[DNG] Please stop posting random links to hacked web sites

[Martin Steigerwald]

Hi!

Okay, I tried to do this off list, but I now found the second occurence of 
this already:

Please do not about every hacked web site you read about. Especially not a 
link to it. I bet there are tons of web sites hacked each day even if you 
don´t hear about every single one. And whether this is at all related to 
systemd… so far I am not aware of any single successful attack related to a 
security hole in systemd.

You basically give them public advertisement which can lead to additional 
clicks. I think this is not approbiate for this list.

In my oppinion it is also totally off topic.

Please stop.

Does this list have a netiquette? If so, I ask for this to be included: No 
adverstising for random websites.

If you really want to recommend Devuan to them, do it directly with them.

And if you want to discuss the opportunity to position and market Devuan as 
a secure webserver OS please do it in a generic way. And include only some 
example links about the hackeries themselves (i.e. from news sites), and not 
to the sites. Also please do it in one thread that is easy to ignore.

I really do not which to links to random websites. That is what spam mails 
are about. So please stop.

Thanks,
-- 
Martin
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] systemd in the era of hotplugable devices

[Oz Tiram]

One argument I hear often about systemd is that it more adapted to current
hardware needs, [e.g. here][1]

>  Computers changed so much that they often doesn’t even look like
> computers. And their operating systems are very busy : GPS, wireless
> networks, USB peripherals that come and go, tons of softwares and
> services running at the same time, going to sleep / waking up in a
> snap… Asking the antiquated SysVinit to manage all this is like asking
> your grandmother to twerk.

What I don't understand is how an init system manages hot pluggable
devices.
What does replacing a hot plugable disk drive it have to do with how the
system is booted?
Maybe this all done at the none init parts of systemd?

### I know this is a hot topic for some people. It is not meant to ignite a
war, rather to understand.

Please explain it to me with out flames.
  [1]: http://sysadmin.tme520.net/systemd-our-songs-of-innocence/


Greetings,
Oz

---

Imagine there's no countries
it isn't hard to do
Nothing to kill or die for
And no religion too
Imagine all the people
Living life in peace
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Please stop posting random links to hacked web sites

[Jaromil]

dear Martin,

DNG is an open and public discussion place, not strictly bound to Devuan
nor to Systemd: its the campfire after the exodus from Debian and it
gathers people with different focus and interests.

On Wed, 22 Jul 2015, Martin Steigerwald wrote:

> You basically give them public advertisement which can lead to
> additional clicks. I think this is not approbiate for this list.
> 
> In my oppinion it is also totally off topic.

I second your opinion, still glad the thread turned to discuss common
vectors of attacks on GNU/Linux servers which gets it back on a
reasonable topic.

There are other venues to talk about "hacked websites" issues, too big
of a topic for this list, just have a look at http://www.zone-h.org
archive to have an overview on how much happens every day.

So, thanks for your attempt to keep this place on-topic.

ciao





signature.asc
Description: Digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Ashley Madison hack

[Ron]

On Wed, 22 Jul 2015 01:01:17 -0700
James Powell  wrote:

> It is to some extent, but remember, we now, on selected systems, have a 
> universal interface layer, so we don't know if it was Brute Force SSH, or 
> something else.
> 
> Until the hackers say or reveal anything, we don't know, and that could be 
> anything from improperly updated software like Bash, to SSH, to anything.

Or even getting credentials through phishing  ;-3(
 
Cheers,
 
Ron.
-- 
  ...Nessun maggior dolore,
   Che ricordarsi del tempo felice
Nella miseria.
-- Dante Alighieri

   -- http://www.olgiati-in-paraguay.org --
 

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] systemd in the era of hotplugable devices

[Teodoro Santoni]

On Wed, Jul 22, 2015 at 10:00:48AM +0200, Oz Tiram wrote:
> One argument I hear often about systemd is that it more adapted to current
> hardware needs, [e.g. here][1]
> 
> >  Computers changed so much that they often doesn’t even look like
> > computers. And their operating systems are very busy : GPS, wireless
> > networks, USB peripherals that come and go, tons of softwares and
> > services running at the same time, going to sleep / waking up in a
> > snap… Asking the antiquated SysVinit to manage all this is like asking
> > your grandmother to twerk.
> 
> What I don't understand is how an init system manages hot pluggable
> devices.
> What does replacing a hot plugable disk drive it have to do with how the
> system is booted?
> Maybe this all done at the none init parts of systemd?

Hi, 

exactly that: systemd has been merged with udev, which is a component that for 
years has been built to create a device node tree and promptly do something in 
hotplug situations, e.g. mount a pendrive when you plug it in the USB port.
If we think to systemd in two distinct manners, "the init system" and "the 
genode framework written in C and incapable of interoperativity", we see that 
systemd as a init is not a big deal, just an init tool that uses config files 
and not shell scripts and handles parallelization and dependencies; the real 
problems of freedom and quality of the product come with systemd as a 
framework for bootstrapping a linux OS (be it the software itself or all the 
drones who praise it as the "PHTRE").

