP

SPACE = "." + SPACE eg. if I type "Hello" space "world" it will display as "Hello. World"

generic 104 key. layout
NUMPAD. works

Matching Repeating Pattern Using Regex

Posted: 25 Jul 2021 10:16 AM PDT

Let's say I have a file like following

1,2,3-5,6  1,2,3-5,6,  1  1-3  1,2,3-,4,5-7  1,2,3-,4,5-7,  1,2,-3,4,5  1,2,-,3,4  1,2,,,3,4  ,1,2,3

Only combination of following rules should be considered as valid:

  1. Ranges [0-9]+-[0-9]+
  2. Groups [0-9]+,[0-9]+
  3. Single Numbers [0-9]+

The lines could ending with comma should also be considered valid

I want to extract only

1,2,3-5,6  1,2,3-5,6,  1  1-3

As the other lines shown below do not match the rules

1,2,3-,4,5-7  1,2,3-,4,5-7,  1,2,-3,4,5  1,2,-,3,4  1,2,,,3,4  ,1,2,3

Because some lines have incomplete ranges, some have missing numbers in groups

P.S: A PCRE compatible grep only solution would be awesome, but other solutions are also welcome

Full-text search for manpages and get the list of the name and descriptions from a console like apropos(1)

Posted: 25 Jul 2021 07:47 AM PDT

Is there any way to do a full-text search for manpages and get the list of the name and descriptions of relevant manpages from a console like apropos(1)?

You can full-text search the content of manpages with man -K. But there are three problems:

  1. man -K does not show the title of the first result to console.

  2. man -K shows only the title of manpages like this:

    --Man-- next: ansible(1) [ view (return) | skip (Ctrl-D) | quit (Ctrl-C) ]

  3. man -K requires Ctrl-D to skip viewing the content of manpages. So you cannot use yes(1) to pass the response to man -K.

Firefox slow + graphics issues

Posted: 25 Jul 2021 08:48 AM PDT

I recently switched from Windows to Linux (Pop!_OS). Although I'm very pleased with Pop!_OS there are a few problems that I couldn't fix yet:

Google Maps/Earth is very slow on Firefox. On Maps you don't even get 3D-View and zooming is not smooth.

Browser-Games like slitherdotio and Happy Wheels lag and have graphical artifacts.

enter image description here

(This "Play"-Button e.g. has this weird corrupted-looking background)

I hope you can help me out.

Thank you in advance!

Edit: The Terminal says the following if you type "lspci":

00:00.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Root Complex

00:00.2 IOMMU: Advanced Micro Devices, Inc. [AMD] Starship/Matisse IOMMU

00:01.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge

00:01.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge

00:01.2 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge

00:02.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge

00:03.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge

00:03.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge

00:04.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge

00:05.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge

00:07.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge

00:07.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B]

00:08.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge

00:08.1 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Internal PCIe GPP Bridge 0 to bus[E:B]

00:14.0 SMBus: Advanced Micro Devices, Inc. [AMD] FCH SMBus Controller (rev 61)

00:14.3 ISA bridge: Advanced Micro Devices, Inc. [AMD] FCH LPC Bridge (rev 51)

00:18.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse Device 24: Function 0

00:18.1 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse Device 24: Function 1

00:18.2 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse Device 24: Function 2

00:18.3 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse Device 24: Function 3

00:18.4 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse Device 24: Function 4

00:18.5 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse Device 24: Function 5

00:18.6 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse Device 24: Function 6

00:18.7 Host bridge: Advanced Micro Devices, Inc. [AMD] Matisse Device 24: Function 7

01:00.0 Non-Volatile memory controller: Micron/Crucial Technology Device 5403 (rev 03)

02:00.0 USB controller: Advanced Micro Devices, Inc. [AMD] Device 43ee

02:00.1 SATA controller: Advanced Micro Devices, Inc. [AMD] Device 43eb

02:00.2 PCI bridge: Advanced Micro Devices, Inc. [AMD] Device 43e9

03:09.0 PCI bridge: Advanced Micro Devices, Inc. [AMD] Device 43ea

2a:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15)

2b:00.0 PCI bridge: Advanced Micro Devices, Inc. [AMD/ATI] Navi 10 XL Upstream Port of PCI Express Switch (rev c5)

2c:00.0 PCI bridge: Advanced Micro Devices, Inc. [AMD/ATI] Navi 10 XL Downstream Port of PCI Express Switch

2d:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Navi 22 (rev c5)

2d:00.1 Audio device: Advanced Micro Devices, Inc. [AMD/ATI] Device ab28

2e:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Function

2f:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Reserved SPP

2f:00.1 Encryption controller: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Cryptographic Coprocessor PSPCPP

2f:00.3 USB controller: Advanced Micro Devices, Inc. [AMD] Matisse USB 3.0 Host Controller

2f:00.4 Audio device: Advanced Micro Devices, Inc. [AMD] Starship/Matisse HD Audio Controller

What's the point of firewalling outgoing connections?

Posted: 25 Jul 2021 09:52 AM PDT

I have a firewall (csf) that lets you to separately allow incoming and outgoing TCP ports. My question is, why would anyone want to have ANY outgoing ports closed?

