-
Search Results
-
Dear All,
I have installed Timeshift to do a backup but it doesn’t work.
Is it possible to use Timeshift ?
I don’t like to use an snapshot (iso) because the file fstab is modified and some times, I can’t reinstall the iso (Bios or Legacy or EFI not compatible)———————————————————–
Here it is my installation (apparently all was good);$ sudo apt install timeshift
Lecture des listes de paquets… Fait
Construction de l’arbre des dépendances
Lecture des informations d’état… Fait
Les paquets supplémentaires suivants seront installés :
libgee-0.8-2
Les NOUVEAUX paquets suivants seront installés :
libgee-0.8-2 timeshift
0 mis à jour, 2 nouvellement installés, 0 à enlever et 0 non mis à jour.
Il est nécessaire de prendre 874 ko dans les archives.
Après cette opération, 4.053 ko d’espace disque supplémentaires seront utilisés.
Souhaitez-vous continuer ? [O/n] O
Réception de :1 http://ftp.be.debian.org/debian buster/main amd64 libgee-0.8-2 amd64 0.20.1-2 [230 kB]
Réception de :2 http://ftp.be.debian.org/debian buster/main amd64 timeshift amd64 19.01+ds-2+deb10u1 [643 kB]
874 ko réceptionnés en 0s (2.187 ko/s)
Sélection du paquet libgee-0.8-2:amd64 précédemment désélectionné.
(Lecture de la base de données… 184316 fichiers et répertoires déjà installés.)
Préparation du dépaquetage de …/libgee-0.8-2_0.20.1-2_amd64.deb …
Dépaquetage de libgee-0.8-2:amd64 (0.20.1-2) …
Sélection du paquet timeshift précédemment désélectionné.
Préparation du dépaquetage de …/timeshift_19.01+ds-2+deb10u1_amd64.deb …
Dépaquetage de timeshift (19.01+ds-2+deb10u1) …
Paramétrage de libgee-0.8-2:amd64 (0.20.1-2) …
Paramétrage de timeshift (19.01+ds-2+deb10u1) …
Traitement des actions différées (« triggers ») pour desktop-file-utils (0.23-4) …
Traitement des actions différées (« triggers ») pour mime-support (3.62) …
Traitement des actions différées (« triggers ») pour hicolor-icon-theme (0.17-2) …
Traitement des actions différées (« triggers ») pour libc-bin (2.28-10) …
Writing Menu: fluxbox
Writing Menu: icewm
Writing Menu: jwm—————————————————————————————-
Please find the laptop info;System: Host: ASUS Kernel: 4.9.240-antix.1-amd64-smp x86_64 bits: 64 compiler: gcc v: 8.3.0
parameters: BOOT_IMAGE=/boot/vmlinuz-4.9.240-antix.1-amd64-smp
root=UUID=3cafe92e-aadc-43da-b08c-f785f80ec609 ro gfxsave quiet
Desktop: IceWM 2.0.1 dm: SLiM 1.3.6
Distro: antiX-19.3_x64-full Manolis Glezos 15 October 2020
base: Debian GNU/Linux 10 (buster)
Machine: Type: Laptop System: ASUSTeK product: F3U v: 1.0 serial: <filter> Chassis: type: 10
serial: <filter>
Mobo: ASUSTeK model: F3U v: 1.0 serial: <filter> BIOS: American Megatrends v: 208
date: 07/18/2007
Battery: ID-1: BAT0 charge: 7.5 Wh condition: 7.5/51.3 Wh (15%) volts: 12.5/11.1
model: ASUSTEK F3—24 type: Li-ion serial: <filter> status: Full
Memory: RAM: total: 1.71 GiB used: 586.9 MiB (33.5%)
RAM Report: permissions: Unable to run dmidecode. Root privileges required.
PCI Slots: Permissions: Unable to run dmidecode. Root privileges required.