--
Teodoro Santoni

Something is wrong. I don't wanna compile 20 KB of Go code to list files.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] systemd in the era of hotplugable devices

[Laurent Bercot]

On 22/07/2015 10:00, Oz Tiram wrote:

One argument I hear often about systemd is that it more adapted to current 
hardware needs, [e.g. here][1]

 >  Computers changed so much that they often doesn’t even look like
 > computers. And their operating systems are very busy : GPS, wireless
 > networks, USB peripherals that come and go, tons of softwares and
 > services running at the same time, going to sleep / waking up in a
 > snap… Asking the antiquated SysVinit to manage all this is like asking
 > your grandmother to twerk.

What I don't understand is how an init system manages hot pluggable devices.
What does replacing a hot plugable disk drive it have to do with how the system 
is booted?
Maybe this all done at the none init parts of systemd?


 Hi Oz,

 Don't believe everything you read on the Web. ;)
 The author of the article has already adopted systemd's point of view, which
is "one init should do everything", without even being aware of it.

 The truth it, you're perfectly right: it is not init's job to manage hot-
pluggable devices. There is NO reason why init should be made aware of
those kernel events, and the "systemd can manage modern hardware" meme is
but a pile of propaganda.
 Any init system, including sysvinit, will work just as well: managing
hotplug is udev's job, and anything implementing udev functionality will
do. udev predates systemd, so systemd did not invent the feature; it
just took udev and integrated it tightly to make itself unavoidable,
a.k.a. virus tactics.

 eudev and vdev, as well as other udev-like daemons, prove this is not
necessary. So you can safely ignore the article, written by someone who
has a wrong idea of what init is supposed to do.

--
 Laurent

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] dev-one.org aka making it easier for english speakers

[Jaromil]

re all,

we have setup a new alias for the official devuan.org domain name, to
make it easier for english speakers when they want to communicate this
project: dev-one.org

our project's official name and branding stays as Devuan (which is now
also a registered trademark, just to make sure it is what it says...)
while this alias is intended to solve that somehow awkward moment in
which we tell a friend or colleague about this project and try to spell
the url so that he/she punches it into the browser. Did it ever happened
to you? ... "devone", not with a u, ehrm, a, then n...

so well, there you go now: dev dash one dot org

ciao





signature.asc
Description: Digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] systemd in the era of hotplugable devices

[Isaac Dunham]

On Wed, Jul 22, 2015 at 12:59:56PM +0200, Laurent Bercot wrote:
> On 22/07/2015 10:00, Oz Tiram wrote:
> >One argument I hear often about systemd is that it more adapted to current 
> >hardware needs, [e.g. here][1]
> >
> > >  Computers changed so much that they often doesn’t even look like
> > > computers. And their operating systems are very busy : GPS, wireless
> > > networks, USB peripherals that come and go, tons of softwares and
> > > services running at the same time, going to sleep / waking up in a
> > > snap… Asking the antiquated SysVinit to manage all this is like asking
> > > your grandmother to twerk.
> >
> >What I don't understand is how an init system manages hot pluggable devices.
> >What does replacing a hot plugable disk drive it have to do with how the 
> >system is booted?
> >Maybe this all done at the none init parts of systemd?
> 
>  Hi Oz,
> 
>  Don't believe everything you read on the Web. ;)
>  The author of the article has already adopted systemd's point of view, which
> is "one init should do everything", without even being aware of it.
> 
>  The truth it, you're perfectly right: it is not init's job to manage hot-
> pluggable devices. There is NO reason why init should be made aware of
> those kernel events, and the "systemd can manage modern hardware" meme is
> but a pile of propaganda.
>  Any init system, including sysvinit, will work just as well: managing
> hotplug is udev's job, and anything implementing udev functionality will
> do. udev predates systemd, so systemd did not invent the feature; it
> just took udev and integrated it tightly to make itself unavoidable,
> a.k.a. virus tactics.
> 
>  eudev and vdev, as well as other udev-like daemons, prove this is not
> necessary. So you can safely ignore the article, written by someone who
> has a wrong idea of what init is supposed to do.

In general, I'd agree with you, but there are some situations where it's
possible to argue for hotplugger/service manager integration:
 if you hotplug a scanner or printer, there's reason to think that the
 corresponding daemon (sane/cups/lprng/lpr) should start.
Note that I did not say that I think it's a good argument.

The obvious defect in this approach is that there *are* network scanners
and printers, which cannot be hotplugged. A less obvious obnoxious
detail is the sudden demand on system resources, and the delay before
the service is available.

One alternative to this approach would be socket activation, but...
using cups with inetd would really suck, given that it's pretty slow
to start.
Socket activation as done in systemd and upstart (wait till the first
connection, then start the service) could sort-of-work, though the 
first print will always be slow.