I understand that by default you might want to have ALL ports closed for incoming connections. From there, if you are running a HTTP server you might want to open port 80. If you want to run a ftp server (in active mode) you might want to open port 21. But if it's setup for passive FTP mode, a bunch of ports will be necessary to receive data connections from FTP clients... and so on for additional services. But that's all. The rest of ports not concerned with a particular service that the server provides, and especially if you are mostly a client computer, must be closed.

But what about outgoing connections? Is there any security gain in having destination ports closed for outbound connections? I ask this because at first I thought that a very similar policy of closing all ports as for incoming connections could apply. But then I realised that when acting as a client in passive FTP mode, for instance, random high ports try to connect to the FTP server. Therefore by blocking these high ports in the client side you are effectively disabling passive FTP in that client, which is annoying. I'm tempted to just allow everything outgoing, but I'm concerned that this might be a security threat.

Is this the case? Is it a bad idea, or have it noticeable drawbacks just opening all (or many) ports only for outgoing connections to facilitate services such as passive FTP?

How can I repair PolKit?

Posted: 25 Jul 2021 08:24 AM PDT

First let me describe my system. It's Mint 19.0 (Tara). Mint itself isn't the problem, but it's upgrade mechanism seem to have triggered the issue. It came after upgrading from Mint 18.3 to 19.0. I did post a question on Mint's forums, but then I did not know what was broken, and in the process of finding that out I kind of "overloaded" my issue report there. So I try to be concise here.

PolicyKit has some problem authorizing priviledge escalation. I am the owner of the system, and previously there were only my account and a guest account. After upgrading, I could no longer launch Synaptic via the menu (which calls synaptic-pkexec) and all other programs that need priviledge escalation also won't start, leaving a fail message in auth.log. No dialog pops up asking for my password.

Launching synaptic-pkexec from command line simply yields

Error executing command as another user: Not authorized  This incident has been reported.

Quote from auth.log:

Jul 15 12:07:42 MYMACHINE polkit-agent-helper-1[9867]: pam_unix(polkit-1:auth): conversation failed  Jul 15 12:07:42 MYMACHINE polkitd(authority=local): Unregistered Authentication Agent for unix-session:c2 (system bus name :1.61, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale de_DE.UTF-8) (disconnected from bus)  Jul 15 12:07:42 MYMACHINE polkitd(authority=local): Operator of unix-session:c2 FAILED to authenticate to gain authorization for action com.ubuntu.pkexec.synaptic for unix-process:9863:4513929 [/bin/sh /usr/bin/synaptic-pkexec] (owned by unix-user:MYUSERACCOUNT)  Jul 15 12:07:42 MYMACHINE pkexec[9864]: MYUSERACCOUNT: Error executing command as another user: Not authorized [USER=root] [TTY=/dev/pts/0] [CWD=/home/MYHOMEDIR] [COMMAND=/usr/sbin/synaptic]  Jul 15 12:07:42 MYMACHINE polkit-agent-helper-1[9867]: pam_unix(polkit-1:auth): auth could not identify password for [MYUSERACCOUNT]  Jul 15 12:07:42 MYMACHINE polkitd(authority=local): Registered Authentication Agent for unix-session:c2 (system bus name :1.220 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale de_DE.UTF-8)

My guest account, however, can do everything. It is asked for the password, and then Synaptic, Upgrade Manager, just everything works as intended. Also, when I create new users (regardless whether they are created as admins or as users, and added to sudo group) they also can to everything. So I figure it is somehow connected to the user ID.

Another observation: I know GUI programs shouldn't be launched via sudo. But when I issue sudo synaptic-pkexec - Synaptic starts...

I have already checked that

  1. PolKit Daemon is running via Autostart
  2. PolKit Agent for Gnome is running via Autostart
  3. file permissions for the user home directory are set correctly

I also did

apt-get install --reinstall

on everything PolKit related. Everything else besides PolKit runs just fine...

I can add inxi statement, if that helps.

Passing variables and functions through fakeroot

Posted: 25 Jul 2021 07:04 AM PDT

I want to use fakeroot for a project, but the project has lots of functions and variables that I need to pass through to fakeroot.

#!/bin/bash  myVar="foo"    function testFunction() {      echo "$myVar"  }    fakeroot -- bash -c testFunction

but it doesn't run testFunction or echo out myVar

bind: forwarding zone does not work when allow-recursive not allowed

Posted: 25 Jul 2021 08:24 AM PDT

I have the following setup:

  • DNS-Server reachable from the internet, is authoritative for zone foo.com
  • DNS-Server reachable only locally, should be authoritative for zone test.lab.foo.com

What I try to achieve:

When a DNS query from the outside world reaches the first DNS server for a record belonging to the zone test.lab.foo.com, I want it to make a recursive request to the second DNS server and then forward the records.

