freenode/#devuan/ Thursday, 2020-04-16

* cush hasnt used ceph yet00:01
topro_cush: you should consider ;)00:07
topro_whats the devuan workflow to suggest forking a debian package due to systemd-ish shortcomings?00:08
cushi should probably note here that suggesting people do the work isn't doing the work :)00:09
golinuxtopro: File a bug on the Debian package00:25
golinuxGet your dog and goldfish to file a bug also.00:26
golinuxIf that fails, perhaps report to the DPL.00:27
topro_golinux: is debian still supposed to deliver init scripts?00:56
topro_cush: of course you're right, but reporting issues is better than nothing IMHO00:58
cushmaybe the people would honor a request to keep it (with explanation)?01:05
topro_cush: cannot find any link between and upstream debian packaging? what am I missing?01:07
cushthat's the maintainer listed with apt-cache show ceph01:08
topro_cush: thats strange, shows "Ceph Packaging Team <>"01:16
* cush takes painful, crippled steps to get gst-omx running01:21
golinuxtopro: Hope you can work it out upstream.  Or talk to Jessie Smith.  Seems I remember he was going to automate inti replacement for systemd.01:34
tuxd3vhello all,03:53
tuxd3vI lost a very inportant folder.. deleted03:54
tuxd3vbut I still hold a process inside it running03:54
tuxd3vfor files I know that the storage will only release when file handlers=003:55
tuxd3vbut I don't know for folders?03:55
cushit would surprise me i there was03:56
tuxd3vis there any recovbery software for linux that works in ssd's?03:57
tuxd3vthe concept should be the same03:57
tuxd3vhas it doesn't really "delete" the data...03:58
tuxd3vI was not the one deleting the folder..03:58
rrqthere's "testdisk"04:00
tuxd3vI will run it04:00
tuxd3vdoes any one here uses popcorn-time?04:00
tuxd3vif so...stoping using it ASAP04:03
tuxd3vrrq, thanks04:04
tuxd3vI will try it, and see what I can recover..04:04
cushtuxd3v: what is popcorn-time and why should i not use it?04:06
specingstart using btrfs04:07
tuxd3vits an application to see moovies and such p2p04:07
specingno more problems with deleted stuff04:07
tuxd3vspecing, even whe something else delets your content?04:08
specingbtrfs subvol list /rv/ | sort -k 9 | grep home | wc -l   -> 680 hourly snapshots of /home04:08
specingtuxd3v: then there are still 679 "copies" left04:08
tuxd3vcush, the application is owned by strange actors.. you connect and it starts deleting your own stuff..04:09
tuxd3vnice hugh?!04:09
cushmost copyrighted content associated with active anti-copying measures is bad for your mental hygiene anyway ;)04:11
tuxd3vwell, usually I connect to see whats new, later I buy dvds, I have tones here at 1.5€ each..04:12
tuxd3vbut I doubt the legality of invading your own computer and delete your own stuff04:12
phillipsjkcush: I believe popcorntime was originally a pricary tool. May have been dev capture.04:15
cushyou might have trouble convincing a court that that data is yours04:17
DonkeyHoteiiirc popcorn-time was a tool to watch torrented videos as they download04:18
tuxd3vcush, I most probably convince a court that invasion and disruption od private data is crime, than they prove I have done something wrong..04:18
tuxd3vand by the way, you have always important things.. like a project I was working in the last 2 years, yes I have a copy but not the last developments..04:19
cushi kept data (not-programs) on fat32 for years because the undeletion was easier04:27
tuxd3vsylpheed seems to store the email password in plain text... nice..05:46
furrywolfanything that needs to store a password to be sent to something else needs to either store it in plain text (or obfuscated, which isn't really any better), or prompt you for a master password every time.05:49
furrywolfany encryption that does not involve prompting you for a master password is just obfuscation.05:50
tuxd3vthat in plain text is zero security, at least it could obfuscate it, or hash it with the email address...its zero security but not in plain text for god sake!!05:54
furrywolfobfuscation isn't any better.05:54
furrywolfif there's any way for the program to decrypt it on its own, a malicious program can equally well decrypt it too.05:54
tuxd3vits not the same as obfuscation obligates the attacker to look at it, and try diferent things05:55
tuxd3vwhile plain text, is plain text05:55
tuxd3vI already changed my email account password05:55
furrywolfno, one of the zillion-exploits-in-one packages will just have a module that rips the password if it finds that client installed...05:55
tuxd3vwell sylpheed lets everything very explained in the account created file05:56