None of these are actually 100% reliable, since you have a service
starting upon some request; if there isn't enough RAM, it falls flat.
But then, printing involves spawning filters anyhow, so it would have
that problem (to a lesser degree) anyhow.

Anyone who says systemd is necessary because of wireless networks is
talking out of their hat if they mean 802.11. You have to use
wpa_supplicant if you want to handle those, and it's perfectly adequate.
A similar observation is true for GPS: just leave gpsd running, and
it will only start up the GPS when needed.
There is an alternative to gpsd from FDO, but:
-it's less reliable: gpsd carefully avoids as many conditions that may
fail as possible, and the FDO stack was written because the developer
didn't like the fact that that required avoiding malloc().
-it's much less useful: gpsd handles almost every known GPS, while the
FDO stack only supports some NMEA-conformant GPSs.

Overall reaction to the argument:
Expecting init to manage all that is stupid; init should only be concerned
with system processes.

Thanks,
Isaac
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] Will there be a MirDevuan "WTF"?

[miro . rovis]

Hi, Devuaners!

I wrote to this list before, a couple of times. As
miro.ro...@croatiafidelis.hr and miroslav.rov...@zg.ht.hr.

I'll start from here:

How to avoid stealth installation of systemd?
http://forums.debian.net/viewtopic.php?f=20&t=116770&start=45#p552566
(
the encrypted channel not set up by user in every box with dbus; and give me
someone the reason that I ask there: "a completely truthful explanation[...],
publically, on why is this needed"
)

which is, in that long, and well read, counter-systemd article of mine in the
form of a forum topic, a section about dbus.

I don't want dbus, and lots of other things, in my system.

Lots of things like someone much cleverer than me, in terms of computing, a
Debian developer, and the leader of MirBSD, advocates (and to whom a Cc:
goes), like he advocates against, in most practical terms, on the:

MirDebian "WTF" Repository
https://www.mirbsd.org/~tg/Debs/debidx.htm

I count dbus in poetterware-related, as it is a ware for the non-FOSS to dig
its tentacles deep into your systems, such as in the hooks prepared for them
by, among others, Linus himself.

[my title to it:] rootkit hooks in the kernel
http://www.crmbuyer.com/story/39565.html

and also see this non-exhaustive, practical list of widely used spy-tools, a
list practically compiled by true security experts, published so users can
learn to defend themselves):

Grsecurity/Appendix/Capability Names and Descriptions
https://en.wikibooks.org/wiki/Grsecurity/Appendix/Capability_Names_and_Descriptions

Having a system without systemd like Devuan already is, is great, but is not a
complete solution for developing a free unsurveilled system if you keep dbus
in it. Not in my book! And not in many others' book.

My insisting on no-dbus has been looked favorably by wizards in Gentoo:

Uninstalling dbus adn *kits (to Unfacilitate Remote Seats)
http://forums.gentoo.org/viewtopic-t-992146.html

. I have, as far as a user lacking in really advanced expertize can do, an
almost perfectly sustainable system that is not easily intruded in, that does
not get owned any more, and pranks on my Gentoo system are pretty much reduced
to the outside only. And the same is attainable for any Gentoo user, because
Gentoo wizards care to make Gentoo packages available for dbus-free systems
like mine. As far as my user understanding goes, it's devs who are making it
happen.

Back to MirDebianWTF repo. I was, applying mirabilos' work on my sysvinit- and
non-systemd Debian, [I was] able to get a poetterware-free Debian back then:

Remove Systemd and Related Packages from Your Debian
http://forums.debian.net/viewtopic.php?f=16&t=118197
(see the dates there)

Now...

If I was able to understand correctly, vdev works with dbus. Jude C. Nelson,
why are you basing it on such a corporate-intrusion-enabling software (or
harvesting/other-nefarious-purposes enabling software)? I remember having
read from you back quite a few months ago various articles when I was outraged
at systemd imposition and was researching about it. I wouldn't have expected
you to not realize that dbus was a false-foss program... false for the true
sense of the nature of FOSS. But, maybe there's nothing to do now, I don't
know. I know I won't be using anything that requires dbus...

There was some talk of eudev on devuan mailing list, and people began to
implement it. Where is that now?

A digression. I follow mostly only Devuan mailing list, as best I can. I'm not
privy to all that is happening in Devuan... Shouldn't there anyway be a
central place from where to know without searching what and in which section
has been done and at what stage this or that is... Like a page to start when
you want to know the status and the news, a page always sensibly up to date...

[A digression. I follow mostly only Devuan mailing list, as best I can], and
if I missed something, be kind to correct me.

So eudev not planned?

