Hi,

I'm trying, without success so far, to initiate (or reconnect to an existing one) a remote desktop session (xfce here)

I've tried rustdesk, but this is sharing desktop[^1]

I've tried nomachine, but even if it's look like it can do Remote desktop[^2] I see the login screen, and screen of the active user :/ not the one I give crendential for...

Xrdp fail.. plain and simple..

Is that possible or am I dreaming ?

Thanks.

[^1]: an active user (in front of the computer) can share his desktop with someone remotly, both are seeing the same. Generally the all screen is sended to the remote user trough video compress.

[^2]: a remote user can connect this his desktop session held (or not) open on the server. A user sitting in front of the acced computer and the remote user, do not see the same ! like tty

Hi,

I'm currently busy with this project: MX_Linux_Respin_RPI_SysVinit

I want to enable luks encryption on the main (aka root) partition

I'm forking / portage https://github.com/gitbls/sdm/blob/master/sdm-cryptconfig to do so.

But there is a bug with copy_file from /usr/share/initramfs-tools/hook-functions see at : https://github.com/gitbls/sdm/discussions/352#discussioncomment-14997358

I don't understand WhyTF the function copy_file report $DESTDIR/sdmcryptfs as already existing while is being tested before, and it's not existing...

Any ideas ?

Thanks.

Hi

When I setup a cron job like this crontab -e

*/1 * * * * echo $A_VARIABLE > /home/user/Desktop/test.txt

no problem, the file is created whether the variable exist or not.

BUT doing

*/1 * * * * cd /Path/To/Script && Script.sh

#The Script.sh
echo $A_VARIABLE > /home/user/Desktop/test.txt

Do not generate the file ! and The CRON log give me

(CRON) info (No MTA installed, discaring ouput)

and yes, the  Script.sh has the execution bit.

Any ideas ?

Thanks.

cross-posted from: https://programming.dev/post/32373635

Hi,

I'm looking for a soft to create ASCII diagram like (or better) https://asciiflow.com/

ideally:

• FLOSS
• for linux
• offline
• no javascript.

I've found a candidate ascii-draw and it's write in Python ❤️ 🐍, but it's only available as flatpack.. :/

Hi,

I'm looking for a soft to create ASCII diagram like (or better) https://asciiflow.com/

ideally:

• FLOSS
• for linux
• offline
• no javascript.

I've found a candidate ascii-draw and it's write in Python ❤️ 🐍, but it's only available as flatpack.. :/

Hi,

I'm using the LITE version of Raspberry PI OS. ( so without desktop environment and other stuff, but unfortunately not systemd free... )

When I use this raspberry locally I don't need a desktop, but remotely I might...

I've found an interesting link:
https://www.xmodulo.com/remote-control-raspberry-pi.html
   see Method Three: X11 Forwarding for Desktop over SSH

I see that xinit is not installed by default with LITE ( and it make sense ) so do you think if I install it, and follow the rest of instruction it will work ?

If I understand well the mechanism I do not need to install a desktop environment on the server ( the rpi ) but only on the client right ?

Or do you know a better way do achieve this ?

cross-posted from: https://programming.dev/post/24356655

Hi,

I would like to forward packets that come from a wireguard connection to a local subnet

environment

• Client: connected to server trough wireguard IP 192.168.X.2
• server: connected to Client trough wireguard IP 192.168.X.1 and 192.168.Y.1 ( it's not systemd free ¯\(ツ)/¯  )
• aMachine: on the same subnet as server IP 192.168.Y.2

   

on the server I've done

#I don't know if this is necessary ?
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl --system

I've added the following rule to my nftables config but it seem the packet get lost ?

#added inside existing table `table ip Tip {}`
chain chPreRoute {
type nat hook prerouting priority 0; policy accept;
iif wg0 icmp type echo-request dnat to 192.168.Y.2
}

Hi,

I would like to forward packets that come from a wireguard connection to a local subnet

environment

• Client: connected to server trough wireguard IP 192.168.X.2
• server: connected to Client trough wireguard IP 192.168.X.1 and 192.168.Y.1 ( it's not systemd free ¯\(ツ)/¯  )
• aMachine: on the same subnet as server IP 192.168.Y.2

on the server I've done

#I don't know if this is necessary ?
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl --system

I've added the following rule to the nftables config on server but it seem the packet get lost ?

