From: Ian Kelling Date: Tue, 1 Sep 2020 22:23:48 +0000 (-0400) Subject: various fixes including sl logic error X-Git-Url: https://iankelling.org/git/?a=commitdiff_plain;h=572dd5847440e58481ee2d7b908099f5940ddbc0;p=distro-setup various fixes including sl logic error --- diff --git a/brc b/brc index f3cde8e..4785f14 100644 --- a/brc +++ b/brc @@ -1169,21 +1169,20 @@ sk() { # ~/.bashrc. You dont want this. .bashrc is meant for interactive shells # and if you customize it, probably has bugs from time to time. This is # bad. Here's how I fix it. I have a special condition to "return" in my -# .bashrc for noninteractive ssh shells (copy that code). Then -# use this function or similar that passes LC_USEBASHRC=t when sshing. Also, I -# don't keep most of my bashrc in .bashrc, i source a separate file -# because even though I return, the whole file gets parsed which can -# fail if there is a syntax error. +# .bashrc for noninteractive ssh shells (copy that code). Then use this +# function or similar that passes LC_USEBASHRC=t when sshing and I want +# my bashrc. Also, I don't keep most of my bashrc in .bashrc, i source a +# separate file because even if I return early on, the whole file gets +# parsed which can fail if there is a syntax error. sl() { - # Background on LC_USEBASHRC var (no need to read if you just want to use this - # function): bash builtin vars and env show no difference in ssh vs - # local, except shell level which is not reliable. only reliable way I - # found was env var. env variables sent across ssh are strictly - # limited, but we get LC_*, so we just make that * be something no - # normal program would use. Note, on hosts that dont allow LC_* I start an - # inner shell with LC_USEBASHRC set, and the inner shell also allows running a - # nondefault .bashrc. This means the outer shell still ran the default - # .bashrc, but that is the best we can do. + # Background on LC_USEBASHRC var (no need to read if you just want to + # use this function): env variables sent across ssh are strictly + # limited, but we get LC_* at least in debian based machines, so we + # just make that * be something no normal program would use. Note, on + # hosts that dont allow LC_* I start an inner shell with LC_USEBASHRC + # set, and the inner shell also allows running a nondefault + # .bashrc. This means the outer shell still ran the default .bashrc, + # but that is the best we can do. local now args remote dorsync haveinfo tmpa sshinfo tmp tmp2 type info_sec force_rsync sync_dirname declare -a args tmpa @@ -1268,7 +1267,7 @@ sl() { fi else # use this weird yes thing to ensure we know ssh succeeded - if ! tmp=$(LC_USEBASHRC=yes command ssh "${args[@]}" "$remote" echo '$LC_USEBASHRC'); then + if ! tmp=$(LC_USEBASHRC=yes command ssh "${args[@]}" "$remote" "if test -e $SL_FILES_DIR/.bashrc -a -L .bashrc; then echo '$LC_USEBASHRC'; fi"); then echo failed sl test. doing plain ssh -v command ssh -v "${args[@]}" "$remote" fi diff --git a/brc2 b/brc2 index 7f64bcc..aa48435 100644 --- a/brc2 +++ b/brc2 @@ -1146,6 +1146,9 @@ vpn() { [[ $1 ]] || { echo need arg; return 1; } journalctl --unit=$vpn_service@$1 -f -n0 & + # sometimes the journal doesnt open until after the vpn output + # has happened. hoping this fixes that. + sleep 1 sudo systemctl start $vpn_service@$1 # sometimes the ask-password agent does not work and needs a delay. sleep .5 diff --git a/distro-end b/distro-end index 73286c2..9467106 100755 --- a/distro-end +++ b/distro-end @@ -351,6 +351,33 @@ EOF ;;& etiona) + sd /etc/apt/preferences.d/focal <<'EOF' +Package: * +Pin: release n=focal,o=Ubuntu +Pin-Priority: -100 +EOF + + sd /etc/apt/preferences.d/spamassassin <<'EOF' +Package: spamassassin sa-compile spamc +Pin: release n=focal,o=Ubuntu +Pin-Priority: 500 +EOF + sd /etc/apt/preferences.d/spamassassin <<'EOF' +Package: spamassassin sa-compile spamc +Pin: release n=focal,o=Ubuntu +Pin-Priority: 500 +EOF + f=/etc/apt/sources.list.d/focal.list + t=$(mktemp) + cat >$t <<'EOF' +deb http://us.archive.ubuntu.com/ubuntu/ focal main universe +deb http://us.archive.ubuntu.com/ubuntu/ focal-updates main universe +deb http://us.archive.ubuntu.com/ubuntu/ focal-security main universe +EOF + if ! diff -q $t $f; then + sudo dd if=$t of=$f 2>/dev/null + p update + fi # for ziva #p install --no-install-recommends minetest/buster libleveldb1d/buster libncursesw6/buster libtinfo6/buster @@ -1346,6 +1373,7 @@ sudo gpasswd -a $USER lpadmin # based on ubuntu wiki m /a/bin/buildscripts/go m /a/bin/buildscripts/rust m /a/bin/buildscripts/misc +m /a/bin/buildscripts/pithosfly pi-nostart virtinst virt-manager soff libvirtd diff --git a/mail-route b/mail-route index 2aecfaa..60d95d6 100755 --- a/mail-route +++ b/mail-route @@ -156,12 +156,32 @@ modify() { exists=true; ip -6 route show $iproutecmd | grep . &>/dev/null || exists=false if runtest; then e ip -6 route $ip_op $iproutecmd; fi - # We could only do this if we dont have a default route with [[ ! $(ip -6 r show default) ]] but - # metric seems to be perfectly good. 6000 because on my home comp, - # its about 6 times slower to ping google, than the default 1024 metric. - iproutecmd="default dev $tun_dev" + + # Previously, I tried setting a default route with metric 6000, so + # that generally an isp assigned route would have lower metric and + # take precedence. The problem is that with linux SLAAC, it then + # stops assigning any default routes after the existing one + # expires. I can't find any way to get SLAAC to reassign the route + # other than rebooting. things i tried: googling. checking ipv6 + # sysctl settings, they are all unchanged. The next thing I would + # need to do seems to be looking at the kernel source code. I dun + # wanna delve into that. + + haveipv6=false + if [[ $(ip -6 r show default) ]]; then + haveipv6=true + fi + + runtestipv6() { + runtest && { $stop || ! $haveipv6; } + } + + iproutecmd="::/1 dev $tun_dev" + exists=true; ip -6 route show $iproutecmd | grep . &>/dev/null || exists=false + if runtestipv6; then e ip -6 route $ip_op $iproutecmd; fi + iproutecmd="8000::/1 dev $tun_dev" exists=true; ip -6 route show $iproutecmd | grep . &>/dev/null || exists=false - if runtest; then e ip -6 route $ip_op $iproutecmd metric 6000; fi + if runtestipv6; then e ip -6 route $ip_op $iproutecmd; fi fi # on debian this is 0 (no filter), on ubuntu it\'s 1, which is no good. 0 or 2 both work fine. # 2 drops it if the packet is not routable, martian address, or my default route is screwed up, diff --git a/pkgs b/pkgs index d073599..2c99e9a 100644 --- a/pkgs +++ b/pkgs @@ -169,6 +169,7 @@ p3=( pinentry-gtk2 pidgin pidgin-otr + pixz pry pv python-autopep8 diff --git a/subdir_files/.local/share/konsole/profileian.profile b/subdir_files/.local/share/konsole/profileian.profile index 026aadd..d9d34c6 100644 --- a/subdir_files/.local/share/konsole/profileian.profile +++ b/subdir_files/.local/share/konsole/profileian.profile @@ -1,6 +1,6 @@ [Appearance] ColorScheme=Linux -Font=Ubuntu Mono,14,-1,5,50,0,0,0,0,0 +Font=DejaVu Sans Mono,12,-1,5,50,0,0,0,0,0,Book [General] LocalTabTitleFormat=%w diff --git a/trusted-network b/trusted-network index ce1e6f4..39c73ee 100755 --- a/trusted-network +++ b/trusted-network @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/bash -l set -eE -o pipefail trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR @@ -12,3 +12,11 @@ if [[ -e /etc/dnsmasq.d/untrusted-network.conf ]]; then rm -f /etc/dnsmasq.d/untrusted-network.conf /etc/systemd/resolved.conf.d/untrusted-network.conf reresolv fi + + +if [[ -e /etc/NetworkManager/conf.d/dns.conf ]]; then + rm -f /etc/NetworkManager/conf.d/dns.conf + if [[ $(systemctl is-active NetworkManager) == active ]]; then + systemctl restart NetworkManager + fi +fi diff --git a/untrusted-network b/untrusted-network index 1936de7..5dec09c 100755 --- a/untrusted-network +++ b/untrusted-network @@ -28,5 +28,14 @@ DNS=8.8.4.4 8.8.8.8 2001:4860:4860::8844 2001:4860:4860::8888 Domains=~. EOF +cat >/etc/NetworkManager/conf.d/dns.conf <<'EOF' +[main] +dns=none +systemd-resolved=false +EOF + +if [[ $(systemctl is-active NetworkManager) == active ]]; then + systemctl restart NetworkManager + fi reresolv