tuxd3vits very very explanatory, direct..05:56
furrywolfor the attacker will just google "decryping foomail password", and click the first result.05:56
tuxd3vbut for that he needs to do it manuallly05:57
furrywolfI don't blame clients for holding plaintext passwords.  severs and services, on the other hand...  it should be hashed and salted, strongly.05:57
tuxd3vhas a human behind a computer that takes time, and effort05:57
tuxd3vwhile in open puff05:58
tuxd3vmore over the file that configures the email account, should be diferent for each instalation05:58
tuxd3vthings in diferent places and so on05:58
golinuxtuxd3v: Did you recover your lost files?05:59
furrywolfheh, the place I used to work for had a portal some local IT place wrote for them, that not only stored the password in plaintext, but sent it back to the browser on the change password page.  oh, and it didn't make sure you were actually logged in to the account you requested a password change for.05:59
furrywolfso if you went to the change password page, twiddled a few form fields to show someone else's account, submitted it again, it'd return their password for you.05:59
tuxd3vgolinux, hello, I still have 1779 directories to check, but I think no luck :(05:59
golinuxMan, that sucks.06:00
furrywolfI pointed this out to my boss as being highly insecure...  also, sent him a screenshot of logging in as him.  :P06:00
furrywolfwith his password shown.  lol06:00
tuxd3vyeah it sucks so badly... they even deleted my keypass files with servers passwords it them...can you believe it?06:01
furrywolfthe people who wrote the portal were totally and utterly incompetent.  that was just one of about a hundred major flaws I found...06:01
furrywolfthey did most of it client-side, in a massive javascript blob, then had a backend that entirely trusted anything the client-blob sent to it, since the blob wasn't supposed to do anything bad.06:02
furrywolfso all you had to do was twiddle communications between the blob and the backend, and it'd happily do anything you asked of it, with no security whatsoever.  you didn't even need a valid login.06:03
tuxd3vI have already found strange things..06:04
tuxd3vLike a lot of chinese stuff06:04
tuxd3vI don't even know what that is doing on my computer..06:04
furrywolfand then I found out they'd recycled a lot of this code with their other customers...06:05
tuxd3vprobably they deleted my content and rewrited some with sh*tty things..06:05
* furrywolf gives up trying to amuse tuxd3v with tails of incompetent IT providers, goes back to fixing welder06:06
tuxd3vnow, I don't know who have done that, i don't know if something was "collected" from my computer or if they just deleted things..06:07
tuxd3vI went to another space of the house , and was compiling a bootloader for rockpro64, when I got close to the computer... nothing in the desktop...hugh?!06:08
tuxd3vI terminated the aplication06:08
* golinux sends tuxdev a virtual hug06:10
golinuxTuxd3v rather06:10
golinuxDamn tuxd3v06:10
golinuxFinally got it right.06:10
tuxd3vI sill need to check how is my 12TB NAS.. still shaking..06:11
golinuxAnd all this is pretty OT for this channel . . .06:13
tuxd3vyou right, I am sorry, you guys don't use that program06:14
tuxd3vI am sorry for the noise06:14
tuxd3vwent to find Ideas, if I can retrieve something..06:15
cushyou done any building/porting on arm tuxd3v ?07:22
tuxd3vcush, I like arm, well embbeded space in general, since I was a kid07:45
tuxd3vat the time embedded was with a 8051, but yeah,256 bytes per page07:45
cushnice tuxd3v07:46
cushhave you heard of Maemo Leste ?07:46
tuxd3vyes I do07:47
tuxd3vnice job :)07:47
cushsome basic usability will be achievable with leste tuxd3v - but we/they could use more engaged developers and porters and users08:57
gordonDrogonPossibly not a Devuan issue but Firefox (installed from package) just told me it has updated in the background and needs re-starting. I'd like to know how it updated, given the files are owned by root and not writable by normal user... This is slightly worrying.10:14
gordonDrogonit didn't auto-start, but when I started firefox again, it had been updated. So this means that firefox has the ability to download files/programs into root protected directories and execute them without my knowledge or permissions. I do not think this is a good thing.10:22
gnarfacegordonDrogon: you can turn that off, it should be in preferences10:27
gnarfacegordonDrogon: i'm not sure it actually writes to root areas... i think it would require to be run suid root for that... i think it just keeps the updates as modules in your user's config directory10:29
