The small linux problem thread

I would personally reseat the drives/cables zpool clear, unmount all the datasets, then start a scrub.
If it begins spitting errors on just the one drive, order another drive and personally not use the pool to reduce stress in the other drives, as it would have no redundancy.

If errors on multiple devices, then see if there is another controller you can attach then to?

If the pool has two z1 vdevs, and the drives on the other z1 are error free, perhaps just switching the six data cables before the zpool clear&scrub?

Thanks, i guess all 3 drives have issues and its very unlikely they all broke at the same time.

I was just copying stuff over to it from my old server, so all the data is still safe. The ssd pool has no errors, so probably not a memory issue? The 2 ssd’s have the same sata cables and the smart data of the 3 drives have no issues. the 2 ssd’s are on a different controller.

I’m not at home at the moment. so i’ll just leave it running. but i’m think it’s an issue with the motherboard (these are connected to sata ports on the chipset) or a power issue. I’ll switch them around and do a memory test when i get back. of those are not the issue i’ll put in a new power supply.

After scrubbing i have checksum errors. it shows on 2 because the 3rd has already been faulted and is not being used anymore.

First time Ubuntu’s software updater got stuck after multiple reboots and retries:

root        3643       1  4 13:43 ?        00:01:27 /usr/bin/python3 /usr/sbin/aptd
root      643225    3643  0 14:12 pts/2    00:00:00  \_ /usr/bin/python3 /usr/sbin/aptd
root      644605  643225  0 14:12 pts/3    00:00:00      \_ /usr/bin/dpkg --status-fd 60 --configure --pending
root      644606  644605  3 14:12 pts/3    00:00:01          \_ /usr/bin/perl -w /usr/share/debconf/frontend /var/lib/dpkg/info/grub-efi-amd64-signed.postinst configure 1.192+2.06-2ubuntu16
root      644624  644606  0 14:12 pts/3    00:00:00              \_ /bin/sh /var/lib/dpkg/info/grub-efi-amd64-signed.postinst configure 1.192+2.06-2ubuntu16
root      644630  644624  1 14:12 pts/3    00:00:00                  \_ /bin/bash /usr/lib/grub/grub-multi-install --target=x86_64-efi
root      745852  644630  0 14:12 pts/3    00:00:00                      \_ /bin/bash /usr/lib/grub/grub-multi-install --target=x86_64-efi
root      745853  745852  0 14:12 pts/3    00:00:00                          \_ /bin/bash /usr/lib/grub/grub-multi-install --target=x86_64-efi
root      745854  745852  0 14:12 pts/3    00:00:00                          \_ sort -t: -k2 -u

Software Updater Stuck on Configuring grub-efi-amd64-signed796×702 109 KB

So I went to check out that file referenced by the error message…

#!/usr/bin/perl -w
# This file was preprocessed, do not edit!


package Debconf::DbDriver::Stack;
use strict;
use Debconf::Log qw{:all};
use Debconf::Iterator;
use base 'Debconf::DbDriver::Copy';



use fields qw(stack stack_change_errors);


sub init {
	my $this=shift;

	if (! ref $this->{stack}) {
		my @stack;
		foreach my $name (split(/\s*,\s/, $this->{stack})) {
			my $driver=$this->driver($name);
			unless (defined $driver) {
				$this->error("could not find a db named \"$name\" to use in the stack (it should be defined before the stack in the config file)");
				next;
			}
			push @stack, $driver;
		}
		$this->{stack}=[@stack];
	}

