Re: unexpected script output

[berenger.morel@neutralite.org]

> > Except that I must be root to do that, it does not hurt me, so I did
> > not investigate further.
>
> Give sudo a try.

I will do. But I will also find how to only give me su rights for stuff 
like network&power, not for everything, becoming su for system 
administration reminds me to take care when my username is root (or did 
I checked the uid? I do not remember) : the username in the prompt is in 
red, while green usually.
I do not know why debian disable colors by default, they can be quite 
useful, and make terminals easier to use.

> > Of course, I still do not really understand the "root access needed
> > on your physical computer" but using light workarounds is ok for
> > me... for now.
>
> I didn't understand these words.  But I feel there is an important
> question waiting to get out of them.

Well, some features are needed root access to be used. For some of 
them, I perfectly understand why, and I do not even want to do 
workarounds: it would be stupid. (Not that I'm not, but not enough for 
some things :) )

Some examples are power management tools, like "poweroff"/"pm-hibernate 
&co". I understand why it is useful on a server with ssh connection, but 
having no alternative for desktop use as single-user computers sounds 
strange for me.
I still does not know if it is a limitation forced by kernel, or if it 
is an artificial limitation from those tools, which will only accept to 
be ran "if(0==uid)".

For now, using workarounds which does not involve tools remaining in 
background like dbus is fine for me, but it is highly probable that one 
day, I will find the will to look at source code where is the 
limitation, and patch it myself, for my own usage (and maybe share the 
patch if someone is interested, of course, but anyway I need to make it 
before :D )

In my opinion, those rights problems for basic actions on your own are 
one of the most annoying problems when people wants light environment 
they can tweak themselves with small and readable configuration files 
(small and readable excludes bloatwares using xml. sudo is an good 
enough workaround for me and for now.).

But it is not an important question, since most people are perfectly 
happy with policykit and sudo stuff.

> Ouch!  Well.  Perhaps it is time to start shopping for a more sturdy
> machine?  Some hardware seems to last forever.  Others develop
> problems and must be fixed or replaced.

I know the exact problem: my hard disk is "floating" a little, causing 
those HD disconnections when the computer moves a little. That's not 
constructor fault, only my own :)
Using some basic tricks like putting some non-conductor stuff in holes 
would fix the problem quite fast, or simply use my electronics knowledge 
to use this computer in some robotics (with components fixed directly, 
not by using actual plastic "stuff") are my favorite options :)
I'm just waiting money for the second...

> You need a new device.

Well, I also have some reliable desktop computers, so I do not really 
mind if this one dies. While it does not make me looses hours of work, 
but this is not a realistic problem, since I often send my work on a git 
elsewere every time I did some good progress in autorealm source code.

> I have seen it do this when
> sitting on the table untouched and unmoving.  I need to shop and
> replace it.  But it does this infrequently, once a month or so, and 
> so
> hasn't been an urgent enough problem to do yet.

Maybe you have some unwanted electronic connection because some dust of 
dunnowhat is somewhere? Try to simply open your hardware and clean it, 
before buying new, it could save you some money...
Just taking some precautions like studying images on the Internet to 
know where are small f****** fragile plastic plots to avoid destroying 
them when removing plastic things will be enough.
I did not did that study :)

> I do keep important data on my laptop so I do need to protect it with
> data encryption.  But most importantly then I don't need to worry
> about *if* I have something there.  If my laptop is stolen and it 
> were
> not encrypted then I would need to be very concerned about what
> happened to be stored there.  It is difficult to be completely
> disiplined about everything you do on the computer 100% of the time.
> Even simple things like browser history is problematic.  I think it 
> is
> easier to implement the security of encryption at the system level 
> and
> then I know it adds that layer even if I make a mistake at another.

I prefer steganography instead of cryptography. If one day I want to 
use cryptography to secure some data, there will probably be some 
steganographic techniques used before, since it's harder to find data 
than to decrypt them. Decrypting is just a matter of time and computer 
power, unlike finding them. Now, just imagine the combination...

For now, just knowing that at least 95% percent of people could not use 
my computer makes me thinking that data is hidden enough. If someone 
wants to read my data, he will need to at least know what linux is.
Then, he have 2 solutions:
_ finding how to use my computer by himself, which will need some 
habits of tiling window managers, because there are no visual hints 
about how to run an application. Also, my hard disk being a floating 
one, the rogue could think that just nothing works correctly. I just 
would like to see someone try to enter the password, if he does not know 
login and its lack of '*' showing :D
_ moving the hard disk into another, with support for ext4. The man 
will need to know what is ext4, and how to move a hard disk from a 
computer to another.