gnarfacegordonDrogon: i agree it's still pretty sketchy but they're doing it for security.  that "pocket" thing is way creepier, you should disable it too.10:30
* gordonDrogon nods.10:32
gordonDrogontrying to work out the last time I did an apt-get update, etc. just in-case it was that, but that was a few weeks back.10:33
gordonDrogonlet me check the config dir.10:33
gnarfacethe dates would have changed on something, i'd expect10:33
gordonDrogonnothing there. /usr/lib/firefox-esr - latest date is april 5th.10:35
gordonDrogonit did update - 68.5.0 -> 68.6.110:36
gnarfaceit updated the actual file /usr/lib/firefox-esr? disturbing...10:36
gnarfaceyou sure you don't have unattended-upgrades enabled?10:36
gordonDrogon100% sure.10:36
gnarfacecreepy, i wonder how it's doing that...10:37
gordonDrogonyea, creepy.10:37
gnarfaceis it being launched suid root?10:37
Wonkawhat does dpkg -l firefox-esr say?10:37
gordonDrogonI hope not.10:37
gnarfaceyea that's a good question10:37
gordonDrogonii  firefox-esr    68.6.1esr-1~ amd64        Mozilla Firefox web browser - Ext10:37
Wonkaso the actual package has been updated, and not just the firefox-esr executable10:39
gnarfacei wonder how it's doing that? does it ship with something else that starts up beside it as a root daemon or something?10:39
gordonDrogongordon @ wakko: ls -l /usr/lib/firefox-esr/firefox-esr10:40
gordonDrogon-rwxr-xr-x 1 root root 224416 Apr  3 22:41 /usr/lib/firefox-esr/firefox-esr10:40
WonkaI guess that's not something the firefox update function can do, updating debian packages via the repo...10:40
WonkaI'd go looking where that unattended update came from10:40
gordonDrogongordon @ wakko: strings -a /usr/lib/firefox-esr/firefox-esr|fgrep 68.10:41
gordonDrogonIt's possible I ran apt-get update 2 weeks back, but ..10:42
gordonDrogonuptime is 19 days.10:42
gordonDrogonhow do I get history to give me date/times ..10:43
onefangI have all apt updates send me an email.  Can'at recall off the top of my head how to turn that on.10:43
gordonDrogonjust looked- think I have to set it in .bashrc at the outset.10:44
gordonDrogonsudo needs a password for my login account too.10:44
onefangAh, apt-listchanges does that, emails all changes to me.  Well, the changelogs, not all updates have changelogs.10:45
gordonDrogonit's a puzzle - if it did update at the last manual apt-get update (i usually run it after a crash) then its been sitting there for 2 weeks before letting me know.10:45
gordonDrogonmaybe time to reinstate the old checksum-every-file-every-day program who's name I'ev forgotten )-:10:46
onefangThere's a few.10:46
onefangI'm still trying to decide which I like the best.10:46
gordonDrogonI guess this is the way forward now )-: thanks to the "move fast and break things" brigade...10:47
gordonDrogonintersting - just run apt-get update/upgrade and it wants to upgrade firefox.10:48
onefangTo which version?10:49
gordonDrogon-rwxr-xr-x 1 root root 224416 Apr  7 23:54 /usr/lib/firefox-esr/firefox-esr10:51
onefangCheck the date on the cached apt package.10:51
gordonDrogon-rw-r--r-- 1 root root   501324 Apr  8 03:17 firefox-esr-l10n-en-gb_68.7.0esr-1~deb9u1_all.deb10:52
gordonDrogonso the package was built a few hours after the thing compiled by the looks of it.10:53
halftuxI am on devuan ascii and can't install enigmail it depends on thunderbird (>= 1:52.0) and installed is thunderbird (1:68.7.0-1~deb9u1) how to fix that?11:45
gnarfaceis there any way to get a newer version of enigmail?11:47
gnarfaceor the source of it maybe...11:47
halftuxit is in the repository so it should be possible to download the source package11:48
halftuxwith apt-source enigmail I get enigmail_2.0.8-5~deb9u1.debian.tar.xz11:55
onefangYou could try a force install.11:56
gnarfacewell all the packages in the repository should install, so if your thunderbird is too new for one, that does suggest you got it from outside the distro, or at least from another version - it doesn't look like it's from backports...11:57
halftuxI will recompile... I have only main security updates all from ascii in source list11:59
gnarfacehmm, if that's the case then i think you should probably also report that as a bug in the enigmail package12:06
gnarfacebut make sure...12:06
fsmithredI've run into that problem with enigmail in the past.12:10
fsmithredthat it doesn't match the current version of t'bird. That was when I was still running jessie. I moved up to beowulf.12:11
halftuxthunderbird conflicts with old enigmal 2:2.0.8-5 at least minimum of enigmail must be 2:2.1.212:14
halftuxwhat is the enigmail version in beowulf?12:15