CPU: Topology: Dual Core model: AMD Athlon 64 X2 TK-55 bits: 64 type: MCP arch: K8 rev.F+
family: F (15) model-id: 68 (104) stepping: 1 microcode: N/A L2 cache: 512 KiB
bogomips: 6383
Speed: 1600 MHz min/max: 800/1800 MHz Core speeds (MHz): 1: 1600 2: 1600
Flags: 3dnow 3dnowext 3dnowprefetch apic clflush cmov cmp_legacy cr8_legacy cx16 cx8 de
extapic extd_apicid fpu fxsr fxsr_opt ht lahf_lm lbrv lm mca mce mmx mmxext msr mtrr
nopl nx pae pat pge pni pse pse36 rdtscp rep_good sep sse sse2 svm syscall tsc vme
vmmcall
Vulnerabilities: Type: itlb_multihit status: Not affected
Type: l1tf status: Not affected
Type: mds status: Not affected
Type: meltdown status: Not affected
Type: spec_store_bypass status: Not affected
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2 mitigation: Full generic retpoline, STIBP: disabled, RSB filling
Type: srbds status: Not affected
Type: tsx_async_abort status: Not affected
Graphics: Device-1: AMD RS690M [Radeon Xpress 1200/1250/1270] vendor: ASUSTeK driver: radeon
v: kernel bus ID: 01:05.0 chip ID: 1002:791f
Display: x11 server: X.Org 1.20.4 driver: radeon resolution: 1280×800~60Hz
OpenGL: renderer: ATI RS690 v: 2.1 Mesa 18.3.6 direct render: Yes
Audio: Device-1: AMD SBx00 Azalia vendor: ASUSTeK driver: snd_hda_intel v: kernel
bus ID: 00:14.2 chip ID: 1002:4383
Sound Server: ALSA v: k4.9.240-antix.1-amd64-smp
Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: ASUSTeK
driver: r8169 v: 2.3LK-NAPI port: b800 bus ID: 05:00.0 chip ID: 10ec:8168
IF: eth0 state: up speed: 1000 Mbps duplex: full mac: <filter>
IP v4: <filter> scope: global broadcast: <filter>
IP v6: <filter> type: dynamic mngtmpaddr scope: global
IP v6: <filter> scope: link
Device-2: Qualcomm Atheros AR242x / AR542x Wireless Network Adapter driver: ath5k
v: kernel port: b800 bus ID: 06:00.0 chip ID: 168c:001c
IF: wlan0 state: down mac: <filter>
WAN IP: <filter>
Drives: Local Storage: total: 140.44 GiB used: 5.95 GiB (4.2%)
ID-1: /dev/sda vendor: Seagate model: ST9120822AS size: 111.79 GiB block size:
physical: 512 B logical: 512 B speed: 1.5 Gb/s serial: <filter> rev: C scheme: MBR
ID-2: /dev/sdb type: USB vendor: SanDisk model: USB 3.2Gen1 size: 28.65 GiB block size:
physical: 512 B logical: 512 B serial: <filter> rev: 1.00 scheme: MBR
Optical-1: /dev/sr0 vendor: MATSHITA model: DVD-RAM UJ-850S rev: 1.22
dev-links: cdrom,cdrw,dvd,dvdrw
Features: speed: 24 multisession: yes audio: yes dvd: yes rw: cd-r,cd-rw,dvd-r,dvd-ram
state: running
RAID: Message: No RAID data was found.
Partition: ID-1: / raw size: 24.41 GiB size: 24.03 GiB (98.43%) used: 5.94 GiB (24.7%) fs: ext2
dev: /dev/sdb2 label: rootantiX uuid: 3cafe92e-aadc-43da-b08c-f785f80ec609
ID-2: /media/an/DATAWIN raw size: 2.24 GiB size: 2.23 GiB (99.80%) used: 1.3 MiB (0.1%)
fs: vfat dev: /dev/sdb3 label: DATAWIN uuid: 0AE6-1BAB
ID-3: swap-1 size: 2.00 GiB used: 0 KiB (0.0%) fs: swap swappiness: 10 (default 60)
cache pressure: 50 (default 100) dev: /dev/sdb1 label: SWAP
uuid: 8e0bee22-319d-44fd-95ed-db7522af6734
Unmounted: ID-1: /dev/sda1 size: 6.84 GiB fs: vfat label: RECOVERY uuid: 1489-5F00
ID-2: /dev/sda2 size: 67.07 GiB fs: ntfs label: VistaOS uuid: A4448C70448C46D0
ID-3: /dev/sda3 size: 1 KiB fs: <root required> label: N/A uuid: N/A
ID-4: /dev/sda5 size: 37.88 GiB fs: ntfs label: DATA uuid: 7458901B588FDA6E
USB: Hub: 1-0:1 info: Full speed (or root) Hub ports: 10 rev: 2.0 speed: 480 Mb/s
chip ID: 1d6b:0002
Device-1: 1-1:2 info: SanDisk Ultra Flair type: Mass Storage driver: usb-storage
interfaces: 1 rev: 2.1 speed: 480 Mb/s chip ID: 0781:5591 serial: <filter>
Device-2: 1-7:4 info: Microdia PC Camera (SN9C201 + OV9650) type: <vendor specific>
driver: gspca_sn9c20x interfaces: 1 rev: 2.0 speed: 480 Mb/s chip ID: 0c45:624f
Hub: 2-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s
chip ID: 1d6b:0001
Hub: 2-2:2 info: Ortek Targus Number Keypad ports: 3 rev: 1.1 speed: 12 Mb/s
chip ID: 05a4:9837
Device-3: 2-2.2:3 info: Logitech Optical Tilt Wheel Mouse type: Mouse
driver: hid-generic,usbhid interfaces: 1 rev: 2.0 speed: 1.5 Mb/s chip ID: 046d:c019
Device-4: 2-2.3:4 info: Ortek Targus Number Keypad (Composite Device)
