ugjka / issue-bookmarks Goto Github PK

    @luk43 

Okey. I have this problem:
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04717.html

    <cpu mode'custom' match='exact'>                                 
        <model>qemu64</model>                                        
        <feature name='svm' policy='disable'/>                       
    </cpu>                                                           

is a quick fix in the xml. or change the default model for all hosts.

Thanks for this.

Though have you figured out how to make this the default model for all hosts?

Originally posted by @divansantana in vagrant-libvirt/vagrant-libvirt#667 (comment)

There's no way to back up locked encrypted files. You have to unlock them first.

So if my understanding is correct, this means that I would first

• have to create a new fscrypt on the destination with fscrypt setup /path/to/dest, and create new protectors
• unlock both source and destination
• and only then run rsync
• lock everything again

Yes, that would work. (Except the command to encrypt a directory is fscrypt encrypt, not fscrypt setup.)

Originally posted by @ebiggers in google/fscrypt#210 (comment)

          I also had a problem that a IPv6 attacker was not blocked. First check your current ufw version:

$ ufw version

If you have >= 0.36 you can either adapt /etc/fail2ban/action.d/ufw.conf or create a new file /etc/fail2ban/action.d/ufw-custom.conf with the necessary change:

$ diff ufw.conf ufw-custom.conf 
17c17
<             ufw insert <insertpos> <blocktype> from <ip> to <destination> $app
---
>             ufw prepend <blocktype> from <ip> to <destination> $app
23,26d22
< # Option: insertpos
< # Notes.:  The position number in the firewall list to insert the block rule
< insertpos = 1
< 

and use that in /etc/fail2ban/jail.local.

Originally posted by @blinkeye in fail2ban/fail2ban#2331 (comment)

@sahsanu perfect 👍

Works fine with Ubuntu 19.04:
wget -O - https://mega.nz/linux/MEGAsync/xUbuntu_19.04/Release.key | sudo apt-key add -

Thanks

Originally posted by @repsorp in meganz/MEGAsync#334 (comment)

data/install-script has Fedora install these tools but they're not installed for other distros:

xorg-x11-drv-qxl
spice-vdagent
spice-webdavd
qemu-guest-agent

For Debian and Ubuntu the equivalents are:

qemu-guest-agent
spice-vdagent
xserver-xorg-video-qxl

All 3 are available in all supported Debian and Ubuntu releases. One thing to look out for is that 2 of those packages are in Ubuntu's universe repository which might not be enabled by default during a basic Ubuntu install.

@nathaneltitane Storage properties are clarified in https://wiki.termux.com/wiki/Internal_and_external_storage. You can have full access only to internal and shared storage.

Only applications using Storage Access Framework APIs are able to write to external storage. Termux command line tools, like bash or coreutils, are not using Android APIs and in general not part of Android OS runtime. They are executed by Linux kernel and are subject for restrictions implied by DAC (chmod/chown) and MAC (SELinux).

Originally posted by @xeffyr in termux/termux-app#1926 (comment)

In case it helps anyone, here's what I did to get things working again while I wait for a proper solution. Note that this is the first time I've ever had to compile my own OpenSSL version or build a Debian package, so this is just what worked for me. I probably should have shared this awhile ago, but I didn't realise how many other people were dealing with this.

Get the latest OpenSSL (LibreSSL probably works too, but I wanted to stick as closely as possible to my previous working environment before 22.04) source code for the 1.x line (seems to be 1.1.1o now, though was 1.1.1n when I did this, so I'll use 1.1.1n in the rest of the text), compile and install to a new prefix:

$ ./config --prefix=/opt/openssl-1.1.1n  --openssldir=/opt/openssl-1.1.1n
$ make -j$(nproc)
$ sudo make install

Add OpenSSL shared libraries to the search path by creating a file at /etc/ld.so.conf.d/openssl-1.1.conf, containing:

/opt/openssl-1.1.1n/lib

Then run:

$ sudo ldconfig -v

To keep the same configuration as Ubuntu's existing package, add something like the following to /etc/apt/sources.list (note that mine is for New Zealand, so you will need to adapt the URL):

deb-src http://nz.archive.ubuntu.com/ubuntu jammy universe

Fetch the package source:

$ apt-get source opensmtpd
$ cd opensmtpd-6.8.0p2

Add extra configure script options to the debian/rules file:

'CPPFLAGS=-I/opt/openssl-1.1.1n/include' \
'LDFLAGS=-L/opt/openssl-1.1.1n/lib' \
'LIBS=-l:libssl.so.1.1 -l:libcrypto.so.1.1'

I had to install a few extra packages in order to build the package:

$ sudo apt install debhelper libdb-dev libpam0g-dev

An issue I ran into here was that dpkg-buildpackage expects all shared libraries to be owned by dependencies. I guess that the most correct solution to this would be to package the custom OpenSSL 1.1 build and make it a runtime dependency, but as this is a one-off, it feels like unnecessary work, so you can bypass the check by adding the following to debian/rules:

override_dh_shlibdeps:
        dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info

Note that the above indentation must be a tab character!

Finally the package built successfully with the following command:

$ sudo dpkg-buildpackage -nc -uc -us -j$(nproc)

The .deb file (and others) can be found in the parent directory.

The last thing to do is hold back upgrades for the package:

$ sudo apt-mark hold opensmtpd

Once (if?) the issue is resolved properly, you should just be able to unhold the package and upgrade.

Phew. I did all this awhile ago so I'm just getting all this from the notes I wrote for myself at the time. I hope I didn't miss anything important.

Originally posted by @kj in OpenSMTPD/OpenSMTPD#1171 (comment)

for anyone that runs into this problem, if you happen to be using SCOOP (windows package manager like chocolatey) with powershell or pwsh, go ahead, remove that piece of rubbish that windows optimistically called 'openssh feature for windows' and
scoop install openssh
make sure that your ssh -V returns something like:
OpenSSH_8.2p1, OpenSSL 1.1.1e 17 Mar 2020
AND NOT:
OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5

if it is, you need to go to settings > search 'optional features' > uninstall openssh client & server.

Happy days.

Originally posted by @LoveSponge in https://github.com/susanBuck/dwa15-fall2018/issues/12#issuecomment-634937713

No scripts needed :)

systemctl edit --full sddm-plymouth.service

[Unit]
Description=Simple Desktop Display Manager
Documentation=man:sddm(1) man:sddm.conf(5)
[email protected] plymouth-quit.service
Wants=plymouth-deactivate.service
After=systemd-user-sessions.service [email protected] plymouth-deactivate.service plymouth-quit.service

[Service]
ExecStart=/usr/bin/sddm
ExecStartPost=/bin/sleep 30
ExecStartPost=/usr/bin/plymouth quit --retain-splash
Restart=always

[Install]
Alias=display-manager.service

Originally posted by @ugjka in sddm/sddm#196 (comment)

Why not just switch to yt-dlp wholesale?

This project hasn’t had a commit in three weeks, and a full release in six. Where it might have looked merely moribund before (see #26462), it’s pretty much dead now.

Originally posted by @fstirlitz in ytdl-org/youtube-dl#29601 (comment)

You can also fix this from the command line. Here are the commands I used:
`
icacls c:\users<username>.ssh\config /inheritance:r
icacls c:\users<username>.ssh\config /grant :f

icacls c:\users<username>.ssh\id_rsa /inheritance:r
icacls c:\users<username>.ssh\id_rsa /grant :f
`

Originally posted by @jethas-bennettjones in cmderdev/cmder#1763 (comment)