halftuxok I will try enigmail from buster and will see12:20
fsmithredii  enigmail       2:2.1.3+ds1-4~deb10u212:21
halftuxok enigmail 2.1.3 needs new gnupg so I will update to beowulf12:25
fsmithredsee the update guide12:28
fsmithredhang on12:28
halftuxthank you12:30
halftuxmigrated to beowulf without problems enigmail is working thanks and cya15:33
Atari-FroschI just brought a virtual server (provider: NetCup) that was already in production from Debian Jessie to Devuan ASCII, absolutely smooth. <316:04
cushno ctrl-D needed ater reboot Atari-Frosch ?17:02
Atari-Froschcush: nope17:07
openbsdt1i123hi guys. Happy to have Devuan, Netbsd and Openbsd running ... I would like to ask - which OS is more stable, Devuan, netbsd or openbsd for file server?18:59
unixmanThey are all stable. Just pick one.19:01
gnarfaceopenbsdt1i123: it's gonna depend a lot on your hardware, but file servers aren't an ambitious task for either19:09
specingthat choice boils down to whether you want ZFS, btrfs or data loss19:09
openbsdt1i123I noticed that devuan makes with wifi 20 ethernet connections on router, in the live distro.19:12
cushyou've compared filesystems thoroughly specing ?19:12
openbsdt1i123It makes floood and killes my internet. this is a big bug, quite annyoing on live amd/x86 of ascii.19:12
specingcush: no19:13
openbsdt1i123I use usually simple ARM boards for file servers. They can still handle lot of data.19:15
cushyes ofc19:15
specingsimple ARM boards are even used in enterprise file servers19:18
cushbesides a few annoyances, i'm happy with the nvidia jetson nano19:20
openbsdt1i123specing: really, in enterprises, I know, they (admins) just know only windows and nothing runs on linux. Ms exchange, win file serv...19:28
fsmithredopenbsdt1i123, what the problem with the wifi?19:29
openbsdt1i123my router sees the mac about 20 to 60 times...19:30
openbsdt1i123this is hte live wifi... likely a bug into the SH scripot19:30
openbsdt1i123this is linux, bsd has far better net19:31
fsmithreddesktop-live or minimal-live, and where are you seeing this list?19:31
openbsdt1i123tge regular ascii devktop live19:31
fsmithredand it lists your mac a bunch of time in wicd?19:32
fsmithredor some terminal command?19:32
openbsdt1i123wicd ...19:33
fsmithredcan you give me a little more description of what you're seeing? I don't really understand.19:33
fsmithredI'm the one who made the live isos, so I'd like to know of any problems.19:34
openbsdt1i123I havent right time now... I need to write a report. I will try to give more infor this weekenedd19:36
fsmithredok, ping me. I always stay connected19:36
openbsdt1i123u rwelcome19:36
openbsdt1i123you are welcome19:36
openbsdt1i123thakn you too to support devuan !19:38
openbsdt1i123btw, you shoud ban me from  #devuan, I am anon registeredd freenode19:39
openbsdt1i123all opensource channels need registration of freenode service19:39
fsmithredhow are you speaking if you're not registered?19:40
openbsdt1i123 I cannot ncik/save pass to freenode . it seems that you can get all attacks on this channel #devuan19:40
openbsdt1i123you should restrict to registrered uses only.19:40
fsmithredI thought we did that last year19:41
openbsdt1i123well. I cannot remember a pass. so it seems open to all attacks.19:41
fsmithredmaybe it got undone with some of the recent changes19:41
openbsdt1i123ahh.. take care.19:41
fsmithredyou too19:41
DonkeyHoteiiirc it was undone in this channel intentionally19:42
openbsdt1i123I do not see ok to have login/pass generally on irc.19:42
openbsdt1i123irc should be a free platform for chat. ip tracker may limit spam and bots19:42
MinceRunidentified users used to be muted to help deal with spambots, but it was undone because we stopped getting significant spam and it kept some users from getting support19:48
openbsdt1i123Well, devuan is libre?19:48
gnarfacewell, it has all the same non-free components Debian does, plus includes some of them (wifi firmware) in the netinstall that Debian doesn't19:49
gnarfacethis is only for user convenience19:49
gnarfaceafaik none of the other non-free stuff is installed by default19:49
openbsdt1i123It is written on the website that ideaology of devuan is to be free, respect users. So #devuan shall not have login/pass to get access.19:49
cushthe only spammy i thing i have to say atm is everything is running nicely here.  thanks all for the good work.19:51
cush /419:54
topro_hi there, concerning debian ceph packages latest versions missing sysvinit script (i reported yesterday) I think we need to get active ourselves, please see what my bug report yielded in...