type: Keyboard,HID driver: hid-generic,usbhid interfaces: 2 rev: 1.1 speed: 12 Mb/s
chip ID: 05a4:9862
Hub: 3-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s
chip ID: 1d6b:0001
Hub: 4-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s
chip ID: 1d6b:0001
Hub: 5-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s
chip ID: 1d6b:0001
Hub: 6-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s
chip ID: 1d6b:0001
Sensors: System Temperatures: cpu: 57.0 C mobo: N/A
Fan Speeds (RPM): N/A
Repos: Active apt repos in: /etc/apt/sources.list.d/antix.list
1: deb http: //it.mxrepo.com/antix/buster/ buster main nonfree nosystemd
No active apt repos in: /etc/apt/sources.list.d/brave-browser-release.list
Active apt repos in: /etc/apt/sources.list.d/buster-backports.list
1: deb http: //deb.debian.org/debian/ buster-backports main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list
1: deb http: //ftp.be.debian.org/debian/ buster-updates main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/debian.list
1: deb http: //ftp.be.debian.org/debian/ buster main contrib non-free
2: deb http: //security.debian.org/ buster/updates main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/eid.list
1: deb http: //files.eid.belgium.be/debian/ buster main
2: deb http: //files2.eid.belgium.be/debian/ buster main
Active apt repos in: /etc/apt/sources.list.d/google-chrome.list
1: deb [arch=amd64] http: //dl.google.com/linux/chrome/deb/ stable main
No active apt repos in: /etc/apt/sources.list.d/onion.list
No active apt repos in: /etc/apt/sources.list.d/various.list
Processes: CPU top: 5
1: cpu: 71.0% command: chromium pid: 4821 mem: 174.0 MiB (9.9%)
2: cpu: 32.0% command: yad pid: 6906 mem: 28.4 MiB (1.6%)
3: cpu: 6.6% command: chromium pid: 4537 mem: 295.1 MiB (16.8%)
4: cpu: 6.2% command: chromium pid: 4586 mem: 61.8 MiB (3.5%)
5: cpu: 5.0% command: xorg pid: 2584 mem: 72.6 MiB (4.1%)
Memory top: 5
1: mem: 295.1 MiB (16.8%) command: chromium pid: 4537 cpu: 6.6%
2: mem: 180.3 MiB (10.2%) command: chromium pid: 4589 cpu: 0.6%
3: mem: 174.0 MiB (9.9%) command: chromium pid: 4821 cpu: 71.0%
4: mem: 141.7 MiB (8.0%) command: chromium pid: 4631 cpu: 2.6%
5: mem: 104.1 MiB (5.9%) command: chromium pid: 4560 cpu: 0.0%
Info: Processes: 174 Uptime: 20m Init: SysVinit v: 2.93 runlevel: 5 default: 5 Compilers:
gcc: 8.3.0 alt: 8 Client: shell wrapper v: 5.0.3-release inxi: 3.0.36Thank you for your support.
Best regards,
Wallon.I decided t extract the internationalisation section from the most recent version of the script tell-device.sh (just a working title) and make it easyly available and understandable to everybody dealing with scripting here. I had written this internationalisation originally for the aforesaid script only, but I believe there can be some more benefit to the antiX community when this script section is excaved from its original context.
What does this tool do and how it can make translation of community scripts more convenient?
When translating a community script volunteer translator normally has to search the complete script for strings which get displayed at time of execution and differentiate them from very similar looking internal strings not to be touched for functionality reasons. This is a rather time consuming task which entails the danger of rendering the script unusable in this process, with the consequence translator has to debug translated script again. A simple quotationmark put in the wrong place might stop the show.This internationalisation structure is designed to render the modifying the script itself unnecessary by concentrating all the textstrings used in the script in one place, and moreover provide a way of outsourcing the actual translation task to separate files, two for each language.
That way translating script to a new language does only mean to copy an existing language or help file as template to the new language observing a special naming convention and translating the strings inside this file only. These files don’t contain any script code but only text and textstrings, and hence are more clearly layed out in comparison to the underlaying script.
