how can i automatically record every terminal session?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

up vote
1
down vote

favorite

I like to use tools like history, script, and asciinema to record and review xterm (i.e. bash/sh) sessions for typical, general administration reasons, and also, sometimes for comprehensive study/revision; as a learning tool.

  • I thought of setting the default $SHELL as a direct path to said tools and/or commands, like:

    • /bin/script transcript.log;
    • /bin/asciinema rec -w0.5 term_log.json;
  • But these tools typically rely on having a default $SHELL set (i.e. /bin/bash, /bin/sh, /bin/zsh, etc.).

  • Also, I feel like re-defining system variables (i.e. $SHELL, $TERM, etc.) or trying to get it working with config (*.conf) and dot (~/.bashrc / ~/.bash_profile) files is gona be riddled with all kinds of holes and potential problems.

  • However, every time I decide or realize that I want a transcript of a session, it’s after the fact, or I’ll be halfway through the interesting part already, or some such scenario.

What’s the correct, or best practice to set something like this up to simply log everything (preferably stdin, stdout (and stderr when applicable), etc.) automatically?

share|improve this question

  • This doesn’t answer your question, but I use GNU screen with a large buffer size and then “hardcopy -h filename” when I realize something interesting has just scrolled by too fast. Also, despite, your hesitance, experiment with putting “script” or something into .login .profile .bash_profile or similar.
    – barrycarter
    Sep 25 ’16 at 12:34

  • 2

    @barrycarter Maybe if I could get it to save to a new file every time. Maybe I could just use something like "$(date)" for the transcript name..
    – tjt263
    Sep 25 ’16 at 18:20

  • I was thinking something like that too. In my own crontab, I have things like “cp /var/tmp/mesoapi.txt `/bin/date +%Y%m%d.%H%M%S.%N`”. Just be careful with escaping the % signs, they can be tricky.
    – barrycarter
    Sep 25 ’16 at 22:14

up vote
1
down vote

favorite

I like to use tools like history, script, and asciinema to record and review xterm (i.e. bash/sh) sessions for typical, general administration reasons, and also, sometimes for comprehensive study/revision; as a learning tool.

  • I thought of setting the default $SHELL as a direct path to said tools and/or commands, like:

    • /bin/script transcript.log;
    • /bin/asciinema rec -w0.5 term_log.json;
  • But these tools typically rely on having a default $SHELL set (i.e. /bin/bash, /bin/sh, /bin/zsh, etc.).

  • Also, I feel like re-defining system variables (i.e. $SHELL, $TERM, etc.) or trying to get it working with config (*.conf) and dot (~/.bashrc / ~/.bash_profile) files is gona be riddled with all kinds of holes and potential problems.

  • However, every time I decide or realize that I want a transcript of a session, it’s after the fact, or I’ll be halfway through the interesting part already, or some such scenario.

What’s the correct, or best practice to set something like this up to simply log everything (preferably stdin, stdout (and stderr when applicable), etc.) automatically?

share|improve this question

  • This doesn’t answer your question, but I use GNU screen with a large buffer size and then “hardcopy -h filename” when I realize something interesting has just scrolled by too fast. Also, despite, your hesitance, experiment with putting “script” or something into .login .profile .bash_profile or similar.
    – barrycarter
    Sep 25 ’16 at 12:34

  • 2

    @barrycarter Maybe if I could get it to save to a new file every time. Maybe I could just use something like "$(date)" for the transcript name..
    – tjt263
    Sep 25 ’16 at 18:20

  • I was thinking something like that too. In my own crontab, I have things like “cp /var/tmp/mesoapi.txt `/bin/date +%Y%m%d.%H%M%S.%N`”. Just be careful with escaping the % signs, they can be tricky.
    – barrycarter
    Sep 25 ’16 at 22:14

up vote
1
down vote

favorite

up vote
1
down vote

favorite

I like to use tools like history, script, and asciinema to record and review xterm (i.e. bash/sh) sessions for typical, general administration reasons, and also, sometimes for comprehensive study/revision; as a learning tool.

  • I thought of setting the default $SHELL as a direct path to said tools and/or commands, like:

    • /bin/script transcript.log;
    • /bin/asciinema rec -w0.5 term_log.json;
  • But these tools typically rely on having a default $SHELL set (i.e. /bin/bash, /bin/sh, /bin/zsh, etc.).

  • Also, I feel like re-defining system variables (i.e. $SHELL, $TERM, etc.) or trying to get it working with config (*.conf) and dot (~/.bashrc / ~/.bash_profile) files is gona be riddled with all kinds of holes and potential problems.

  • However, every time I decide or realize that I want a transcript of a session, it’s after the fact, or I’ll be halfway through the interesting part already, or some such scenario.

What’s the correct, or best practice to set something like this up to simply log everything (preferably stdin, stdout (and stderr when applicable), etc.) automatically?

share|improve this question

I like to use tools like history, script, and asciinema to record and review xterm (i.e. bash/sh) sessions for typical, general administration reasons, and also, sometimes for comprehensive study/revision; as a learning tool.

  • I thought of setting the default $SHELL as a direct path to said tools and/or commands, like:

    • /bin/script transcript.log;
    • /bin/asciinema rec -w0.5 term_log.json;
  • But these tools typically rely on having a default $SHELL set (i.e. /bin/bash, /bin/sh, /bin/zsh, etc.).

  • Also, I feel like re-defining system variables (i.e. $SHELL, $TERM, etc.) or trying to get it working with config (*.conf) and dot (~/.bashrc / ~/.bash_profile) files is gona be riddled with all kinds of holes and potential problems.

  • However, every time I decide or realize that I want a transcript of a session, it’s after the fact, or I’ll be halfway through the interesting part already, or some such scenario.

What’s the correct, or best practice to set something like this up to simply log everything (preferably stdin, stdout (and stderr when applicable), etc.) automatically?

share|improve this question

share|improve this question

share|improve this question

edited Oct 22 ’16 at 2:00

Jeff Schaller

31.8k848109

31.8k848109

asked Sep 25 ’16 at 9:11

tjt263

4801419

4801419

  • This doesn’t answer your question, but I use GNU screen with a large buffer size and then “hardcopy -h filename” when I realize something interesting has just scrolled by too fast. Also, despite, your hesitance, experiment with putting “script” or something into .login .profile .bash_profile or similar.
    – barrycarter
    Sep 25 ’16 at 12:34

  • 2

    @barrycarter Maybe if I could get it to save to a new file every time. Maybe I could just use something like "$(date)" for the transcript name..
    – tjt263
    Sep 25 ’16 at 18:20

  • I was thinking something like that too. In my own crontab, I have things like “cp /var/tmp/mesoapi.txt `/bin/date +%Y%m%d.%H%M%S.%N`”. Just be careful with escaping the % signs, they can be tricky.
    – barrycarter
    Sep 25 ’16 at 22:14

  • This doesn’t answer your question, but I use GNU screen with a large buffer size and then “hardcopy -h filename” when I realize something interesting has just scrolled by too fast. Also, despite, your hesitance, experiment with putting “script” or something into .login .profile .bash_profile or similar.
    – barrycarter
    Sep 25 ’16 at 12:34

  • 2

    @barrycarter Maybe if I could get it to save to a new file every time. Maybe I could just use something like "$(date)" for the transcript name..
    – tjt263
    Sep 25 ’16 at 18:20

  • I was thinking something like that too. In my own crontab, I have things like “cp /var/tmp/mesoapi.txt `/bin/date +%Y%m%d.%H%M%S.%N`”. Just be careful with escaping the % signs, they can be tricky.
    – barrycarter
    Sep 25 ’16 at 22:14

This doesn’t answer your question, but I use GNU screen with a large buffer size and then “hardcopy -h filename” when I realize something interesting has just scrolled by too fast. Also, despite, your hesitance, experiment with putting “script” or something into .login .profile .bash_profile or similar.
– barrycarter
Sep 25 ’16 at 12:34

This doesn’t answer your question, but I use GNU screen with a large buffer size and then “hardcopy -h filename” when I realize something interesting has just scrolled by too fast. Also, despite, your hesitance, experiment with putting “script” or something into .login .profile .bash_profile or similar.
– barrycarter
Sep 25 ’16 at 12:34

2

2

@barrycarter Maybe if I could get it to save to a new file every time. Maybe I could just use something like "$(date)" for the transcript name..
– tjt263
Sep 25 ’16 at 18:20

@barrycarter Maybe if I could get it to save to a new file every time. Maybe I could just use something like "$(date)" for the transcript name..
– tjt263
Sep 25 ’16 at 18:20

I was thinking something like that too. In my own crontab, I have things like “cp /var/tmp/mesoapi.txt `/bin/date +%Y%m%d.%H%M%S.%N`”. Just be careful with escaping the % signs, they can be tricky.
– barrycarter
Sep 25 ’16 at 22:14

I was thinking something like that too. In my own crontab, I have things like “cp /var/tmp/mesoapi.txt `/bin/date +%Y%m%d.%H%M%S.%N`”. Just be careful with escaping the % signs, they can be tricky.
– barrycarter
Sep 25 ’16 at 22:14

1 Answer
1

active

oldest

votes

up vote
1
down vote

Something like this in your .bash_profile or .bashrc might work for you:

if test -t 0 -a -t 1 -a -z "$SCRIPTING"
then
    export SCRIPTING="$HOME/.script.$(date +%Y%m%d_%H%M%S).$$)"
    exec script "$SCRIPTING"
fi

share|improve this answer

    Your Answer

    StackExchange.ready(function() {
    var channelOptions = {
    tags: “”.split(” “),
    id: “106”
    };
    initTagRenderer(“”.split(” “), “”.split(” “), channelOptions);

    StackExchange.using(“externalEditor”, function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using(“snippets”, function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: ‘answer’,
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: “”,
    onDemand: true,
    discardSelector: “.discard-answer”
    ,immediatelyShowMarkdownHelp:true
    });

    }
    });

     
    draft saved
    draft discarded

    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f312195%2fhow-can-i-automatically-record-every-terminal-session%23new-answer’, ‘question_page’);
    }
    );

    Post as a guest

    1 Answer
    1

    active

    oldest

    votes

    1 Answer
    1

    active

    oldest

    votes

    active

    oldest

    votes

    active

    oldest

    votes

    up vote
    1
    down vote

    Something like this in your .bash_profile or .bashrc might work for you:

    if test -t 0 -a -t 1 -a -z "$SCRIPTING"
    then
        export SCRIPTING="$HOME/.script.$(date +%Y%m%d_%H%M%S).$$)"
        exec script "$SCRIPTING"
    fi
    

    share|improve this answer

      up vote
      1
      down vote

      Something like this in your .bash_profile or .bashrc might work for you:

      if test -t 0 -a -t 1 -a -z "$SCRIPTING"
      then
          export SCRIPTING="$HOME/.script.$(date +%Y%m%d_%H%M%S).$$)"
          exec script "$SCRIPTING"
      fi
      

      share|improve this answer

        up vote
        1
        down vote

        up vote
        1
        down vote

        Something like this in your .bash_profile or .bashrc might work for you:

        if test -t 0 -a -t 1 -a -z "$SCRIPTING"
        then
            export SCRIPTING="$HOME/.script.$(date +%Y%m%d_%H%M%S).$$)"
            exec script "$SCRIPTING"
        fi
        

        share|improve this answer

        Something like this in your .bash_profile or .bashrc might work for you:

        if test -t 0 -a -t 1 -a -z "$SCRIPTING"
        then
            export SCRIPTING="$HOME/.script.$(date +%Y%m%d_%H%M%S).$$)"
            exec script "$SCRIPTING"
        fi
        

        share|improve this answer

        share|improve this answer

        share|improve this answer

        answered Sep 25 ’16 at 21:36

        roaima

        39.7k545108

        39.7k545108

             
            draft saved
            draft discarded

             

            draft saved

            draft discarded

            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f312195%2fhow-can-i-automatically-record-every-terminal-session%23new-answer’, ‘question_page’);
            }
            );

            Post as a guest

            search with and without a pattern with ag

            The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

            up vote
            0
            down vote

            favorite

            With two files with

            echo 'example.com/call_me?param' > file1.txt
            echo 'example.com/call_me_maybe?param' >> file1.txt
            echo 'example.com/call_me?' >> file1.txt
            echo 'example.com/call_me?param' > file2.txt
            echo 'example.com/call_me_maybe?' >> file2.txt
            
            $ ag -v '?param'
            file2.txt
            2:example.com/call_me_maybe?
            
            file1.txt
            3:example.com/call_me?
            
            $ ag '/call_me_maybe' -v '?param'
            ERR: Error stat()ing: ?param
            ERR: Error opening directory ?param: No such file or directory
            
            $ ag '/call_me_maybe' -v '?param' file1.txt
            ERR: Error stat()ing: ?param
            ERR: Error opening directory ?param: No such file or directory
            file1.txt
            1:example.com/call_me?param
            3:example.com/call_me?
            

            I would like to search for one term and exclude the other pattern. Is it possible in one command?

            I’m using ag because it digging into log.gz files. So I can use zgrep or ag -z.

            share|improve this question

            • 1

              according to the man page, the command line is ag [options] pattern [path ...]. That implies only one pattern. Have you tried ag '/call_me_maybe' | ag -v '?param or even ag '/call_me_maybe' | grep -v '?param?
              – cas
              Jan 17 at 14:21

            • I finally did your second option.
              – PockPock
              Jan 17 at 14:23

            up vote
            0
            down vote

            favorite

            With two files with

            echo 'example.com/call_me?param' > file1.txt
            echo 'example.com/call_me_maybe?param' >> file1.txt
            echo 'example.com/call_me?' >> file1.txt
            echo 'example.com/call_me?param' > file2.txt
            echo 'example.com/call_me_maybe?' >> file2.txt
            
            $ ag -v '?param'
            file2.txt
            2:example.com/call_me_maybe?
            
            file1.txt
            3:example.com/call_me?
            
            $ ag '/call_me_maybe' -v '?param'
            ERR: Error stat()ing: ?param
            ERR: Error opening directory ?param: No such file or directory
            
            $ ag '/call_me_maybe' -v '?param' file1.txt
            ERR: Error stat()ing: ?param
            ERR: Error opening directory ?param: No such file or directory
            file1.txt
            1:example.com/call_me?param
            3:example.com/call_me?
            

            I would like to search for one term and exclude the other pattern. Is it possible in one command?

            I’m using ag because it digging into log.gz files. So I can use zgrep or ag -z.

            share|improve this question

            • 1

              according to the man page, the command line is ag [options] pattern [path ...]. That implies only one pattern. Have you tried ag '/call_me_maybe' | ag -v '?param or even ag '/call_me_maybe' | grep -v '?param?
              – cas
              Jan 17 at 14:21

            • I finally did your second option.
              – PockPock
              Jan 17 at 14:23

            up vote
            0
            down vote

            favorite

            up vote
            0
            down vote

            favorite

            With two files with

            echo 'example.com/call_me?param' > file1.txt
            echo 'example.com/call_me_maybe?param' >> file1.txt
            echo 'example.com/call_me?' >> file1.txt
            echo 'example.com/call_me?param' > file2.txt
            echo 'example.com/call_me_maybe?' >> file2.txt
            
            $ ag -v '?param'
            file2.txt
            2:example.com/call_me_maybe?
            
            file1.txt
            3:example.com/call_me?
            
            $ ag '/call_me_maybe' -v '?param'
            ERR: Error stat()ing: ?param
            ERR: Error opening directory ?param: No such file or directory
            
            $ ag '/call_me_maybe' -v '?param' file1.txt
            ERR: Error stat()ing: ?param
            ERR: Error opening directory ?param: No such file or directory
            file1.txt
            1:example.com/call_me?param
            3:example.com/call_me?
            

            I would like to search for one term and exclude the other pattern. Is it possible in one command?

            I’m using ag because it digging into log.gz files. So I can use zgrep or ag -z.

            share|improve this question

            With two files with

            echo 'example.com/call_me?param' > file1.txt
            echo 'example.com/call_me_maybe?param' >> file1.txt
            echo 'example.com/call_me?' >> file1.txt
            echo 'example.com/call_me?param' > file2.txt
            echo 'example.com/call_me_maybe?' >> file2.txt
            
            $ ag -v '?param'
            file2.txt
            2:example.com/call_me_maybe?
            
            file1.txt
            3:example.com/call_me?
            
            $ ag '/call_me_maybe' -v '?param'
            ERR: Error stat()ing: ?param
            ERR: Error opening directory ?param: No such file or directory
            
            $ ag '/call_me_maybe' -v '?param' file1.txt
            ERR: Error stat()ing: ?param
            ERR: Error opening directory ?param: No such file or directory
            file1.txt
            1:example.com/call_me?param
            3:example.com/call_me?
            

            I would like to search for one term and exclude the other pattern. Is it possible in one command?

            I’m using ag because it digging into log.gz files. So I can use zgrep or ag -z.

            share|improve this question

            share|improve this question

            share|improve this question

            edited Jan 17 at 14:27

            asked Jan 17 at 14:06

            PockPock

            1033

            1033

            • 1

              according to the man page, the command line is ag [options] pattern [path ...]. That implies only one pattern. Have you tried ag '/call_me_maybe' | ag -v '?param or even ag '/call_me_maybe' | grep -v '?param?
              – cas
              Jan 17 at 14:21

            • I finally did your second option.
              – PockPock
              Jan 17 at 14:23

            • 1

              according to the man page, the command line is ag [options] pattern [path ...]. That implies only one pattern. Have you tried ag '/call_me_maybe' | ag -v '?param or even ag '/call_me_maybe' | grep -v '?param?
              – cas
              Jan 17 at 14:21

            • I finally did your second option.
              – PockPock
              Jan 17 at 14:23

            1

            1

            according to the man page, the command line is ag [options] pattern [path ...]. That implies only one pattern. Have you tried ag '/call_me_maybe' | ag -v '?param or even ag '/call_me_maybe' | grep -v '?param?
            – cas
            Jan 17 at 14:21

            according to the man page, the command line is ag [options] pattern [path ...]. That implies only one pattern. Have you tried ag '/call_me_maybe' | ag -v '?param or even ag '/call_me_maybe' | grep -v '?param?
            – cas
            Jan 17 at 14:21

            I finally did your second option.
            – PockPock
            Jan 17 at 14:23

            I finally did your second option.
            – PockPock
            Jan 17 at 14:23

            1 Answer
            1

            active

            oldest

            votes

            up vote
            1
            down vote

            accepted

            I don’t use ag but according to the man page, the command line is:

            ag [options] pattern [path ...]
            

            That implies only one pattern is allowed.

            Just as with grep when you want to combine a search with an inverted search (i.e. perform a search for a AND NOT b), you can pipe the output into grep -v .... e.g.

            ag '/call_me_maybe' | grep -v '?param'
            

            share|improve this answer

              Your Answer

              StackExchange.ready(function() {
              var channelOptions = {
              tags: “”.split(” “),
              id: “106”
              };
              initTagRenderer(“”.split(” “), “”.split(” “), channelOptions);

              StackExchange.using(“externalEditor”, function() {
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled) {
              StackExchange.using(“snippets”, function() {
              createEditor();
              });
              }
              else {
              createEditor();
              }
              });

              function createEditor() {
              StackExchange.prepareEditor({
              heartbeatType: ‘answer’,
              convertImagesToLinks: false,
              noModals: false,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: null,
              bindNavPrevention: true,
              postfix: “”,
              onDemand: true,
              discardSelector: “.discard-answer”
              ,immediatelyShowMarkdownHelp:true
              });

              }
              });

               
              draft saved
              draft discarded

              StackExchange.ready(
              function () {
              StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f417789%2fsearch-with-and-without-a-pattern-with-ag%23new-answer’, ‘question_page’);
              }
              );

              Post as a guest

              1 Answer
              1

              active

              oldest

              votes

              1 Answer
              1

              active

              oldest

              votes

              active

              oldest

              votes

              active

              oldest

              votes

              up vote
              1
              down vote

              accepted

              I don’t use ag but according to the man page, the command line is:

              ag [options] pattern [path ...]
              

              That implies only one pattern is allowed.

              Just as with grep when you want to combine a search with an inverted search (i.e. perform a search for a AND NOT b), you can pipe the output into grep -v .... e.g.

              ag '/call_me_maybe' | grep -v '?param'
              

              share|improve this answer

                up vote
                1
                down vote

                accepted

                I don’t use ag but according to the man page, the command line is:

                ag [options] pattern [path ...]
                

                That implies only one pattern is allowed.

                Just as with grep when you want to combine a search with an inverted search (i.e. perform a search for a AND NOT b), you can pipe the output into grep -v .... e.g.

                ag '/call_me_maybe' | grep -v '?param'
                

                share|improve this answer

                  up vote
                  1
                  down vote

                  accepted

                  up vote
                  1
                  down vote

                  accepted

                  I don’t use ag but according to the man page, the command line is:

                  ag [options] pattern [path ...]
                  

                  That implies only one pattern is allowed.

                  Just as with grep when you want to combine a search with an inverted search (i.e. perform a search for a AND NOT b), you can pipe the output into grep -v .... e.g.

                  ag '/call_me_maybe' | grep -v '?param'
                  

                  share|improve this answer

                  I don’t use ag but according to the man page, the command line is:

                  ag [options] pattern [path ...]
                  

                  That implies only one pattern is allowed.

                  Just as with grep when you want to combine a search with an inverted search (i.e. perform a search for a AND NOT b), you can pipe the output into grep -v .... e.g.

                  ag '/call_me_maybe' | grep -v '?param'
                  

                  share|improve this answer

                  share|improve this answer

                  share|improve this answer

                  answered Jan 17 at 14:31

                  cas

                  37.7k44393

                  37.7k44393

                       
                      draft saved
                      draft discarded

                       

                      draft saved

                      draft discarded

                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f417789%2fsearch-with-and-without-a-pattern-with-ag%23new-answer’, ‘question_page’);
                      }
                      );

                      Post as a guest

                      Part of hard drive not encrypted – normal?