	$this->error("no stack set") if ! ref $this->{stack};
	$this->error("stack is empty") if ! @{$this->{stack}};
}


sub iterator {
	my $this=shift;

	my %seen;
	my @iterators = map { $_->iterator } @{$this->{stack}};
	my $i = pop @iterators;
	my $iterator=Debconf::Iterator->new(callback => sub {
		for (;;) {
			while (my $ret = $i->iterate) {
				next if $seen{$ret};
				$seen{$ret}=1;
				return $ret;
			}
			$i = pop @iterators;
			return undef unless defined $i;
		}
	});
}


sub shutdown {
	my $this=shift;

	my $ret=1;
	foreach my $driver (@{$this->{stack}}) {
		$ret=undef if not defined $driver->shutdown(@_);
	}

	if ($this->{stack_change_errors}) {
		$this->error("unable to save changes to: ".
			join(" ", @{$this->{stack_change_errors}}));
		$ret=undef;
	}

	return $ret;
}


sub exists {
	my $this=shift;

	foreach my $driver (@{$this->{stack}}) {
		return 1 if $driver->exists(@_);
	}
	return 0;
}

sub _query {
	my $this=shift;
	my $command=shift;
	shift; # this again
	
	debug "db $this->{name}" => "trying to $command(@_) ..";
	foreach my $driver (@{$this->{stack}}) {
		if (wantarray) {
			my @ret=$driver->$command(@_);
			debug "db $this->{name}" => "$command done by $driver->{name}" if @ret;
			return @ret if @ret;
		}
		else {
			my $ret=$driver->$command(@_);
			debug "db $this->{name}" => "$command done by $driver->{name}" if defined $ret;
			return $ret if defined $ret;
		}
	}
	return; # failure
}

sub _change {
	my $this=shift;
	my $command=shift;
	shift; # this again
	my $item=shift;

	debug "db $this->{name}" => "trying to $command($item @_) ..";

	foreach my $driver (@{$this->{stack}}) {
		if ($driver->exists($item)) {
			last if $driver->{readonly}; # nope, hit a readonly one
			debug "db $this->{name}" => "passing to $driver->{name} ..";
			return $driver->$command($item, @_);
		}
	}

	my $src=0;

	foreach my $driver (@{$this->{stack}}) {
		if ($driver->exists($item)) {
			my $ret=$this->_nochange($driver, $command, $item, @_);
			if (defined $ret) {
				debug "db $this->{name}" => "skipped $command($item) as it would have no effect";
				return $ret;
			}

			$src=$driver;
			last
		}
	}

	my $writer;
	foreach my $driver (@{$this->{stack}}) {
		if ($driver == $src) {
			push @{$this->{stack_change_errors}}, $item;
			return;
		}
		if (! $driver->{readonly}) {
			if ($command eq 'addowner') {
				if ($driver->accept($item, $_[1])) {
					$writer=$driver;
					last;
				}
			}
			elsif ($driver->accept($item)) {
				$writer=$driver;
				last;
			}
		}
	}
	
	unless ($writer) {
		debug "db $this->{name}" => "FAILED $command";
		return;
	}

	if ($src) {		
		$this->copy($item, $src, $writer);
	}

	debug "db $this->{name}" => "passing to $writer->{name} ..";
	return $writer->$command($item, @_);
}

sub _nochange {
	my $this=shift;
	my $driver=shift;
	my $command=shift;
	my $item=shift;

	if ($command eq 'addowner') {
		my $value=shift;
		foreach my $owner ($driver->owners($item)) {
			return $value if $owner eq $value;
		}
		return;
	}
	elsif ($command eq 'removeowner') {
		my $value=shift;
		
		foreach my $owner ($driver->owners($item)) {
			return if $owner eq $value;
		}
		return $value; # no change
	}
	elsif ($command eq 'removefield') {
		my $value=shift;
		
		foreach my $field ($driver->fields($item)) {
			return if $field eq $value;
		}
		return $value; # no change
	}

	my @list;
	my $get;
	if ($command eq 'setfield') {
		@list=$driver->fields($item);
		$get='getfield';
	}
	elsif ($command eq 'setflag') {
		@list=$driver->flags($item);
		$get='getflag';
	}
	elsif ($command eq 'setvariable') {
		@list=$driver->variables($item);
		$get='getvariable';
	}
	else {
		$this->error("internal error; bad command: $command");
	}

	my $thing=shift;
	my $value=shift;
	my $currentvalue=$driver->$get($item, $thing);
	