#added inside existing table `table ip Tip {}`
chain chPreRoute {
type nat hook prerouting priority 0; policy accept;
iif wg0 icmp type echo-request dnat to 192.168.Y.2
}

Hi,

I would like to pass the arguments to apt trough a .sh script.

apt install "${1}/opensnitch_${1}_amd64.deb" "${1}/python3-opensnitch-ui_${1}_all.deb"

so for example if I launch test.sh 1.6.5 the script should run apt install 1.6.5/opensnitch_1.6.5_amd64.deb 1.6.5/python3-opensnitch-ui_1.6.5_all.deb

but it's not wokring it pass to apt only 1.6.5 and not the rest of the string... any ideas ?

Hi,

On my Debian 12 Bookworm ( raspberry pi )

My nftables do not block DHCP packets ! according to this basic rules

nft -y list rulesset

table ip Tip {

	chain chIN {
		type filter hook input priority 0; policy drop;
		ct state established,related accept
	}
	chain chFW {
		type filter hook forward priority 0; policy drop;
	}
	chain chOUT {
		type filter hook output priority 0; policy drop;
		udp dport 67 drop #DHCP
		udp dport 53 accept
		tcp dport { 80, 443} accept
		ct state established,related accept
	}

}

DHCP should be blocked... but it's not as I get an IP from it..

Any ideas ?

Thanks.

cross-posted from: https://programming.dev/post/23945016

Hi,

I've recompiled my kernel[^moreinfo] of my raspberry pi 4 than run under Devuan rpi

some of the command used on the rpi to compile

apt install build-essential libncurses-dev bison flex libssl-dev libelf-dev
mkdir /RaspKernel_6_1_y && cd /RaspKernel_6_1_y
git clone --depth=1 --branch rpi-6.1.y https://github.com/raspberrypi/linux
cd linux
cp /boot/config-6.1.93 /RaspKernel_6_1_y/linux/.config
KERNEL=kernel8
make menuconfig
time make -j$((`nproc` - 2)) Image.gz modules dtbs
make -j$((`nproc` - 2)) modules_install
cp arch/arm64/boot/Image.gz /boot/broadcom/$KERNEL.img
cp arch/arm64/boot/dts/broadcom/*.dtb /boot/broadcom/
cp arch/arm64/boot/dts/overlays/*.dtb* /boot/firmware/overlays/
cp arch/arm64/boot/dts/overlays/README /boot/firmware/overlays/
reboot
apt install cryptsetup

In addition to have enabled some cipher/algorithm in the kernel config I have set a string ( TESTversionA ) in CONFIG_LOCALVERSION , may be I shouldn't have :/ ?

I'm currently following this guide LUKS on Raspberry Pi ( for context my related lemmy post )

So now that the kernel has been updated, the cryptsetup benchmark -c xchacha20,aes-adiantum-plain64 command is successful

So in order to enable luks in initramfs I'm following the preparing-linux section of this guide.

we can read:

initramfs has to be recreated

I followed the guidance and edited the initramfs-rebuild file to match my setup

initramfs-rebuild file

#!/bin/sh -e

# Rebuild initrd.gz after kernel upgrade to include new kernel's modules.
# https://github.com/Robpol86/robpol86.com/blob/master/docs/_static/initramfs-rebuild.sh
# Save as (chmod +x): /etc/kernel/postinst.d/initramfs-rebuild

# Remove splash from cmdline.
if grep -q '\bsplash\b' /boot/cmdline.txt; then
  sed -i 's/ \?splash \?/ /' /boot/cmdline.txt
fi

# Exit if not building kernel for this Raspberry Pi's hardware version.
version="$1"
current_version="$(uname -r)"
case "${current_version}" in
  *-v7+)
    case "${version}" in
      *-v7+) ;;
      *) exit 0
    esac
  ;;
  *+)
    case "${version}" in
      *-v7+) exit 0 ;;
    esac
  ;;
esac

# Exit if rebuild cannot be performed or not needed.
[ -x /usr/sbin/mkinitramfs ] || exit 0
[ -f /boot/broadcom/initrd.gz ] || exit 0
lsinitramfs /boot/broadcom/initrd.gz |grep -q "/$version$" && exit 0  # Already in initramfs.