Just to point you at something that sparks my enthusiasm, as a keen supporter.
and fills me with some angst at the same time. What it those f**ing tool(s)
(as Christopher Barry,
http://lkml.org/lkml/2014/8/12/459
, who I see also follows, if not contributes, to Devuan, as he called
Poettering)... [What if those tools] achieve, for their masters, their
nefarious purposes sooner then true FOSS devs can raise defences against such
threats?

plans when udev becomes systemd-only ? (after kdbus merge)
https://github.com/gentoo/eudev/issues/95#issuecomment-122873308

And eudev works dbus-free just fine (such as in my Gentoo), dear people!

So, maybe to cut the talking shorter:

Is no-poetterware, no-dbus Devuan soon to be an attainable option for a user
like me, of medium advanced level (my maximum attainable level probably a good
tester)?

And then in no-dbus no-poetterware Devuan I apply grsec, and teach newbies to
install grsec-hardened kernels in their Devuans, like I did in Debian Forums:

Grsecurity/Pax installation on Debian GNU/Linux
http://forums.debian.net/vie

Re: [DNG] systemd in the era of hotplugable devices

[Laurent Bercot]

On 22/07/2015 16:24, Isaac Dunham wrote:

In general, I'd agree with you, but there are some situations where it's
possible to argue for hotplugger/service manager integration:
  if you hotplug a scanner or printer, there's reason to think that the
  corresponding daemon (sane/cups/lprng/lpr) should start.


 Oh, yes, integrating the hotplugger and the service manager is a good
idea. But it does not have to be performed as intimately as systemd does.
It's possible for a hotplug manager to spawn a script for certain events
and have those scripts make calls to the service manager. The scripts
can even be changed depending on the service manager you have, without
changing the hotplugger.

 That kind of modularity is a major strength of Unix, and is one of the
things that systemd is disregarding, either out of incompetence (can't
design Unix software) or out of malice (actively tries to get integrated
with every aspect of the system).



None of these are actually 100% reliable, since you have a service
starting upon some request; if there isn't enough RAM, it falls flat.


 It's the case with every service manager, and everything you start
on-demand. systemd or not, integration or not, you'll have that problem
anyway.

--
 Laurent

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Will there be a MirDevuan "WTF"?

[Jude Nelson]

>
>
> If I was able to understand correctly, vdev works with dbus.


Vdev does not use dbus.  No idea how or why you came to this conclusion.
Search the code if you don't believe me.

-Jude
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] systemd in the era of hotplugable devices

[tilt!]

Hi,

Oz Tiram wrote on 22/07/2015 at 10:00 CEST:

One argument I hear often about systemd is that it more adapted to
current hardware needs, [e.g. here][1]

Computers changed so much that they often doesn’t even look

>> like computers. And their operating systems are very busy :
>> GPS, wireless networks, USB peripherals that come and go, tons of
>> softwares and services running at the same time, going to
>> sleep / waking up in a snap ... Asking the antiquated SysVinit
>> to manage all this is like asking your grandmother to twerk.

Typical "popular appeal" tech article pairing childish language
("twerking") with half-baked trivialities like "computers changed
much" and outright nonsense such as "computers often do not look
like computers".

It's a won't read.


What I don't understand is how an init system manages hot pluggable
devices.


My personal opinion is that it should not, according to the directive
"do one thing right."


What does replacing a hot plugable disk drive it have to do with
how the  system is booted?


The (operating) system could be booted from a "hot-pluggable" device,
i.e. a device that disappears during regular operation.

It then is desirable to have the system available in a fashion that
this device is not required after some "boot(strapping) phase".

One could argue that the "initialization" of the system should play
a part in this.


Maybe this all done at the none init parts of systemd?


Unclear: The idea behind the systemd/udev merger is "tight coupling"
between "what is available?" (udev) and "what goes where?" (systemd).
Since this deviates from "doing one thing right", I do not like it.

Kind regards,
T.


___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Will there be a MirDevuan "WTF"?

[miro . rovis]

On Wed, Jul 22, 2015 at 11:50:44AM -0400, Jude Nelson wrote:
> >
> >
> > If I was able to understand correctly, vdev works with dbus.
> 
> 
> Vdev does not use dbus.  No idea how or why you came to this conclusion.
> Search the code if you don't believe me.
> 
> -Jude
I believe you. You never appeared dishonest to me. And I'm very glad
that I was wrong!

Whence I derived that wrong understanding? From having misundestood
something with the little time that I dedicated to reading about vdev
from the list or elsewhere.  Sorry!

But Im very glad that I was wrong in that conjecture! Because that means
my dream may be feasible when vdev is ready for deployment!

Regarding Thorsten Glaser , I got it from reading
discussions on debian-devel list, e.g.:

https://lists.debian.org/debian-devel/2014/07/msg00015.html

How to avoid stealth installation of systemd?
http://forums.debian.net/viewtopic.php?f=20&t=116770&start=30#p552484

I got a "550 Unrouteable address" for it, as visibale in the attachment
(mirabilos-unroutable.eml). So don't know.