The structure provides some additional information- and testing functionality, so the translator may check whether the new translated language- and helpfile will meet the needs. He can be absolutely sure about not having accidentally altered script code during translation process. Due to the naming convention utilised, script will recognise any new pair of files and use them automatically when they meet the language a user of the script has set his system to.
As long as no dedicated language and help files are present for his language – either country specific or not – script will fall back to builtin string table and internal help document the creator of the script has originally written. So script will be able to run even without any external help and language files at all, using universal english (en).
In case of difficulties running the script with a freshly translated pair of files it is enough to move them out of reach from the script (e.g. to another directory) until errors within them are fixed, which can now simply be done by comparing the files in questions with these of other languages carefully. This is much more easy than to fish for a malfunctional translated textstring between a multitude of codelines inside a script.So I hope we will see more scripts from antiX community translated to as many languages as possible – for the benefit of other users in all countries of the world.
You may want to start this multilanguage script from terminal window, using the option -h or –help first in order to get some more detailed information how this is intended to be used. Commandline: “/bin/bash antiX-multilanguage-support.sh -h”
An tiny example script (“Hello World”) is embedded already, so you may start it in order to evaluate the effect and study the correct way of embedding your own script. Commandline: “/bin/bash antiX-multilanguage-support.sh”. I was able to provide language and help files translated in French, Russian and German language. For users of these languages and English language the example script will start in their language already. All Users of any other languages need to get their specific pair of files translated still. They’ll get built-in universal English language by then.
This multilanguage infrastructure solution is published under conditions of GPL.
Native speakers of English, French and Russian language are welcome to improve my initial translations which you’ll find in the files enclosed, since I am not a native speaker and hence you might discover some rare phrases and unnatural sentence order used within them. All users able to provide a translation to additional languages are welcome to create and upload the suitable pair of files for their languages to this thread.
In case you are not able to create these files on your own, following the instructions given by –help option, you might also simply post the translated strings and help-message as plain text in an answer to this thread.In any case you will get honoured by mentioning you (nickname or clearname at your choice) in a comment line within this antiX community multilanguage infrastructure script. Please let us know in case you don’t like to be mentioned.
Have fun with it.
Robin.- This topic was modified 2 years, 3 months ago by Robin.
Windows is like a submarine. Open a window and serious problems will start.
I have just experienced, that it is really time consuming and difficult to get Email encryption to work, when using pre-installed programs in antix. In order to comunicate with people and corporations which use S/MIME type of encryption instead of PGP first I installed Thunderbird as E-Mail client. Therein it took not longer than 10 minutes to import the needed certificates and klick two or three checkboxes to be able to comunicate fully end-to-end encrypted.
Now I wanted to give the pre-installed Claws-Mail client a try, and what I experienced with was really annoying.
Even qute familiar with the concepts I had to research some hours, and encountered several error messages. Moreover there where some tricky steps and commands to be executed a normal user never would get through.I will report the pitfalls I noticed:
1.) The necessery plugin “claws-mail-smime-plugin” is not pre-installed in antiX (ver 17.x, maybe it is in 19 already present, I can’t check.)
an unexperienced user wouldn’t even be able to figure he would want to install it, or even be aware of it.
2.) When trying to find a checkbox to activate email-encryption user is sent to “S/MIME howto” in order to get instructions. So he will check for the prerequisites listed there first:apt-cache policy pinentry pinentry: Installiert: (keine) Installationskandidat: (keine) Versionstabelle:maybe he will check anyway:
pinentry --help No $DBUS_SESSION_BUS_ADDRESS found, falling back to curses pinentry-gnome3 (pinentry) 1.0.0 Copyright (C) 2016 g10 Code GmbH License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by lawwhich will clearly show pinentry is installed allready.