# Rebuild.
mkinitramfs -o /boot/broadcom/initrd.gz "$version"

and when I run mkinitramfs -o /boot/broadcom/initrd.gz I got

grep: /boot/config-6.1.93TEST+: No such file or directory

I've did

cp /RaspKernel_6_1_y/linux/.config /boot/config-6.1.93TEST+
mkinitramfs -o /boot/broadcom/initrd.gz

and it seemed worked. I've edit the remaining files

• /boot/broadcom/cmdline.txt
• /etc/fstab
• /etc/crypttab

rebooted. Landed in the initramfs shell as expected

but benchmark -c xchacha20,aes-adiantum-plain64 is no longer successful :'(

Cipher xchacha20,aes-adiantum-plain64 (with 256 bit key) is not available

Any ideas where might lay the problem ?

Thanks.

[^moreinfo]: --branch rpi-6.1.y https://github.com/raspberrypi/linux

Hi,

I've recompiled my kernel[^moreinfo] of my raspberry pi 4 that run under Devuan rpi

apt install build-essential libncurses-dev bison flex libssl-dev libelf-dev
mkdir /RaspKernel_6_1_y && cd /RaspKernel_6_1_y
git clone --depth=1 --branch rpi-6.1.y https://github.com/raspberrypi/linux
cd linux
cp /boot/config-6.1.93 /RaspKernel_6_1_y/linux/.config
KERNEL=kernel8
make menuconfig
time make -j$((`nproc` - 2)) Image.gz modules dtbs
make -j$((`nproc` - 2)) modules_install
cp arch/arm64/boot/Image.gz /boot/broadcom/$KERNEL.img
cp arch/arm64/boot/dts/broadcom/*.dtb /boot/broadcom/
cp arch/arm64/boot/dts/overlays/*.dtb* /boot/firmware/overlays/
cp arch/arm64/boot/dts/overlays/README /boot/firmware/overlays/
reboot
apt install cryptsetup

I'm currently following this guide LUKS on Raspberry Pi ( for context my related lemmy post )

So now that the kernel has been updated, the cryptsetup benchmark -c xchacha20,aes-adiantum-plain64 command is successful

So in order to enable luks in initramfs I'm following the preparing-linux section of this guide.

we can read:

initramfs has to be recreated

I followed the guidance and edited the initramfs-rebuild file to match my setup

#!/bin/sh -e

# Rebuild initrd.gz after kernel upgrade to include new kernel's modules.
# https://github.com/Robpol86/robpol86.com/blob/master/docs/_static/initramfs-rebuild.sh
# Save as (chmod +x): /etc/kernel/postinst.d/initramfs-rebuild

# Remove splash from cmdline.
if grep -q '\bsplash\b' /boot/cmdline.txt; then
  sed -i 's/ \?splash \?/ /' /boot/cmdline.txt
fi

# Exit if not building kernel for this Raspberry Pi's hardware version.
version="$1"
current_version="$(uname -r)"
case "${current_version}" in
  *-v7+)
    case "${version}" in
      *-v7+) ;;
      *) exit 0
    esac
  ;;
  *+)
    case "${version}" in
      *-v7+) exit 0 ;;
    esac
  ;;
esac

# Exit if rebuild cannot be performed or not needed.
[ -x /usr/sbin/mkinitramfs ] || exit 0
[ -f /boot/broadcom/initrd.gz ] || exit 0
lsinitramfs /boot/broadcom/initrd.gz |grep -q "/$version$" && exit 0  # Already in initramfs.

# Rebuild.
mkinitramfs -o /boot/broadcom/initrd.gz "$version"

grep: /boot/config-6.1.93TEST+: No such file or directory

I've did

cp /RaspKernel_6_1_y/linux/.config /boot/config-6.1.93TEST+
mkinitramfs -o /boot/broadcom/initrd.gz

and it seemed worked. I've edit the remaining files

• /boot/broadcom/cmdline.txt
• /etc/fstab
• /etc/crypttab

rebooted. Landed in the initramfs shell as expected

but benchmark -c xchacha20,aes-adiantum-plain64 is no longer successful :'(

Cipher xchacha20,aes-adiantum-plain64 (with 256 bit key) is not available

Any ideas where might lay the problem ?

Thanks.

[^moreinfo]: --branch rpi-6.1.y https://github.com/raspberrypi/linux