Really my dream a true foss Devuan. Cheers!
-- 
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr
From @ Wed Jul 22 17:08:19 2015
Return-Path: <>
Received: from lin16.mojsite.com (178.218.164.164:993) by g0n.xdwgrp with
  IMAP4-SSL; 22 Jul 2015 15:08:19 -
Envelope-to: miro.ro...@croatiafidelis.hr
Delivery-date: Wed, 22 Jul 2015 16:39:44 +0200
Received: from smtp7.plusvps.com ([89.201.164.170]:46869)
by lin16.mojsite.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.85)
id 1ZHvBJ-00069a-Rc
for miro.ro...@croatiafidelis.hr; Wed, 22 Jul 2015 16:39:37 +0200
Received: from exim by smtp7.plusvps.com with local (Exim 4.84)
id 1ZHvBJ-000FDh-Nq
for miro.ro...@croatiafidelis.hr; Wed, 22 Jul 2015 16:39:37 +0200
X-Failed-Recipients: t...@debian.org
Auto-Submitted: auto-replied
From: Mail Delivery System 
To: miro.ro...@croatiafidelis.hr
Subject: Mail delivery failed: returning message to sender
Message-Id: 
Date: Wed, 22 Jul 2015 16:39:37 +0200
X-PlusHosting-MailScanner-Information: Please contact the ISP for more 
information
X-PlusHosting-MailScanner-ID: 1ZHvBJ-00069a-Rc
X-PlusHosting-MailScanner: Found to be clean
X-PlusHosting-MailScanner-SpamCheck: not spam, SpamAssassin (not cached,
score=0.078, required 5, BAYES_00 -1.90, DSN_NO_MIMEVERSION 2.00,
RCVD_IN_MSPIKE_H3 -0.01, RCVD_IN_MSPIKE_WL -0.01,
URIBL_BLOCKED 0.00)
X-PlusHosting-MailScanner-From: 
X-Spam-Status: No
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
Status: RO
X-Status: F
Content-Length: 8693

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  t...@debian.org
SMTP error from remote mail server after RCPT TO::
host mailly.debian.org [82.195.75.114]: 550 Unrouteable address

-- This is a copy of the message, including all the headers. --

Return-path: 
Received: from lin16.mojsite.com ([178.218.164.164])
by smtp7.plusvps.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.84)
(envelope-from )
id 1ZHvBD-000FBy-EA
for t...@debian.org; Wed, 22 Jul 2015 16:39:31 +0200
Received: from 93-139-7-37.adsl.net.t-com.hr ([93.139.7.37]:59875 
helo=g0n.localdomain)
by lin16.mojsite.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.85)
(envelope-from )
id 1ZHvBC-00065X-LM; Wed, 22 Jul 2015 16:39:30 +0200
Received: by g0n.localdomain (Postfix, from userid 1000)
id ED39638005A; Wed, 22 Jul 2015 16:40:12 +0200 (CEST)
Date: Wed, 22 Jul 2015 16:40:12 +0200
From: miro.ro...@croatiafidelis.hr
To: dng@lists.dyne.org
Cc: Thorsten Glaser 
Subject: Will there be a MirDevuan "WTF"?
Message-ID: <20150722144012.GA6689@g0n>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="AhhlLboLdkugWU4S"
Content-Disposition: inline
User-Agent: Mutt/1.5.23+102 (2ca89bed6448) (2014-03-12)
X-PlusHosting-MailScanner: Not scanned: please contact your Internet E-Mail 
Service Provider for details, Found to be clean
X-PlusHosting-MailScanner-SpamCheck: 
X-Spam-Status: No, No
X-AntiAbuse: This header was added to track abuse, please include it with any 
abuse report
X-AntiAbuse: Primary Hostname - lin16.mojsite.com
X-AntiAbuse: Original Domain - debian.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - croatiafidelis.hr
X-Get-Message-Sender-Via: lin16.mojsite.com: authenticated_id: 
miro.ro...@croatiafidelis.hr
X-PlusHosting-MailScanner-Information: Please contact the ISP for more 
information
X-PlusHosting-MailScanner-ID: 1ZHvBD-000FBy-EA
X-PlusHosting-MailScanner-From: miro.ro...@croatiafidelis.hr


--AhhlLboLdkugWU4S
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Conte

Re: [DNG] systemd in the era of hotplugable devices

[Steve Litt]

On Wed, 22 Jul 2015 16:57:55 +0200
Laurent Bercot  wrote:

> On 22/07/2015 16:24, Isaac Dunham wrote:
> > In general, I'd agree with you, but there are some situations where
> > it's possible to argue for hotplugger/service manager integration:
> >   if you hotplug a scanner or printer, there's reason to think that
> > the corresponding daemon (sane/cups/lprng/lpr) should start.
> 
>   Oh, yes, integrating the hotplugger and the service manager is a
> good idea. 