topro_how much and what kind of effort would it be to (automatically?) patch every new debian ceph-base package to add an init script? i assume there must be other packages with the same issue already?20:09
cushthat's a good question topro_ - sounds doable20:10
cushplease stick with it20:10
topro_cush: I'm asking here because I assume this has been done before using the devuan infrastructure?! Btw. the init script for ceph is still maintained by ceph. its living directly inside the ceph git repo, so there is no problem getting a matching init script for any version. debian just decided to not supply it any longer, obviously because they cannot test it20:14
cushanother option would be to tell ceph maintainers 'i need this package and i can test that this script works for you'20:16
golinuxtopro: ^^^20:19
topro_cush: the way the reaction came to my bug report I see no point in further negotiating with debian about init scripts20:22
topro_golinux: nice indeed! but with ceph having lots of different targets inside a single init script which got translated to a myriad of seperate systemd units this would mean that retransforming that to sysvinit would mean to break them up into lots of seperate init scripts. could live with that, better than nothing20:25
topro_but then again, to do it right, this should be done automatically for affected packages by the devuan infrastructure20:26
golinuxThose scripts should be provided upstream.20:31
golinuxOTOH . . . if you would offer to provide and maintain them for Devuan, we might consider forking those packages if upstream balks at the idea.20:33
masonFWIW, I like the notion of ancillary packages that just provide init scripts, as needed. Let the upstream continue to do the heavy lifting for bug fixes, etc.20:35
topro_golinux: did you read my debian bug report linked above? I think I would call that "upstream balks at the idea". If you mean ceph as upstream, then there is no issue cause ceph does provide an up to date init script, its just omitted by debian packagers20:50
topro_So getting an init script is no issue, getting it into a debian packaged deb seems to BE an issue20:51
topro_Its maintained and provided by ceph, so maybe think about forkin ceph-base to add that existing maintained init script back into?20:52
zatumildid you try to install the ubuntu deb package in devuan?20:57
topro_zatumil: no I won't, I tried a long time ago when debian and ubuntu were technically still much closer than today and I tried with a way simpler package than what ceph is. And guess, it dodn't work. At all. So I'm not interested in such a nightmare21:10
zatumilmaybe you can rebuild their source package21:13
golinuxtopro: Good call not to install Ubuntu packages on Debian or Devuan.22:22
openbsdt1i123I am downloading now the last Ubuntu to try to compile FLTK on it.22:25
openbsdt1i123There are still advantage that ubuntu/debian/devuan are close, to install closed source softs, like microsoft teams, skype4linux with pulseaudio,... this is good for desktop.22:26
openbsdt1i123it seems that overleaf depends largely on systemd. ... is tehre a way to install the overleaf server on Devuan? Overleaf, based on systemd, recommends systemd to run it.22:39
topro_zatumil: there is no point in looking at the ubuntu packages as the only issue with the debian packages in this particular case is the missing init script which is available from ceph repo directly (just needs minimal tweaking) and rebuild debian package with that file included22:41
chakpapaHi. I just tried beowulf with openrc. Everything is working fine, except openrc-init can't be used as a standalone init. As Openrc-init does not use /etc/inittab, Gentoo recommends agetty processes for tty1 to tty6 to be started explicitly as services. Couldn't find "agetty" in Devuan. Anyone found any similar solution?23:05
cushis maybe ngetty a replacement chakpapa ?23:06
chakpapaHave to check.23:07
chakpapaThis is I guess the only roadblock to use a pure openrc system. I understand most people use sysvinit+openrc. But I prefer openrc-init.23:08
chakpapaThis is how Gentoo does it23:08
chakpapaThe step23:08
chakpapalet me try ngetty23:09
chakpapaNope. Devuan's agetty / ngetty doesn't have init scripts in /etc/init.d like Gentoo does23:16
chakpapaMight be some build time thing23:16
chakpapaIs my problem23:18
chakpapaOk it seems like something inherently different in Debian's packaging of openrc. Nothing wrong with Devuan.23:24

Generated by 2.17.0 by Marius Gedminas - find it at!