	my $exists=0;
	foreach my $i (@list) {
		$exists=1, last if $thing eq $i;
	}
	return $currentvalue unless $exists;

	return $currentvalue if $currentvalue eq $value;
	return undef;
}

sub addowner	{ $_[0]->_change('addowner', @_)	}
sub removeowner { $_[0]->_change('removeowner', @_)	}
sub owners	{ $_[0]->_query('owners', @_)		}
sub getfield	{ $_[0]->_query('getfield', @_)		}
sub setfield	{ $_[0]->_change('setfield', @_)	}
sub removefield { $_[0]->_change('removefield', @_)	}
sub fields	{ $_[0]->_query('fields', @_)		}
sub getflag	{ $_[0]->_query('getflag', @_)		}
sub setflag	{ $_[0]->_change('setflag', @_)		}
sub flags	{ $_[0]->_query('flags', @_)		}
sub getvariable { $_[0]->_query('getvariable', @_)	}
sub setvariable { $_[0]->_change('setvariable', @_)	}
sub variables	{ $_[0]->_query('variables', @_)	}


1

I have neither read nor written a line of Perl prior to this day in my life. But I can tell that line of code puts me at a starting point that is deep in the rabbit hole.

To find my way up, I’ve been trying to recursively determine all the dependencies on that code.

0. The problem line referenced in the error message is a debug statement at the top of the _change subroutine within the package Debconf::DbDriver::Stack. At the very bottom of the same file are 12 subroutines that depend on sub _change. (Their names match the regular expression (add|remove)(field|flag|owner|variable).)
1. package Debconf::Db depends on the stuff in package Debconf::DbDriver. It has a sub makedriver, which I believe is responsible for initializing an instance of one of the packages under the Debconf::DbDriver namespace.
2. There are three packages that call sub makedriver, but only package Debconf::Config calls it with driver => "Stack". But no matter, where is the input data that feeds the subroutines? There is a curious line in package Debconf::Db that reads die "driver type not specified (perhaps you need to re-read debconf.conf(5))".
3. Reading debconf.conf(5) takes me to the file /etc/debconf.conf which references “Stack” exactly once:

   Name: configdb
   Driver: Stack
   Stack: config, passwords
   

4. The “Stack” driver is supposed to act as a collection of of sorts. Looking for the definition of “config” and “passwords” leads me to the files /var/cache/debconf/config.dat and /var/cache/debconf/passwords.dat respectively.

Currently trying to inspect the state of the variables at the point of the error message to determine the offending entry…

EDIT: Ah… weird. After killing perl a few times, the Software Updater says my system is “up to date.” Hmm… suspicious.

I have this feeling that Ubuntu just swept a problem under the rug.

Fascinating!

You sir, make me wish I took a computer related path. While I do not really understand what is going on, I do appreciate tinkering and looking under the hood.

Hush now… its burned and incinerated every 6 months anyway

Probably so. “Has anyone talked to about our lord and savior Debian GNU/Linux Unstable?”

On steam deck when building a project. Application not able to play audio:

[ALSOFT] (EE) Failed to set real-time priority for thread: Operation not permitted (1)
ALSA lib ../../pulse/pulse.c:242:(pulse_connect) PulseAudio: Unable to connect: Connection refused

Note: I get the ALSOFT real-time priotity warning on my other machine but audio works fine. Only on the deck it’s failing with ALSA lib error.

Tried all the obvious things like updates and rebooting.

So I was going to restart just the pulseaudio service with verbose mode -v

deck@steamdeck ~> systemctl --user restart pulseaudio
Failed to restart pulseaudio.service: Unit pulseaudio.service not found.

wut?

deck@steamdeck ~ [127]> pulseaudio --check
fish: Unknown command: pulseaudio

Error tells me pulseaudio refused connection yet there seems to be no pulseaudio service or instance running? clearly the service exists I think?

I checked logs with jounralctl -r Nothing helpful there.

check pactl info | grep "Server Name". There is a very high chance the Steamdeck is on Pipewire so it won’t find a pulseaudio service, if anything it would be pipewire-pulse.