Depending on the definition of "integrating".

> But it does not have to be performed as intimately as
> systemd does. 

Pre-cisely! I don't have Lennart Poettering's coding skills or system
wisdom, nor do I have the budget by which his team operates, but even I
was able to put together the most challenging part of hotplugging,
using inotifywait:

http://www.troubleshooters.com/linux/init/manjaro_experiments.htm#inotifywait_m_e_createdelete_devusb

The fact that unfunded Steve Litt, a Troubleshooting Trainer by
profession, could do this in an hour, calls into question the necessity
of a necessity of devices and systemd needing to know each others'
business.

inotifywait is Linux only, but I hear there's an equivalent in BSD land.

> It's possible for a hotplug manager to spawn a script
> for certain events and have those scripts make calls to the service
> manager.

Once you're informed of the event, you can do anything. Including
starting an s6 service that's normally down because of a down file.

But it wouldn't be so stylishly Lennart!

Steve

Steve Litt 
July 2015 featured book: Rapid Learning for the 21st Century
http://www.troubleshooters.com/rl21
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Will there be a MirDevuan "WTF"?

[Steve Litt]

On Wed, 22 Jul 2015 20:03:03 +0200
miro.ro...@croatiafidelis.hr wrote:

> On Wed, Jul 22, 2015 at 11:50:44AM -0400, Jude Nelson wrote:
> > >
> > >
> > > If I was able to understand correctly, vdev works with dbus.
> > 
> > 
> > Vdev does not use dbus.  No idea how or why you came to this
> > conclusion. Search the code if you don't believe me.
> > 
> > -Jude
> I believe you. You never appeared dishonest to me. And I'm very glad
> that I was wrong!

Am I the only one who doesn't understand one word of this thread?

I'll say one thing though: Like miro.rovis, if I had my ideal system,
it would lack dbus. I was actually able to accomplish that with one
alternate-initted Manjaro-OpenRC. No dbus. I used oss instead of alsa,
and it worked great.

SteveT

Steve Litt 
July 2015 featured book: Rapid Learning for the 21st Century
http://www.troubleshooters.com/rl21
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Ashley Madison hack

[Nuno Magalhães]

You're forgetting SQL injection and XSS, to name a few. Wireshark in a
cybercafé pops into mind too plus a gazillion of windows
vulnerabilities.

I'm placing no bets on Whether-or-not-it-was-systemd and find that
discussion moot unless there's any solid details on the hack.

Does Devuan keep up to date with known CVEs in its repositories (for
apache and what not) would qualify as devual-related and relevant.

And i try not to project my a/moral views on others so the fact the
site is about adultery is totally irrelevant to me, from a
computer-security perspective.

But that's just me.

Cheers,
Nuno
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Will there be a MirDevuan "WTF"?

[miro . rovis]

On Wed, Jul 22, 2015 at 02:51:59PM -0400, Steve Litt wrote:
> On Wed, 22 Jul 2015 20:03:03 +0200
> miro.ro...@croatiafidelis.hr wrote:
> 
> > On Wed, Jul 22, 2015 at 11:50:44AM -0400, Jude Nelson wrote:
> > > >
> > > >
> > > > If I was able to understand correctly, vdev works with dbus.
> > > 
> > > 
> > > Vdev does not use dbus.  No idea how or why you came to this
> > > conclusion. Search the code if you don't believe me.
> > > 
> > > -Jude
> > I believe you. You never appeared dishonest to me. And I'm very glad
> > that I was wrong!
> 
> Am I the only one who doesn't understand one word of this thread?
> 
> I'll say one thing though: Like miro.rovis, if I had my ideal system,
> it would lack dbus. I was actually able to accomplish that with one
> alternate-initted Manjaro-OpenRC. No dbus. I used oss instead of alsa,
> and it worked great.
And I have in my Gentoo alsa working perfectly (and surely: without
pulseaudio), without dbus, really a nice, intrusion unfriendly install,
and improving.

And on my Debian when I mostly (not completely) succeeded in applying
lots of stuff from: 

MirDebian "WTF" Repository
https://www.mirbsd.org/~tg/Debs/debidx.htm
(from another, the-then location, actually; and, speaking of changes, it
appears MirDebian WTF has even more to offer now then back then, and is
regularly updated)... Thorsten, are you reading this (see the attached
"550 Unrouteable address" in the 2nd mail of mine in this thread if
anybody wonder why I'ask)?

I, then, had my Debian running pure alsa as well (but couldn't get the
audio for TV-card to work...), and without most any of the other
poetterware. And I made that Tips page about it (see my
first-in-this-thread mail). It's not as read as my Grsec Install Tips
page for Debian (see my 1st mail), not only was, but still is (still
is!), but it did grew to a few thounsad views, it did. Ask golinux, xhe
was suprised I looked like talking to muself in that page...