                      The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

                      up vote
                      0
                      down vote

                      favorite

                      Bought a computer online and had issues installing a fresh OS. When running lsblk -a, I receive the following output:

                          NAME                    MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
                          loop1                     7:1    0 193.5M  1 loop  /snap/vlc/65
                          loop6                     7:6    0         0 loop  
                          loop4                     7:4    0         0 loop  
                          loop2                     7:2    0  83.8M  1 loop  /snap/core/3748
                          loop0                     7:0    0 192.8M  1 loop  /snap/vlc/113
                          sda                       8:0    0 238.5G  0 disk  
                          ├─sda2                    8:2    0     1K  0 part  
                          ├─sda5                    8:5    0   238G  0 part  
                          │ └─sda5_crypt          253:0    0   238G  0 crypt 
                          │   ├─ubuntu--vg-root   253:1    0 230.7G  0 lvm   /
                          │   └─ubuntu--vg-swap_1 253:2    0   7.3G  0 lvm   
                          │     └─cryptswap1      253:3    0   7.3G  0 crypt [SWAP]
                          └─sda1                    8:1    0   487M  0 part  /boot
                          loop7                     7:7    0         0 loop  
                          loop5                     7:5    0         0 loop  
                          loop3                     7:3    0         0 loop  
                      

                      My main concer is the sda1 partition which is unencrypted and appears to be operating underneath the OS. Any help/suggestions for reference?

                      share|improve this question

                      • 4

                        /boot contains files that are needed to bootstrap the system to an point in which you can decrypt the other partitions.
                        – llua
                        Jan 18 at 17:22

                      up vote
                      0
                      down vote

                      favorite

                      Bought a computer online and had issues installing a fresh OS. When running lsblk -a, I receive the following output:

                          NAME                    MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
                          loop1                     7:1    0 193.5M  1 loop  /snap/vlc/65
                          loop6                     7:6    0         0 loop  
                          loop4                     7:4    0         0 loop  
                          loop2                     7:2    0  83.8M  1 loop  /snap/core/3748
                          loop0                     7:0    0 192.8M  1 loop  /snap/vlc/113
                          sda                       8:0    0 238.5G  0 disk  
                          ├─sda2                    8:2    0     1K  0 part  
                          ├─sda5                    8:5    0   238G  0 part  
                          │ └─sda5_crypt          253:0    0   238G  0 crypt 
                          │   ├─ubuntu--vg-root   253:1    0 230.7G  0 lvm   /
                          │   └─ubuntu--vg-swap_1 253:2    0   7.3G  0 lvm   
                          │     └─cryptswap1      253:3    0   7.3G  0 crypt [SWAP]
                          └─sda1                    8:1    0   487M  0 part  /boot
                          loop7                     7:7    0         0 loop  
                          loop5                     7:5    0         0 loop  
                          loop3                     7:3    0         0 loop  
                      

                      My main concer is the sda1 partition which is unencrypted and appears to be operating underneath the OS. Any help/suggestions for reference?

                      share|improve this question

                      • 4

                        /boot contains files that are needed to bootstrap the system to an point in which you can decrypt the other partitions.
                        – llua
                        Jan 18 at 17:22

                      up vote
                      0
                      down vote

                      favorite

                      up vote
                      0
                      down vote

                      favorite

                      Bought a computer online and had issues installing a fresh OS. When running lsblk -a, I receive the following output:

                          NAME                    MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
                          loop1                     7:1    0 193.5M  1 loop  /snap/vlc/65
                          loop6                     7:6    0         0 loop  
                          loop4                     7:4    0         0 loop  
                          loop2                     7:2    0  83.8M  1 loop  /snap/core/3748
                          loop0                     7:0    0 192.8M  1 loop  /snap/vlc/113
                          sda                       8:0    0 238.5G  0 disk  
                          ├─sda2                    8:2    0     1K  0 part  
                          ├─sda5                    8:5    0   238G  0 part  
                          │ └─sda5_crypt          253:0    0   238G  0 crypt 
                          │   ├─ubuntu--vg-root   253:1    0 230.7G  0 lvm   /
                          │   └─ubuntu--vg-swap_1 253:2    0   7.3G  0 lvm   
                          │     └─cryptswap1      253:3    0   7.3G  0 crypt [SWAP]
                          └─sda1                    8:1    0   487M  0 part  /boot
                          loop7                     7:7    0         0 loop  
                          loop5                     7:5    0         0 loop  
                          loop3                     7:3    0         0 loop  
                      

                      My main concer is the sda1 partition which is unencrypted and appears to be operating underneath the OS. Any help/suggestions for reference?

                      share|improve this question

                      Bought a computer online and had issues installing a fresh OS. When running lsblk -a, I receive the following output:

                          NAME                    MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
                          loop1                     7:1    0 193.5M  1 loop  /snap/vlc/65
                          loop6                     7:6    0         0 loop  
                          loop4                     7:4    0         0 loop  
                          loop2                     7:2    0  83.8M  1 loop  /snap/core/3748
                          loop0                     7:0    0 192.8M  1 loop  /snap/vlc/113
                          sda                       8:0    0 238.5G  0 disk  
                          ├─sda2                    8:2    0     1K  0 part  
                          ├─sda5                    8:5    0   238G  0 part  
                          │ └─sda5_crypt          253:0    0   238G  0 crypt 
                          │   ├─ubuntu--vg-root   253:1    0 230.7G  0 lvm   /
                          │   └─ubuntu--vg-swap_1 253:2    0   7.3G  0 lvm   
                          │     └─cryptswap1      253:3    0   7.3G  0 crypt [SWAP]
                          └─sda1                    8:1    0   487M  0 part  /boot
                          loop7                     7:7    0         0 loop  
                          loop5                     7:5    0         0 loop  
                          loop3                     7:3    0         0 loop  
                      

                      My main concer is the sda1 partition which is unencrypted and appears to be operating underneath the OS. Any help/suggestions for reference?

                      share|improve this question

                      share|improve this question

                      share|improve this question

                      asked Jan 18 at 17:20

                      linuxuser51

                      11

                      11

                      • 4

                        /boot contains files that are needed to bootstrap the system to an point in which you can decrypt the other partitions.
                        – llua
                        Jan 18 at 17:22

                      • 4

                        /boot contains files that are needed to bootstrap the system to an point in which you can decrypt the other partitions.
                        – llua
                        Jan 18 at 17:22

                      4

                      4

                      /boot contains files that are needed to bootstrap the system to an point in which you can decrypt the other partitions.
                      – llua
                      Jan 18 at 17:22

                      /boot contains files that are needed to bootstrap the system to an point in which you can decrypt the other partitions.
                      – llua
                      Jan 18 at 17:22

                      1 Answer
                      1

                      active

                      oldest

                      votes

                      up vote
                      1
                      down vote

                      disambiguation of bootstrapping: any process where a simple system activates a more complicated system.

                      the bios/EFI {the simple system} of today at least for what i am aware of cannot read or boot an encrypted boot partition therefore your boot “partition” sda is not encrypted.

                      Calling it whole “disk”encryption is a misnomer, it’s really whole “partition” encryption until you go so far as to encrypt every partition, but you typically cannot encrypt the boot partition because then the BIOS/EFI cannot read it. And I don’t think the partition table is ever encrypted.

                      the boot partition should not contain any of your data, and should only contain the files, boot loader, and linux kernel which do not need to be encrypted, and there’s other ways of mitigating, protecting, or recognizing if those boot files were maliciously modified, so one could argue there’s little to no reason to need the boot partition encrypted to begin with.

                      To answer your question, there’s nothing really wrong with what you are observing with your laptop that is how it’s currently done. The implementation of encryption can be done a few different ways, each way with different pros/cons and it can often reduce the ease or flexibility of installing a new or fresh operating system on an existing disk like you mentioned. The simple solution to that is simply reformatting or re-partitioning the entire disk to a clean slate but be aware that deletes everything on the disk, that is ok from some and not ok for others it depends on what your goal is.

                      you stated: sda1 partition appears to be operating underneath the OS

                      I don’t think that is technically true and I would not describe it that way, using the word underneath as if something bad or risky is happening.

                      some suggestions:

                      1. read & web search about booting & disk encryption
                      2. read & web search about disk paritioning MBT and GPT
                      3. get yourself some free linux distributions like opensuse, fedora, centos, or others. If your register with Redhat, or Suse, I believe you can download the enterprise versions Redhat enterprise linux (RHEL) and Suse Linux Enterprise Server (SLES) for trial or development and you can play around and observe first hand how and what encryption schemes are available.
                      share|improve this answer

                        Your Answer

                        StackExchange.ready(function() {
                        var channelOptions = {
                        tags: “”.split(” “),
                        id: “106”
                        };
                        initTagRenderer(“”.split(” “), “”.split(” “), channelOptions);

                        StackExchange.using(“externalEditor”, function() {
                        // Have to fire editor after snippets, if snippets enabled
                        if (StackExchange.settings.snippets.snippetsEnabled) {
                        StackExchange.using(“snippets”, function() {
                        createEditor();
                        });
                        }
                        else {
                        createEditor();
                        }
                        });

                        function createEditor() {
                        StackExchange.prepareEditor({
                        heartbeatType: ‘answer’,
                        convertImagesToLinks: false,
                        noModals: false,
                        showLowRepImageUploadWarning: true,
                        reputationToPostImages: null,
                        bindNavPrevention: true,
                        postfix: “”,
                        onDemand: true,
                        discardSelector: “.discard-answer”
                        ,immediatelyShowMarkdownHelp:true
                        });

                        }
                        });

                         
                        draft saved
                        draft discarded

                        StackExchange.ready(
                        function () {
                        StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418055%2fpart-of-hard-drive-not-encrypted-normal%23new-answer’, ‘question_page’);
                        }
                        );

                        Post as a guest

                        1 Answer
                        1

                        active

                        oldest

                        votes

                        1 Answer
                        1

                        active

                        oldest

                        votes

                        active

                        oldest

                        votes

                        active

                        oldest

                        votes

                        up vote
                        1
                        down vote

                        disambiguation of bootstrapping: any process where a simple system activates a more complicated system.

                        the bios/EFI {the simple system} of today at least for what i am aware of cannot read or boot an encrypted boot partition therefore your boot “partition” sda is not encrypted.

                        Calling it whole “disk”encryption is a misnomer, it’s really whole “partition” encryption until you go so far as to encrypt every partition, but you typically cannot encrypt the boot partition because then the BIOS/EFI cannot read it. And I don’t think the partition table is ever encrypted.

                        the boot partition should not contain any of your data, and should only contain the files, boot loader, and linux kernel which do not need to be encrypted, and there’s other ways of mitigating, protecting, or recognizing if those boot files were maliciously modified, so one could argue there’s little to no reason to need the boot partition encrypted to begin with.

                        To answer your question, there’s nothing really wrong with what you are observing with your laptop that is how it’s currently done. The implementation of encryption can be done a few different ways, each way with different pros/cons and it can often reduce the ease or flexibility of installing a new or fresh operating system on an existing disk like you mentioned. The simple solution to that is simply reformatting or re-partitioning the entire disk to a clean slate but be aware that deletes everything on the disk, that is ok from some and not ok for others it depends on what your goal is.

                        you stated: sda1 partition appears to be operating underneath the OS

                        I don’t think that is technically true and I would not describe it that way, using the word underneath as if something bad or risky is happening.

                        some suggestions:

                        1. read & web search about booting & disk encryption
                        2. read & web search about disk paritioning MBT and GPT
                        3. get yourself some free linux distributions like opensuse, fedora, centos, or others. If your register with Redhat, or Suse, I believe you can download the enterprise versions Redhat enterprise linux (RHEL) and Suse Linux Enterprise Server (SLES) for trial or development and you can play around and observe first hand how and what encryption schemes are available.
                        share|improve this answer

                          up vote
                          1
                          down vote

                          disambiguation of bootstrapping: any process where a simple system activates a more complicated system.

                          the bios/EFI {the simple system} of today at least for what i am aware of cannot read or boot an encrypted boot partition therefore your boot “partition” sda is not encrypted.

                          Calling it whole “disk”encryption is a misnomer, it’s really whole “partition” encryption until you go so far as to encrypt every partition, but you typically cannot encrypt the boot partition because then the BIOS/EFI cannot read it. And I don’t think the partition table is ever encrypted.

                          the boot partition should not contain any of your data, and should only contain the files, boot loader, and linux kernel which do not need to be encrypted, and there’s other ways of mitigating, protecting, or recognizing if those boot files were maliciously modified, so one could argue there’s little to no reason to need the boot partition encrypted to begin with.

                          To answer your question, there’s nothing really wrong with what you are observing with your laptop that is how it’s currently done. The implementation of encryption can be done a few different ways, each way with different pros/cons and it can often reduce the ease or flexibility of installing a new or fresh operating system on an existing disk like you mentioned. The simple solution to that is simply reformatting or re-partitioning the entire disk to a clean slate but be aware that deletes everything on the disk, that is ok from some and not ok for others it depends on what your goal is.

                          you stated: sda1 partition appears to be operating underneath the OS

                          I don’t think that is technically true and I would not describe it that way, using the word underneath as if something bad or risky is happening.

                          some suggestions:

                          1. read & web search about booting & disk encryption
                          2. read & web search about disk paritioning MBT and GPT
                          3. get yourself some free linux distributions like opensuse, fedora, centos, or others. If your register with Redhat, or Suse, I believe you can download the enterprise versions Redhat enterprise linux (RHEL) and Suse Linux Enterprise Server (SLES) for trial or development and you can play around and observe first hand how and what encryption schemes are available.
                          share|improve this answer

                            up vote
                            1
                            down vote

                            up vote
                            1
                            down vote

                            disambiguation of bootstrapping: any process where a simple system activates a more complicated system.

                            the bios/EFI {the simple system} of today at least for what i am aware of cannot read or boot an encrypted boot partition therefore your boot “partition” sda is not encrypted.

                            Calling it whole “disk”encryption is a misnomer, it’s really whole “partition” encryption until you go so far as to encrypt every partition, but you typically cannot encrypt the boot partition because then the BIOS/EFI cannot read it. And I don’t think the partition table is ever encrypted.

                            the boot partition should not contain any of your data, and should only contain the files, boot loader, and linux kernel which do not need to be encrypted, and there’s other ways of mitigating, protecting, or recognizing if those boot files were maliciously modified, so one could argue there’s little to no reason to need the boot partition encrypted to begin with.

                            To answer your question, there’s nothing really wrong with what you are observing with your laptop that is how it’s currently done. The implementation of encryption can be done a few different ways, each way with different pros/cons and it can often reduce the ease or flexibility of installing a new or fresh operating system on an existing disk like you mentioned. The simple solution to that is simply reformatting or re-partitioning the entire disk to a clean slate but be aware that deletes everything on the disk, that is ok from some and not ok for others it depends on what your goal is.

                            you stated: sda1 partition appears to be operating underneath the OS

                            I don’t think that is technically true and I would not describe it that way, using the word underneath as if something bad or risky is happening.

                            some suggestions:

                            1. read & web search about booting & disk encryption
                            2. read & web search about disk paritioning MBT and GPT
                            3. get yourself some free linux distributions like opensuse, fedora, centos, or others. If your register with Redhat, or Suse, I believe you can download the enterprise versions Redhat enterprise linux (RHEL) and Suse Linux Enterprise Server (SLES) for trial or development and you can play around and observe first hand how and what encryption schemes are available.
                            share|improve this answer

                            disambiguation of bootstrapping: any process where a simple system activates a more complicated system.

                            the bios/EFI {the simple system} of today at least for what i am aware of cannot read or boot an encrypted boot partition therefore your boot “partition” sda is not encrypted.

                            Calling it whole “disk”encryption is a misnomer, it’s really whole “partition” encryption until you go so far as to encrypt every partition, but you typically cannot encrypt the boot partition because then the BIOS/EFI cannot read it. And I don’t think the partition table is ever encrypted.

                            the boot partition should not contain any of your data, and should only contain the files, boot loader, and linux kernel which do not need to be encrypted, and there’s other ways of mitigating, protecting, or recognizing if those boot files were maliciously modified, so one could argue there’s little to no reason to need the boot partition encrypted to begin with.

                            To answer your question, there’s nothing really wrong with what you are observing with your laptop that is how it’s currently done. The implementation of encryption can be done a few different ways, each way with different pros/cons and it can often reduce the ease or flexibility of installing a new or fresh operating system on an existing disk like you mentioned. The simple solution to that is simply reformatting or re-partitioning the entire disk to a clean slate but be aware that deletes everything on the disk, that is ok from some and not ok for others it depends on what your goal is.

                            you stated: sda1 partition appears to be operating underneath the OS

                            I don’t think that is technically true and I would not describe it that way, using the word underneath as if something bad or risky is happening.

                            some suggestions:

                            1. read & web search about booting & disk encryption
                            2. read & web search about disk paritioning MBT and GPT
                            3. get yourself some free linux distributions like opensuse, fedora, centos, or others. If your register with Redhat, or Suse, I believe you can download the enterprise versions Redhat enterprise linux (RHEL) and Suse Linux Enterprise Server (SLES) for trial or development and you can play around and observe first hand how and what encryption schemes are available.
                            share|improve this answer

                            share|improve this answer

                            share|improve this answer

                            edited Jan 19 at 16:58

                            answered Jan 18 at 17:59

                            ron

                            750614

                            750614

                                 
                                draft saved
                                draft discarded

                                 

                                draft saved

                                draft discarded

                                StackExchange.ready(
                                function () {
                                StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418055%2fpart-of-hard-drive-not-encrypted-normal%23new-answer’, ‘question_page’);
                                }
                                );

                                Post as a guest

                                `umount -R` on bind mounts takes a non-neglible amount of time, why?

                                The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

                                up vote
                                0
                                down vote

                                favorite

                                Why does umount -R take 0.2s to unmount this subtree of bind mounts? It only took 0.02s to mount the subtree, and 0.00s to change its propagation flags.

                                (I was looking at cloning the current set of mounts, to a subdirectory, changing them, then switching to them using pivot_mount. But the delay I’m observing would not really be acceptable for the purpose).

                                This exercise assumes / and sub-mounts are shared mounts. Linux doesn’t make them so by default, but systemd does.

                                # mkdir /mnt/a
                                # mount --bind /mnt/a /mnt/a --make-private
                                # time mount --rbind / /mnt/a
                                0.00user 0.00system 0:00.02elapsed 9%CPU (0avgtext+0avgdata 3020maxresident)k
                                0inputs+0outputs (0major+135minor)pagefaults 0swaps
                                # time mount --make-rprivate /mnt/a
                                0.00user 0.00system 0:00.00elapsed 100%CPU (0avgtext+0avgdata 3184maxresident)k
                                0inputs+0outputs (0major+136minor)pagefaults 0swaps
                                # time umount -R /mnt/a
                                0.00user 0.00system 0:00.19elapsed 9%CPU (0avgtext+0avgdata 3392maxresident)k
                                0inputs+0outputs (0major+194minor)pagefaults 0swaps
                                

                                Further tests

                                Running under strace -cw shows

                                % time     seconds  usecs/call     calls    errors syscall
                                ------ ----------- ----------- --------- --------- ----------------
                                 90.44    0.180113        5297        34           umount2
                                 ...
                                

                                So it’s not super revealing, other than pointing out that this last operation requires 34 individual umount2() calls, whereas both the others only include one call to mount(), using the MS_REC (recursive) flag. As with the headline figures from time, this is wall-clock time. strace -c shows system time (i.e. cpu time spent in the kernel), which only has a total of 0.009s.

                                Although it does point to something interesting. Using umount -l /mnt/a instead, reduces the total time to 0.02s. This uses a single umount2() call to detach the subtree /mnt/a (and do any clean up in the background).

                                Looking at the individual calls with strace -ttt -T -e trace=umount2 umount -R /mnt/a, the distribution of times for individual calls is relatively even; they range from 0.002s to 0.012s, but there is no clear pattern, and the pattern does not look consistent if I repeat it.


                                After running umount -R under perf record -a, perf report shows several hotspots in gsd-housekeeping, gvfs-udisks2-volume-monitor, and systemd. The umount process doesn’t show up at all. This could explain why time showed umount spending neglible cpu time either in the kernel or in userspace.

                                (I’d be very interested if anyone has a more comprehensive way to aggregate cpu usage per process during a test :).

                                The other processes are probably doing some processing in response to each mount event.

                                E.g. systemd seems to be responsible for using 0.13s of one of my four cpus, during a run that took 0.4s:

                                # systemctl set-property init.scope CPUAccounting=yes
                                # systemctl show --property CPUUsageNSec init.scope; time umount -R /mnt/a ; systemctl show --property CPUUsageNSec init.scope
                                CPUUsageNSec=2403124481
                                
                                real    0m0.408s
                                user    0m0.015s
                                sys 0m0.020s
                                CPUUsageNSec=2534058385
                                
                                # echo $(( 2534058385 - 2403124481 ))
                                130933904
                                

                                But this does not seem to be the right explanation, because the same delay is happening when running in a private mount namespace. In this case, perf record -a does not show the other processes, only the umount process (and perf itself).

                                # unshare -m
                                # time mount --rbind / /mnt/a
                                
                                real    0m0.005s
                                user    0m0.003s
                                sys 0m0.002s
                                # time mount --make-rprivate /mnt/a
                                
                                real    0m0.005s
                                user    0m0.003s
                                sys 0m0.002s
                                # systemctl show --property CPUUsageNSec init.scope; time umount -R /mnt/a ; systemctl show --property CPUUsageNSec init.scope
                                CPUUsageNSec=3637792026
                                
                                real    0m0.381s
                                user    0m0.026s
                                sys 0m0.018s
                                CPUUsageNSec=3645973005
                                # echo $((3645973005-3637792026))
                                8180979
                                

                                The cpu doesn’t seem to be relevant in this case. I have 4 cpu cores capable of running at 2.3Ghz, but perf stat -a shows less than 5% cpu usage overall. (Ignore “CPUs utilized, I think that always shows the full value when -a is used).

                                # time perf stat -a umount -R /mnt/a
                                
                                 Performance counter stats for 'system wide':
                                
                                       2079.333650      cpu-clock (msec)          #    3.998 CPUs utilized          
                                               635      context-switches          #    0.305 K/sec                  
                                                23      cpu-migrations            #    0.011 K/sec                  
                                               333      page-faults               #    0.160 K/sec                  
                                       198,278,822      cycles                    #    0.095 GHz                    
                                       138,734,277      instructions              #    0.70  insn per cycle         
                                        31,401,067      branches                  #   15.102 M/sec                  
                                           934,327      branch-misses             #    2.98% of all branches        
                                
                                       0.520083596 seconds time elapsed
                                
                                
                                real    0m0.543s
                                user    0m0.038s
                                sys 0m0.043s
                                

                                However there is still some process responding to this event… The umount still triggers 78 lines of messages in the system log.

                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Got automount request for /proc/sys/fs/binfmt_misc, triggered by 6040 (umount)
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Automount point already active?
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Got automount request for /proc/sys/fs/binfmt_misc, triggered by 6040 (umount)
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Automount point already active?
                                