I explicitly don't want to do zone transfers or make the second DNS server reachable from the internet.

my configuration looks like this: (I only copied the [what I think] important parts to here)

On the first DNS-Server

options {      allow-recursion {          localnets;          localhost;          internal;          my-datacenter;          mc-office;      };  };    zone "test.lab.foo.com" {          forward only;          forwarders {              <private IP of second DNS server>;          };          type forward;      };       zone "foo.com" {          file "/etc/bind/zones/foo.com.zone";          type master;      };

My issue:

When I am in a local network, that is whitelisted in the allow-recursion block, then it works as expected. When I try the DNS lookup from the internet, then i get a NOERROR with an empty response back.

During debugging, I adjusted the allow-recursion list and added any to it. Then it was working. But I don't want my DNS server to allow any kind of recursion. I actually only want "outside" lookups for this one specific zones to be recursive.

How can I set allow-recursion for just one zone?

Installing .deb (Brackets.Release.1.13.64-bit.deb) package in arch Linux

Posted: 25 Jul 2021 10:01 AM PDT

The latest release of Brackets (v1.13) is not available in the AUR. So I downloaded the official .deb package from the official site. Now how do I go about installing it ? Do I have to write a PKGBUILD? I won't know it's dependency and all. I have converted it to an arch package with Debtap. But pacman -U <Convertedpackage.tar.xz> throws unresolvable dependency for the following:

     warning: cannot resolve "libudev>=147", a dependency of "brackets"       warning: cannot resolve "lsb-base>=3.2", a dependency of "brackets"

How should I go about this ?

Ubuntu terminal - go to mouse cursor position

Posted: 25 Jul 2021 08:19 AM PDT

I often run my research experiments through my terminal. The command is a very long one, and often I find the need to change a parameter to the call. The problem is that the call line is long, and the parameter is for example in the middle of the line. To replace the parameter I must keep holding the left arrow/right arrow until I reach the point where the parameter is, then delete and rewrite the characters.

Is there a way to navigate the terminal command line using the mouse cursor position? Clicking in the middle of the line doesn't do anything, of course.

Example:

Suppose I have, in the terminal:

~> runThisProgram(a,b,c,d,......,v,w,x,y,z).

Now I want to run it but with X instead of the parameter c. I have to go to the end of that line, keep pressing the left arrow until I reach the c, and then delete and write X. (or, symmetrically, go to the beginning of the line, keep pressing the right arrow until I reach the c and then delete and write X). Is there a command to just point at the 'c' position using my cursor and go there?

Passing inline arguments to shell script being executed on HDFS

Posted: 25 Jul 2021 08:03 AM PDT

I am running a shell script stored on HDFS (so that it can be recognized by my oozie workflow). to run this script I am using 

hadoop fs -cat script.sh |exec sh

However I need to pass inline arguments to the script. On the CLI I would simply do this with

./script.sh arg1

Then echo the varaiable with $1. I am trying to figure out how I would do the same with a script stored in HDFS

Configure Chromium Browser in linux and open in windows using xserver via ssh

Posted: 25 Jul 2021 07:09 AM PDT

I am trying to install chromium browser in linux and start apache on linux. After that I have to open an ubuntu web page in Chromium on my windows machine via ssh using Putty or Mobarterm. Chromium is installed on linux but when I run command: chromium:browser on linux via Putty it throws error:

ERROR:browser_main_loop.cc(261)] Gtk: cannot open display

Realtek 8723be wireless support, PC-BSD

Posted: 25 Jul 2021 09:03 AM PDT

I have an HP 455 Probook with AMD10-7300 processor and Realtek 8723be wireless card. I would like to install PC-BSD. Is there any hope of wireless working? I wish there was a live disk I could use to test before installing.

Hide curl output

Posted: 25 Jul 2021 08:51 AM PDT

I'm making a curl request where it displays an html output in the console like this 

<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /home/domain/public_html/wp-content/themes/explicit/functions/ajax.php:87) in <b>/home/domain/public_html/wp-content/themes/explicit/functions/ajax.php</b> on line <b>149</b><br />......

etc

I need to hide these outputs when running the CURL requests, tried running the CURL like this

curl -s 'http://example.com'

But it still displays the output, how can I hide the output?

Thanks

How to copy-merge two directories?

Posted: 25 Jul 2021 10:36 AM PDT

I have two directories images and images2 with this structure in Linux:

/images/ad    /images/fe    /images/foo

... and other 4000 folders

and the other is like: 

/images2/ad    /images2/fe    /images2/foo

... and other 4000 folders

Each of these folders contain images and the directories' names under images and images2 are exactly the same, however their content is different. Then I want to know how I can copy-merge the images of /images2/ad into images/ad, the images of /images2/foo into images/foo and so on with all the 4000 folders..

Send file by xmodem or kermit protocol with GNU screen

Posted: 25 Jul 2021 09:17 AM PDT

I work with an RS-232 device via GNU screen.

$ screen /dev/ttyUSB0 115200

At some point I need to send a local file to the device using either the xmodem or kermit protocol. On Windows I use TeraTerm which has a corresponding menu item. How can I achieve this in GNU screen?

ed: set first line as the default current line

Posted: 25 Jul 2021 08:49 AM PDT

I am trying to use ed to edit the first line of a large file, but I have to wait for ed to read all lines. Is there any way I could stop ed from reading the whole file and start editing immediately, with the current line being the first line?
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)