Honestly, if someone steal my computer and is able to do those things, 
he will be able to brute-force any encrypted data. The only difference 
will be time.
I think that the man which would do that should have a good reason, not 
only stealing a hardware I bought 200€ 3 years ago.

Encryption, speaking about time, is only useful if secured data is time 
dependent. People always rely only on that, and I'm probably one of rare 
persons thinking that encryption is crappy if you never change your 
password or with data with high value. Do not trust encryption is what I 
would say to people, but, before that, I want to say simply "does not 
trust your full-featured OS" it is a hard enough progress to do for me 
:) (see recent Ubuntu's problems, and I've also read that gnome have 
also a tool which store most of your actions in a DataBase... did not 
checked truth, of course, since I have no use for gnome)

> > Simply some source codes, which are available on a web repo of mine
> > in LGPL... stole it if you want :D
>
> Sure.  Upload your software to the world and let them back it up for
> you.  :-)

Your phrase reminds me about the song "open source" from "magic 
mushrooms", which I discovered some days ago... but I have no idea why 
:)

> It isn't a trick.  Using xinit, or the startx helper script around 
> it,
> is the traditional way to start X.  The xdm/gdm/kdm/lightdm tools 
> came
> later.

I'm a young linux user. I knows about linux's existence since less that 
10 years, and only started to use my own installation 4-5 years ago (if 
I except my failure with Debian potato, which I successfully installed 
the first time, but without X server. Useless to say that I was lost, 
even with the MS-DOS command-line strong knowledge I had at that time, I 
was not able to guess how to have help. So, I retried, and never get 
Debian installed again :D things have been strongly improved since then, 
thanks you contributors, you allowed me to use that nice system which is 
currently mine! The fun point here is that I choosed Debian at that time 
because of it's reputation to be hard to install xD ) .
I started seriously using and tweaking it 3 years ago, when I bought my 
eeepc, because I had no working computers and thought that is would be 
impossible to play, so my last activities possible would be things I was 
able to do with linux... so here came the big jump: the fate decided 
that windows is not for me. And I agree with it.

So, I'm used to default installations of OS's with KDE, gnome, xfce, 
and the "tools" coming with them: gdm or kdm.
Learning about how to remove those tools takes me some times, and my 
searches finished on a archlinux or gentoo forum, to learn some lines to 
copy/paste in a hidden file in your home directory.
Yes, nowadays, using .profile to automatically start xinit sounds 
tricky.

Hopefully, many people will think it is a trick in future: it would 
mean that many people became linux users :) and we could have better 
support for wifi and video drivers... Well, I think for last one, 
nouveau team is making some great work, but wifi are not as limited in 
architectures as graphic cards.

> The Asus Eee PC 1015 pem does have the blue Fn+Fx keys such as Fn+F1
> for suspend-sleep.  But I can't guess at what the Fn+F3 icon or Fn+F9
> icon are for.  But Fn+F1 shows a sleep icon for suspending it. 
> (shrug)

Oh, right, I forgot those keys... but here, those does not work:
_ F1
_ F3 (used to enable/disable touchpad. I now does this with a script, 
bindind to a key since the Fn key refuses to work...)
_ F4 (no idea what's its use anyway)
_ F7
_ F8 (obviously, it needs the DE to bind it with a tool, but how the DE 
does this? It's  mysterious for me...)
_ F9 (same as you, what's the use?)
_ F10-12 => my sounds does not work (this is why I opened my laptop 
some times ago and probably did bad things with my HD :) but I'm too 
curious, I was not able to resist to learn how it is made inside 
portable computers, and it is my first one :D (bought for a "small" 
price, to help while I was not able to repair my desktops. Now, it is my 
favorite computer, even if if is a little slower to compile and vim have 
some freezes when it tries to save things on hard disk automatically... 
grumbl) so, obviously, they do not work too (and I removed alsa, so it 
really can't work) but they were used to work perfectly at start.

I know how to implement each one of those keys, with scripts (except 
for luminosity stuff and F4/F9 for which I do not know the use) but I 
only know how to bind keys in my window manager. I've no clue about how 
to do the binding with acpi, this is why I want to learn how acpi really 
works.

> Those do seem to be often changing and therefore immature systems.
> And also quite complex and getting heavier all of the time.  A lot of
> people have strong opinions against dbus.  I haven't decided yet
> myself but it annoys me that emacs requires dbus and therefore my
> servers have it installed.

Happy to know I'm not the only to think it's useless to build tools 
which have just no real use, and are a pain in the ... to understand and 
tweak for newcomers as I.

I just wonder why big DEs uses technologies if they are often 
changing... this must be a lot of work to continuously adapt themselves!
Dbus constant dependencies is also one of reasons which makes me 
thinking about switching to a source distro. Maybe I could just have 
same stuff but without it. (Seriously, I only have it for browser's 
sounds! A bus to what? To void?)