                                Note findmnt shows I avoided creating any horrific recursive-like propagation, e.g. if I run it after the --make-rprivate:

                                findmnt -o TARGET,PROPAGATION
                                TARGET                                          PROPAGATION
                                /                                               shared
                                ├─/sys                                          shared
                                │ ├─/sys/kernel/security                        shared
                                │ ├─/sys/fs/cgroup                              shared
                                │ │ ├─/sys/fs/cgroup/unified                    shared
                                │ │ ├─/sys/fs/cgroup/systemd                    shared
                                │ │ ├─/sys/fs/cgroup/net_cls,net_prio           shared
                                │ │ ├─/sys/fs/cgroup/cpu,cpuacct                shared
                                │ │ ├─/sys/fs/cgroup/devices                    shared
                                │ │ ├─/sys/fs/cgroup/freezer                    shared
                                │ │ ├─/sys/fs/cgroup/perf_event                 shared
                                │ │ ├─/sys/fs/cgroup/hugetlb                    shared
                                │ │ ├─/sys/fs/cgroup/memory                     shared
                                │ │ ├─/sys/fs/cgroup/blkio                      shared
                                │ │ ├─/sys/fs/cgroup/cpuset                     shared
                                │ │ └─/sys/fs/cgroup/pids                       shared
                                │ ├─/sys/fs/pstore                              shared
                                │ ├─/sys/fs/selinux                             shared
                                │ ├─/sys/kernel/debug                           shared
                                │ └─/sys/kernel/config                          shared
                                ├─/proc                                         shared
                                │ └─/proc/sys/fs/binfmt_misc                    shared
                                ├─/dev                                          shared
                                │ ├─/dev/shm                                    shared
                                │ ├─/dev/pts                                    shared
                                │ ├─/dev/mqueue                                 shared
                                │ └─/dev/hugepages                              shared
                                ├─/run                                          shared
                                │ ├─/run/user/1000                              shared
                                │ └─/run/user/42                                shared
                                ├─/usr                                          shared
                                ├─/tmp                                          shared
                                ├─/boot                                         shared
                                └─/mnt/a                                        private
                                  └─/mnt/a                                      private
                                    ├─/mnt/a/usr                                private
                                    ├─/mnt/a/sys                                private
                                    │ ├─/mnt/a/sys/kernel/security              private
                                    │ ├─/mnt/a/sys/fs/cgroup                    private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/unified          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/systemd          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/net_cls,net_prio private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/cpu,cpuacct      private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/devices          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/freezer          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/perf_event       private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/hugetlb          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/memory           private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/blkio            private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/cpuset           private
                                    │ │ └─/mnt/a/sys/fs/cgroup/pids             private
                                    │ ├─/mnt/a/sys/fs/pstore                    private
                                    │ ├─/mnt/a/sys/kernel/config                private
                                    │ ├─/mnt/a/sys/fs/selinux                   private
                                    │ └─/mnt/a/sys/kernel/debug                 private
                                    ├─/mnt/a/dev                                private
                                    │ ├─/mnt/a/dev/shm                          private
                                    │ ├─/mnt/a/dev/pts                          private
                                    │ ├─/mnt/a/dev/mqueue                       private
                                    │ └─/mnt/a/dev/hugepages                    private
                                    ├─/mnt/a/run                                private
                                    │ ├─/mnt/a/run/user/1000                    private
                                    │ └─/mnt/a/run/user/42                      private
                                    ├─/mnt/a/proc                               private
                                    │ └─/mnt/a/proc/sys/fs/binfmt_misc          private
                                    ├─/mnt/a/tmp                                private
                                    ├─/mnt/a/boot                               private
                                    └─/mnt/a/mnt/a                              private
                                

                                share|improve this question

                                • strace -f -ttt -T -o /path/to/output/file umount ... should at least show you which system call(s) are taking up the time.
                                  – Andrew Henle
                                  Jan 18 at 21:46

                                • Thanks, editted. Hint: the answer starts with u and ends in mount :-P.
                                  – sourcejedi
                                  Jan 19 at 9:00

                                up vote
                                0
                                down vote

                                favorite

                                Why does umount -R take 0.2s to unmount this subtree of bind mounts? It only took 0.02s to mount the subtree, and 0.00s to change its propagation flags.

                                (I was looking at cloning the current set of mounts, to a subdirectory, changing them, then switching to them using pivot_mount. But the delay I’m observing would not really be acceptable for the purpose).

                                This exercise assumes / and sub-mounts are shared mounts. Linux doesn’t make them so by default, but systemd does.

                                # mkdir /mnt/a
                                # mount --bind /mnt/a /mnt/a --make-private
                                # time mount --rbind / /mnt/a
                                0.00user 0.00system 0:00.02elapsed 9%CPU (0avgtext+0avgdata 3020maxresident)k
                                0inputs+0outputs (0major+135minor)pagefaults 0swaps
                                # time mount --make-rprivate /mnt/a
                                0.00user 0.00system 0:00.00elapsed 100%CPU (0avgtext+0avgdata 3184maxresident)k
                                0inputs+0outputs (0major+136minor)pagefaults 0swaps
                                # time umount -R /mnt/a
                                0.00user 0.00system 0:00.19elapsed 9%CPU (0avgtext+0avgdata 3392maxresident)k
                                0inputs+0outputs (0major+194minor)pagefaults 0swaps
                                

                                Further tests

                                Running under strace -cw shows

                                % time     seconds  usecs/call     calls    errors syscall
                                ------ ----------- ----------- --------- --------- ----------------
                                 90.44    0.180113        5297        34           umount2
                                 ...
                                

                                So it’s not super revealing, other than pointing out that this last operation requires 34 individual umount2() calls, whereas both the others only include one call to mount(), using the MS_REC (recursive) flag. As with the headline figures from time, this is wall-clock time. strace -c shows system time (i.e. cpu time spent in the kernel), which only has a total of 0.009s.

                                Although it does point to something interesting. Using umount -l /mnt/a instead, reduces the total time to 0.02s. This uses a single umount2() call to detach the subtree /mnt/a (and do any clean up in the background).

                                Looking at the individual calls with strace -ttt -T -e trace=umount2 umount -R /mnt/a, the distribution of times for individual calls is relatively even; they range from 0.002s to 0.012s, but there is no clear pattern, and the pattern does not look consistent if I repeat it.


                                After running umount -R under perf record -a, perf report shows several hotspots in gsd-housekeeping, gvfs-udisks2-volume-monitor, and systemd. The umount process doesn’t show up at all. This could explain why time showed umount spending neglible cpu time either in the kernel or in userspace.

                                (I’d be very interested if anyone has a more comprehensive way to aggregate cpu usage per process during a test :).

                                The other processes are probably doing some processing in response to each mount event.

                                E.g. systemd seems to be responsible for using 0.13s of one of my four cpus, during a run that took 0.4s:

                                # systemctl set-property init.scope CPUAccounting=yes
                                # systemctl show --property CPUUsageNSec init.scope; time umount -R /mnt/a ; systemctl show --property CPUUsageNSec init.scope
                                CPUUsageNSec=2403124481
                                
                                real    0m0.408s
                                user    0m0.015s
                                sys 0m0.020s
                                CPUUsageNSec=2534058385
                                
                                # echo $(( 2534058385 - 2403124481 ))
                                130933904
                                

                                But this does not seem to be the right explanation, because the same delay is happening when running in a private mount namespace. In this case, perf record -a does not show the other processes, only the umount process (and perf itself).

                                # unshare -m
                                # time mount --rbind / /mnt/a
                                
                                real    0m0.005s
                                user    0m0.003s
                                sys 0m0.002s
                                # time mount --make-rprivate /mnt/a
                                
                                real    0m0.005s
                                user    0m0.003s
                                sys 0m0.002s
                                # systemctl show --property CPUUsageNSec init.scope; time umount -R /mnt/a ; systemctl show --property CPUUsageNSec init.scope
                                CPUUsageNSec=3637792026
                                
                                real    0m0.381s
                                user    0m0.026s
                                sys 0m0.018s
                                CPUUsageNSec=3645973005
                                # echo $((3645973005-3637792026))
                                8180979
                                

                                The cpu doesn’t seem to be relevant in this case. I have 4 cpu cores capable of running at 2.3Ghz, but perf stat -a shows less than 5% cpu usage overall. (Ignore “CPUs utilized, I think that always shows the full value when -a is used).

                                # time perf stat -a umount -R /mnt/a
                                
                                 Performance counter stats for 'system wide':
                                
                                       2079.333650      cpu-clock (msec)          #    3.998 CPUs utilized          
                                               635      context-switches          #    0.305 K/sec                  
                                                23      cpu-migrations            #    0.011 K/sec                  
                                               333      page-faults               #    0.160 K/sec                  
                                       198,278,822      cycles                    #    0.095 GHz                    
                                       138,734,277      instructions              #    0.70  insn per cycle         
                                        31,401,067      branches                  #   15.102 M/sec                  
                                           934,327      branch-misses             #    2.98% of all branches        
                                
                                       0.520083596 seconds time elapsed
                                
                                
                                real    0m0.543s
                                user    0m0.038s
                                sys 0m0.043s
                                

                                However there is still some process responding to this event… The umount still triggers 78 lines of messages in the system log.

                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Got automount request for /proc/sys/fs/binfmt_misc, triggered by 6040 (umount)
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Automount point already active?
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Got automount request for /proc/sys/fs/binfmt_misc, triggered by 6040 (umount)
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Automount point already active?
                                

                                Note findmnt shows I avoided creating any horrific recursive-like propagation, e.g. if I run it after the --make-rprivate:

                                findmnt -o TARGET,PROPAGATION
                                TARGET                                          PROPAGATION
                                /                                               shared
                                ├─/sys                                          shared
                                │ ├─/sys/kernel/security                        shared
                                │ ├─/sys/fs/cgroup                              shared
                                │ │ ├─/sys/fs/cgroup/unified                    shared
                                │ │ ├─/sys/fs/cgroup/systemd                    shared
                                │ │ ├─/sys/fs/cgroup/net_cls,net_prio           shared
                                │ │ ├─/sys/fs/cgroup/cpu,cpuacct                shared
                                │ │ ├─/sys/fs/cgroup/devices                    shared
                                │ │ ├─/sys/fs/cgroup/freezer                    shared
                                │ │ ├─/sys/fs/cgroup/perf_event                 shared
                                │ │ ├─/sys/fs/cgroup/hugetlb                    shared
                                │ │ ├─/sys/fs/cgroup/memory                     shared
                                │ │ ├─/sys/fs/cgroup/blkio                      shared
                                │ │ ├─/sys/fs/cgroup/cpuset                     shared
                                │ │ └─/sys/fs/cgroup/pids                       shared
                                │ ├─/sys/fs/pstore                              shared
                                │ ├─/sys/fs/selinux                             shared
                                │ ├─/sys/kernel/debug                           shared
                                │ └─/sys/kernel/config                          shared
                                ├─/proc                                         shared
                                │ └─/proc/sys/fs/binfmt_misc                    shared
                                ├─/dev                                          shared
                                │ ├─/dev/shm                                    shared
                                │ ├─/dev/pts                                    shared
                                │ ├─/dev/mqueue                                 shared
                                │ └─/dev/hugepages                              shared
                                ├─/run                                          shared
                                │ ├─/run/user/1000                              shared
                                │ └─/run/user/42                                shared
                                ├─/usr                                          shared
                                ├─/tmp                                          shared
                                ├─/boot                                         shared
                                └─/mnt/a                                        private
                                  └─/mnt/a                                      private
                                    ├─/mnt/a/usr                                private
                                    ├─/mnt/a/sys                                private
                                    │ ├─/mnt/a/sys/kernel/security              private
                                    │ ├─/mnt/a/sys/fs/cgroup                    private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/unified          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/systemd          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/net_cls,net_prio private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/cpu,cpuacct      private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/devices          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/freezer          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/perf_event       private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/hugetlb          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/memory           private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/blkio            private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/cpuset           private
                                    │ │ └─/mnt/a/sys/fs/cgroup/pids             private
                                    │ ├─/mnt/a/sys/fs/pstore                    private
                                    │ ├─/mnt/a/sys/kernel/config                private
                                    │ ├─/mnt/a/sys/fs/selinux                   private
                                    │ └─/mnt/a/sys/kernel/debug                 private
                                    ├─/mnt/a/dev                                private
                                    │ ├─/mnt/a/dev/shm                          private
                                    │ ├─/mnt/a/dev/pts                          private
                                    │ ├─/mnt/a/dev/mqueue                       private
                                    │ └─/mnt/a/dev/hugepages                    private
                                    ├─/mnt/a/run                                private
                                    │ ├─/mnt/a/run/user/1000                    private
                                    │ └─/mnt/a/run/user/42                      private
                                    ├─/mnt/a/proc                               private
                                    │ └─/mnt/a/proc/sys/fs/binfmt_misc          private
                                    ├─/mnt/a/tmp                                private
                                    ├─/mnt/a/boot                               private
                                    └─/mnt/a/mnt/a                              private
                                

                                share|improve this question

                                • strace -f -ttt -T -o /path/to/output/file umount ... should at least show you which system call(s) are taking up the time.
                                  – Andrew Henle
                                  Jan 18 at 21:46

                                • Thanks, editted. Hint: the answer starts with u and ends in mount :-P.
                                  – sourcejedi
                                  Jan 19 at 9:00

                                up vote
                                0
                                down vote

                                favorite

                                up vote
                                0
                                down vote

                                favorite

                                Why does umount -R take 0.2s to unmount this subtree of bind mounts? It only took 0.02s to mount the subtree, and 0.00s to change its propagation flags.

                                (I was looking at cloning the current set of mounts, to a subdirectory, changing them, then switching to them using pivot_mount. But the delay I’m observing would not really be acceptable for the purpose).

                                This exercise assumes / and sub-mounts are shared mounts. Linux doesn’t make them so by default, but systemd does.

                                # mkdir /mnt/a
                                # mount --bind /mnt/a /mnt/a --make-private
                                # time mount --rbind / /mnt/a
                                0.00user 0.00system 0:00.02elapsed 9%CPU (0avgtext+0avgdata 3020maxresident)k
                                0inputs+0outputs (0major+135minor)pagefaults 0swaps
                                # time mount --make-rprivate /mnt/a
                                0.00user 0.00system 0:00.00elapsed 100%CPU (0avgtext+0avgdata 3184maxresident)k
                                0inputs+0outputs (0major+136minor)pagefaults 0swaps
                                # time umount -R /mnt/a
                                0.00user 0.00system 0:00.19elapsed 9%CPU (0avgtext+0avgdata 3392maxresident)k
                                0inputs+0outputs (0major+194minor)pagefaults 0swaps
                                

                                Further tests

                                Running under strace -cw shows

                                % time     seconds  usecs/call     calls    errors syscall
                                ------ ----------- ----------- --------- --------- ----------------
                                 90.44    0.180113        5297        34           umount2
                                 ...
                                

                                So it’s not super revealing, other than pointing out that this last operation requires 34 individual umount2() calls, whereas both the others only include one call to mount(), using the MS_REC (recursive) flag. As with the headline figures from time, this is wall-clock time. strace -c shows system time (i.e. cpu time spent in the kernel), which only has a total of 0.009s.

                                Although it does point to something interesting. Using umount -l /mnt/a instead, reduces the total time to 0.02s. This uses a single umount2() call to detach the subtree /mnt/a (and do any clean up in the background).

                                Looking at the individual calls with strace -ttt -T -e trace=umount2 umount -R /mnt/a, the distribution of times for individual calls is relatively even; they range from 0.002s to 0.012s, but there is no clear pattern, and the pattern does not look consistent if I repeat it.


                                After running umount -R under perf record -a, perf report shows several hotspots in gsd-housekeeping, gvfs-udisks2-volume-monitor, and systemd. The umount process doesn’t show up at all. This could explain why time showed umount spending neglible cpu time either in the kernel or in userspace.

                                (I’d be very interested if anyone has a more comprehensive way to aggregate cpu usage per process during a test :).

                                The other processes are probably doing some processing in response to each mount event.

                                E.g. systemd seems to be responsible for using 0.13s of one of my four cpus, during a run that took 0.4s:

                                # systemctl set-property init.scope CPUAccounting=yes
                                # systemctl show --property CPUUsageNSec init.scope; time umount -R /mnt/a ; systemctl show --property CPUUsageNSec init.scope
                                CPUUsageNSec=2403124481
                                
                                real    0m0.408s
                                user    0m0.015s
                                sys 0m0.020s
                                CPUUsageNSec=2534058385
                                
                                # echo $(( 2534058385 - 2403124481 ))
                                130933904
                                

                                But this does not seem to be the right explanation, because the same delay is happening when running in a private mount namespace. In this case, perf record -a does not show the other processes, only the umount process (and perf itself).

                                # unshare -m
                                # time mount --rbind / /mnt/a
                                
                                real    0m0.005s
                                user    0m0.003s
                                sys 0m0.002s
                                # time mount --make-rprivate /mnt/a
                                
                                real    0m0.005s
                                user    0m0.003s
                                sys 0m0.002s
                                # systemctl show --property CPUUsageNSec init.scope; time umount -R /mnt/a ; systemctl show --property CPUUsageNSec init.scope
                                CPUUsageNSec=3637792026
                                
                                real    0m0.381s
                                user    0m0.026s
                                sys 0m0.018s
                                CPUUsageNSec=3645973005
                                # echo $((3645973005-3637792026))
                                8180979
                                

                                The cpu doesn’t seem to be relevant in this case. I have 4 cpu cores capable of running at 2.3Ghz, but perf stat -a shows less than 5% cpu usage overall. (Ignore “CPUs utilized, I think that always shows the full value when -a is used).

                                # time perf stat -a umount -R /mnt/a
                                
                                 Performance counter stats for 'system wide':
                                
                                       2079.333650      cpu-clock (msec)          #    3.998 CPUs utilized          
                                               635      context-switches          #    0.305 K/sec                  
                                                23      cpu-migrations            #    0.011 K/sec                  
                                               333      page-faults               #    0.160 K/sec                  
                                       198,278,822      cycles                    #    0.095 GHz                    
                                       138,734,277      instructions              #    0.70  insn per cycle         
                                        31,401,067      branches                  #   15.102 M/sec                  
                                           934,327      branch-misses             #    2.98% of all branches        
                                
                                       0.520083596 seconds time elapsed
                                
                                
                                real    0m0.543s
                                user    0m0.038s
                                sys 0m0.043s
                                

                                However there is still some process responding to this event… The umount still triggers 78 lines of messages in the system log.

                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Got automount request for /proc/sys/fs/binfmt_misc, triggered by 6040 (umount)
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Automount point already active?
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Got automount request for /proc/sys/fs/binfmt_misc, triggered by 6040 (umount)
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Automount point already active?
                                

                                Note findmnt shows I avoided creating any horrific recursive-like propagation, e.g. if I run it after the --make-rprivate:

                                findmnt -o TARGET,PROPAGATION
                                TARGET                                          PROPAGATION
                                /                                               shared
                                ├─/sys                                          shared
                                │ ├─/sys/kernel/security                        shared
                                │ ├─/sys/fs/cgroup                              shared
                                │ │ ├─/sys/fs/cgroup/unified                    shared
                                │ │ ├─/sys/fs/cgroup/systemd                    shared
                                │ │ ├─/sys/fs/cgroup/net_cls,net_prio           shared
                                │ │ ├─/sys/fs/cgroup/cpu,cpuacct                shared
                                │ │ ├─/sys/fs/cgroup/devices                    shared
                                │ │ ├─/sys/fs/cgroup/freezer                    shared
                                │ │ ├─/sys/fs/cgroup/perf_event                 shared
                                │ │ ├─/sys/fs/cgroup/hugetlb                    shared
                                │ │ ├─/sys/fs/cgroup/memory                     shared
                                │ │ ├─/sys/fs/cgroup/blkio                      shared
                                │ │ ├─/sys/fs/cgroup/cpuset                     shared
                                │ │ └─/sys/fs/cgroup/pids                       shared
                                │ ├─/sys/fs/pstore                              shared
                                │ ├─/sys/fs/selinux                             shared
                                │ ├─/sys/kernel/debug                           shared
                                │ └─/sys/kernel/config                          shared
                                ├─/proc                                         shared
                                │ └─/proc/sys/fs/binfmt_misc                    shared
                                ├─/dev                                          shared
                                │ ├─/dev/shm                                    shared
                                │ ├─/dev/pts                                    shared
                                │ ├─/dev/mqueue                                 shared
                                │ └─/dev/hugepages                              shared
                                ├─/run                                          shared
                                │ ├─/run/user/1000                              shared
                                │ └─/run/user/42                                shared
                                ├─/usr                                          shared
                                ├─/tmp                                          shared
                                ├─/boot                                         shared
                                └─/mnt/a                                        private
                                  └─/mnt/a                                      private
                                    ├─/mnt/a/usr                                private
                                    ├─/mnt/a/sys                                private
                                    │ ├─/mnt/a/sys/kernel/security              private
                                    │ ├─/mnt/a/sys/fs/cgroup                    private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/unified          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/systemd          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/net_cls,net_prio private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/cpu,cpuacct      private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/devices          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/freezer          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/perf_event       private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/hugetlb          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/memory           private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/blkio            private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/cpuset           private
                                    │ │ └─/mnt/a/sys/fs/cgroup/pids             private
                                    │ ├─/mnt/a/sys/fs/pstore                    private
                                    │ ├─/mnt/a/sys/kernel/config                private
                                    │ ├─/mnt/a/sys/fs/selinux                   private
                                    │ └─/mnt/a/sys/kernel/debug                 private
                                    ├─/mnt/a/dev                                private
                                    │ ├─/mnt/a/dev/shm                          private
                                    │ ├─/mnt/a/dev/pts                          private
                                    │ ├─/mnt/a/dev/mqueue                       private
                                    │ └─/mnt/a/dev/hugepages                    private
                                    ├─/mnt/a/run                                private
                                    │ ├─/mnt/a/run/user/1000                    private
                                    │ └─/mnt/a/run/user/42                      private
                                    ├─/mnt/a/proc                               private
                                    │ └─/mnt/a/proc/sys/fs/binfmt_misc          private
                                    ├─/mnt/a/tmp                                private
                                    ├─/mnt/a/boot                               private
                                    └─/mnt/a/mnt/a                              private
                                

                                share|improve this question

                                Why does umount -R take 0.2s to unmount this subtree of bind mounts? It only took 0.02s to mount the subtree, and 0.00s to change its propagation flags.

                                (I was looking at cloning the current set of mounts, to a subdirectory, changing them, then switching to them using pivot_mount. But the delay I’m observing would not really be acceptable for the purpose).

                                This exercise assumes / and sub-mounts are shared mounts. Linux doesn’t make them so by default, but systemd does.

                                # mkdir /mnt/a
                                # mount --bind /mnt/a /mnt/a --make-private
                                # time mount --rbind / /mnt/a
                                0.00user 0.00system 0:00.02elapsed 9%CPU (0avgtext+0avgdata 3020maxresident)k
                                0inputs+0outputs (0major+135minor)pagefaults 0swaps
                                # time mount --make-rprivate /mnt/a
                                0.00user 0.00system 0:00.00elapsed 100%CPU (0avgtext+0avgdata 3184maxresident)k
                                0inputs+0outputs (0major+136minor)pagefaults 0swaps
                                # time umount -R /mnt/a
                                0.00user 0.00system 0:00.19elapsed 9%CPU (0avgtext+0avgdata 3392maxresident)k
                                0inputs+0outputs (0major+194minor)pagefaults 0swaps
                                

                                Further tests

                                Running under strace -cw shows

                                % time     seconds  usecs/call     calls    errors syscall
                                ------ ----------- ----------- --------- --------- ----------------
                                 90.44    0.180113        5297        34           umount2
                                 ...
                                

                                So it’s not super revealing, other than pointing out that this last operation requires 34 individual umount2() calls, whereas both the others only include one call to mount(), using the MS_REC (recursive) flag. As with the headline figures from time, this is wall-clock time. strace -c shows system time (i.e. cpu time spent in the kernel), which only has a total of 0.009s.

                                Although it does point to something interesting. Using umount -l /mnt/a instead, reduces the total time to 0.02s. This uses a single umount2() call to detach the subtree /mnt/a (and do any clean up in the background).

                                Looking at the individual calls with strace -ttt -T -e trace=umount2 umount -R /mnt/a, the distribution of times for individual calls is relatively even; they range from 0.002s to 0.012s, but there is no clear pattern, and the pattern does not look consistent if I repeat it.


                                After running umount -R under perf record -a, perf report shows several hotspots in gsd-housekeeping, gvfs-udisks2-volume-monitor, and systemd. The umount process doesn’t show up at all. This could explain why time showed umount spending neglible cpu time either in the kernel or in userspace.

                                (I’d be very interested if anyone has a more comprehensive way to aggregate cpu usage per process during a test :).

                                The other processes are probably doing some processing in response to each mount event.