(130)(deck@steamdeck ~)$ pactl info | grep "Server Name"
Server Name: PulseAudio (on PipeWire 0.3.59)

Thanks. Seems to be running PulseAudio “on” PipeWire?

hunting for pipewire logs…

Yes it’s the Pulse implementation for PipeWire, aka pipewire-pulse.

For people to adopt PipeWire over time they needed the backward compatibility with what it was supposed to replace (i.e. Pulse and JACK among other things), so they have their own implementation of each. Otherwise it would have been

I can get some info on pipewire with:
systemctl --user status pipewire pipewire-pulse

● pipewire.service - PipeWire Multimedia Service
     Loaded: loaded (/usr/lib/systemd/user/pipewire.service; disabled; preset: enabled)
     Active: active (running) since Wed 2023-10-18 00:37:56 MDT; 20h ago
TriggeredBy: ● pipewire.socket
   Main PID: 1242 (pipewire)
      Tasks: 2 (limit: 17686)
     Memory: 29.5M
        CPU: 681ms
     CGroup: /user.slice/user-1000.slice/[email protected]/session.slice/pipewire.service
             └─1242 /usr/bin/pipewire

Oct 18 00:37:56 steamdeck systemd[1074]: Started PipeWire Multimedia Service.
Oct 18 00:37:56 steamdeck pipewire[1242]: mod.rt: Can't find xdg-portal: (null)
Oct 18 00:37:56 steamdeck pipewire[1242]: mod.rt: found session bus but no portal

● pipewire-pulse.service - PipeWire PulseAudio
     Loaded: loaded (/usr/lib/systemd/user/pipewire-pulse.service; disabled; preset: enabled)
     Active: active (running) since Wed 2023-10-18 00:38:01 MDT; 20h ago
TriggeredBy: ● pipewire-pulse.socket
   Main PID: 1718 (pipewire-pulse)
      Tasks: 2 (limit: 17686)
     Memory: 13.7M
        CPU: 915ms
     CGroup: /user.slice/user-1000.slice/[email protected]/session.slice/pipewire-pulse.service
             └─1718 /usr/bin/pipewire-pulse

Oct 18 00:38:01 steamdeck systemd[1074]: Started PipeWire PulseAudio.
Oct 18 00:38:01 steamdeck pipewire-pulse[1718]: mod.rt: RTKit error: org.freedesktop.DBus.Error.Failed
Oct 18 00:38:01 steamdeck pipewire-pulse[1718]: mod.rt: could not set nice-level to -11: Input/output error

pw-dump > dump.txt spits out about 5700 lines of json config, doesnt look useful in there.

One guide suggested adding user to audio group for RTKit:

(1)(deck@steamdeck ~)$ groups deck
wheel deck
(deck@steamdeck ~)$ sudo usermod -a -G audio deck
[sudo] password for deck: 
(deck@steamdeck ~)$ groups deck
wheel audio deck

rebooted. same error.

Still digging…

And checking wpctl status:

(deck@steamdeck ~)$ wpctl status
PipeWire 'pipewire-0' [0.3.59, deck@steamdeck, cookie:1558823201]
 └─ Clients:
        32. Plasma PA                           [0.3.59, deck@steamdeck, pid:2436]
        33. pipewire                            [0.3.59, deck@steamdeck, pid:1241]
        34. WirePlumber                         [0.3.59, deck@steamdeck, pid:1242]
        35. WirePlumber [export]                [0.3.59, deck@steamdeck, pid:1242]
        37. wpctl                               [0.3.59, deck@steamdeck, pid:4979]
        62. xdg-desktop-portal                  [0.3.59, deck@steamdeck, pid:2355]
        63. QPulse                              [0.3.59, deck@steamdeck, pid:2574]
        64. pipewire                            [0.3.59, deck@steamdeck, pid:1717]
        77. Steam                               [0.3.59, deck@steamdeck, pid:2895]
        78. Steam Voice Settings                [0.3.59, deck@steamdeck, pid:2895]