Meaning, Debianers were able to follow it and clean their systems from
systemd and dbus and pulseaudio with more or less success, or at the
very least were eager too!

Regards!
-- 
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr


signature.asc
Description: PGP signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Jeep Cherokee hacked

[T.J. Duchene]

> They are achieving it via an on-line firmware update and downloading a
> completely new firmware to the entertainment unit. OS is irrelevant.

[T.J. Duchene]  
I mean no offense, but that statement should really be qualified. Actually the 
OS is not irrelevant, depending on the configuration of the firmware.   

The firmware might be just a storage device.  I've used embedded Linux as 
firmware before.  Call it firmware or software, it is actually the same thing 
in the end.  The confusion comes from the fact that "firmware" can be anything 
from an embedded OS - most likely these days - or something as a PLA 
(programmable logic array) hardwired with a specific set of Boolean equations.

So yes, the question of OS is very relevant.  

Critical control systems should never be interlinked with Internet access, and 
the firmware used should be read only.  This is a major embarrassment.


T.J.

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] systemd in the era of hotplugable devices

[Dr. Nikolaus Klepp]

Am Mittwoch, 22. Juli 2015 schrieb Steve Litt:

> Pre-cisely! I don't have Lennart Poettering's coding skills or system
> wisdom, nor do I have the budget by which his team operates, but even I
> was able to put together the most challenging part of hotplugging,
> using inotifywait:
> 
> http://www.troubleshooters.com/linux/init/manjaro_experiments.htm#inotifywait_m_e_createdelete_devusb


Hm ... I still use /proc/sys/kernel/hotplug for this purpose.

Nik


-- 
Please do not email me anything that you are not comfortable also sharing with 
the NSA.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Interesting comment from a kernel developer

[T.J. Duchene]

From: Dng [mailto:dng-boun...@lists.dyne.org] On Behalf Of Michelle Konzack
Sent: Tuesday, July 21, 2015 11:55 PM
To: dng@lists.dyne.org
Subject: Re: [DNG] Interesting comment from a kernel developer

Hello *,

2015-07-22 3:07 GMT+02:00 Go Linux :
What is this about 'baroque init scripts' and wanting to have only ONE option?  
Rather prescient in light of where we are now . . .


This  mean, Debian has droped anything and now users AND developers have to 
bother with crappy "systemd".
Some days ago I have updated an Etch system release by release to Jessie and 
now, nothing is working anymore! Have killed Jessie and installed in the Last 
two days a new Wheeze MiniITX machine and now anything is working as expected.
I will do anything to get rid of "systemd"!!! It is a nightmare!

-- 
Michelle Konzack
GNU/Linux Developer
0049-176-86004575

[T.J. Duchene] 
Sorry to hear about your troubles, Michelle.  =(

Yes, Debian has adopted systemd.  As a quick fix, you can stick with Wheezy; or 
you can install Jessie and then install systemd-shim and sysvinit.  After you 
install systemd-shim and sysvinit, Jessie should work more or less as expected. 
 If I might say so, your problems may have stemmed from trying to jump from 
Etch to Jessie, skipping Wheezy.  Skipping versions is something that you 
should never do with in-place upgrades.  While you technically CAN do it, you 
probably shouldn't.  It causes all kinds of errors because Debian (or anyone 
else) seldom tests the procedure.  The configuration files held from the older 
install can cause startup failures that do not necessarily have anything to do 
with systemd.


Best luck and wishes!
T.J.

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Interesting comment from a kernel developer

[Michelle Konzack]

No, I have made the distupgrade release by release
and checked, whether anything was working.

And yes, from Etch to Lenny, Squeeze and Wheeze it was working.

And then the nightmare came over me!

Currently I install a Wheeze Workstation + Server around 3 GByte
of installation will back it up and try the migration to Jessie again.

If anything goes wrong, my bootloader is configured to boot a
rescue system which reinstall the Wheeze backup...


2015-07-22 22:03 GMT+02:00 T.J. Duchene :