                                E.g. systemd seems to be responsible for using 0.13s of one of my four cpus, during a run that took 0.4s:

                                # systemctl set-property init.scope CPUAccounting=yes
                                # systemctl show --property CPUUsageNSec init.scope; time umount -R /mnt/a ; systemctl show --property CPUUsageNSec init.scope
                                CPUUsageNSec=2403124481
                                
                                real    0m0.408s
                                user    0m0.015s
                                sys 0m0.020s
                                CPUUsageNSec=2534058385
                                
                                # echo $(( 2534058385 - 2403124481 ))
                                130933904
                                

                                But this does not seem to be the right explanation, because the same delay is happening when running in a private mount namespace. In this case, perf record -a does not show the other processes, only the umount process (and perf itself).

                                # unshare -m
                                # time mount --rbind / /mnt/a
                                
                                real    0m0.005s
                                user    0m0.003s
                                sys 0m0.002s
                                # time mount --make-rprivate /mnt/a
                                
                                real    0m0.005s
                                user    0m0.003s
                                sys 0m0.002s
                                # systemctl show --property CPUUsageNSec init.scope; time umount -R /mnt/a ; systemctl show --property CPUUsageNSec init.scope
                                CPUUsageNSec=3637792026
                                
                                real    0m0.381s
                                user    0m0.026s
                                sys 0m0.018s
                                CPUUsageNSec=3645973005
                                # echo $((3645973005-3637792026))
                                8180979
                                

                                The cpu doesn’t seem to be relevant in this case. I have 4 cpu cores capable of running at 2.3Ghz, but perf stat -a shows less than 5% cpu usage overall. (Ignore “CPUs utilized, I think that always shows the full value when -a is used).

                                # time perf stat -a umount -R /mnt/a
                                
                                 Performance counter stats for 'system wide':
                                
                                       2079.333650      cpu-clock (msec)          #    3.998 CPUs utilized          
                                               635      context-switches          #    0.305 K/sec                  
                                                23      cpu-migrations            #    0.011 K/sec                  
                                               333      page-faults               #    0.160 K/sec                  
                                       198,278,822      cycles                    #    0.095 GHz                    
                                       138,734,277      instructions              #    0.70  insn per cycle         
                                        31,401,067      branches                  #   15.102 M/sec                  
                                           934,327      branch-misses             #    2.98% of all branches        
                                
                                       0.520083596 seconds time elapsed
                                
                                
                                real    0m0.543s
                                user    0m0.038s
                                sys 0m0.043s
                                

                                However there is still some process responding to this event… The umount still triggers 78 lines of messages in the system log.

                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Got automount request for /proc/sys/fs/binfmt_misc, triggered by 6040 (umount)
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Automount point already active?
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Got automount request for /proc/sys/fs/binfmt_misc, triggered by 6040 (umount)
                                Feb 07 10:34:26 alan-laptop systemd[1]: proc-sys-fs-binfmt_misc.automount: Automount point already active?
                                

                                Note findmnt shows I avoided creating any horrific recursive-like propagation, e.g. if I run it after the --make-rprivate:

                                findmnt -o TARGET,PROPAGATION
                                TARGET                                          PROPAGATION
                                /                                               shared
                                ├─/sys                                          shared
                                │ ├─/sys/kernel/security                        shared
                                │ ├─/sys/fs/cgroup                              shared
                                │ │ ├─/sys/fs/cgroup/unified                    shared
                                │ │ ├─/sys/fs/cgroup/systemd                    shared
                                │ │ ├─/sys/fs/cgroup/net_cls,net_prio           shared
                                │ │ ├─/sys/fs/cgroup/cpu,cpuacct                shared
                                │ │ ├─/sys/fs/cgroup/devices                    shared
                                │ │ ├─/sys/fs/cgroup/freezer                    shared
                                │ │ ├─/sys/fs/cgroup/perf_event                 shared
                                │ │ ├─/sys/fs/cgroup/hugetlb                    shared
                                │ │ ├─/sys/fs/cgroup/memory                     shared
                                │ │ ├─/sys/fs/cgroup/blkio                      shared
                                │ │ ├─/sys/fs/cgroup/cpuset                     shared
                                │ │ └─/sys/fs/cgroup/pids                       shared
                                │ ├─/sys/fs/pstore                              shared
                                │ ├─/sys/fs/selinux                             shared
                                │ ├─/sys/kernel/debug                           shared
                                │ └─/sys/kernel/config                          shared
                                ├─/proc                                         shared
                                │ └─/proc/sys/fs/binfmt_misc                    shared
                                ├─/dev                                          shared
                                │ ├─/dev/shm                                    shared
                                │ ├─/dev/pts                                    shared
                                │ ├─/dev/mqueue                                 shared
                                │ └─/dev/hugepages                              shared
                                ├─/run                                          shared
                                │ ├─/run/user/1000                              shared
                                │ └─/run/user/42                                shared
                                ├─/usr                                          shared
                                ├─/tmp                                          shared
                                ├─/boot                                         shared
                                └─/mnt/a                                        private
                                  └─/mnt/a                                      private
                                    ├─/mnt/a/usr                                private
                                    ├─/mnt/a/sys                                private
                                    │ ├─/mnt/a/sys/kernel/security              private
                                    │ ├─/mnt/a/sys/fs/cgroup                    private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/unified          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/systemd          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/net_cls,net_prio private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/cpu,cpuacct      private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/devices          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/freezer          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/perf_event       private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/hugetlb          private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/memory           private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/blkio            private
                                    │ │ ├─/mnt/a/sys/fs/cgroup/cpuset           private
                                    │ │ └─/mnt/a/sys/fs/cgroup/pids             private
                                    │ ├─/mnt/a/sys/fs/pstore                    private
                                    │ ├─/mnt/a/sys/kernel/config                private
                                    │ ├─/mnt/a/sys/fs/selinux                   private
                                    │ └─/mnt/a/sys/kernel/debug                 private
                                    ├─/mnt/a/dev                                private
                                    │ ├─/mnt/a/dev/shm                          private
                                    │ ├─/mnt/a/dev/pts                          private
                                    │ ├─/mnt/a/dev/mqueue                       private
                                    │ └─/mnt/a/dev/hugepages                    private
                                    ├─/mnt/a/run                                private
                                    │ ├─/mnt/a/run/user/1000                    private
                                    │ └─/mnt/a/run/user/42                      private
                                    ├─/mnt/a/proc                               private
                                    │ └─/mnt/a/proc/sys/fs/binfmt_misc          private
                                    ├─/mnt/a/tmp                                private
                                    ├─/mnt/a/boot                               private
                                    └─/mnt/a/mnt/a                              private
                                

                                share|improve this question

                                share|improve this question

                                share|improve this question

                                edited Feb 8 at 14:43

                                asked Jan 18 at 20:47

                                sourcejedi

                                19k32478

                                19k32478

                                • strace -f -ttt -T -o /path/to/output/file umount ... should at least show you which system call(s) are taking up the time.
                                  – Andrew Henle
                                  Jan 18 at 21:46

                                • Thanks, editted. Hint: the answer starts with u and ends in mount :-P.
                                  – sourcejedi
                                  Jan 19 at 9:00

                                • strace -f -ttt -T -o /path/to/output/file umount ... should at least show you which system call(s) are taking up the time.
                                  – Andrew Henle
                                  Jan 18 at 21:46

                                • Thanks, editted. Hint: the answer starts with u and ends in mount :-P.
                                  – sourcejedi
                                  Jan 19 at 9:00

                                strace -f -ttt -T -o /path/to/output/file umount ... should at least show you which system call(s) are taking up the time.
                                – Andrew Henle
                                Jan 18 at 21:46

                                strace -f -ttt -T -o /path/to/output/file umount ... should at least show you which system call(s) are taking up the time.
                                – Andrew Henle
                                Jan 18 at 21:46

                                Thanks, editted. Hint: the answer starts with u and ends in mount :-P.
                                – sourcejedi
                                Jan 19 at 9:00

                                Thanks, editted. Hint: the answer starts with u and ends in mount :-P.
                                – sourcejedi
                                Jan 19 at 9:00

                                1 Answer
                                1

                                active

                                oldest

                                votes

                                up vote
                                1
                                down vote

                                accepted

                                So you think umount spends time waiting for something (as it spends very little cpu time in either user or sys). Let’s find out why it waits…

                                # perf trace -g -e sched:* umount2 -R /mnt/a
                                

                                perf record shows us hitting several scheduler tracepoints; it turned out the revealing one is sched:sched_switch.

                                Samples: 21  of event 'sched:sched_switch', Event count (approx.): 21
                                  Children      Self  Trace output                                                                                                                   ▒
                                -  100.00%   100.00%  umount:1888 [120] D ==> swapper/3:0 [120]                                                                                      ▒
                                     0                                                                                                                                               ▒
                                     __umount2                                                                                                                                       ▒
                                     entry_SYSCALL_64_fastpath                                                                                                                       ▒
                                     sys_umount                                                                                                                                      ▒
                                     do_umount                                                                                                                                       ▒
                                     namespace_unlock                                                                                                                                ▒
                                     synchronize_sched                                                                                                                               ▒
                                     __wait_rcu_gp                                                                                                                                   ▒
                                     wait_for_completion                                                                                                                             ▒
                                     schedule_timeout                                                                                                                                ▒
                                     schedule                                                                                                                                        ▒
                                     __schedule                                                                                                                                      ▒
                                     __schedule   
                                

                                __wait_rcu_gp() refers to an RCU grace period. namespace_unlock() in fs/namespace.c is some form of global synchronization, which includes synchronize_rcu(). It waits until all “currently executing RCU read-side critical sections have completed”. “RCU grace periods extend for multiple milliseconds… this situation is a major reason for the rule of thumb that RCU be used in read-mostly situations”. I suppose that mount namespaces are considered to be “read-mostly”.

                                It looks this these “few milliseconds” account for the average wait of 5 milliseconds in each of the 34 calls to umount2().

                                share|improve this answer

                                  Your Answer

                                  StackExchange.ready(function() {
                                  var channelOptions = {
                                  tags: “”.split(” “),
                                  id: “106”
                                  };
                                  initTagRenderer(“”.split(” “), “”.split(” “), channelOptions);

                                  StackExchange.using(“externalEditor”, function() {
                                  // Have to fire editor after snippets, if snippets enabled
                                  if (StackExchange.settings.snippets.snippetsEnabled) {
                                  StackExchange.using(“snippets”, function() {
                                  createEditor();
                                  });
                                  }
                                  else {
                                  createEditor();
                                  }
                                  });

                                  function createEditor() {
                                  StackExchange.prepareEditor({
                                  heartbeatType: ‘answer’,
                                  convertImagesToLinks: false,
                                  noModals: false,
                                  showLowRepImageUploadWarning: true,
                                  reputationToPostImages: null,
                                  bindNavPrevention: true,
                                  postfix: “”,
                                  onDemand: true,
                                  discardSelector: “.discard-answer”
                                  ,immediatelyShowMarkdownHelp:true
                                  });

                                  }
                                  });

                                   
                                  draft saved
                                  draft discarded

                                  StackExchange.ready(
                                  function () {
                                  StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418100%2fumount-r-on-bind-mounts-takes-a-non-neglible-amount-of-time-why%23new-answer’, ‘question_page’);
                                  }
                                  );

                                  Post as a guest

                                  1 Answer
                                  1

                                  active

                                  oldest

                                  votes

                                  1 Answer
                                  1

                                  active

                                  oldest

                                  votes

                                  active

                                  oldest

                                  votes

                                  active

                                  oldest

                                  votes

                                  up vote
                                  1
                                  down vote

                                  accepted

                                  So you think umount spends time waiting for something (as it spends very little cpu time in either user or sys). Let’s find out why it waits…

                                  # perf trace -g -e sched:* umount2 -R /mnt/a
                                  

                                  perf record shows us hitting several scheduler tracepoints; it turned out the revealing one is sched:sched_switch.

                                  Samples: 21  of event 'sched:sched_switch', Event count (approx.): 21
                                    Children      Self  Trace output                                                                                                                   ▒
                                  -  100.00%   100.00%  umount:1888 [120] D ==> swapper/3:0 [120]                                                                                      ▒
                                       0                                                                                                                                               ▒
                                       __umount2                                                                                                                                       ▒
                                       entry_SYSCALL_64_fastpath                                                                                                                       ▒
                                       sys_umount                                                                                                                                      ▒
                                       do_umount                                                                                                                                       ▒
                                       namespace_unlock                                                                                                                                ▒
                                       synchronize_sched                                                                                                                               ▒
                                       __wait_rcu_gp                                                                                                                                   ▒
                                       wait_for_completion                                                                                                                             ▒
                                       schedule_timeout                                                                                                                                ▒
                                       schedule                                                                                                                                        ▒
                                       __schedule                                                                                                                                      ▒
                                       __schedule   
                                  

                                  __wait_rcu_gp() refers to an RCU grace period. namespace_unlock() in fs/namespace.c is some form of global synchronization, which includes synchronize_rcu(). It waits until all “currently executing RCU read-side critical sections have completed”. “RCU grace periods extend for multiple milliseconds… this situation is a major reason for the rule of thumb that RCU be used in read-mostly situations”. I suppose that mount namespaces are considered to be “read-mostly”.

                                  It looks this these “few milliseconds” account for the average wait of 5 milliseconds in each of the 34 calls to umount2().

                                  share|improve this answer

                                    up vote
                                    1
                                    down vote

                                    accepted

                                    So you think umount spends time waiting for something (as it spends very little cpu time in either user or sys). Let’s find out why it waits…

                                    # perf trace -g -e sched:* umount2 -R /mnt/a
                                    

                                    perf record shows us hitting several scheduler tracepoints; it turned out the revealing one is sched:sched_switch.

                                    Samples: 21  of event 'sched:sched_switch', Event count (approx.): 21
                                      Children      Self  Trace output                                                                                                                   ▒
                                    -  100.00%   100.00%  umount:1888 [120] D ==> swapper/3:0 [120]                                                                                      ▒
                                         0                                                                                                                                               ▒
                                         __umount2                                                                                                                                       ▒
                                         entry_SYSCALL_64_fastpath                                                                                                                       ▒
                                         sys_umount                                                                                                                                      ▒
                                         do_umount                                                                                                                                       ▒
                                         namespace_unlock                                                                                                                                ▒
                                         synchronize_sched                                                                                                                               ▒
                                         __wait_rcu_gp                                                                                                                                   ▒
                                         wait_for_completion                                                                                                                             ▒
                                         schedule_timeout                                                                                                                                ▒
                                         schedule                                                                                                                                        ▒
                                         __schedule                                                                                                                                      ▒
                                         __schedule   
                                    

                                    __wait_rcu_gp() refers to an RCU grace period. namespace_unlock() in fs/namespace.c is some form of global synchronization, which includes synchronize_rcu(). It waits until all “currently executing RCU read-side critical sections have completed”. “RCU grace periods extend for multiple milliseconds… this situation is a major reason for the rule of thumb that RCU be used in read-mostly situations”. I suppose that mount namespaces are considered to be “read-mostly”.

                                    It looks this these “few milliseconds” account for the average wait of 5 milliseconds in each of the 34 calls to umount2().

                                    share|improve this answer

                                      up vote
                                      1
                                      down vote

                                      accepted

                                      up vote
                                      1
                                      down vote

                                      accepted

                                      So you think umount spends time waiting for something (as it spends very little cpu time in either user or sys). Let’s find out why it waits…

                                      # perf trace -g -e sched:* umount2 -R /mnt/a
                                      

                                      perf record shows us hitting several scheduler tracepoints; it turned out the revealing one is sched:sched_switch.

                                      Samples: 21  of event 'sched:sched_switch', Event count (approx.): 21
                                        Children      Self  Trace output                                                                                                                   ▒
                                      -  100.00%   100.00%  umount:1888 [120] D ==> swapper/3:0 [120]                                                                                      ▒
                                           0                                                                                                                                               ▒
                                           __umount2                                                                                                                                       ▒
                                           entry_SYSCALL_64_fastpath                                                                                                                       ▒
                                           sys_umount                                                                                                                                      ▒
                                           do_umount                                                                                                                                       ▒
                                           namespace_unlock                                                                                                                                ▒
                                           synchronize_sched                                                                                                                               ▒
                                           __wait_rcu_gp                                                                                                                                   ▒
                                           wait_for_completion                                                                                                                             ▒
                                           schedule_timeout                                                                                                                                ▒
                                           schedule                                                                                                                                        ▒
                                           __schedule                                                                                                                                      ▒
                                           __schedule   
                                      

                                      __wait_rcu_gp() refers to an RCU grace period. namespace_unlock() in fs/namespace.c is some form of global synchronization, which includes synchronize_rcu(). It waits until all “currently executing RCU read-side critical sections have completed”. “RCU grace periods extend for multiple milliseconds… this situation is a major reason for the rule of thumb that RCU be used in read-mostly situations”. I suppose that mount namespaces are considered to be “read-mostly”.

                                      It looks this these “few milliseconds” account for the average wait of 5 milliseconds in each of the 34 calls to umount2().

                                      share|improve this answer

                                      So you think umount spends time waiting for something (as it spends very little cpu time in either user or sys). Let’s find out why it waits…

                                      # perf trace -g -e sched:* umount2 -R /mnt/a
                                      

                                      perf record shows us hitting several scheduler tracepoints; it turned out the revealing one is sched:sched_switch.

                                      Samples: 21  of event 'sched:sched_switch', Event count (approx.): 21
                                        Children      Self  Trace output                                                                                                                   ▒
                                      -  100.00%   100.00%  umount:1888 [120] D ==> swapper/3:0 [120]                                                                                      ▒
                                           0                                                                                                                                               ▒
                                           __umount2                                                                                                                                       ▒
                                           entry_SYSCALL_64_fastpath                                                                                                                       ▒
                                           sys_umount                                                                                                                                      ▒
                                           do_umount                                                                                                                                       ▒
                                           namespace_unlock                                                                                                                                ▒
                                           synchronize_sched                                                                                                                               ▒
                                           __wait_rcu_gp                                                                                                                                   ▒
                                           wait_for_completion                                                                                                                             ▒
                                           schedule_timeout                                                                                                                                ▒
                                           schedule                                                                                                                                        ▒
                                           __schedule                                                                                                                                      ▒
                                           __schedule   
                                      

                                      __wait_rcu_gp() refers to an RCU grace period. namespace_unlock() in fs/namespace.c is some form of global synchronization, which includes synchronize_rcu(). It waits until all “currently executing RCU read-side critical sections have completed”. “RCU grace periods extend for multiple milliseconds… this situation is a major reason for the rule of thumb that RCU be used in read-mostly situations”. I suppose that mount namespaces are considered to be “read-mostly”.

                                      It looks this these “few milliseconds” account for the average wait of 5 milliseconds in each of the 34 calls to umount2().

                                      share|improve this answer

                                      share|improve this answer

                                      share|improve this answer

                                      edited Feb 8 at 15:19

                                      answered Feb 8 at 15:05

                                      sourcejedi

                                      19k32478

                                      19k32478

                                           
                                          draft saved
                                          draft discarded

                                           

                                          draft saved

                                          draft discarded

                                          StackExchange.ready(
                                          function () {
                                          StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418100%2fumount-r-on-bind-mounts-takes-a-non-neglible-amount-of-time-why%23new-answer’, ‘question_page’);
                                          }
                                          );

                                          Post as a guest

                                          Need to merge reads into one file

                                          The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

                                          up vote
                                          0
                                          down vote

                                          favorite

                                          I need to take three files and merge them into one. I have a total of 288 samples where in the following files I have the same sample number (S88)

                                          • Plate_3: 280_S88_L001_R1_001.fastq.gz
                                          • Plate_2: 184_S88_L001_R1_001.fastq.gz
                                          • Plate_1: 88_S88_L001_R1_001.fastq.gz

                                          I was told to do the following:

                                          1. Go to the place where you have your raw data.
                                          2. You should have three folders: Plate_1, Plate_2, Plate_3
                                          3. Run this command in the terminal.

                                            for i in Plate_1/*.fastq.gz;do file=${i##*/};ls  Plate_1/$file Plate_2/$file Plate_3/$file;done
                                            

                                          Plate_1/10_S10_L001_R1_001.fastq.gz Plate_2/10_S10_L001_R1_001.fastq.gz

                                          Each folder should have the same file.

                                          mkdir Merged_Plates
                                          
                                          1. Then run following command

                                            for i in Plate_1/*.fastq.gz;do file=${i##*/};cat   Plate_1/$file Plate_2/$file Plate_3/$file > Merged_Plates/$file;done
                                            

                                          This will merge you samples and put them under Merged_Plates folder

                                          If I run the loop command to get each folder to be in the same file I get this:

                                          ls: cannot access Plate_2/10_S10_L001_R1_001.fastq.gz: No such file or directory
                                          ls: cannot access Plate_3/10_S10_L001_R1_001.fastq.gz: No such file or directory
                                          Plate_1/10_S10_L001_R1_001.fastq.gz
                                          

                                          So then I used the folder I was in to run it to trouble shoot:

                                          for i in Raw_Data/*.fastq.gz;do file=${i##*/};ls  Plate_1/$file Plate_2/$file Plate_3/$file;done
                                          

                                          I get this: Plate_1/10_S10_L001_R1_001.fastq.gz Plate_2/148_S52_L001_R1_001.fastq.gz
                                          Plate_1/10_S10_L001_R2_001.fastq.gz Plate_2/148_S52_L001_R2_001.fastq.gz

                                          This tells me that my data is not in the same file.

                                          What am I missing in the command?

                                          share|improve this question

                                          • 4

                                            Imagine that you’re talking to people who can’t read your mind and aren’t watching over your shoulder — because you are.   Then go back and edit your question to explain what you’re talking about:  where you are, what you have, where you want to be, what you want to have, what you’ve tried, and what happened.
                                            – G-Man
                                            Jan 19 at 1:34

                                          • It seems to me that you’re missing files.
                                            – Jeff Schaller
                                            Jan 19 at 1:52

                                          up vote
                                          0
                                          down vote

                                          favorite

                                          I need to take three files and merge them into one. I have a total of 288 samples where in the following files I have the same sample number (S88)

                                          • Plate_3: 280_S88_L001_R1_001.fastq.gz
                                          • Plate_2: 184_S88_L001_R1_001.fastq.gz
                                          • Plate_1: 88_S88_L001_R1_001.fastq.gz

                                          I was told to do the following:

                                          1. Go to the place where you have your raw data.
                                          2. You should have three folders: Plate_1, Plate_2, Plate_3
                                          3. Run this command in the terminal.

                                            for i in Plate_1/*.fastq.gz;do file=${i##*/};ls  Plate_1/$file Plate_2/$file Plate_3/$file;done
                                            

                                          Plate_1/10_S10_L001_R1_001.fastq.gz Plate_2/10_S10_L001_R1_001.fastq.gz

                                          Each folder should have the same file.

                                          mkdir Merged_Plates
                                          
                                          1. Then run following command

                                            for i in Plate_1/*.fastq.gz;do file=${i##*/};cat   Plate_1/$file Plate_2/$file Plate_3/$file > Merged_Plates/$file;done
                                            

                                          This will merge you samples and put them under Merged_Plates folder

                                          If I run the loop command to get each folder to be in the same file I get this:

                                          ls: cannot access Plate_2/10_S10_L001_R1_001.fastq.gz: No such file or directory
                                          ls: cannot access Plate_3/10_S10_L001_R1_001.fastq.gz: No such file or directory
                                          Plate_1/10_S10_L001_R1_001.fastq.gz
                                          

                                          So then I used the folder I was in to run it to trouble shoot:

                                          for i in Raw_Data/*.fastq.gz;do file=${i##*/};ls  Plate_1/$file Plate_2/$file Plate_3/$file;done
                                          

                                          I get this: Plate_1/10_S10_L001_R1_001.fastq.gz Plate_2/148_S52_L001_R1_001.fastq.gz
                                          Plate_1/10_S10_L001_R2_001.fastq.gz Plate_2/148_S52_L001_R2_001.fastq.gz

                                          This tells me that my data is not in the same file.