apt-cache policy ca-certificates ca-certificates: Installiert: 20200601~deb9u1 Installationskandidat: 20200601~deb9u1 Versionstabelle: *** 20200601~deb9u1 500 500 http://ftp.de.debian.org/debian stretch-updates/main i386 Packages 500 http://ftp.de.debian.org/debian stretch/main i386 Packages 100 /var/lib/dpkg/status apt-cache policy dirmngr dirmngr: Installiert: 2.1.18-8~deb9u4 Installationskandidat: 2.1.18-8~deb9u4 Versionstabelle: 2.2.12-1+deb10u1~bpo9+1 100 100 http://ftp.de.debian.org/debian stretch-backports/main i386 Packages *** 2.1.18-8~deb9u4 500 500 http://ftp.de.debian.org/debian stretch/main i386 Packages 100 /var/lib/dpkg/status 2.1.18-8~deb9u2 500 500 http://security.debian.org stretch/updates/main i386 Packages apt-cache policy gnupg gnupg: Installiert: 2.1.18-8~deb9u4 Installationskandidat: 2.1.18-8~deb9u4 Versionstabelle: 2.2.12-1+deb10u1~bpo9+1 100 100 http://ftp.de.debian.org/debian stretch-backports/main i386 Packages *** 2.1.18-8~deb9u4 500 500 http://ftp.de.debian.org/debian stretch/main i386 Packages 100 /var/lib/dpkg/status 2.1.18-8~deb9u2 500 500 http://security.debian.org stretch/updates/main i386 Packages apt-cache policy gpgme N: Paket gpgme kann nicht gefunden werden. gpgme --help bash: gpgme: Kommando nicht gefunden.Do we really need this last one (pgpme) since it doesn’t seem to exist in antiX repos? Further investigation unsheathed there is installed a packet called
apt-cache policy libgpgme11 libgpgme11: Installiert: 1.8.0-3+b2 Installationskandidat: 1.8.0-3+b2 Versionstabelle: 1.12.0-6~bpo9+1 100 100 http://ftp.de.debian.org/debian stretch-backports/main i386 Packages *** 1.8.0-3+b2 500 500 http://ftp.de.debian.org/debian stretch/main i386 Packages 100 /var/lib/dpkg/statusDoes this replace or represent the program pgpme in antiX? Where in documentation can this peace of information be found?
Well, I assumed it would fit the needs and proceded to next step: “Configuring & running the GPG agent”ls $HOME/.gnupg/gpg-agent.conf cat: /home/demo/.gnupg/gpg-agent.conf: Datei oder Verzeichnis nicht gefundenturns out file doesn’t exist. so user will create this file and copy following lines into it:
pinentry-program /usr/bin/pinentry default-cache-ttl 86400 # be aware that the passphrases will be cached for 86400 seconds! set accordingly to your needs max-cache-ttl 86400 disable-scdaemon write-env-file ~/.gnupg/.gpg-agent-info allow-mark-trusted keep-display display :0.0 debug-level basicand save it to disk.
Next the guide tells to start gpg-agent using the command which produces confusingly the message it is running allready.
eval 'gpg-agent --daemon' gpg-agent[8197]: /home/demo/.gnupg/gpg-agent.conf:5: obsolete option "write-env-file" - it has no effect gpg-agent[8197]: enabled debug flags: ipc gpg-agent[8197]: DBG: chan_4 <- OK Pleased to meet you, process 8197 gpg-agent[8197]: DBG: chan_4 -> BYE gpg-agent: a gpg-agent is already running - not starting a new one gpg-agent: secmem usage: 0/65536 bytes in 0 blocksso probably user will remember the way services and daemons are started in antiX and try
service --status-all
which will show him there is no deamon named “gpg-agent” existing. How is it to be accessed (restarted) in antiX? He might tryservice gpg-agent start gpg-agent: unrecognized servicein analogy to all the other services and daemons in use. But this will produce an error message only. At this point normal user is lost.
Let’s step over to next chapter: “Importing S/MIME certificates into gpgsm”
gpgsm --import my-cert-bundle.p12
(which is the same as one would have installed in thunderbird.) It contains your private certificate, the root-certificate (Class1) of your Certificate Authority (CA) as well as the intermediate Certificate (Class3) along with your private Key.Next the guide asks user to import certificates:
gpgsm --import /usr/share/ca-certificates/mozilla/*
which will import 108 keys, but 12 keys are refused. User will not be able to decide from the output whether this is a problem or can be neglected. Now he is asked to test them:gpgsm --list-secret-keys gpgsm: enabled debug flags: ipc gpgsm: DBG: chan_4 <- OK Pleased to meet you, process 7861 gpgsm: DBG: connection to agent established gpgsm: DBG: chan_4 -> RESET gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> OPTION ttyname=/dev/pts/1 gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> OPTION ttytype=xterm gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> OPTION display=:0.0 gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> OPTION xauthority=/home/demo/.Xauthority gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> OPTION lc-ctype=de_DE.UTF-8 gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> OPTION lc-messages=de_DE.UTF-8 gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> GETINFO version gpgsm: DBG: chan_4 <- D 2.1.18 gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> OPTION allow-pinentry-notify gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> HAVEKEY **************************************** gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> KEYINFO **************************************** gpgsm: DBG: chan_4 <- S KEYINFO **************************************** D - - 1 P - - - gpgsm: DBG: chan_4 <- OK gpgsm: DBG: chan_4 -> HAVEKEY **************************************** gpgsm: DBG: chan_4 <- ERR 67108881 Kein geheimer Schlüssel <GPG Agent> gpgsm: DBG: chan_4 -> HAVEKEY **************************************** gpgsm: DBG: chan_4 <- ERR 67108881 Kein geheimer Schlüssel <GPG Agent> gpgsm: DBG: chan_4 -> HAVEKEY **************************************** gpgsm: DBG: chan_4 <- ERR 67108881 Kein geheimer Schlüssel <GPG Agent> gpgsm: DBG: chan_4 -> HAVEKEY **************************************** gpgsm: DBG: chan_4 <- ERR 67108881 Kein geheimer Schlüssel <GPG Agent> gpgsm: DBG: chan_4 -> HAVEKEY **************************************** gpgsm: DBG: chan_4 <- ERR 67108881 Kein geheimer Schlüssel <GPG Agent> [....] a hundred times [...] /home/demo/.gnupg/pubring.kbx ----------------------------- ID: *********** S/N: ****** Issuer: /CN=CA Cert Signing Authority/OU=http:\x2f\x2fwww.cacert.org/O=Root CA/EMail=support@cacert.org Subject: /CN=CAcert WoT User/EMail=my.email.address@somewhere.org aka: my.email.address@somewhere.org validity: 2021-01-09 21:43:16 through 2021-07-08 21:43:16 key type: 4096 bit RSA key usage: digitalSignature keyEncipherment keyAgreement ext key usage: emailProtection (suggested), clientAuth (suggested), 1.3.6.1.4.1.311.10.3.4 (suggested), serverGatedCrypto.ms (suggested), serverGatedCrypto.ns (suggested) fingerprint: **:**:**:**:**:**:**:**:*:*:*:*:*:*:*:*:*:*:*:* secmem usage: 0/16384 bytes in 0 blocksOK, user may be confused a little, and concerned about all these ERR 67108881 messages what lies at the root of these?
At least, his Email certificate is propperly displayed in the end, so he hopefully goes on without sorting out all the other errors.Configuring GnuPG S/MIME
ls $HOME/.gnupg/gpgsm.conf ls: Zugriff auf '/home/demo/.gnupg/gpgsm.conf' nicht möglich: Datei oder Verzeichnis nicht gefundenwell, let’s create this file and put the follwing contents into it:
disable-policy-checks auto-issuer-key-retrieve include-certs -1 # this will include all certificates in the chain up to the root debug-level basicsave and exit.
gpgsm --list-secret-keys 2>/dev/null |grep fingerprint | awk '{print "default-key " $2}' | sed s/://g >> ~/.gnupg/gpgsm.conf
will add the default key to the file. (What will happen if I will have to handle more than one e-mail certificate later, since this one belongs to the email-certificate issued for a specific email address?)Setting up the trust:
gpgsm --list-keys 2>/dev/null | grep fingerprint | awk '{print $2 " S"}' >> ~/.gnupg/trustlist.txtSetting up Claws Mail itself:
Configuration-->Plugins, activate: PGP/Core, S/MIME. Configuration-->Email-Account GPG: Chose Key from e-mail-address.Now everything should be fine, since the .p12 file contains root certificates allready. But trying to sign a mail now produces an error message:
"claws-mail S/MIME : Cannot sign, Fehlendes Herausgeberzertifikat in der Kette (185)"What the heck!?
I decided to install these certificates which build the chain again manually (they should have been present, since they were merged into the pkcs12 file):gpgsm --import class3_X0E.crt gpgsm --import root_X0F.crtwhich led to next error message while trying to send signed mail in claws-Mail:
"Unable to sign any key - gpg: signing failed: Inappropriate ioctl for device Code = 32870"
Well, after researching this error message I found this was due to pinentry wasnt’t able to display on any screen. About twenty different solutions were to be found in internet, including strange loopback constructions. But I decided just to check what applications are present in ls /usr/bin/pinentry* so I tried to enter each of them one after another into gpg-agent.conf file.
Finally, after restarting claws-mail the entry “pinentry-program /usr/bin/pinentry-gtk-2” did the job.I was sometimes asked to set up additional passwords during the whole proccess I don’t have a clue what these are good for.
And finally, since this is a persistent antiX running from USB-Stick still, how can all these encryption settings get backuped in case of messing up system on next upgrade, what has to be transfered to another USB-Stick, where are alle the corresponding files located? This is a question rather designed for a developer as for standard user. In thunderbird I simply copy one single profile directory and everything is fine.And finally: will all this still work after next reboot? Or do I have to create some startup entries?