Audio
 ├─ Devices:
 │      45. Rembrandt Radeon High Definition Audio Controller [alsa]
 │      46. ACP/ACP3X/ACP6x Audio Coprocessor   [alsa]
 │  
 ├─ Sinks:
 │  *   49. ACP/ACP3X/ACP6x Audio Coprocessor Speaker [vol: 0.61]
 │      50. ACP/ACP3X/ACP6x Audio Coprocessor Headphones [vol: 1.00]
 │  
 ├─ Sink endpoints:
 │  
 ├─ Sources:
 │      39. Filter Chain Source                 [vol: 1.00]
 │  *   51. ACP/ACP3X/ACP6x Audio Coprocessor Headset Microphone + Internal Microphone [vol: 0.67]
 │  
 ├─ Source endpoints:
 │  
 └─ Streams:
        38. filter-chain-capture                                        
             73. input_FL       
             74. monitor_FL     
             75. input_FR       
             76. monitor_FR     

Video
 ├─ Devices:
 │  
 ├─ Sinks:
 │  
 ├─ Sink endpoints:
 │  
 ├─ Sources:
 │  
 ├─ Source endpoints:
 │  
 └─ Streams:

Settings
 └─ Default Configured Node Names:

Found the origin of the message in ALSA lib …/…/pulse/pulse.c:242:(pulse_connect)

Trying to follow it, not sure why its returning connection refused

I don’t know to be honest. I guess it’s possible that Valve built their ALSA and/or PipeWire without support for Real Time or something? Or has other restrictions in place… not sure.

TL;DR: How the hell do I (properly) apply ACLs recursively?

I have a problem/question with permissions…
So I set up a TrueNAS Scale box recently and still trying things out. Currently tinkering around with Permissions.
I have a dataset that the built-in Apps use. With Jellyfin being one of those Apps obviously I need to put some files into it. When setting up Apps the ownership of the dataset automatically goes to a built-in “apps” user. So far so good, not a big deal.
To actually be able to put something in it I added an ACL and added my user with RWX permissions:

But I kept getting various errors regarding needing this entry and this other entry and that entry and well, I ended up with this monstrosity:

I clearly have no clue about ACLs so I’m wondering is that the right thing to do?
I guess more specifically I’m wondering what the hell is the different between a “normal” and a Default ACL? And why do I need the Default to apply the normal ones recursively

setfacl -R -m u:${USER}:rwx ${DIR} sorry I have no idea how to use GUIs.

From what I remember of TrueNAS the UI was often more trouble than it was worth when dealing with ACLs anyway.

Thanks for that, although I got it running as noted above. I was just wondering if that’s the right way to do it

I didn’t really understand the difference between regular and default ACL entries. However, I got some time earlier and read it up in the ACL man page:

In addition, a directory may have an associated ACL that governs the initial access ACL for objects created within that directory; this ACL is referred to as a default ACL.

So if I’m understanding this right this is just the permissions that new files (or directories) are created with? i.e. if I have a user with a rwx permissions and a default ACL for that user with just rx permissions, they can create a file but then not alter it further or delete it. Is that a reasonable assumption?

I didn’t have any issues with it other then it not being totally clear why it wanted the entries the messages were throwing at me. But to be fair the UI is tailored for sys admins that know about these requirements already.
That said, it seems to be very specific in what needs to be set explicitely. Looking at the manual the setfacl assumes some values for the default ACLs if none are provided, but the UI wants them explicitely.

That’s kind of what I mean. I always felt like this area of the GUI enforced it’s own kind of strange incantations instead of removing the need for such things as a good GUI should, but maybe that’s just me.

more fighting with the steam deck, new issue…

trying to install packages fail with:
error: libwebsockets: signature from "David Runge <[email protected]>" is unknown trust

first we disable readonly and populate keyring as usual

sudo steamos-readonly disable
pacman-key --init 
pacman-key --populate archlinux

attempt to install package:
sudo pacman -Syu libwebsockets

(1)(deck@steamdeck ~)$ sudo pacman -Syu libwebsockets
:: Synchronizing package databases...
 jupiter-rel is up to date
 holo-rel is up to date
 core-rel is up to date
 extra-rel is up to date
 community-rel is up to date
 multilib-rel is up to date
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...