                                          What am I missing in the command?

                                          share|improve this question

                                          • 4

                                            Imagine that you’re talking to people who can’t read your mind and aren’t watching over your shoulder — because you are.   Then go back and edit your question to explain what you’re talking about:  where you are, what you have, where you want to be, what you want to have, what you’ve tried, and what happened.
                                            – G-Man
                                            Jan 19 at 1:34

                                          • It seems to me that you’re missing files.
                                            – Jeff Schaller
                                            Jan 19 at 1:52

                                          up vote
                                          0
                                          down vote

                                          favorite

                                          up vote
                                          0
                                          down vote

                                          favorite

                                          I need to take three files and merge them into one. I have a total of 288 samples where in the following files I have the same sample number (S88)

                                          • Plate_3: 280_S88_L001_R1_001.fastq.gz
                                          • Plate_2: 184_S88_L001_R1_001.fastq.gz
                                          • Plate_1: 88_S88_L001_R1_001.fastq.gz

                                          I was told to do the following:

                                          1. Go to the place where you have your raw data.
                                          2. You should have three folders: Plate_1, Plate_2, Plate_3
                                          3. Run this command in the terminal.

                                            for i in Plate_1/*.fastq.gz;do file=${i##*/};ls  Plate_1/$file Plate_2/$file Plate_3/$file;done
                                            

                                          Plate_1/10_S10_L001_R1_001.fastq.gz Plate_2/10_S10_L001_R1_001.fastq.gz

                                          Each folder should have the same file.

                                          mkdir Merged_Plates
                                          
                                          1. Then run following command

                                            for i in Plate_1/*.fastq.gz;do file=${i##*/};cat   Plate_1/$file Plate_2/$file Plate_3/$file > Merged_Plates/$file;done
                                            

                                          This will merge you samples and put them under Merged_Plates folder

                                          If I run the loop command to get each folder to be in the same file I get this:

                                          ls: cannot access Plate_2/10_S10_L001_R1_001.fastq.gz: No such file or directory
                                          ls: cannot access Plate_3/10_S10_L001_R1_001.fastq.gz: No such file or directory
                                          Plate_1/10_S10_L001_R1_001.fastq.gz
                                          

                                          So then I used the folder I was in to run it to trouble shoot:

                                          for i in Raw_Data/*.fastq.gz;do file=${i##*/};ls  Plate_1/$file Plate_2/$file Plate_3/$file;done
                                          

                                          I get this: Plate_1/10_S10_L001_R1_001.fastq.gz Plate_2/148_S52_L001_R1_001.fastq.gz
                                          Plate_1/10_S10_L001_R2_001.fastq.gz Plate_2/148_S52_L001_R2_001.fastq.gz

                                          This tells me that my data is not in the same file.

                                          What am I missing in the command?

                                          share|improve this question

                                          I need to take three files and merge them into one. I have a total of 288 samples where in the following files I have the same sample number (S88)

                                          • Plate_3: 280_S88_L001_R1_001.fastq.gz
                                          • Plate_2: 184_S88_L001_R1_001.fastq.gz
                                          • Plate_1: 88_S88_L001_R1_001.fastq.gz

                                          I was told to do the following:

                                          1. Go to the place where you have your raw data.
                                          2. You should have three folders: Plate_1, Plate_2, Plate_3
                                          3. Run this command in the terminal.

                                            for i in Plate_1/*.fastq.gz;do file=${i##*/};ls  Plate_1/$file Plate_2/$file Plate_3/$file;done
                                            

                                          Plate_1/10_S10_L001_R1_001.fastq.gz Plate_2/10_S10_L001_R1_001.fastq.gz

                                          Each folder should have the same file.

                                          mkdir Merged_Plates
                                          
                                          1. Then run following command

                                            for i in Plate_1/*.fastq.gz;do file=${i##*/};cat   Plate_1/$file Plate_2/$file Plate_3/$file > Merged_Plates/$file;done
                                            

                                          This will merge you samples and put them under Merged_Plates folder

                                          If I run the loop command to get each folder to be in the same file I get this:

                                          ls: cannot access Plate_2/10_S10_L001_R1_001.fastq.gz: No such file or directory
                                          ls: cannot access Plate_3/10_S10_L001_R1_001.fastq.gz: No such file or directory
                                          Plate_1/10_S10_L001_R1_001.fastq.gz
                                          

                                          So then I used the folder I was in to run it to trouble shoot:

                                          for i in Raw_Data/*.fastq.gz;do file=${i##*/};ls  Plate_1/$file Plate_2/$file Plate_3/$file;done
                                          

                                          I get this: Plate_1/10_S10_L001_R1_001.fastq.gz Plate_2/148_S52_L001_R1_001.fastq.gz
                                          Plate_1/10_S10_L001_R2_001.fastq.gz Plate_2/148_S52_L001_R2_001.fastq.gz

                                          This tells me that my data is not in the same file.

                                          What am I missing in the command?

                                          share|improve this question

                                          share|improve this question

                                          share|improve this question

                                          edited Jan 19 at 1:28

                                          G-Man

                                          11.6k82657

                                          11.6k82657

                                          asked Jan 19 at 1:15

                                          kimberly Wilson

                                          1

                                          1

                                          • 4

                                            Imagine that you’re talking to people who can’t read your mind and aren’t watching over your shoulder — because you are.   Then go back and edit your question to explain what you’re talking about:  where you are, what you have, where you want to be, what you want to have, what you’ve tried, and what happened.
                                            – G-Man
                                            Jan 19 at 1:34

                                          • It seems to me that you’re missing files.
                                            – Jeff Schaller
                                            Jan 19 at 1:52

                                          • 4

                                            Imagine that you’re talking to people who can’t read your mind and aren’t watching over your shoulder — because you are.   Then go back and edit your question to explain what you’re talking about:  where you are, what you have, where you want to be, what you want to have, what you’ve tried, and what happened.
                                            – G-Man
                                            Jan 19 at 1:34

                                          • It seems to me that you’re missing files.
                                            – Jeff Schaller
                                            Jan 19 at 1:52

                                          4

                                          4

                                          Imagine that you’re talking to people who can’t read your mind and aren’t watching over your shoulder — because you are.   Then go back and edit your question to explain what you’re talking about:  where you are, what you have, where you want to be, what you want to have, what you’ve tried, and what happened.
                                          – G-Man
                                          Jan 19 at 1:34

                                          Imagine that you’re talking to people who can’t read your mind and aren’t watching over your shoulder — because you are.   Then go back and edit your question to explain what you’re talking about:  where you are, what you have, where you want to be, what you want to have, what you’ve tried, and what happened.
                                          – G-Man
                                          Jan 19 at 1:34

                                          It seems to me that you’re missing files.
                                          – Jeff Schaller
                                          Jan 19 at 1:52

                                          It seems to me that you’re missing files.
                                          – Jeff Schaller
                                          Jan 19 at 1:52

                                          active

                                          oldest

                                          votes

                                          Your Answer

                                          StackExchange.ready(function() {
                                          var channelOptions = {
                                          tags: “”.split(” “),
                                          id: “106”
                                          };
                                          initTagRenderer(“”.split(” “), “”.split(” “), channelOptions);

                                          StackExchange.using(“externalEditor”, function() {
                                          // Have to fire editor after snippets, if snippets enabled
                                          if (StackExchange.settings.snippets.snippetsEnabled) {
                                          StackExchange.using(“snippets”, function() {
                                          createEditor();
                                          });
                                          }
                                          else {
                                          createEditor();
                                          }
                                          });

                                          function createEditor() {
                                          StackExchange.prepareEditor({
                                          heartbeatType: ‘answer’,
                                          convertImagesToLinks: false,
                                          noModals: false,
                                          showLowRepImageUploadWarning: true,
                                          reputationToPostImages: null,
                                          bindNavPrevention: true,
                                          postfix: “”,
                                          onDemand: true,
                                          discardSelector: “.discard-answer”
                                          ,immediatelyShowMarkdownHelp:true
                                          });

                                          }
                                          });

                                           
                                          draft saved
                                          draft discarded

                                          StackExchange.ready(
                                          function () {
                                          StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418130%2fneed-to-merge-reads-into-one-file%23new-answer’, ‘question_page’);
                                          }
                                          );

                                          Post as a guest

                                          active

                                          oldest

                                          votes

                                          active

                                          oldest

                                          votes

                                          active

                                          oldest

                                          votes

                                          active

                                          oldest

                                          votes

                                           
                                          draft saved
                                          draft discarded

                                           

                                          draft saved

                                          draft discarded

                                          StackExchange.ready(
                                          function () {
                                          StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418130%2fneed-to-merge-reads-into-one-file%23new-answer’, ‘question_page’);
                                          }
                                          );

                                          Post as a guest

                                          How do I get either pcks11_eventmgr or card_eventmgr to actually run as daemons?

                                          The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

                                          up vote
                                          0
                                          down vote

                                          favorite

                                          I’m working on getting my smart card set up on my RHEL 6.9 workstation so that when I remove it, the screen locks automatically. Then, when I insert it, the screen unlock dialog pops up (I’d prefer a full unlock, but that’s another issue).

                                          To be clear, I do have it functioning. If I run either pkcs11_eventmgr or card_eventmgr, xcreensaver-command is executed with either the -lock option when I remove the card, or the -deactivate option when I insert it.

                                          The problem is that, when I run either *_eventmgr command, I have to use the nodaemon option to ensure that it is running in the foreground. Otherwise, it appears to simply exit. When I daemonize the commands, nothing happens when I either insert or remove my smart card.

                                          If I pass the debug option when I try to daemonize I don’t get any useful output. Nor is anything listed when I run ps. Again, the commands both seem to simply exit. However, using debug with nodaemon displays all kinds of interesting output.

                                          Are both pkcs11_eventmgr and card_eventmgr just wonky with neither actually working as daemons? Am I missing some kind of unstated prerequisite step?

                                          Sample debug output if not daemonized:

                                          DEBUG:card_eventmgr.c:380: Scanning present readers
                                          DEBUG:card_eventmgr.c:437: 0: Dell smart card reader keyboard 00 00
                                          DEBUG:card_eventmgr.c:496: Reader 0 (Dell smart card reader keyboard 00 00)
                                          DEBUG:card_eventmgr.c:500: Card state: 0x00327698
                                          DEBUG:card_eventmgr.c:508: Card removed
                                          DEBUG:card_eventmgr.c:132: Onerror is set to: 'ignore'
                                          DEBUG:card_eventmgr.c:136: Executiong action: '/usr/bin/xscreensaver-command -lock'
                                          xscreensaver-command: activating and locking.
                                          
                                          DEBUG:card_eventmgr.c:145: Action '/usr/bin/xscreensaver-command -lock' returns 0
                                          DEBUG:card_eventmgr.c:496: Reader 0 (Dell smart card reader keyboard 00 00)
                                          DEBUG:card_eventmgr.c:500: Card state: 0x00393250
                                          DEBUG:card_eventmgr.c:513: Card inserted
                                          DEBUG:card_eventmgr.c:132: Onerror is set to: 'ignore'
                                          DEBUG:card_eventmgr.c:136: Executiong action: '/usr/bin/xscreensaver-command -deactivate'
                                          xscreensaver-command: deactivating.
                                          
                                          DEBUG:card_eventmgr.c:145: Action '/usr/bin/xscreensaver-command -deactivate' returns 0
                                          

                                          The only output when run with both the debug and daemon options is

                                          DEBUG:card_eventmgr.c:352: Going to be daemon...
                                          

                                          The only information from /var/log/secure:

                                          gdm-smartcard: pam_pkcs11(gdm-smartcard:auth): pam_get_pwd() failed: Conversation error
                                          

                                          From /var/log/messages:

                                          ifdhandler.c:1091:IFDHTransmitToICC() usb:413c/2101:libhal:/org/freedesktop/Hal/devices/usb_device_413c_2101_noserial_if0 (lun: 0)
                                          ....Previous message repeated numerous times
                                          winscard.c:343:SCardConnect() Lock released
                                          ifdhandler.c:1091:IFDHTransmitToICC() usb:413c/2101:libhal:/org/freedesktop/Hal/devices/usb_device_413c_2101_noserial_if0 (lun: 0)
                                          ....Previous message repeated numerous times
                                          

                                          share|improve this question

                                            up vote
                                            0
                                            down vote

                                            favorite

                                            I’m working on getting my smart card set up on my RHEL 6.9 workstation so that when I remove it, the screen locks automatically. Then, when I insert it, the screen unlock dialog pops up (I’d prefer a full unlock, but that’s another issue).

                                            To be clear, I do have it functioning. If I run either pkcs11_eventmgr or card_eventmgr, xcreensaver-command is executed with either the -lock option when I remove the card, or the -deactivate option when I insert it.

                                            The problem is that, when I run either *_eventmgr command, I have to use the nodaemon option to ensure that it is running in the foreground. Otherwise, it appears to simply exit. When I daemonize the commands, nothing happens when I either insert or remove my smart card.

                                            If I pass the debug option when I try to daemonize I don’t get any useful output. Nor is anything listed when I run ps. Again, the commands both seem to simply exit. However, using debug with nodaemon displays all kinds of interesting output.

                                            Are both pkcs11_eventmgr and card_eventmgr just wonky with neither actually working as daemons? Am I missing some kind of unstated prerequisite step?

                                            Sample debug output if not daemonized:

                                            DEBUG:card_eventmgr.c:380: Scanning present readers
                                            DEBUG:card_eventmgr.c:437: 0: Dell smart card reader keyboard 00 00
                                            DEBUG:card_eventmgr.c:496: Reader 0 (Dell smart card reader keyboard 00 00)
                                            DEBUG:card_eventmgr.c:500: Card state: 0x00327698
                                            DEBUG:card_eventmgr.c:508: Card removed
                                            DEBUG:card_eventmgr.c:132: Onerror is set to: 'ignore'
                                            DEBUG:card_eventmgr.c:136: Executiong action: '/usr/bin/xscreensaver-command -lock'
                                            xscreensaver-command: activating and locking.
                                            
                                            DEBUG:card_eventmgr.c:145: Action '/usr/bin/xscreensaver-command -lock' returns 0
                                            DEBUG:card_eventmgr.c:496: Reader 0 (Dell smart card reader keyboard 00 00)
                                            DEBUG:card_eventmgr.c:500: Card state: 0x00393250
                                            DEBUG:card_eventmgr.c:513: Card inserted
                                            DEBUG:card_eventmgr.c:132: Onerror is set to: 'ignore'
                                            DEBUG:card_eventmgr.c:136: Executiong action: '/usr/bin/xscreensaver-command -deactivate'
                                            xscreensaver-command: deactivating.
                                            
                                            DEBUG:card_eventmgr.c:145: Action '/usr/bin/xscreensaver-command -deactivate' returns 0
                                            

                                            The only output when run with both the debug and daemon options is

                                            DEBUG:card_eventmgr.c:352: Going to be daemon...
                                            

                                            The only information from /var/log/secure:

                                            gdm-smartcard: pam_pkcs11(gdm-smartcard:auth): pam_get_pwd() failed: Conversation error
                                            

                                            From /var/log/messages:

                                            ifdhandler.c:1091:IFDHTransmitToICC() usb:413c/2101:libhal:/org/freedesktop/Hal/devices/usb_device_413c_2101_noserial_if0 (lun: 0)
                                            ....Previous message repeated numerous times
                                            winscard.c:343:SCardConnect() Lock released
                                            ifdhandler.c:1091:IFDHTransmitToICC() usb:413c/2101:libhal:/org/freedesktop/Hal/devices/usb_device_413c_2101_noserial_if0 (lun: 0)
                                            ....Previous message repeated numerous times
                                            

                                            share|improve this question

                                              up vote
                                              0
                                              down vote

                                              favorite

                                              up vote
                                              0
                                              down vote

                                              favorite

                                              I’m working on getting my smart card set up on my RHEL 6.9 workstation so that when I remove it, the screen locks automatically. Then, when I insert it, the screen unlock dialog pops up (I’d prefer a full unlock, but that’s another issue).

                                              To be clear, I do have it functioning. If I run either pkcs11_eventmgr or card_eventmgr, xcreensaver-command is executed with either the -lock option when I remove the card, or the -deactivate option when I insert it.

                                              The problem is that, when I run either *_eventmgr command, I have to use the nodaemon option to ensure that it is running in the foreground. Otherwise, it appears to simply exit. When I daemonize the commands, nothing happens when I either insert or remove my smart card.

                                              If I pass the debug option when I try to daemonize I don’t get any useful output. Nor is anything listed when I run ps. Again, the commands both seem to simply exit. However, using debug with nodaemon displays all kinds of interesting output.

                                              Are both pkcs11_eventmgr and card_eventmgr just wonky with neither actually working as daemons? Am I missing some kind of unstated prerequisite step?

                                              Sample debug output if not daemonized:

                                              DEBUG:card_eventmgr.c:380: Scanning present readers
                                              DEBUG:card_eventmgr.c:437: 0: Dell smart card reader keyboard 00 00
                                              DEBUG:card_eventmgr.c:496: Reader 0 (Dell smart card reader keyboard 00 00)
                                              DEBUG:card_eventmgr.c:500: Card state: 0x00327698
                                              DEBUG:card_eventmgr.c:508: Card removed
                                              DEBUG:card_eventmgr.c:132: Onerror is set to: 'ignore'
                                              DEBUG:card_eventmgr.c:136: Executiong action: '/usr/bin/xscreensaver-command -lock'
                                              xscreensaver-command: activating and locking.
                                              
                                              DEBUG:card_eventmgr.c:145: Action '/usr/bin/xscreensaver-command -lock' returns 0
                                              DEBUG:card_eventmgr.c:496: Reader 0 (Dell smart card reader keyboard 00 00)
                                              DEBUG:card_eventmgr.c:500: Card state: 0x00393250
                                              DEBUG:card_eventmgr.c:513: Card inserted
                                              DEBUG:card_eventmgr.c:132: Onerror is set to: 'ignore'
                                              DEBUG:card_eventmgr.c:136: Executiong action: '/usr/bin/xscreensaver-command -deactivate'
                                              xscreensaver-command: deactivating.
                                              
                                              DEBUG:card_eventmgr.c:145: Action '/usr/bin/xscreensaver-command -deactivate' returns 0
                                              

                                              The only output when run with both the debug and daemon options is

                                              DEBUG:card_eventmgr.c:352: Going to be daemon...
                                              

                                              The only information from /var/log/secure:

                                              gdm-smartcard: pam_pkcs11(gdm-smartcard:auth): pam_get_pwd() failed: Conversation error
                                              

                                              From /var/log/messages:

                                              ifdhandler.c:1091:IFDHTransmitToICC() usb:413c/2101:libhal:/org/freedesktop/Hal/devices/usb_device_413c_2101_noserial_if0 (lun: 0)
                                              ....Previous message repeated numerous times
                                              winscard.c:343:SCardConnect() Lock released
                                              ifdhandler.c:1091:IFDHTransmitToICC() usb:413c/2101:libhal:/org/freedesktop/Hal/devices/usb_device_413c_2101_noserial_if0 (lun: 0)
                                              ....Previous message repeated numerous times
                                              

                                              share|improve this question

                                              I’m working on getting my smart card set up on my RHEL 6.9 workstation so that when I remove it, the screen locks automatically. Then, when I insert it, the screen unlock dialog pops up (I’d prefer a full unlock, but that’s another issue).

                                              To be clear, I do have it functioning. If I run either pkcs11_eventmgr or card_eventmgr, xcreensaver-command is executed with either the -lock option when I remove the card, or the -deactivate option when I insert it.

                                              The problem is that, when I run either *_eventmgr command, I have to use the nodaemon option to ensure that it is running in the foreground. Otherwise, it appears to simply exit. When I daemonize the commands, nothing happens when I either insert or remove my smart card.

                                              If I pass the debug option when I try to daemonize I don’t get any useful output. Nor is anything listed when I run ps. Again, the commands both seem to simply exit. However, using debug with nodaemon displays all kinds of interesting output.

                                              Are both pkcs11_eventmgr and card_eventmgr just wonky with neither actually working as daemons? Am I missing some kind of unstated prerequisite step?

                                              Sample debug output if not daemonized:

                                              DEBUG:card_eventmgr.c:380: Scanning present readers
                                              DEBUG:card_eventmgr.c:437: 0: Dell smart card reader keyboard 00 00
                                              DEBUG:card_eventmgr.c:496: Reader 0 (Dell smart card reader keyboard 00 00)
                                              DEBUG:card_eventmgr.c:500: Card state: 0x00327698
                                              DEBUG:card_eventmgr.c:508: Card removed
                                              DEBUG:card_eventmgr.c:132: Onerror is set to: 'ignore'
                                              DEBUG:card_eventmgr.c:136: Executiong action: '/usr/bin/xscreensaver-command -lock'
                                              xscreensaver-command: activating and locking.
                                              
                                              DEBUG:card_eventmgr.c:145: Action '/usr/bin/xscreensaver-command -lock' returns 0
                                              DEBUG:card_eventmgr.c:496: Reader 0 (Dell smart card reader keyboard 00 00)
                                              DEBUG:card_eventmgr.c:500: Card state: 0x00393250
                                              DEBUG:card_eventmgr.c:513: Card inserted
                                              DEBUG:card_eventmgr.c:132: Onerror is set to: 'ignore'
                                              DEBUG:card_eventmgr.c:136: Executiong action: '/usr/bin/xscreensaver-command -deactivate'
                                              xscreensaver-command: deactivating.
                                              
                                              DEBUG:card_eventmgr.c:145: Action '/usr/bin/xscreensaver-command -deactivate' returns 0
                                              

                                              The only output when run with both the debug and daemon options is

                                              DEBUG:card_eventmgr.c:352: Going to be daemon...
                                              

                                              The only information from /var/log/secure:

                                              gdm-smartcard: pam_pkcs11(gdm-smartcard:auth): pam_get_pwd() failed: Conversation error
                                              

                                              From /var/log/messages:

                                              ifdhandler.c:1091:IFDHTransmitToICC() usb:413c/2101:libhal:/org/freedesktop/Hal/devices/usb_device_413c_2101_noserial_if0 (lun: 0)
                                              ....Previous message repeated numerous times
                                              winscard.c:343:SCardConnect() Lock released
                                              ifdhandler.c:1091:IFDHTransmitToICC() usb:413c/2101:libhal:/org/freedesktop/Hal/devices/usb_device_413c_2101_noserial_if0 (lun: 0)
                                              ....Previous message repeated numerous times
                                              

                                              share|improve this question

                                              share|improve this question

                                              share|improve this question

                                              edited Jan 19 at 16:08

                                              asked Jan 19 at 15:57

                                              theillien

                                              5463725

                                              5463725

                                                  active

                                                  oldest

                                                  votes

                                                  Your Answer

                                                  StackExchange.ready(function() {
                                                  var channelOptions = {
                                                  tags: “”.split(” “),
                                                  id: “106”
                                                  };
                                                  initTagRenderer(“”.split(” “), “”.split(” “), channelOptions);

                                                  StackExchange.using(“externalEditor”, function() {
                                                  // Have to fire editor after snippets, if snippets enabled
                                                  if (StackExchange.settings.snippets.snippetsEnabled) {
                                                  StackExchange.using(“snippets”, function() {
                                                  createEditor();
                                                  });
                                                  }
                                                  else {
                                                  createEditor();
                                                  }
                                                  });

                                                  function createEditor() {
                                                  StackExchange.prepareEditor({
                                                  heartbeatType: ‘answer’,
                                                  convertImagesToLinks: false,
                                                  noModals: false,
                                                  showLowRepImageUploadWarning: true,
                                                  reputationToPostImages: null,
                                                  bindNavPrevention: true,
                                                  postfix: “”,
                                                  onDemand: true,
                                                  discardSelector: “.discard-answer”
                                                  ,immediatelyShowMarkdownHelp:true
                                                  });

                                                  }
                                                  });

                                                   
                                                  draft saved
                                                  draft discarded

                                                  StackExchange.ready(
                                                  function () {
                                                  StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418254%2fhow-do-i-get-either-pcks11-eventmgr-or-card-eventmgr-to-actually-run-as-daemons%23new-answer’, ‘question_page’);
                                                  }
                                                  );

                                                  Post as a guest

                                                  active

                                                  oldest

                                                  votes

                                                  active

                                                  oldest

                                                  votes

                                                  active

                                                  oldest

                                                  votes

                                                  active

                                                  oldest

                                                  votes

                                                   
                                                  draft saved
                                                  draft discarded

                                                   

                                                  draft saved

                                                  draft discarded

                                                  StackExchange.ready(
                                                  function () {
                                                  StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418254%2fhow-do-i-get-either-pcks11-eventmgr-or-card-eventmgr-to-actually-run-as-daemons%23new-answer’, ‘question_page’);
                                                  }
                                                  );

                                                  Post as a guest

                                                  Setting proxy environment variables in a shell script [duplicate]

                                                  The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

                                                  up vote
                                                  0
                                                  down vote

                                                  favorite

                                                  This question already has an answer here:

                                                  • How can I make environment variables “exported” in a shell script stick around?