Conclusions of my self-experiment:
The instructions found in the guide claws-mail sends user to during encryption setup (“Informationen darüber, wie S/MIME Zertifikate in Verbindung mit GPGSM funktionieren, finden Sie unter:
http://www.claws-mail.org/faq/index.php/S/MIME_howto”) will disorient antiX users, since the tools listed there seem not to be present. Indeed, they are present, but in other places and they have partly different names nobody could guess. Moreover they require partly different commands.You might imagine, I have needed about 3 to 4 hours to get end-to-end encryption working in claws-mail, having the pkcs12 file at hand allready. And now compare this with the setup way employed in thunderbird, which was done in 5 to 10 minutes maximum, selecting the pkcs12 file from a directory and import it, then checking two or three well documented checkboxes in general setings and email-account settings. That was all. No joke.
I really dislike the way mozilla behaves in the last period of time, but in this case they have done something the right path. It is not a really good idea to leave user on his own on this difficult task, foraging in the engine room. Is anybody around who is able to make the process in Claws mail version delivered with antiX more convenient? Maybe a wrapper script might help? At least please point out what is the correct way here? I’m not sure whether I was making some detours after all, or creating some security issues by messing around unknowingly, but finally I got it work at least. This is not what I’d like other antiX users to experience while they enyoy this distro…I am not that familiar with this encryption tools behind the screen, but I think that normal user would resign at some point in this process.
I managed to get through, but it was a pain. May somebody could tell me whether I have done anything wrong, what would have been the straight way and where it is documented.Robin.
- This topic was modified 2 years, 4 months ago by caprea.
- This topic was modified 2 years, 4 months ago by Robin. Reason: structuring for better screen display
Windows is like a submarine. Open a window and serious problems will start.
Topic: SLAX 9.11 revisited
Gosh, I forgot about SLAX as I last used it many many years ago. Just found it again, (latest version 9.11 based on Debian Stretch) but this time instead of the whole user-contributed module/container thing when it first started, it relies upon Debian in the normal way for any application installation beyond the supplied basics. I guess I’m late to the party when they switched from Slackware to Debian based releases.
I had to laugh at myself because for the life of me I couldn’t get it to boot with DD or any image burner I know of.
That’s because SLAX iso (and relative Porteus) are merely opened / mounted, the SLAX directory copied from the iso onto your target usb stick, and then you run either the windows or unix shell script which takes care of installing the bootloader on that persistent stick.
That’ll teach me not to read the readme file. 🙂
Anyhoo, forgot how “lean and mean” the Xlunch desktop is. Ah, the joys of doing things in the terminal, like enabling DPMS power saving with
xset dpms force on
Hmmm … maybe when I get some time I can see if I can nab AntiX-core, put Xlunch on it, and see what happens..
- This topic was modified 2 years, 4 months ago by PDP-8. Reason: typos
Several dual cpu mainboards have appeared on the Chinese markets under the tag X79 using socket R or LGA2011 cpu format. There is a variant under the tag X99 which uses a somewhat different socket type cpu. This text describes what I did to make a dual cpu X79 mainboard into a working PC running antiX 19, hopefully at minimal cost. There are minor hardware variations within this family of X79 tagged mainboards, mainly concerning the number of memory slots per cpu 2 or 4) and the number of SATA ports (4 or 6), and the positions of certain components and power input sockets on the board.
The board format is a variant of ATX a couple of inches or so wider than standard ATX but not so long as some, because the number of PCI-express expansion slots has been kept to 4, a practical minimum. This results that in the usual PC ATX case not all the screw holes on the right hand side will correspond to a threaded hole in the backsheet, although the holes to the left will all line up as intended. Some cases will not accept this board at all, the back sheet not being flat enough nor wide enough to take the board, or having a step or fold in the back sheet towards the right.
I looked through my junk cases and found one with a flat back sheet, without folds or corrugations over the width and length of the board. However part of 3 of the 4 drive bays overlapped one corner of the board, masking certain power sockets and attachment points. I therefore with tinsnips clipped out the lower 2 bays completely where they overlapped the board, and half of the bay above, thus making enough room around the board for the screws, cables and components required. This left just 1 full length 5 1/4″ expansion bay for a DVD/RW and another half length bay for a short media device reader, but no bay for any hard drive.
I screwed threaded brass 1/4″ board spacers into all the existing threaded holes in the back sheet, and attached the board to these, then marked through all the unused holes in the board onto the back sheet with an automatic centre-pop. Removing the board I drilled 2mm holes where marked, then crudely threaded them using a 4mm self-tapping screw, and screwed into these holes the required threaded brass 4mm spacers, with a drop of loctite to fix them. Some small holes in the board extremities only required a plastic spacer of the push-in type for support. Now I had the board securely attached with a full set of screwed and plastic spacers through the assigned holes.
