Posts by omv_user22

    Code
    >sudo apt-key adv --no-tty --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0E98404D386FA1D9
    Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
    Executing: /tmp/apt-key-gpghome.rxCKFLtYa1/gpg.1.sh --no-tty --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0E98404D386FA1D9
    gpg: key 73A4F27B8DD47936: public key "Debian Archive Automatic Signing Key (11/bullseye) <ftpmaster@debian.org>" imported
    gpg: Total number processed: 1
    gpg:               imported: 1


    Code
    Hit:11 http://packages.openmediavault.org/public shaitan InRelease                               
    Err:10 http://httpredir.debian.org/debian bullseye-backports InRelease
      The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131
    Fetched 92.3 kB in 2s (60.3 kB/s)
    Reading package lists... Done
    W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://httpredir.debian.org/debian bullseye-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131
    W: Failed to fetch http://httpredir.debian.org/debian/dists/bullseye-backports/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131
    W: Some index files failed to download. They have been ignored, or old ones used instead.
    Reading package lists... Done

    I'm seeing an issue similar to Shannon's. About a month ago the keyring error first appeared and persists through every update since.



    Code
    >dpkg -l | grep keyring
    ii  openmediavault-keyring         1.0.2-2                          all          GnuPG archive keys of the openmediavault archive
    ii  raspbian-archive-keyring       20120528.2                       all          GnuPG archive keys of the raspbian archive

    I don't think the system should change because you are paranoid about being hacked. The only package that changes something and doesn't apply the change is the openmediavault package itself.

    Let me repeat what I wrote above, this time with emphasis for comprehension: "Either my system had been hacked and someone was changing things, or what I thought more likely, something had become corrupted"


    I've seen databases get stomped on, stray pointers clobbering memory somewhere, multi-threaded code that's not actually thread-safe, all kinds of bugs. Software bugs are not at all uncommon. And often those sorts of bugs end up costing me hours of work so when I see something odd, quite understandably I think, I get concerned. It's a nuisance if the system b0rks itself and has to be rebuilt. It's a potential disaster if it b0rks itself and takes data with it. And if one sees unexpected behaviour like "something has changed but I changed nothing", how would one know that something is not badly wrong?


    So I now know that running apt-upgrade on the command line can have the unexpected side effect of needing to check the GUI for changes (or waiting for an alert via email). I didn't know this a few days ago. How about the rest of the user base? I guess everyone will need to encounter it for themselves. Or maybe the messaging could be a bit more self-explanatory?


    And is this something new in 5.x because I don't recall ever seeing it in 4.x


    Don't you worry about my backup routine -- I have a multi-tiered strategy. There is no Windows computer in the house. Obviously I am connecting to the internet else I wouldn't be able to be writing this. That's not to say that I don't take sensible safety and privacy precautions. As for the tin-foil hat, would you also suggest that I put my wifi router in one of those expensive Faraday cages to stop all horrible RF getting out? /s


    The prior context was exclusively for unnoticed mouse clicks. In your case it seems that everything is good. Now when you've found your system reconfigured and you DIDN'T get an email...

    Not exclusively -- ryecoaaron replied to you: "There has been a couple of OMV updates that require applying changes." These are what I saw. Of course not expecting such a thing I could only assume the worst. Either my system had been hacked and someone was changing things, or what I though more likely, something had become corrupted and I could no longer trust the system until I totally rebuilt it or at least understood what happened. Going through my mind was, "Ok, assuming corruption, what caused it? What got damaged? Is there anything thing else damaged -- latent problems I might not see until the worst possible time? Is it just the system or is my data damaged as well, or at risk?" Without answers to all those questions I wouldn't trust it. Fortunately the correct answer was, "there is no corruption" but I had no indication of that at the time. Surprises are bad.....


    And actually the available mechanism to investigate wouldn't have helped me even had I know about it. After googling a bit I found the command to dump the list of dirty modules. All that told me was something had changed WRT initramfs. Seeing that alarmed me even more -- If that's gone wrong something must be seriously bad. Then I found the links to the thread I mentioned prior as well as this one.


    But yes I'll agree silent failures are worse.


    I'd rather there never be updates that do this, but I have done enough software to know that sometimes you have to do what you have to do. However would it be possible to change the flag from a simple clean/dirty to perhaps a tri-state (or n-state?) flag representing clean/dirty (for the typical case)/sysupdate (for this particular case) and presenting a more specific dialog & email?

    So that means bad things are happening?

    Potentially, yes! I was directed to this thread from another where I had inquired about a pending change email I'd gotten. Because I knew I had not changed anything, klaxons and huge flashing red lights started going off in my head. If the system wants changes committed and I haven't made any changes, then I can only assume Very Bad Things are afoot! Good to know that it's benign, but it's very alarming.


    That said, I do really like OMV and it's served me well for years now. Keep up the good work & thanks!

    Thanks for the info. I thought the same as the guy in the thread -- that I'd been hacked or something. Unfortunately If I had known to look in /var/lib/openmediavault/dirtymodules.json and seen "initramfs" had been changed, it would not have reassured me -- in fact I'd be even more concerned I'd been hacked! Good to know it's a benign change....

    I've just starting getting these emails as well -- again. The last time a month or so ago I applied the command line fix above and it seemed to fix it. But now I'm getting them again. Thing is that I haven't made any configuration changes. Is there a way to see what it thinks has changed?


    5.5.21-1 Usul

    Linux 4.14.212-OdroidXU4


    EDIT: Found some logs. It appears the email was in response to cron.daily running. I don't know however if cron.daily changed something without applying it, or rather merely detected the change and let me know about it.