                                                    2 answers

                                                  I am trying to set a proxy on a rotating basis; but my export commands are not working. I’m using CentOS 7.

                                                  I’ve gone back to basics and tested a really simple bash script, which sets and unsets environment variables, and then tests them. The environment variables appear set properly, but my external IP is still showing as my local IP.

                                                  $1 is an address in the form http://119.27.177.169:80

                                                  #!/bin/bash
                                                  
                                                  function set() {
                                                      export http_proxy="$1/"    # not working
                                                      export https_proxy="$1/"   # not working
                                                      testExtIP
                                                  }
                                                  
                                                  function unset() {
                                                      unset http_proxy
                                                      unset https_proxy
                                                      testExtIP
                                                  }
                                                  
                                                  function testExtIP() {
                                                      externalHTTP=$(curl -s http://api.ipify.org) # an API that echos the external IP quickly
                                                      externalHTTPS=$(curl -s https://api.ipify.org)
                                                      echo "External HTTP: $externalHTTP; external HTTPS: $externalHTTPS" 
                                                  }
                                                  
                                                  case "$1" in
                                                      'set')
                                                      set $2 # speed
                                                      ;;
                                                      'unset')
                                                      unset $2
                                                      ;;
                                                      'test')
                                                      testExtIP $2
                                                      ;;
                                                      *)
                                                      echo "Usage: $0 $versum [set|unset|test]"
                                                      ;;
                                                  esac
                                                  

                                                  I would like the script to return:

                                                  External HTTP: 119.27.177.169; external HTTPS: 119.27.177.169

                                                  But my external IP isn’t set:

                                                  External HTTP: **SERVERIP**; external HTTPS: **SERVERIP**

                                                  which I’ve tested using various tools. Why is the export command not working? Am I missing something important?

                                                  share|improve this question

                                                  marked as duplicate by Patrick, thrig, mdpc, Michael Homer, jimmij Jan 20 at 12:44

                                                  This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.

                                                  • this does not seem useful, as the exports are only in the context of the script, and vanish when the script exits (a child process cannot alter the environment of its parent)
                                                    – thrig
                                                    Jan 19 at 22:33

                                                  • Just some nitpicking: set and unset are shell built in commands. Just should pick other names for your functions.
                                                    – Kusalananda
                                                    Jan 20 at 12:33

                                                  up vote
                                                  0
                                                  down vote

                                                  favorite

                                                  This question already has an answer here:

                                                  • How can I make environment variables “exported” in a shell script stick around?

                                                    2 answers

                                                  I am trying to set a proxy on a rotating basis; but my export commands are not working. I’m using CentOS 7.

                                                  I’ve gone back to basics and tested a really simple bash script, which sets and unsets environment variables, and then tests them. The environment variables appear set properly, but my external IP is still showing as my local IP.

                                                  $1 is an address in the form http://119.27.177.169:80

                                                  #!/bin/bash
                                                  
                                                  function set() {
                                                      export http_proxy="$1/"    # not working
                                                      export https_proxy="$1/"   # not working
                                                      testExtIP
                                                  }
                                                  
                                                  function unset() {
                                                      unset http_proxy
                                                      unset https_proxy
                                                      testExtIP
                                                  }
                                                  
                                                  function testExtIP() {
                                                      externalHTTP=$(curl -s http://api.ipify.org) # an API that echos the external IP quickly
                                                      externalHTTPS=$(curl -s https://api.ipify.org)
                                                      echo "External HTTP: $externalHTTP; external HTTPS: $externalHTTPS" 
                                                  }
                                                  
                                                  case "$1" in
                                                      'set')
                                                      set $2 # speed
                                                      ;;
                                                      'unset')
                                                      unset $2
                                                      ;;
                                                      'test')
                                                      testExtIP $2
                                                      ;;
                                                      *)
                                                      echo "Usage: $0 $versum [set|unset|test]"
                                                      ;;
                                                  esac
                                                  

                                                  I would like the script to return:

                                                  External HTTP: 119.27.177.169; external HTTPS: 119.27.177.169

                                                  But my external IP isn’t set:

                                                  External HTTP: **SERVERIP**; external HTTPS: **SERVERIP**

                                                  which I’ve tested using various tools. Why is the export command not working? Am I missing something important?

                                                  share|improve this question

                                                  marked as duplicate by Patrick, thrig, mdpc, Michael Homer, jimmij Jan 20 at 12:44

                                                  This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.

                                                  • this does not seem useful, as the exports are only in the context of the script, and vanish when the script exits (a child process cannot alter the environment of its parent)
                                                    – thrig
                                                    Jan 19 at 22:33

                                                  • Just some nitpicking: set and unset are shell built in commands. Just should pick other names for your functions.
                                                    – Kusalananda
                                                    Jan 20 at 12:33

                                                  up vote
                                                  0
                                                  down vote

                                                  favorite

                                                  up vote
                                                  0
                                                  down vote

                                                  favorite

                                                  This question already has an answer here:

                                                  • How can I make environment variables “exported” in a shell script stick around?

                                                    2 answers

                                                  I am trying to set a proxy on a rotating basis; but my export commands are not working. I’m using CentOS 7.

                                                  I’ve gone back to basics and tested a really simple bash script, which sets and unsets environment variables, and then tests them. The environment variables appear set properly, but my external IP is still showing as my local IP.

                                                  $1 is an address in the form http://119.27.177.169:80

                                                  #!/bin/bash
                                                  
                                                  function set() {
                                                      export http_proxy="$1/"    # not working
                                                      export https_proxy="$1/"   # not working
                                                      testExtIP
                                                  }
                                                  
                                                  function unset() {
                                                      unset http_proxy
                                                      unset https_proxy
                                                      testExtIP
                                                  }
                                                  
                                                  function testExtIP() {
                                                      externalHTTP=$(curl -s http://api.ipify.org) # an API that echos the external IP quickly
                                                      externalHTTPS=$(curl -s https://api.ipify.org)
                                                      echo "External HTTP: $externalHTTP; external HTTPS: $externalHTTPS" 
                                                  }
                                                  
                                                  case "$1" in
                                                      'set')
                                                      set $2 # speed
                                                      ;;
                                                      'unset')
                                                      unset $2
                                                      ;;
                                                      'test')
                                                      testExtIP $2
                                                      ;;
                                                      *)
                                                      echo "Usage: $0 $versum [set|unset|test]"
                                                      ;;
                                                  esac
                                                  

                                                  I would like the script to return:

                                                  External HTTP: 119.27.177.169; external HTTPS: 119.27.177.169

                                                  But my external IP isn’t set:

                                                  External HTTP: **SERVERIP**; external HTTPS: **SERVERIP**

                                                  which I’ve tested using various tools. Why is the export command not working? Am I missing something important?

                                                  share|improve this question

                                                  This question already has an answer here:

                                                  • How can I make environment variables “exported” in a shell script stick around?

                                                    2 answers

                                                  I am trying to set a proxy on a rotating basis; but my export commands are not working. I’m using CentOS 7.

                                                  I’ve gone back to basics and tested a really simple bash script, which sets and unsets environment variables, and then tests them. The environment variables appear set properly, but my external IP is still showing as my local IP.

                                                  $1 is an address in the form http://119.27.177.169:80

                                                  #!/bin/bash
                                                  
                                                  function set() {
                                                      export http_proxy="$1/"    # not working
                                                      export https_proxy="$1/"   # not working
                                                      testExtIP
                                                  }
                                                  
                                                  function unset() {
                                                      unset http_proxy
                                                      unset https_proxy
                                                      testExtIP
                                                  }
                                                  
                                                  function testExtIP() {
                                                      externalHTTP=$(curl -s http://api.ipify.org) # an API that echos the external IP quickly
                                                      externalHTTPS=$(curl -s https://api.ipify.org)
                                                      echo "External HTTP: $externalHTTP; external HTTPS: $externalHTTPS" 
                                                  }
                                                  
                                                  case "$1" in
                                                      'set')
                                                      set $2 # speed
                                                      ;;
                                                      'unset')
                                                      unset $2
                                                      ;;
                                                      'test')
                                                      testExtIP $2
                                                      ;;
                                                      *)
                                                      echo "Usage: $0 $versum [set|unset|test]"
                                                      ;;
                                                  esac
                                                  

                                                  I would like the script to return:

                                                  External HTTP: 119.27.177.169; external HTTPS: 119.27.177.169

                                                  But my external IP isn’t set:

                                                  External HTTP: **SERVERIP**; external HTTPS: **SERVERIP**

                                                  which I’ve tested using various tools. Why is the export command not working? Am I missing something important?

                                                  This question already has an answer here:

                                                  • How can I make environment variables “exported” in a shell script stick around?

                                                    2 answers

                                                  share|improve this question

                                                  share|improve this question

                                                  share|improve this question

                                                  asked Jan 19 at 22:22

                                                  Michael Riordan

                                                  385

                                                  385

                                                  marked as duplicate by Patrick, thrig, mdpc, Michael Homer, jimmij Jan 20 at 12:44

                                                  This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.

                                                  marked as duplicate by Patrick, thrig, mdpc, Michael Homer, jimmij Jan 20 at 12:44

                                                  This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.

                                                  • this does not seem useful, as the exports are only in the context of the script, and vanish when the script exits (a child process cannot alter the environment of its parent)
                                                    – thrig
                                                    Jan 19 at 22:33

                                                  • Just some nitpicking: set and unset are shell built in commands. Just should pick other names for your functions.
                                                    – Kusalananda
                                                    Jan 20 at 12:33

                                                  • this does not seem useful, as the exports are only in the context of the script, and vanish when the script exits (a child process cannot alter the environment of its parent)
                                                    – thrig
                                                    Jan 19 at 22:33

                                                  • Just some nitpicking: set and unset are shell built in commands. Just should pick other names for your functions.
                                                    – Kusalananda
                                                    Jan 20 at 12:33

                                                  this does not seem useful, as the exports are only in the context of the script, and vanish when the script exits (a child process cannot alter the environment of its parent)
                                                  – thrig
                                                  Jan 19 at 22:33

                                                  this does not seem useful, as the exports are only in the context of the script, and vanish when the script exits (a child process cannot alter the environment of its parent)
                                                  – thrig
                                                  Jan 19 at 22:33

                                                  Just some nitpicking: set and unset are shell built in commands. Just should pick other names for your functions.
                                                  – Kusalananda
                                                  Jan 20 at 12:33

                                                  Just some nitpicking: set and unset are shell built in commands. Just should pick other names for your functions.
                                                  – Kusalananda
                                                  Jan 20 at 12:33

                                                  1 Answer
                                                  1

                                                  active

                                                  oldest

                                                  votes

                                                  up vote
                                                  0
                                                  down vote

                                                  You can’t do it like this. A script has its own set of variables (or environment if you will) which is only available to the script itself and that disappears as soon as the script ends. Therefore the shell which is the parent of the script (because you run the script from within the shell) doesn’t know about the environment and set variables of the script.

                                                  share|improve this answer

                                                  • This is helpful. I think here was my problem all along. A good solution would be to use these functions in the script that uses the proxy server?
                                                    – Michael Riordan
                                                    Jan 19 at 22:50

                                                  • No, the environment is still only available to the script itself so testing with the external server does not give the expected result.
                                                    – wie5Ooma
                                                    Jan 19 at 22:57

                                                  • And by external server I mean the API of course.
                                                    – wie5Ooma
                                                    Jan 19 at 22:58

                                                  1 Answer
                                                  1

                                                  active

                                                  oldest

                                                  votes

                                                  1 Answer
                                                  1

                                                  active

                                                  oldest

                                                  votes

                                                  active

                                                  oldest

                                                  votes

                                                  active

                                                  oldest

                                                  votes

                                                  up vote
                                                  0
                                                  down vote

                                                  You can’t do it like this. A script has its own set of variables (or environment if you will) which is only available to the script itself and that disappears as soon as the script ends. Therefore the shell which is the parent of the script (because you run the script from within the shell) doesn’t know about the environment and set variables of the script.

                                                  share|improve this answer

                                                  • This is helpful. I think here was my problem all along. A good solution would be to use these functions in the script that uses the proxy server?
                                                    – Michael Riordan
                                                    Jan 19 at 22:50

                                                  • No, the environment is still only available to the script itself so testing with the external server does not give the expected result.
                                                    – wie5Ooma
                                                    Jan 19 at 22:57

                                                  • And by external server I mean the API of course.
                                                    – wie5Ooma
                                                    Jan 19 at 22:58

                                                  up vote
                                                  0
                                                  down vote

                                                  You can’t do it like this. A script has its own set of variables (or environment if you will) which is only available to the script itself and that disappears as soon as the script ends. Therefore the shell which is the parent of the script (because you run the script from within the shell) doesn’t know about the environment and set variables of the script.

                                                  share|improve this answer

                                                  • This is helpful. I think here was my problem all along. A good solution would be to use these functions in the script that uses the proxy server?
                                                    – Michael Riordan
                                                    Jan 19 at 22:50

                                                  • No, the environment is still only available to the script itself so testing with the external server does not give the expected result.
                                                    – wie5Ooma
                                                    Jan 19 at 22:57

                                                  • And by external server I mean the API of course.
                                                    – wie5Ooma
                                                    Jan 19 at 22:58

                                                  up vote
                                                  0
                                                  down vote

                                                  up vote
                                                  0
                                                  down vote

                                                  You can’t do it like this. A script has its own set of variables (or environment if you will) which is only available to the script itself and that disappears as soon as the script ends. Therefore the shell which is the parent of the script (because you run the script from within the shell) doesn’t know about the environment and set variables of the script.

                                                  share|improve this answer

                                                  You can’t do it like this. A script has its own set of variables (or environment if you will) which is only available to the script itself and that disappears as soon as the script ends. Therefore the shell which is the parent of the script (because you run the script from within the shell) doesn’t know about the environment and set variables of the script.

                                                  share|improve this answer

                                                  share|improve this answer

                                                  share|improve this answer

                                                  answered Jan 19 at 22:42

                                                  wie5Ooma

                                                  2901212

                                                  2901212

                                                  • This is helpful. I think here was my problem all along. A good solution would be to use these functions in the script that uses the proxy server?
                                                    – Michael Riordan
                                                    Jan 19 at 22:50

                                                  • No, the environment is still only available to the script itself so testing with the external server does not give the expected result.
                                                    – wie5Ooma
                                                    Jan 19 at 22:57

                                                  • And by external server I mean the API of course.
                                                    – wie5Ooma
                                                    Jan 19 at 22:58

                                                  • This is helpful. I think here was my problem all along. A good solution would be to use these functions in the script that uses the proxy server?
                                                    – Michael Riordan
                                                    Jan 19 at 22:50

                                                  • No, the environment is still only available to the script itself so testing with the external server does not give the expected result.
                                                    – wie5Ooma
                                                    Jan 19 at 22:57

                                                  • And by external server I mean the API of course.
                                                    – wie5Ooma
                                                    Jan 19 at 22:58

                                                  This is helpful. I think here was my problem all along. A good solution would be to use these functions in the script that uses the proxy server?
                                                  – Michael Riordan
                                                  Jan 19 at 22:50

                                                  This is helpful. I think here was my problem all along. A good solution would be to use these functions in the script that uses the proxy server?
                                                  – Michael Riordan
                                                  Jan 19 at 22:50

                                                  No, the environment is still only available to the script itself so testing with the external server does not give the expected result.
                                                  – wie5Ooma
                                                  Jan 19 at 22:57

                                                  No, the environment is still only available to the script itself so testing with the external server does not give the expected result.
                                                  – wie5Ooma
                                                  Jan 19 at 22:57

                                                  And by external server I mean the API of course.
                                                  – wie5Ooma
                                                  Jan 19 at 22:58

                                                  And by external server I mean the API of course.
                                                  – wie5Ooma
                                                  Jan 19 at 22:58

                                                  How do I list commands associated with non-custom desktop keybindings?

                                                  The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

                                                  up vote
                                                  1
                                                  down vote

                                                  favorite

                                                  1

                                                  I already know how to determine the command associated with a custom desktop keybinding (keyboard shortcut) in relatively recent Linux Mint versions running the Cinnamon desktop environment. My preference is to do this from the command line:

                                                  $ gsettings get org.cinnamon.desktop.keybindings custom-list
                                                  ['custom0', 'custom1']
                                                  $ gsettings list-recursively org.cinnamon.desktop.keybindings.custom-keybinding:/org/cinnamon/desktop/keybindings/custom-keybindings/custom0/
                                                  org.cinnamon.desktop.keybindings.custom-keybinding binding ['<Super>m']
                                                  org.cinnamon.desktop.keybindings.custom-keybinding command '/usr/bin/xed'
                                                  org.cinnamon.desktop.keybindings.custom-keybinding name 'SomeBinding'
                                                  

                                                  I also know how to determine which key sequences are bound to built-in (non-custom) keybindings, such as these for launching a calculator and muting the microphone:

                                                  $ gsettings get org.cinnamon.desktop.keybindings.media-keys calculator
                                                  ['XF86Calculator']
                                                  $ gsettings get org.cinnamon.desktop.keybindings.media-keys mic-mute
                                                  ['XF86AudioMicMute']
                                                  

                                                  What I want to know, however, is which command is associated with any given built-in keybinding. This can be learned empirically, of course, but that’s not trivial in many cases. In my case that calculator binding maps to /usr/bin/gnome-calculator, but how/where is that mapping made?

                                                  More generally, how do I list the commands associated with all such built-in keybindings? I expected this to be in the dconf data store, but have been unable to find it. Scouring the file system hasn’t yielded anything yet either.

                                                  I’m running Linux Mint 18.3, but I suspect the answer to this question should be very similar for any distribution relying on dconf.

                                                  share|improve this question

                                                    up vote
                                                    1
                                                    down vote

                                                    favorite

                                                    1

                                                    I already know how to determine the command associated with a custom desktop keybinding (keyboard shortcut) in relatively recent Linux Mint versions running the Cinnamon desktop environment. My preference is to do this from the command line:

                                                    $ gsettings get org.cinnamon.desktop.keybindings custom-list
                                                    ['custom0', 'custom1']
                                                    $ gsettings list-recursively org.cinnamon.desktop.keybindings.custom-keybinding:/org/cinnamon/desktop/keybindings/custom-keybindings/custom0/
                                                    org.cinnamon.desktop.keybindings.custom-keybinding binding ['<Super>m']
                                                    org.cinnamon.desktop.keybindings.custom-keybinding command '/usr/bin/xed'
                                                    org.cinnamon.desktop.keybindings.custom-keybinding name 'SomeBinding'
                                                    

                                                    I also know how to determine which key sequences are bound to built-in (non-custom) keybindings, such as these for launching a calculator and muting the microphone:

                                                    $ gsettings get org.cinnamon.desktop.keybindings.media-keys calculator
                                                    ['XF86Calculator']
                                                    $ gsettings get org.cinnamon.desktop.keybindings.media-keys mic-mute
                                                    ['XF86AudioMicMute']
                                                    

                                                    What I want to know, however, is which command is associated with any given built-in keybinding. This can be learned empirically, of course, but that’s not trivial in many cases. In my case that calculator binding maps to /usr/bin/gnome-calculator, but how/where is that mapping made?

                                                    More generally, how do I list the commands associated with all such built-in keybindings? I expected this to be in the dconf data store, but have been unable to find it. Scouring the file system hasn’t yielded anything yet either.

                                                    I’m running Linux Mint 18.3, but I suspect the answer to this question should be very similar for any distribution relying on dconf.

                                                    share|improve this question

                                                      up vote
                                                      1
                                                      down vote

                                                      favorite

                                                      1

                                                      up vote
                                                      1
                                                      down vote

                                                      favorite

                                                      1
                                                      1

                                                      I already know how to determine the command associated with a custom desktop keybinding (keyboard shortcut) in relatively recent Linux Mint versions running the Cinnamon desktop environment. My preference is to do this from the command line:

                                                      $ gsettings get org.cinnamon.desktop.keybindings custom-list
                                                      ['custom0', 'custom1']
                                                      $ gsettings list-recursively org.cinnamon.desktop.keybindings.custom-keybinding:/org/cinnamon/desktop/keybindings/custom-keybindings/custom0/
                                                      org.cinnamon.desktop.keybindings.custom-keybinding binding ['<Super>m']
                                                      org.cinnamon.desktop.keybindings.custom-keybinding command '/usr/bin/xed'
                                                      org.cinnamon.desktop.keybindings.custom-keybinding name 'SomeBinding'
                                                      

                                                      I also know how to determine which key sequences are bound to built-in (non-custom) keybindings, such as these for launching a calculator and muting the microphone:

                                                      $ gsettings get org.cinnamon.desktop.keybindings.media-keys calculator
                                                      ['XF86Calculator']
                                                      $ gsettings get org.cinnamon.desktop.keybindings.media-keys mic-mute
                                                      ['XF86AudioMicMute']
                                                      

                                                      What I want to know, however, is which command is associated with any given built-in keybinding. This can be learned empirically, of course, but that’s not trivial in many cases. In my case that calculator binding maps to /usr/bin/gnome-calculator, but how/where is that mapping made?