> For me it becomes actively bad when I must take action to disable it
> because it is doing something bad automatically.

You said "actively bad", so it means you think there is a "passively 
bad" :)

> > But I have no "sleep" file in /proc/acpi? And, of course, can not
> > create one, since /proc is not a real file system, AFAIK...
>
> Then you don't have the kernel functionality enabled.  I forget what
> it takes to enable it off the top of my head and lack time to 
> research
> it.  But if you had the kernel functionality enabled then it would
> automatically appear in /proc for it.

I promised myself to learn what role have which kernel modules in high 
priority on my todo list, so I guess I might be able to do so in 2013 :)

> According to images available on the web it is Fn+F1. :-)

And images on the web are true, it just never worked, even when I was 
using XFCE4.8 or 4.10 (I used both). So I'm not surprised to see it does 
not works with my "homemade DE" :D

> > I'm not. I'm already using it and it does not solve all my problems.
> > Also, I've always dirty stuff coming on my TTYs. Not very important
> > since I rarely use them, but annoying anyway, because sometimes I
> > uses them. And I do not think that spawning stupid messages ("acpid:
> > client ... had disconnected" is an example, and happens each time I
> > move from X11 to TTYs...) is really useful for anyone.
>
> The syslog daemon by default will log messages to the Linux console.
> The Linux console is configurable to log only messages of important
> messages but *by default* Debian does not configure it.  Red Hat by
> comparison always does configure it by default.  But you can 
> configure
> it in Debian too.

Oh, so, this is the syslog daemon... but I have no syslog daemon (you 
might think that I'm mad, but, honestly, I am not able to distinct 
anything in all text, so I do not read it, so I do not use it, so I 
removed it.)

>  Here are some notes from my firewall start script:
Hum... the firewall on linux computers is iptables, am I right?
Do you have some tool to make it easier to configure/understand, or 
only the man file?

>   dmesg -n5
Sounds like it solved my annoying message, thanks! Just need to decide 
where I should put this line now :)

> Almost exactly the same as on my Atom system.  Not too bad.  Pretty
> reasonable for the hardware.

I bet that the results would differ strongly if we were using KDE or 
Gnome :D
Just for fun: installing task-KDE-desktop would require more than 330 
packages and near 690M of HD space.
Gnome would be near 380 packages for 630M on HD.
My current system is made from 915 packages, some games included.
Do not you think that it become a joke when installing a DE is near 
doubling your installed softwares?

I really think making the DE contribute for the performances when I see 
such results.

I also think I could probably gain few seconds if I learn new things 
about kernel, boot sequence and hardware drivers, but not too many: BIOS 
already takes a big amount of time when we speak about %.

And when we say that this hardware is not very good... not entirely 
wrong, but, IIRC, most people were doing the same thing with their 
computers 15 years ago: internet messaging, playing videos and music, do 
some strange text with various colors, bold&underlined&italic texts, and 
computers were sometimes faster to do them than now, when network was 
not involved (I'm speaking about normal usages on normal computers). The 
question is: how did we manage to make such a high number of softwares 
bloatwares, for the sake of "user accessibility" (now, ask to anyone who 
does not know a specific DE and wait for his reaction when he have to 
use it... ease of use, really? I do not think software interactions make 
things easier.)

> > (but this one is not
> > secure, only one char... I would like to completely remove it, but
> > ssh sounds to need one...)
>
> And this is why I think the sudo NOPASSWD configuration for you is 
> the
> best suggestion for you. :-)

Of course, but only for operation which does not imply security risks 
on a desktop, as changing the connected network or changing state power 
:)

> > I'm not really jealous about your performances, you see :)
>
> It seems identical to my Atom system.

Well... but you're cheating, you're also using a homemade DE :D
I think using softwares which do not do what we do not want are more 
important than strong hardware. Did you ever tried eclipse? I can not 
imagine it running on computer with 1GB RAM, 5400 tr/min and "slow" 
atoms (well... slow... sounds like I've always compiled stuff on proc 
with around 1.6GHz, at least, now, it have 64b instruction set and 4 
threads (but only 2 cores)).
Sounds like people just ignore that the major performance problem on 
computers is hard-disk... a lightweight software will not be faster 
because it have less instructions to execute, but because it needs less 
data from the very slow hard disk. SSH HD are faster, but still slower 
than ram, and have a capacity problem for bloatware users.