I made a 3 1/2″ hard drive tower to fix onto the floor at the front of the case, using 1/2″ x 1/8″ steel strip cut and welded into a rigid rectangular stack and drilled and countersunk to accept 5 drives. Modern hard drives are thinner than they once were, so the stack still provides adequate clearance for the right hand cpu cooling radiator. The base of the stack has threaded holes for fixing with machine screws from underneath the case.
A tip to get all hard drive fixing holes in the right place is to carefully mark and double-check one strip for the drive fixing holes, drill 5mm through all 4 strips clamped together, countersink the holes if required by the screws you are using, then weld up the stack using cast-off hard drives screwed through these holes in 2 or 3 places, to obtain correct alignment of all the pieces and above all the drive fixing holes. I keep a set of terminally failed old heavy 3 1/2″ drives for just this purpose.
I did not want 2 large fans roaring away continually. Besides that, some powered coolers will not physically fit into such a moderate size case anyway. I therefore used 2 passive cooling radiators attached to 2 steel mounting strips, as no mounting hardware came with the radiators, These strips were cut to shape as necessary to clear board components, then drilled, countersunk and threaded to attach to the mainboard cooler fixing holes, using 1/4″ spacers and countersunk 4×0.7mm screws, and tapped 4×0.7mm to receive the selected cooling radiators mounting screws. Some very careful marking and drilling was required at this stage. These radiators are large finned sheet metal assemblies and the memory slots are very close at top and bottom, but there is just clearance enough for DDR3 ECC REG memory with cooling sleeves. I decided on heavy copper 8mm thick heat sinks made from 40mm x 4mm solid copper strip, screwed together with conductive gel, then squeezed between these radiators and the cpu tops. The radiator fixing screws are lightly spring loaded to keep the heat sinks in place, assisted by a coat of conductive gel on all contact surfaces.
To start with I used 2 matched very cheap Xeon 4-core cpus cast off from old servers running at 2400mhz, intending to move up to faster ones later, if appropriate. DDR3 Server ECC REG ram is required for these boards, I used 4 x 8gb dimm with cooling sleeves, again cast off from old servers. A 16-lane PCIe graphics card from my junk box, a new SATA-3 DVD/RW in the top bay, a new media device reader in the half length bay, a new PCIe Wlan and Bluetooth card, a new 6-port SATA expansion card and a new modular 750w power supply completed the components. The 4 hard drives, DVD/RW and Media device reader took up 7 SATA ports so I installed a 4-port SATA expansion card to bring the SATA2 and SATA3 combined total to 10.
The modular power supply is almost a necessity as the case is now crowded with components, and this power unit permitted only the necessary looms to be present and to be most neatly routed. A bifurcated cpu power cable was also required as only one cpu 8-pin power cable came with the psu. 4 x 500gb 3.5″ new SATA-3 hard drives were fitted into the HD stack. Later I may put a 250gb solid disk in the spare hard drive bay as a boot disk.
There is no onboard default graphics chipset but an onboard sound chipset is present, and there are 2xPCIe 16-lane slots and 2xPCIe 1 -lane slots, 2xSATA-3 and 4xSATA-2 ports and a PCIe-1 SATA expansion card provides 4 extra SATA-3 ports. There are 2 fast network ports and the associated chipsets onboard. USB 2.1 and USB 3.0 ports abound internally and externally. There are even the now mainly unwanted PS/2 keyboard and mouse ports.
I installed a small case fan and also fitted a small fan arranged to blow through the hard drive stack, besides the power supply internal fan.
A coat of paint inside and out before final assembly completed the hardware aspect of this project.
The build fired up immediately and ran well allowing installation and updating of 19.2 in the first instance. Following installation antiX support advised that a different kernel was required as I experienced random freezing, so a fresh install of 19.3 with kernel 4.19.152 and using only Ceni to handle networking, has cured that trouble, and I am now setting things up as I prefer them. After a 2-hour run cpu temperature hovers around 48C-52C which sounds high but appears to cause no trouble – so far. This PC is not quite silent having 3 fans but is a much appreciated very quiet PC.
It runs very fast, I have not done enough with it yet to appreciate quite fast, and my other old slow PCs make poor comparison material. But the usual bottlenecks of networking and plug-in external devices are still there to hold things up somewhat.
I hope this build description will be of help to any antiX user wishing to build a similar PC, good luck to all experimenters!