                                                      More generally, how do I list the commands associated with all such built-in keybindings? I expected this to be in the dconf data store, but have been unable to find it. Scouring the file system hasn’t yielded anything yet either.

                                                      I’m running Linux Mint 18.3, but I suspect the answer to this question should be very similar for any distribution relying on dconf.

                                                      share|improve this question

                                                      I already know how to determine the command associated with a custom desktop keybinding (keyboard shortcut) in relatively recent Linux Mint versions running the Cinnamon desktop environment. My preference is to do this from the command line:

                                                      $ gsettings get org.cinnamon.desktop.keybindings custom-list
                                                      ['custom0', 'custom1']
                                                      $ gsettings list-recursively org.cinnamon.desktop.keybindings.custom-keybinding:/org/cinnamon/desktop/keybindings/custom-keybindings/custom0/
                                                      org.cinnamon.desktop.keybindings.custom-keybinding binding ['<Super>m']
                                                      org.cinnamon.desktop.keybindings.custom-keybinding command '/usr/bin/xed'
                                                      org.cinnamon.desktop.keybindings.custom-keybinding name 'SomeBinding'
                                                      

                                                      I also know how to determine which key sequences are bound to built-in (non-custom) keybindings, such as these for launching a calculator and muting the microphone:

                                                      $ gsettings get org.cinnamon.desktop.keybindings.media-keys calculator
                                                      ['XF86Calculator']
                                                      $ gsettings get org.cinnamon.desktop.keybindings.media-keys mic-mute
                                                      ['XF86AudioMicMute']
                                                      

                                                      What I want to know, however, is which command is associated with any given built-in keybinding. This can be learned empirically, of course, but that’s not trivial in many cases. In my case that calculator binding maps to /usr/bin/gnome-calculator, but how/where is that mapping made?

                                                      More generally, how do I list the commands associated with all such built-in keybindings? I expected this to be in the dconf data store, but have been unable to find it. Scouring the file system hasn’t yielded anything yet either.

                                                      I’m running Linux Mint 18.3, but I suspect the answer to this question should be very similar for any distribution relying on dconf.

                                                      share|improve this question

                                                      share|improve this question

                                                      share|improve this question

                                                      asked Jan 20 at 7:23

                                                      froage

                                                      98113

                                                      98113

                                                          active

                                                          oldest

                                                          votes

                                                          Your Answer

                                                          StackExchange.ready(function() {
                                                          var channelOptions = {
                                                          tags: “”.split(” “),
                                                          id: “106”
                                                          };
                                                          initTagRenderer(“”.split(” “), “”.split(” “), channelOptions);

                                                          StackExchange.using(“externalEditor”, function() {
                                                          // Have to fire editor after snippets, if snippets enabled
                                                          if (StackExchange.settings.snippets.snippetsEnabled) {
                                                          StackExchange.using(“snippets”, function() {
                                                          createEditor();
                                                          });
                                                          }
                                                          else {
                                                          createEditor();
                                                          }
                                                          });

                                                          function createEditor() {
                                                          StackExchange.prepareEditor({
                                                          heartbeatType: ‘answer’,
                                                          convertImagesToLinks: false,
                                                          noModals: false,
                                                          showLowRepImageUploadWarning: true,
                                                          reputationToPostImages: null,
                                                          bindNavPrevention: true,
                                                          postfix: “”,
                                                          onDemand: true,
                                                          discardSelector: “.discard-answer”
                                                          ,immediatelyShowMarkdownHelp:true
                                                          });

                                                          }
                                                          });

                                                           
                                                          draft saved
                                                          draft discarded

                                                          StackExchange.ready(
                                                          function () {
                                                          StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418405%2fhow-do-i-list-commands-associated-with-non-custom-desktop-keybindings%23new-answer’, ‘question_page’);
                                                          }
                                                          );

                                                          Post as a guest

                                                          active

                                                          oldest

                                                          votes

                                                          active

                                                          oldest

                                                          votes

                                                          active

                                                          oldest

                                                          votes

                                                          active

                                                          oldest

                                                          votes

                                                           
                                                          draft saved
                                                          draft discarded

                                                           

                                                          draft saved

                                                          draft discarded

                                                          StackExchange.ready(
                                                          function () {
                                                          StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418405%2fhow-do-i-list-commands-associated-with-non-custom-desktop-keybindings%23new-answer’, ‘question_page’);
                                                          }
                                                          );

                                                          Post as a guest

                                                          Is there a good reason to use both iptables and tcp_wrappers?

                                                          The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

                                                          up vote
                                                          0
                                                          down vote

                                                          favorite

                                                          I’ve taken over administering some machines with no context about their configuration.

                                                          Some are using iptables. Some are using tcp_wrappers (ie. /etc/hosts.allow). Some are using both. They’re all inconsistently configured.

                                                          In many cases iptables and tcp_wrappers appear to have redundant rules. In one case they’re conflicting. This is a maintenance nightmare and I’m inclined to switch to using just one system.

                                                          Before I do so I thought I’d ask, are there situations where it is appropriate to use both on the same machine?

                                                          share|improve this question

                                                          • If you plan out your rules first and know what you need to cover instead of growing them organically, you should be able to answer this question yourself.
                                                            – Tigger
                                                            Jan 21 at 3:14

                                                          • @Tigger Nothing about this system seems to have been planned. This isn’t about planning out a system, it’s for forensics. I’m curious if there’s a possibility I’ve missed before I begin making changes.
                                                            – Schwern
                                                            Jan 21 at 3:25

                                                          up vote
                                                          0
                                                          down vote

                                                          favorite

                                                          I’ve taken over administering some machines with no context about their configuration.

                                                          Some are using iptables. Some are using tcp_wrappers (ie. /etc/hosts.allow). Some are using both. They’re all inconsistently configured.

                                                          In many cases iptables and tcp_wrappers appear to have redundant rules. In one case they’re conflicting. This is a maintenance nightmare and I’m inclined to switch to using just one system.

                                                          Before I do so I thought I’d ask, are there situations where it is appropriate to use both on the same machine?

                                                          share|improve this question

                                                          • If you plan out your rules first and know what you need to cover instead of growing them organically, you should be able to answer this question yourself.
                                                            – Tigger
                                                            Jan 21 at 3:14

                                                          • @Tigger Nothing about this system seems to have been planned. This isn’t about planning out a system, it’s for forensics. I’m curious if there’s a possibility I’ve missed before I begin making changes.
                                                            – Schwern
                                                            Jan 21 at 3:25

                                                          up vote
                                                          0
                                                          down vote

                                                          favorite

                                                          up vote
                                                          0
                                                          down vote

                                                          favorite

                                                          I’ve taken over administering some machines with no context about their configuration.

                                                          Some are using iptables. Some are using tcp_wrappers (ie. /etc/hosts.allow). Some are using both. They’re all inconsistently configured.

                                                          In many cases iptables and tcp_wrappers appear to have redundant rules. In one case they’re conflicting. This is a maintenance nightmare and I’m inclined to switch to using just one system.

                                                          Before I do so I thought I’d ask, are there situations where it is appropriate to use both on the same machine?

                                                          share|improve this question

                                                          I’ve taken over administering some machines with no context about their configuration.

                                                          Some are using iptables. Some are using tcp_wrappers (ie. /etc/hosts.allow). Some are using both. They’re all inconsistently configured.

                                                          In many cases iptables and tcp_wrappers appear to have redundant rules. In one case they’re conflicting. This is a maintenance nightmare and I’m inclined to switch to using just one system.

                                                          Before I do so I thought I’d ask, are there situations where it is appropriate to use both on the same machine?

                                                          share|improve this question

                                                          share|improve this question

                                                          share|improve this question

                                                          edited Feb 11 at 13:13

                                                          Rui F Ribeiro

                                                          35.2k1270113

                                                          35.2k1270113

                                                          asked Jan 21 at 1:58

                                                          Schwern

                                                          1012

                                                          1012

                                                          • If you plan out your rules first and know what you need to cover instead of growing them organically, you should be able to answer this question yourself.
                                                            – Tigger
                                                            Jan 21 at 3:14

                                                          • @Tigger Nothing about this system seems to have been planned. This isn’t about planning out a system, it’s for forensics. I’m curious if there’s a possibility I’ve missed before I begin making changes.
                                                            – Schwern
                                                            Jan 21 at 3:25

                                                          • If you plan out your rules first and know what you need to cover instead of growing them organically, you should be able to answer this question yourself.
                                                            – Tigger
                                                            Jan 21 at 3:14

                                                          • @Tigger Nothing about this system seems to have been planned. This isn’t about planning out a system, it’s for forensics. I’m curious if there’s a possibility I’ve missed before I begin making changes.
                                                            – Schwern
                                                            Jan 21 at 3:25

                                                          If you plan out your rules first and know what you need to cover instead of growing them organically, you should be able to answer this question yourself.
                                                          – Tigger
                                                          Jan 21 at 3:14

                                                          If you plan out your rules first and know what you need to cover instead of growing them organically, you should be able to answer this question yourself.
                                                          – Tigger
                                                          Jan 21 at 3:14

                                                          @Tigger Nothing about this system seems to have been planned. This isn’t about planning out a system, it’s for forensics. I’m curious if there’s a possibility I’ve missed before I begin making changes.
                                                          – Schwern
                                                          Jan 21 at 3:25

                                                          @Tigger Nothing about this system seems to have been planned. This isn’t about planning out a system, it’s for forensics. I’m curious if there’s a possibility I’ve missed before I begin making changes.
                                                          – Schwern
                                                          Jan 21 at 3:25

                                                          2 Answers
                                                          2

                                                          active

                                                          oldest

                                                          votes

                                                          up vote
                                                          2
                                                          down vote

                                                          tcp_wrappers used to be all the rage in the 90s for anyone who was serious about security, and when dealing with security mostly solutions at layer of 7 OSI were strongly encouraged; the world moved on, and nowadays we have much more solutions at different layers and different technologies.

                                                          When designing solutions, there are not entirely wrong or right approaches.

                                                          Depending on the software or use case, often when you deal it at the application level you might simplify other configurations.

                                                          Also nowadays you might define all the firewalling rules at corporate firewalls, or virtualisation side and you might not wish to have iptables rules in all your servers.

                                                          It should be noted that also the binaries/programs in question might be compiled without libwrap e.g. without support for tcp_wrappersand usually you would better double check this first.

                                                          So as said before you have to factor several angles for deciding what is the best approach for you.

                                                          share|improve this answer

                                                            up vote
                                                            1
                                                            down vote

                                                            The hosts_access(5) man page gives some possibilities regarding why you might want to use a allow/deny entry instead of iptables:

                                                            1. User matches (if the client supports it): I don’t know of any existing hosts that implement RFC 931 or friends anymore, as it seems like an enormous security hole!
                                                            2. Booby traps/Program calls: If you are implementing something more complex than logging on a rule.
                                                            3. Per-program rules: If you are doing filtering based on the process path instead of network port. This is possibly helpful if you need this functionality and you don’t have the owner module available in iptables.
                                                            4. Keepalive/linger options (from hosts_options(5)): If the program doesn’t do this and your init system doesn’t either(?)

                                                            I have never had to use hosts.allow or hosts.deny because iptables rules do everything I need, but it’s possible that you may need some of the functionality of (2) and maybe (4) for edge case scenerios. If those files don’t do anything crazy, I would imagine that you could replace them with equivalent iptables rules: it certainly should simplify administration!

                                                            share|improve this answer

                                                            • 1

                                                              The biggest reason to provide an ident server is that you’re connecting to IRC… It’s completely useless of course if you don’t trust the client system to identify its users properly.
                                                              – ilkkachu
                                                              Jan 21 at 10:19

                                                            Your Answer

                                                            StackExchange.ready(function() {
                                                            var channelOptions = {
                                                            tags: “”.split(” “),
                                                            id: “106”
                                                            };
                                                            initTagRenderer(“”.split(” “), “”.split(” “), channelOptions);

                                                            StackExchange.using(“externalEditor”, function() {
                                                            // Have to fire editor after snippets, if snippets enabled
                                                            if (StackExchange.settings.snippets.snippetsEnabled) {
                                                            StackExchange.using(“snippets”, function() {
                                                            createEditor();
                                                            });
                                                            }
                                                            else {
                                                            createEditor();
                                                            }
                                                            });

                                                            function createEditor() {
                                                            StackExchange.prepareEditor({
                                                            heartbeatType: ‘answer’,
                                                            convertImagesToLinks: false,
                                                            noModals: false,
                                                            showLowRepImageUploadWarning: true,
                                                            reputationToPostImages: null,
                                                            bindNavPrevention: true,
                                                            postfix: “”,
                                                            onDemand: true,
                                                            discardSelector: “.discard-answer”
                                                            ,immediatelyShowMarkdownHelp:true
                                                            });

                                                            }
                                                            });

                                                             
                                                            draft saved
                                                            draft discarded

                                                            StackExchange.ready(
                                                            function () {
                                                            StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418574%2fis-there-a-good-reason-to-use-both-iptables-and-tcp-wrappers%23new-answer’, ‘question_page’);
                                                            }
                                                            );

                                                            Post as a guest

                                                            2 Answers
                                                            2

                                                            active

                                                            oldest

                                                            votes

                                                            2 Answers
                                                            2

                                                            active

                                                            oldest

                                                            votes

                                                            active

                                                            oldest

                                                            votes

                                                            active

                                                            oldest

                                                            votes

                                                            up vote
                                                            2
                                                            down vote

                                                            tcp_wrappers used to be all the rage in the 90s for anyone who was serious about security, and when dealing with security mostly solutions at layer of 7 OSI were strongly encouraged; the world moved on, and nowadays we have much more solutions at different layers and different technologies.

                                                            When designing solutions, there are not entirely wrong or right approaches.

                                                            Depending on the software or use case, often when you deal it at the application level you might simplify other configurations.

                                                            Also nowadays you might define all the firewalling rules at corporate firewalls, or virtualisation side and you might not wish to have iptables rules in all your servers.

                                                            It should be noted that also the binaries/programs in question might be compiled without libwrap e.g. without support for tcp_wrappersand usually you would better double check this first.

                                                            So as said before you have to factor several angles for deciding what is the best approach for you.

                                                            share|improve this answer

                                                              up vote
                                                              2
                                                              down vote

                                                              tcp_wrappers used to be all the rage in the 90s for anyone who was serious about security, and when dealing with security mostly solutions at layer of 7 OSI were strongly encouraged; the world moved on, and nowadays we have much more solutions at different layers and different technologies.

                                                              When designing solutions, there are not entirely wrong or right approaches.

                                                              Depending on the software or use case, often when you deal it at the application level you might simplify other configurations.

                                                              Also nowadays you might define all the firewalling rules at corporate firewalls, or virtualisation side and you might not wish to have iptables rules in all your servers.

                                                              It should be noted that also the binaries/programs in question might be compiled without libwrap e.g. without support for tcp_wrappersand usually you would better double check this first.

                                                              So as said before you have to factor several angles for deciding what is the best approach for you.

                                                              share|improve this answer

                                                                up vote
                                                                2
                                                                down vote

                                                                up vote
                                                                2
                                                                down vote

                                                                tcp_wrappers used to be all the rage in the 90s for anyone who was serious about security, and when dealing with security mostly solutions at layer of 7 OSI were strongly encouraged; the world moved on, and nowadays we have much more solutions at different layers and different technologies.

                                                                When designing solutions, there are not entirely wrong or right approaches.

                                                                Depending on the software or use case, often when you deal it at the application level you might simplify other configurations.

                                                                Also nowadays you might define all the firewalling rules at corporate firewalls, or virtualisation side and you might not wish to have iptables rules in all your servers.

                                                                It should be noted that also the binaries/programs in question might be compiled without libwrap e.g. without support for tcp_wrappersand usually you would better double check this first.

                                                                So as said before you have to factor several angles for deciding what is the best approach for you.

                                                                share|improve this answer

                                                                tcp_wrappers used to be all the rage in the 90s for anyone who was serious about security, and when dealing with security mostly solutions at layer of 7 OSI were strongly encouraged; the world moved on, and nowadays we have much more solutions at different layers and different technologies.

                                                                When designing solutions, there are not entirely wrong or right approaches.

                                                                Depending on the software or use case, often when you deal it at the application level you might simplify other configurations.

                                                                Also nowadays you might define all the firewalling rules at corporate firewalls, or virtualisation side and you might not wish to have iptables rules in all your servers.

                                                                It should be noted that also the binaries/programs in question might be compiled without libwrap e.g. without support for tcp_wrappersand usually you would better double check this first.

                                                                So as said before you have to factor several angles for deciding what is the best approach for you.

                                                                share|improve this answer

                                                                share|improve this answer

                                                                share|improve this answer

                                                                edited Jan 21 at 13:01

                                                                answered Jan 21 at 9:38

                                                                Rui F Ribeiro

                                                                35.2k1270113

                                                                35.2k1270113

                                                                    up vote
                                                                    1
                                                                    down vote

                                                                    The hosts_access(5) man page gives some possibilities regarding why you might want to use a allow/deny entry instead of iptables:

                                                                    1. User matches (if the client supports it): I don’t know of any existing hosts that implement RFC 931 or friends anymore, as it seems like an enormous security hole!
                                                                    2. Booby traps/Program calls: If you are implementing something more complex than logging on a rule.
                                                                    3. Per-program rules: If you are doing filtering based on the process path instead of network port. This is possibly helpful if you need this functionality and you don’t have the owner module available in iptables.
                                                                    4. Keepalive/linger options (from hosts_options(5)): If the program doesn’t do this and your init system doesn’t either(?)

                                                                    I have never had to use hosts.allow or hosts.deny because iptables rules do everything I need, but it’s possible that you may need some of the functionality of (2) and maybe (4) for edge case scenerios. If those files don’t do anything crazy, I would imagine that you could replace them with equivalent iptables rules: it certainly should simplify administration!

                                                                    share|improve this answer

                                                                    • 1

                                                                      The biggest reason to provide an ident server is that you’re connecting to IRC… It’s completely useless of course if you don’t trust the client system to identify its users properly.
                                                                      – ilkkachu
                                                                      Jan 21 at 10:19

                                                                    up vote
                                                                    1
                                                                    down vote

                                                                    The hosts_access(5) man page gives some possibilities regarding why you might want to use a allow/deny entry instead of iptables:

                                                                    1. User matches (if the client supports it): I don’t know of any existing hosts that implement RFC 931 or friends anymore, as it seems like an enormous security hole!
                                                                    2. Booby traps/Program calls: If you are implementing something more complex than logging on a rule.
                                                                    3. Per-program rules: If you are doing filtering based on the process path instead of network port. This is possibly helpful if you need this functionality and you don’t have the owner module available in iptables.
                                                                    4. Keepalive/linger options (from hosts_options(5)): If the program doesn’t do this and your init system doesn’t either(?)

                                                                    I have never had to use hosts.allow or hosts.deny because iptables rules do everything I need, but it’s possible that you may need some of the functionality of (2) and maybe (4) for edge case scenerios. If those files don’t do anything crazy, I would imagine that you could replace them with equivalent iptables rules: it certainly should simplify administration!

                                                                    share|improve this answer

                                                                    • 1

                                                                      The biggest reason to provide an ident server is that you’re connecting to IRC… It’s completely useless of course if you don’t trust the client system to identify its users properly.
                                                                      – ilkkachu
                                                                      Jan 21 at 10:19

                                                                    up vote
                                                                    1
                                                                    down vote

                                                                    up vote
                                                                    1
                                                                    down vote

                                                                    The hosts_access(5) man page gives some possibilities regarding why you might want to use a allow/deny entry instead of iptables:

                                                                    1. User matches (if the client supports it): I don’t know of any existing hosts that implement RFC 931 or friends anymore, as it seems like an enormous security hole!
                                                                    2. Booby traps/Program calls: If you are implementing something more complex than logging on a rule.
                                                                    3. Per-program rules: If you are doing filtering based on the process path instead of network port. This is possibly helpful if you need this functionality and you don’t have the owner module available in iptables.
                                                                    4. Keepalive/linger options (from hosts_options(5)): If the program doesn’t do this and your init system doesn’t either(?)

                                                                    I have never had to use hosts.allow or hosts.deny because iptables rules do everything I need, but it’s possible that you may need some of the functionality of (2) and maybe (4) for edge case scenerios. If those files don’t do anything crazy, I would imagine that you could replace them with equivalent iptables rules: it certainly should simplify administration!

                                                                    share|improve this answer

                                                                    The hosts_access(5) man page gives some possibilities regarding why you might want to use a allow/deny entry instead of iptables:

                                                                    1. User matches (if the client supports it): I don’t know of any existing hosts that implement RFC 931 or friends anymore, as it seems like an enormous security hole!
                                                                    2. Booby traps/Program calls: If you are implementing something more complex than logging on a rule.
                                                                    3. Per-program rules: If you are doing filtering based on the process path instead of network port. This is possibly helpful if you need this functionality and you don’t have the owner module available in iptables.
                                                                    4. Keepalive/linger options (from hosts_options(5)): If the program doesn’t do this and your init system doesn’t either(?)

                                                                    I have never had to use hosts.allow or hosts.deny because iptables rules do everything I need, but it’s possible that you may need some of the functionality of (2) and maybe (4) for edge case scenerios. If those files don’t do anything crazy, I would imagine that you could replace them with equivalent iptables rules: it certainly should simplify administration!

                                                                    share|improve this answer

                                                                    share|improve this answer

                                                                    share|improve this answer

                                                                    answered Jan 21 at 8:29

                                                                    ErikF

                                                                    2,7111413

                                                                    2,7111413

                                                                    • 1

                                                                      The biggest reason to provide an ident server is that you’re connecting to IRC… It’s completely useless of course if you don’t trust the client system to identify its users properly.
                                                                      – ilkkachu
                                                                      Jan 21 at 10:19

                                                                    • 1

                                                                      The biggest reason to provide an ident server is that you’re connecting to IRC… It’s completely useless of course if you don’t trust the client system to identify its users properly.
                                                                      – ilkkachu
                                                                      Jan 21 at 10:19

                                                                    1

                                                                    1

                                                                    The biggest reason to provide an ident server is that you’re connecting to IRC… It’s completely useless of course if you don’t trust the client system to identify its users properly.
                                                                    – ilkkachu
                                                                    Jan 21 at 10:19

                                                                    The biggest reason to provide an ident server is that you’re connecting to IRC… It’s completely useless of course if you don’t trust the client system to identify its users properly.
                                                                    – ilkkachu
                                                                    Jan 21 at 10:19

                                                                     
                                                                    draft saved
                                                                    draft discarded

                                                                     

                                                                    draft saved

                                                                    draft discarded

                                                                    StackExchange.ready(
                                                                    function () {
                                                                    StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418574%2fis-there-a-good-reason-to-use-both-iptables-and-tcp-wrappers%23new-answer’, ‘question_page’);
                                                                    }
                                                                    );

                                                                    Post as a guest

                                                                    Cannot start vncserver: bind: Cannot assign requested address (99)

                                                                    The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

                                                                    up vote
                                                                    0
                                                                    down vote

                                                                    favorite

                                                                    I use vnc over ssh with my Raspberry Pi. It has worked fine for a while, but after following these instructions to set up openvpn on my Raspberry Pi running Raspbian OS. I found that I can no longer access the VNC server on the Raspberry Pi.

                                                                    Forwarding x11 over ssh is working, but apparently, the vnc server cannot get access to its port, and so does not even start.

