i hate cups (ipp version) and more debian buster upgrades.

Cups printers suck when upgrading (my blog) I have since discovered that simply deleting all printers and rebooting makes them magically work after an upgrade.


Debian buster gave me a new prompt that i had not seen on another zoo pc i have now upgraded about starting and stopping services, once again four hours for a simple workstation did it, twenty minutes of that was downloading.

One non computer literate zoo staff member even thought it was a lot faster than stretch

Debian 10 (buster) a quick look on a simple workstation

two dogs

I use debian (my blog) and with version ten out called buster i offered the monkey houses stretch* pc to upgrade it via apt dist-upgrade   Three hours later i am typing this on itin debian ten.

Being a simple pc opposed to a server not too may hiccups

Those being

  • virtualbox [oracle crap]’ has no buster repository
  • minissdp wanted attention – not that i knew what minissdp does i ignored it
  • /etc/defaults/networking was updated [prompted] i kept my file
  • /etc/ssh/ssh_config [prompted] i kept my file

kde works from a brief exploration

Some issues which i discovered and may be user [me] issues

  • ipv6 by default [no ipv4]  until i edited my /etc/network/interfaces file which looks like its been through an exorcism since i have being doing a lot of iov6 work recently.
  • bluetooth sound is controlled via the sounds app in kde on the applications tab so codecs works,
  • cups/ipp needs some help

It took half an hour to download and 2 and a bit hours to extract but this also during dinner in the monkey house so some prompts might have been ignored while the tribe ate its bananas.

Being a SIMPLE pc everything worked opposed to server changes so as a first look on a basic pc no issues.

I have client tls 1.3 support from openssl  so tle 1.3 seems to be finally here.

*the old version 9

Raspberry pi on the internet

The zoo has a pi on the internet it has ssh open [intentionally] and does a couple of things.

People seem to be so far less tolerant when trying to hack it and as i secured it before making it a world wide target. compared with intel hardware.   It does not use the mac address on the pi so behaves like a pc with a network card in.

Maybe as it is a lower spec that puts people off as the connection tear up and tear down may feel like forever from say Burkina Faso (my blog)

People do try but disconnect after getting bored.

Systemd intoleraant (may contain nuts, or factory where nuts are processed)

So the zoo used a unused ip address for a new thing, i did not update a couple of cron jobs and systemd bitterly complained to the extent that one service would not load and so turned off all listeners

apachectl[*]: (99)Cannot assign requested address: AH00072: make_sock: could not bind to address x:y
apachectl[*]: no listening sockets available, shutting down

So having fixed the underlying issue to get apache working i had to bring down all our public interfaces just to satisfy systemd.

Fucking shit software

Another systemd example issue is that if login to my server systemd still keeps open processes even after i logout (i am not root)

Yet another is our postgresql cron job which is the only way to get posgresql  to start.

apple content on non apple hardware now that itunes is ‘dead’

great bananas,

I bet you all used banana skin that it will still not work on linux ,windows or non apple smart tv.   Itunes works only on there platform last time i checked – when was the last time you saw a quick time film trailer that needed its own software to play ?.   Leave your answer in the comments

With apple now doing media opposed to telephones (my blog)  it will be interesting to see if non apple hardware like a samsung tv will be able to play the content.   Being that i dont control the software on a smart tv i do wonder how popular the stuff might be after all to get something on a tv it usually has a non apple app  store and somebody usually wants a cut..

Since the monkey house has no apple* products it will be interesting to see if  they force the walled garden on consumers if so they cannot expect the monkey house to consume there products.

If you could only buy netflix with a dedicated netflix television (my blog) i am sure i would not be  subscribing to netflix and you would have walls of screens just like in Fahrenheit 451  or you could read the book.

Perhaps as electronics do not matter as much to apple  they will have to fail first before they make money with media.   I do not do a lot of ecommerce but if i had to own an amazon device** to shop there i would also go elsewhere too.

This is not a compliant but should be taken as a warning that your entertainment conglomerate and silicon valley darling might not see the results you think they get.

*perhaps organic ones you eat ** you get the idea


shields up, ipv6 probers off the port side

I turned on ipv6 logging months ago and the ipv6 probes  failed to happen other than local traffic my isp filters everything except ipv6 icmp.

As it was time for a new isp and they have already began. That is without entries in dns zone files.

 From 2001:0500:0013:0000:0000:0000:0000:0046 -
      332 packets
       To 2001:x - 332 packets
          Service: 32916 (tcp/32916) - 6 packets
          Service: 33610 (tcp/33610) - 6 packets
          Service: 34050 (tcp/34050) - 6 packets
          Service: 34130 (tcp/34130) - 7 packets
          Service: 34172 (tcp/34172) - 7 packets
          Service: 34262 (tcp/34262) - 6 packets

I am happy to report that the zoo has partial ipv6 access although nothing is yet configured.

hsts ‘fun’


Female fortune teller with crystal ball, mouth open, portrait

Fun perhaps is the wrong word but while moving isp’s one zoo site refused to load anywhere but on the server.

The others all worked and nmap (my blog) and tools  seemed good.  After doing a number of workstation things  i reset the dns expiry and then it came back like there was no issue with the hsts line (my blog).

I have suspicions but nothing precise to say it was dns zone expiry.

If you read tea leaves leave your thoughts below.