> > But, well, I've 20.312 with hibernation and 04.495 with suspend... I
> > must admit that it's faster :)
> > BIOS is taking something like 10s on that netbook.
>
> The BIOS takes about 10 seconds on every one of my computer systems.
> And of course RAM must be initialized before used somewhere and
> systems with a lot of ram will need more time to initialize it.  But
> more ram is still better overwall.

Hum... IIRC old computers, RAM was not really initialized, but checked 
for errors?
Not sure if they still does it nowadays, since I have not enough time 
to see the related numbers.
Maybe BIOS is multi-threaded now? :D (joke)

> But doing similar things at boot time
> using scripts such as depending upon AC or not is easy too.

true, scripts can check various information checks, and so can be 
smarter.

> > Well, of course, you can not edit stuff at boot time...
>
> Which is the best feature of grub1.  And grub2 also allows it in a
> much less friendly manor.

Is not it the only unique feature of grub? :)
I surely like it, but when I become unable to configure the software, 
sometimes I prefer to abandon a nice/fun but rarely used feature like 
this one and being able anew to know my system.

> > but you does not have to protect it with passwords to forbid root
> > access without password, too, and that feature is not really used on
> > a daily basis.  And it's worth for people using hibernation like you
> > ;)
>
> If you have physical access to boot the computer then you can always
> boot rescue media and become root on the system.  (Unless the disk is
> encrypted.)

Unless there is a password on BIOS. I know that password can be removed 
easily (I did it when I was a child, my parents did not known about the 
connector used to reset BIOS hehehe but, obviously, they known that the 
password had been removed so... :S nice time :))

> > >But it doesn't hurt to let it run
> >
> > Of course. But ssh, which was an example, then vsftpd, then alsa
> > (sometimes I want calm), then a webserver, then... ends-up by taking
> > more than one second. Sometimes, there are also games which starts
> > servers at boot-time (!).
>
> Death by 10,000 paper-cuts! :-)

I wonder if dbus the heavy stone would loose against that kind of paper 
:D
However, you know how fast is the hard-disk of eeepc, don't you? It is 
able to freeze for 3-4 seconds when vim decides to write data in his own 
files, so imagine when softwares are swapping and de-swapping 
constantly!

vim is boring me, it does too much. Nano does not do enough, and I've 
found no X text editor doing exacly what I need, without grabbing half 
the gnome desktop on my computer. And I did not worked so hard to remove 
them to let a stupid text editor with poor syntax coloration sending 
them back here!
My solution is to take some time and write my own :) it will take many 
time anyway, and I bet 99.99% of people will not like it. I just do not 
care.

> > I will not security as an excuse for me, because my password is very
> > lightweight and I do not use encryption, but the more things you
> > have running, the more risks you have to have problems, so, for
> > normal users, enabling ssh daemon only when needed is not stupid.
>
> If your password is a single letter then sshd running on the public
> wan is very scary.  Don't do it.  In your case, disable sshd.  Or
> firewall it to disable it.

Currently, I sometimes use ssh on internet. But with a strong password, 
plus the computers identifications. The weak password is only here for 
LANs, and even on LAN where I do not know all computers, ssh is 
disabled.
The worst situation is when I'm at home, because I'm using ssh with my 
poor passwords through wifi. But, this home is not in a city, here, 
there are more cows than humans :)
And knowing the age of my neighborhood, I've a strong doubt they could 
be able to crack the wpa-key, then identify the protocol ssh to crack it 
also.

It is still a security hole, but an attacker will have to spy my habits 
at home to learn how to use it, and will not even become able to be 
root, because the password for it is strong. Hey, I protect important 
things: root access :) I mostly protect it against my own mistakes...
Rogues can come here, if they have time to loose... Oh, I forget: 
except for few websites, cookies are rejected or cleaned at browser's 
end. Except for uzbl, but I do not use it for important things, it is 
still not enough developed to be used as a daily tool. And I must 
configure it, too, to use it daily :P
I asked a centralized tool to configure vim, uzbl and i3 for Christmas, 
but did not had it :'(

> > >I personally would prefer the scripted approach with suspend-to-ram
> > >over the runlevel approach.
> >
> > This is an idea too. So I wonder if someone still have uses for
> > runlevels? Is there is a real difference between runlevels and
> > scripts?
>
> There is no effective difference.  Runlevels is just the way the
> original systems used to decide what to start at boot time.  
> Something
> simple was needed because init should be kept simple.  Using 
> runlevels
> was a simple concept and easy to implement and so it is used.  But in
> the end there is no difference of result doing it that way or
> scripting it another way.
>
> Bob

Sounds like the feature is not used by many peoples... between the 
runlevels which can only change at boot or with root access, and scripts 
which have those possibilities but also the cron, acpi and auto-checking 
stuff at runtimetime, sounds like runlevels are quite useless to me.