Packages (3) libev-4.33-1  libuv-1.44.2-1  libwebsockets-4.3.2-2

Total Download Size:   0.43 MiB
Total Installed Size:  2.19 MiB

:: Proceed with installation? [Y/n] y
:: Retrieving packages...
 libwebsockets-4.3.2-2-x86_64                                     444.5 KiB   165 KiB/s 00:03 [#######################################################] 100%
(3/3) checking keys in keyring                                                                [#######################################################] 100%
(3/3) checking package integrity                                                              [#######################################################] 100%
error: libwebsockets: signature from "David Runge <[email protected]>" is unknown trust
:: File /var/cache/pacman/pkg/libwebsockets-4.3.2-2-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

i tried also
pacman-key --refresh-keys
this did not work.

edit: tried also starting fresh by deleting gnupg from /etc/pacman.d then re-ran --init and --populate.

I’ve successfully installed packages before with this method, but today seems to not trust anything

I’m a little stumped with the permissions on my TrueNAS box (again).

As mentioned previously I set up my ACLs recursively and that works fine. I have a couple Apps (i.e. Docker containers) running and those are working fine too. Occasionally one of those Apps unpacks some archives in one of my ACLed directories, and… that works fine too.

However it seems that the files extracted from the archives (which are RAR, so no Linux permissions stored?) are created with different permissions and even a different ACL mask, which results in me not having write access to them.

This is what it looks like:

# top-level extract directory
$ getfacl .
# file: .
# owner: 568
# group: 568
user::rwx
group::rwx
group:3001:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::rwx
default:group:3001:rwx
default:mask::rwx
default:other::r-x

# second-level directory, created by app
$ getfacl .
# file: .
# owner: 568
# group: 568
user::rwx
group::rwx
group:3001:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::rwx
default:group:3001:rwx
default:mask::rwx
default:other::r-x

# file in second-level directory
$ getfacl <file>
# file: <file>
# owner: 568
# group: 568
user::rw-
group::rwx                      #effective:r--
group:3001:rwx                  #effective:r--
mask::r--
other::r--

# third-level directory, extracted from archive
$ getfacl .
# file: .
# owner: 568
# group: 568
user::rwx
group::rwx                      #effective:r-x
group:3001:rwx                  #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::rwx
default:group:3001:rwx
default:mask::rwx
default:other::r-x

# file in third-level archive
$ getfacl <file>
# file: <file>
# owner: 568
# group: 568
user::rw-
group::rwx                      #effective:r--
group:3001:rwx                  #effective:r--
mask::r--
other::r--

So at a glance it looks like this is happening because the mask changes, but I don’t understand why? I thought it’s just supposed to create it with whatever default:mask is set at, which would be rwx? Why is it r--?
Even the second-level file and third-level directory are created without write permission in the mask even though default:mask on the second-level directory is rwx. It almost looks like it’s applying the default:other permission but that doesn’t make sense when the file is created with the same user the directory is owned by…
I’m really confused with how ACLs work man

Of course going into the WebUI and steamrolling the ACL recursively over the dataset again works but I’d prefer not having to do that…

BLACK SCREEN AFTER GRUB!

another install of kali bawked…
kali-linux-2023-3-amd64
clean install from a fresh image.
refused to boot after grub and hung just before the splash screen.

booted into advanced settings and the os was hard stopping at mmx guid detected.
turns out nouveau again

the solution.
boot to grub.
mouse over the primary boot option and hit ctrl+e. this will open the config for that entry.
find quiet splash and insert nomodeset.

then once the edit is done use the given option to boot into kali, dont reset or quit without saving.

next…
kali booted but in low rez…
apt update and upgrade installed the required nvidia drivers and on reboot everything works fine.

hope that saves someone multiple re-installs.