                                                                    $ sudo systemctl status vncserver-x11-serviced -l
                                                                    
                                                                    ● vncserver-x11-serviced.service - VNC Server in Service Mode daemon
                                                                       Loaded: loaded (/usr/lib/systemd/system/vncserver-x11-serviced.service; enabled)
                                                                       Active: active (running) since Sun 2018-01-21 14:25:11 GMT; 1s ago
                                                                    Main PID: 8896 (vncserver-x11-s)
                                                                       CGroup: /system.slice/vncserver-x11-serviced.service
                                                                           ├─8896 /usr/bin/vncserver-x11-serviced -fg
                                                                           ├─8898 /usr/bin/vncserver-x11-core -service
                                                                           └─8913 /usr/bin/vncagent service 14
                                                                    
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: ConsoleDisplay: Found running X server (pid=1001)
                                                                    

                                                                    There doesn’t appear to be anything running on that port. This is the output of lsof:

                                                                    $ sudo lsof -i tcp
                                                                    
                                                                    COMMAND    PID       USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
                                                                    cupsd      752       root   10u  IPv4  13511      0t0  TCP localhost:ipp (LISTEN)
                                                                    cups-brow  756       root    5u  IPv4 313573      0t0  TCP localhost:48450->localhost:ipp (CLOSE_WAIT)
                                                                    dnsmasq    914    dnsmasq    5u  IPv4  11726      0t0  TCP *:domain (LISTEN)
                                                                    dnsmasq    914    dnsmasq    7u  IPv6  11728      0t0  TCP *:domain (LISTEN)
                                                                    sshd       976       root    3u  IPv4  11842      0t0  TCP *:2718 (LISTEN)
                                                                    tor        998 debian-tor    4u  IPv4  12125      0t0  TCP 192.168.254.159:49042->ks3352401.kimsufi.com:8090 (ESTABLISHED)
                                                                    tor        998 debian-tor    7u  IPv4  14489      0t0  TCP localhost:9050 (LISTEN)
                                                                    tor        998 debian-tor   11u  IPv4  15915      0t0  TCP 172.94.70.220:47186->166.70.170.234:https (ESTABLISHED)
                                                                    sshd      5550       root    3u  IPv4 315897      0t0  TCP 192.168.254.159:2718->192.168.254.47:64500 (ESTABLISHED)
                                                                    sshd      6322      morey    3u  IPv4 315897      0t0  TCP 192.168.254.159:2718->192.168.254.47:64500 (ESTABLISHED)
                                                                    sshd      6322      morey   10u  IPv4 319584      0t0  TCP localhost:6010 (LISTEN)
                                                                    

                                                                    Here’s some other information that might be helpful:

                                                                    $ uname -a
                                                                    Linux raspberrypi 4.9.35-v7+ #1014 SMP Fri Jun 30 14:47:43 BST 2017 armv7l GNU/Linux
                                                                    
                                                                    $ vncserver --help
                                                                    VNC(R) Server 6.1.1 (r28093) ARMv6 (May 19 2017 12:59:35)
                                                                    

                                                                    It seems likely this has to do with either the changes to iptables or the disabling of ip6 in /etc/sysctl.conf, but I don’t know how to troubleshoot it. Any ideas would be appreciated.

                                                                    share|improve this question

                                                                      up vote
                                                                      0
                                                                      down vote

                                                                      favorite

                                                                      I use vnc over ssh with my Raspberry Pi. It has worked fine for a while, but after following these instructions to set up openvpn on my Raspberry Pi running Raspbian OS. I found that I can no longer access the VNC server on the Raspberry Pi.

                                                                      Forwarding x11 over ssh is working, but apparently, the vnc server cannot get access to its port, and so does not even start.

                                                                      $ sudo systemctl status vncserver-x11-serviced -l
                                                                      
                                                                      ● vncserver-x11-serviced.service - VNC Server in Service Mode daemon
                                                                         Loaded: loaded (/usr/lib/systemd/system/vncserver-x11-serviced.service; enabled)
                                                                         Active: active (running) since Sun 2018-01-21 14:25:11 GMT; 1s ago
                                                                      Main PID: 8896 (vncserver-x11-s)
                                                                         CGroup: /system.slice/vncserver-x11-serviced.service
                                                                             ├─8896 /usr/bin/vncserver-x11-serviced -fg
                                                                             ├─8898 /usr/bin/vncserver-x11-core -service
                                                                             └─8913 /usr/bin/vncagent service 14
                                                                      
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                      Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: ConsoleDisplay: Found running X server (pid=1001)
                                                                      

                                                                      There doesn’t appear to be anything running on that port. This is the output of lsof:

                                                                      $ sudo lsof -i tcp
                                                                      
                                                                      COMMAND    PID       USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
                                                                      cupsd      752       root   10u  IPv4  13511      0t0  TCP localhost:ipp (LISTEN)
                                                                      cups-brow  756       root    5u  IPv4 313573      0t0  TCP localhost:48450->localhost:ipp (CLOSE_WAIT)
                                                                      dnsmasq    914    dnsmasq    5u  IPv4  11726      0t0  TCP *:domain (LISTEN)
                                                                      dnsmasq    914    dnsmasq    7u  IPv6  11728      0t0  TCP *:domain (LISTEN)
                                                                      sshd       976       root    3u  IPv4  11842      0t0  TCP *:2718 (LISTEN)
                                                                      tor        998 debian-tor    4u  IPv4  12125      0t0  TCP 192.168.254.159:49042->ks3352401.kimsufi.com:8090 (ESTABLISHED)
                                                                      tor        998 debian-tor    7u  IPv4  14489      0t0  TCP localhost:9050 (LISTEN)
                                                                      tor        998 debian-tor   11u  IPv4  15915      0t0  TCP 172.94.70.220:47186->166.70.170.234:https (ESTABLISHED)
                                                                      sshd      5550       root    3u  IPv4 315897      0t0  TCP 192.168.254.159:2718->192.168.254.47:64500 (ESTABLISHED)
                                                                      sshd      6322      morey    3u  IPv4 315897      0t0  TCP 192.168.254.159:2718->192.168.254.47:64500 (ESTABLISHED)
                                                                      sshd      6322      morey   10u  IPv4 319584      0t0  TCP localhost:6010 (LISTEN)
                                                                      

                                                                      Here’s some other information that might be helpful:

                                                                      $ uname -a
                                                                      Linux raspberrypi 4.9.35-v7+ #1014 SMP Fri Jun 30 14:47:43 BST 2017 armv7l GNU/Linux
                                                                      
                                                                      $ vncserver --help
                                                                      VNC(R) Server 6.1.1 (r28093) ARMv6 (May 19 2017 12:59:35)
                                                                      

                                                                      It seems likely this has to do with either the changes to iptables or the disabling of ip6 in /etc/sysctl.conf, but I don’t know how to troubleshoot it. Any ideas would be appreciated.

                                                                      share|improve this question

                                                                        up vote
                                                                        0
                                                                        down vote

                                                                        favorite

                                                                        up vote
                                                                        0
                                                                        down vote

                                                                        favorite

                                                                        I use vnc over ssh with my Raspberry Pi. It has worked fine for a while, but after following these instructions to set up openvpn on my Raspberry Pi running Raspbian OS. I found that I can no longer access the VNC server on the Raspberry Pi.

                                                                        Forwarding x11 over ssh is working, but apparently, the vnc server cannot get access to its port, and so does not even start.

                                                                        $ sudo systemctl status vncserver-x11-serviced -l
                                                                        
                                                                        ● vncserver-x11-serviced.service - VNC Server in Service Mode daemon
                                                                           Loaded: loaded (/usr/lib/systemd/system/vncserver-x11-serviced.service; enabled)
                                                                           Active: active (running) since Sun 2018-01-21 14:25:11 GMT; 1s ago
                                                                        Main PID: 8896 (vncserver-x11-s)
                                                                           CGroup: /system.slice/vncserver-x11-serviced.service
                                                                               ├─8896 /usr/bin/vncserver-x11-serviced -fg
                                                                               ├─8898 /usr/bin/vncserver-x11-core -service
                                                                               └─8913 /usr/bin/vncagent service 14
                                                                        
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: ConsoleDisplay: Found running X server (pid=1001)
                                                                        

                                                                        There doesn’t appear to be anything running on that port. This is the output of lsof:

                                                                        $ sudo lsof -i tcp
                                                                        
                                                                        COMMAND    PID       USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
                                                                        cupsd      752       root   10u  IPv4  13511      0t0  TCP localhost:ipp (LISTEN)
                                                                        cups-brow  756       root    5u  IPv4 313573      0t0  TCP localhost:48450->localhost:ipp (CLOSE_WAIT)
                                                                        dnsmasq    914    dnsmasq    5u  IPv4  11726      0t0  TCP *:domain (LISTEN)
                                                                        dnsmasq    914    dnsmasq    7u  IPv6  11728      0t0  TCP *:domain (LISTEN)
                                                                        sshd       976       root    3u  IPv4  11842      0t0  TCP *:2718 (LISTEN)
                                                                        tor        998 debian-tor    4u  IPv4  12125      0t0  TCP 192.168.254.159:49042->ks3352401.kimsufi.com:8090 (ESTABLISHED)
                                                                        tor        998 debian-tor    7u  IPv4  14489      0t0  TCP localhost:9050 (LISTEN)
                                                                        tor        998 debian-tor   11u  IPv4  15915      0t0  TCP 172.94.70.220:47186->166.70.170.234:https (ESTABLISHED)
                                                                        sshd      5550       root    3u  IPv4 315897      0t0  TCP 192.168.254.159:2718->192.168.254.47:64500 (ESTABLISHED)
                                                                        sshd      6322      morey    3u  IPv4 315897      0t0  TCP 192.168.254.159:2718->192.168.254.47:64500 (ESTABLISHED)
                                                                        sshd      6322      morey   10u  IPv4 319584      0t0  TCP localhost:6010 (LISTEN)
                                                                        

                                                                        Here’s some other information that might be helpful:

                                                                        $ uname -a
                                                                        Linux raspberrypi 4.9.35-v7+ #1014 SMP Fri Jun 30 14:47:43 BST 2017 armv7l GNU/Linux
                                                                        
                                                                        $ vncserver --help
                                                                        VNC(R) Server 6.1.1 (r28093) ARMv6 (May 19 2017 12:59:35)
                                                                        

                                                                        It seems likely this has to do with either the changes to iptables or the disabling of ip6 in /etc/sysctl.conf, but I don’t know how to troubleshoot it. Any ideas would be appreciated.

                                                                        share|improve this question

                                                                        I use vnc over ssh with my Raspberry Pi. It has worked fine for a while, but after following these instructions to set up openvpn on my Raspberry Pi running Raspbian OS. I found that I can no longer access the VNC server on the Raspberry Pi.

                                                                        Forwarding x11 over ssh is working, but apparently, the vnc server cannot get access to its port, and so does not even start.

                                                                        $ sudo systemctl status vncserver-x11-serviced -l
                                                                        
                                                                        ● vncserver-x11-serviced.service - VNC Server in Service Mode daemon
                                                                           Loaded: loaded (/usr/lib/systemd/system/vncserver-x11-serviced.service; enabled)
                                                                           Active: active (running) since Sun 2018-01-21 14:25:11 GMT; 1s ago
                                                                        Main PID: 8896 (vncserver-x11-s)
                                                                           CGroup: /system.slice/vncserver-x11-serviced.service
                                                                               ├─8896 /usr/bin/vncserver-x11-serviced -fg
                                                                               ├─8898 /usr/bin/vncserver-x11-core -service
                                                                               └─8913 /usr/bin/vncagent service 14
                                                                        
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: ConsoleDisplay: Found running X server (pid=1001)
                                                                        

                                                                        There doesn’t appear to be anything running on that port. This is the output of lsof:

                                                                        $ sudo lsof -i tcp
                                                                        
                                                                        COMMAND    PID       USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
                                                                        cupsd      752       root   10u  IPv4  13511      0t0  TCP localhost:ipp (LISTEN)
                                                                        cups-brow  756       root    5u  IPv4 313573      0t0  TCP localhost:48450->localhost:ipp (CLOSE_WAIT)
                                                                        dnsmasq    914    dnsmasq    5u  IPv4  11726      0t0  TCP *:domain (LISTEN)
                                                                        dnsmasq    914    dnsmasq    7u  IPv6  11728      0t0  TCP *:domain (LISTEN)
                                                                        sshd       976       root    3u  IPv4  11842      0t0  TCP *:2718 (LISTEN)
                                                                        tor        998 debian-tor    4u  IPv4  12125      0t0  TCP 192.168.254.159:49042->ks3352401.kimsufi.com:8090 (ESTABLISHED)
                                                                        tor        998 debian-tor    7u  IPv4  14489      0t0  TCP localhost:9050 (LISTEN)
                                                                        tor        998 debian-tor   11u  IPv4  15915      0t0  TCP 172.94.70.220:47186->166.70.170.234:https (ESTABLISHED)
                                                                        sshd      5550       root    3u  IPv4 315897      0t0  TCP 192.168.254.159:2718->192.168.254.47:64500 (ESTABLISHED)
                                                                        sshd      6322      morey    3u  IPv4 315897      0t0  TCP 192.168.254.159:2718->192.168.254.47:64500 (ESTABLISHED)
                                                                        sshd      6322      morey   10u  IPv4 319584      0t0  TCP localhost:6010 (LISTEN)
                                                                        

                                                                        Here’s some other information that might be helpful:

                                                                        $ uname -a
                                                                        Linux raspberrypi 4.9.35-v7+ #1014 SMP Fri Jun 30 14:47:43 BST 2017 armv7l GNU/Linux
                                                                        
                                                                        $ vncserver --help
                                                                        VNC(R) Server 6.1.1 (r28093) ARMv6 (May 19 2017 12:59:35)
                                                                        

                                                                        It seems likely this has to do with either the changes to iptables or the disabling of ip6 in /etc/sysctl.conf, but I don’t know how to troubleshoot it. Any ideas would be appreciated.

                                                                        share|improve this question

                                                                        share|improve this question

                                                                        share|improve this question

                                                                        edited Jan 21 at 15:38

                                                                        asked Jan 21 at 15:01

                                                                        richarddmorey

                                                                        1012

                                                                        1012

                                                                            2 Answers
                                                                            2

                                                                            active

                                                                            oldest

                                                                            votes

                                                                            up vote
                                                                            1
                                                                            down vote

                                                                            Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                            Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                            

                                                                            ::1 is the IPv6 equivalent of 127.0.0.1. Thus, if you have disabled IPv6, then yes, listening to ::1 becomes impossible.

                                                                            You have two options:

                                                                            • First, and recommended as far as I’m concerned, is to re-enable IPv6. There is no real reason to disable IPv6 in the modern world anymore (in fact, in a few years you may be unable to reach the Internet without IPv6), and it will probably cause more issues than just this one
                                                                            • Configure vncserver-x11 so that it no longer tries to listen to ::1, or any other IPv6 address (:: would be the most likely other candidate for that).

                                                                            The vncserver-x11-serviced thing appears to be specific to RealVNC, and I can’t find any documentation that explains how to configure the listening addresses for it, so you might have to figure the last bit out yourself.

                                                                            share|improve this answer

                                                                              up vote
                                                                              0
                                                                              down vote

                                                                              Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                              Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                              

                                                                              The listening address is invalid. The port should be separated from the address with a single :, not the double :: used as abbreviations in IPv6 addresses.

                                                                              Wherever you have configured [::1]::5900, change to [::1]:5900

                                                                              share|improve this answer

                                                                                Your Answer

                                                                                StackExchange.ready(function() {
                                                                                var channelOptions = {
                                                                                tags: “”.split(” “),
                                                                                id: “106”
                                                                                };
                                                                                initTagRenderer(“”.split(” “), “”.split(” “), channelOptions);

                                                                                StackExchange.using(“externalEditor”, function() {
                                                                                // Have to fire editor after snippets, if snippets enabled
                                                                                if (StackExchange.settings.snippets.snippetsEnabled) {
                                                                                StackExchange.using(“snippets”, function() {
                                                                                createEditor();
                                                                                });
                                                                                }
                                                                                else {
                                                                                createEditor();
                                                                                }
                                                                                });

                                                                                function createEditor() {
                                                                                StackExchange.prepareEditor({
                                                                                heartbeatType: ‘answer’,
                                                                                convertImagesToLinks: false,
                                                                                noModals: false,
                                                                                showLowRepImageUploadWarning: true,
                                                                                reputationToPostImages: null,
                                                                                bindNavPrevention: true,
                                                                                postfix: “”,
                                                                                onDemand: true,
                                                                                discardSelector: “.discard-answer”
                                                                                ,immediatelyShowMarkdownHelp:true
                                                                                });

                                                                                }
                                                                                });

                                                                                 
                                                                                draft saved
                                                                                draft discarded

                                                                                StackExchange.ready(
                                                                                function () {
                                                                                StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418646%2fcannot-start-vncserver-bind-cannot-assign-requested-address-99%23new-answer’, ‘question_page’);
                                                                                }
                                                                                );

                                                                                Post as a guest

                                                                                2 Answers
                                                                                2

                                                                                active

                                                                                oldest

                                                                                votes

                                                                                2 Answers
                                                                                2

                                                                                active

                                                                                oldest

                                                                                votes

                                                                                active

                                                                                oldest

                                                                                votes

                                                                                active

                                                                                oldest

                                                                                votes

                                                                                up vote
                                                                                1
                                                                                down vote

                                                                                Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                                Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                                

                                                                                ::1 is the IPv6 equivalent of 127.0.0.1. Thus, if you have disabled IPv6, then yes, listening to ::1 becomes impossible.

                                                                                You have two options:

                                                                                • First, and recommended as far as I’m concerned, is to re-enable IPv6. There is no real reason to disable IPv6 in the modern world anymore (in fact, in a few years you may be unable to reach the Internet without IPv6), and it will probably cause more issues than just this one
                                                                                • Configure vncserver-x11 so that it no longer tries to listen to ::1, or any other IPv6 address (:: would be the most likely other candidate for that).

                                                                                The vncserver-x11-serviced thing appears to be specific to RealVNC, and I can’t find any documentation that explains how to configure the listening addresses for it, so you might have to figure the last bit out yourself.

                                                                                share|improve this answer

                                                                                  up vote
                                                                                  1
                                                                                  down vote

                                                                                  Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                                  Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                                  

                                                                                  ::1 is the IPv6 equivalent of 127.0.0.1. Thus, if you have disabled IPv6, then yes, listening to ::1 becomes impossible.

                                                                                  You have two options:

                                                                                  • First, and recommended as far as I’m concerned, is to re-enable IPv6. There is no real reason to disable IPv6 in the modern world anymore (in fact, in a few years you may be unable to reach the Internet without IPv6), and it will probably cause more issues than just this one
                                                                                  • Configure vncserver-x11 so that it no longer tries to listen to ::1, or any other IPv6 address (:: would be the most likely other candidate for that).

                                                                                  The vncserver-x11-serviced thing appears to be specific to RealVNC, and I can’t find any documentation that explains how to configure the listening addresses for it, so you might have to figure the last bit out yourself.

                                                                                  share|improve this answer

                                                                                    up vote
                                                                                    1
                                                                                    down vote

                                                                                    up vote
                                                                                    1
                                                                                    down vote

                                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                                    

                                                                                    ::1 is the IPv6 equivalent of 127.0.0.1. Thus, if you have disabled IPv6, then yes, listening to ::1 becomes impossible.

                                                                                    You have two options:

                                                                                    • First, and recommended as far as I’m concerned, is to re-enable IPv6. There is no real reason to disable IPv6 in the modern world anymore (in fact, in a few years you may be unable to reach the Internet without IPv6), and it will probably cause more issues than just this one
                                                                                    • Configure vncserver-x11 so that it no longer tries to listen to ::1, or any other IPv6 address (:: would be the most likely other candidate for that).

                                                                                    The vncserver-x11-serviced thing appears to be specific to RealVNC, and I can’t find any documentation that explains how to configure the listening addresses for it, so you might have to figure the last bit out yourself.

                                                                                    share|improve this answer

                                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                                    Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                                    

                                                                                    ::1 is the IPv6 equivalent of 127.0.0.1. Thus, if you have disabled IPv6, then yes, listening to ::1 becomes impossible.

                                                                                    You have two options:

                                                                                    • First, and recommended as far as I’m concerned, is to re-enable IPv6. There is no real reason to disable IPv6 in the modern world anymore (in fact, in a few years you may be unable to reach the Internet without IPv6), and it will probably cause more issues than just this one
                                                                                    • Configure vncserver-x11 so that it no longer tries to listen to ::1, or any other IPv6 address (:: would be the most likely other candidate for that).

                                                                                    The vncserver-x11-serviced thing appears to be specific to RealVNC, and I can’t find any documentation that explains how to configure the listening addresses for it, so you might have to figure the last bit out yourself.

                                                                                    share|improve this answer

                                                                                    share|improve this answer

                                                                                    share|improve this answer

                                                                                    answered Jan 22 at 14:47

                                                                                    Wouter Verhelst

                                                                                    7,156831

                                                                                    7,156831

                                                                                        up vote
                                                                                        0
                                                                                        down vote

                                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                                        Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                                        

                                                                                        The listening address is invalid. The port should be separated from the address with a single :, not the double :: used as abbreviations in IPv6 addresses.

                                                                                        Wherever you have configured [::1]::5900, change to [::1]:5900

                                                                                        share|improve this answer

                                                                                          up vote
                                                                                          0
                                                                                          down vote

                                                                                          Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                                          Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                                          

                                                                                          The listening address is invalid. The port should be separated from the address with a single :, not the double :: used as abbreviations in IPv6 addresses.

                                                                                          Wherever you have configured [::1]::5900, change to [::1]:5900

                                                                                          share|improve this answer

                                                                                            up vote
                                                                                            0
                                                                                            down vote

                                                                                            up vote
                                                                                            0
                                                                                            down vote

                                                                                            Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                                            Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                                            

                                                                                            The listening address is invalid. The port should be separated from the address with a single :, not the double :: used as abbreviations in IPv6 addresses.

                                                                                            Wherever you have configured [::1]::5900, change to [::1]:5900

                                                                                            share|improve this answer

                                                                                            Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not accepting connections: failed to listen on at least one address.
                                                                                            Jan 21 14:25:11 raspberrypi vncserver-x11[8898]: TcpListenerManager: not listening on [::1]::5900: bind: Cannot assign requested address (99)
                                                                                            

                                                                                            The listening address is invalid. The port should be separated from the address with a single :, not the double :: used as abbreviations in IPv6 addresses.

                                                                                            Wherever you have configured [::1]::5900, change to [::1]:5900

                                                                                            share|improve this answer

                                                                                            share|improve this answer

                                                                                            share|improve this answer

                                                                                            answered Jan 22 at 14:59

                                                                                            user4556274

                                                                                            4,97811123

                                                                                            4,97811123

                                                                                                 
                                                                                                draft saved
                                                                                                draft discarded

                                                                                                 

                                                                                                draft saved

                                                                                                draft discarded

                                                                                                StackExchange.ready(
                                                                                                function () {
                                                                                                StackExchange.openid.initPostLogin(‘.new-post-login’, ‘https%3a%2f%2funix.stackexchange.com%2fquestions%2f418646%2fcannot-start-vncserver-bind-cannot-assign-requested-address-99%23new-answer’, ‘question_page’);
                                                                                                }
                                                                                                );

                                                                                                Post as a guest