>
> From: Dng [mailto:dng-boun...@lists.dyne.org] On Behalf Of Michelle
> Konzack
> Sent: Tuesday, July 21, 2015 11:55 PM
> To: dng@lists.dyne.org
> Subject: Re: [DNG] Interesting comment from a kernel developer
>
> Hello *,
>
> 2015-07-22 3:07 GMT+02:00 Go Linux :
> What is this about 'baroque init scripts' and wanting to have only ONE
> option?  Rather prescient in light of where we are now . . .
>
>
> This  mean, Debian has droped anything and now users AND developers have
> to bother with crappy "systemd".
> Some days ago I have updated an Etch system release by release to Jessie
> and now, nothing is working anymore! Have killed Jessie and installed in
> the Last two days a new Wheeze MiniITX machine and now anything is working
> as expected.
> I will do anything to get rid of "systemd"!!! It is a nightmare!
>
> --
> Michelle Konzack
> GNU/Linux Developer
> 0049-176-86004575
>
> [T.J. Duchene]
> Sorry to hear about your troubles, Michelle.  =(
>
> Yes, Debian has adopted systemd.  As a quick fix, you can stick with
> Wheezy; or you can install Jessie and then install systemd-shim and
> sysvinit.  After you install systemd-shim and sysvinit, Jessie should work
> more or less as expected.  If I might say so, your problems may have
> stemmed from trying to jump from Etch to Jessie, skipping Wheezy.  Skipping
> versions is something that you should never do with in-place upgrades.
> While you technically CAN do it, you probably shouldn't.  It causes all
> kinds of errors because Debian (or anyone else) seldom tests the
> procedure.  The configuration files held from the older install can cause
> startup failures that do not necessarily have anything to do with systemd.
>
>
> Best luck and wishes!
> T.J.
>
>


-- 
Michelle Konzack
GNU/Linux Developer
0049-176-86004575
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] systemd in the era of hotplugable devices

[T.J. Duchene]

> In general, I'd agree with you, but there are some situations where it's
> possible to argue for hotplugger/service manager integration:
>  if you hotplug a scanner or printer, there's reason to think that the
> corresponding daemon (sane/cups/lprng/lpr) should start.
> Note that I did not say that I think it's a good argument.

> 
> The obvious defect in this approach is that there *are* network scanners and
> printers, which cannot be hotplugged. A less obvious obnoxious detail is the
> sudden demand on system resources, and the delay before the service is
> available.

> Overall reaction to the argument:
> Expecting init to manage all that is stupid; init should only be concerned 
> with
> system processes.
> 
> Thanks,
> Isaac
> 
[T.J. Duchene] 

Please understand that I hold your opinion in the highest respect. In fact, I 
agree with you in substance, Isaac.

That said, the reality of the situation is quite different than it is in 
theory.  As the old saying goes in the American Midwest: "The proof is in the 
pudding."  Until someone provides a systemd alternative that works better than 
systemd, yet provides conveniences and the same API, no one who has latched on 
to systemd is going to change their mind.   

In my humble opinion, the best way to kill systemd is to dilute it by cloning 
the API.


Have a great day!
T.J.



___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Interesting comment from a kernel developer

[T.J. Duchene]

From: Dng [mailto:dng-boun...@lists.dyne.org] On Behalf Of Michelle Konzack
Sent: Wednesday, July 22, 2015 3:17 PM
Cc: dng@lists.dyne.org
Subject: Re: [DNG] Interesting comment from a kernel developer

No, I have made the distupgrade release by release
and checked, whether anything was working.

[T.J. Duchene] 
Sorry, my fault!  Mea Culpa.  I should have read the original message more 
closely.




___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] systemd in the era of hotplugable devices

[Laurent Bercot]

On 22/07/2015 22:20, T.J. Duchene wrote:

That said, the reality of the situation is quite different than it is
in theory.  As the old saying goes in the American Midwest: "The
proof is in the pudding."  Until someone provides a systemd
alternative that works better than systemd, yet provides conveniences
and the same API, no one who has latched on to systemd is going to
change their mind.


 Right. And that's why it's difficult: systemd has manpower, so it can
provide a lot of features - features that we have to replicate if we are
to offer a viable alternative, and we don't have as much manpower.

 For udev, login, and such, I don't think it's a problem, though. udev,
login et al. were working before systemd came along, so it's just a
question of cutting the BS and performing the right communication.
(Which is another issue per se, because the systemd people also have
manpower for communication - but it's not a technical issue.)



In my humble opinion, the best way to kill systemd is to dilute it by
cloning the API.


 I respectfully disagree. I'm of the opinion that cloning the API
acknowledges its value; to me, the best way to kill systemd is to
provide a serious alternative to everything that it does, but to
do it *right*, offering the advantages of systemd without the drawbacks;
and the API should be designed with that goal, to do things right -
which mostly precludes using systemd APIs.

 The problem with the systemd APIs is that they kinda enforce the
underlying architecture, and using them amounts to basically rewrite
systemd. The APIs themselves are not bad from a programmer's point of
view, but the architecture is, from an architect's point of view, and
that is what must be deconstructed.

 OT: I would like it if the list host could set the "Mailing-List:"
header on list messages. Most MUAs understand it and implement a
"reply to list" feature; without it, we're stuck with manual configuration
or hitting "reply to all", which causes duplicates.

--
 Laurent
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Interesting comment from a kernel developer

[Adam Borowski]

On Wed, Jul 22, 2015 at 03:03:55PM -0500, T.J. Duchene wrote:
> Yes, Debian has adopted systemd.  As a quick fix, you can stick with
> Wheezy; or you can install Jessie and then install systemd-shim and
> sysvinit.  After you install systemd-shim and sysvinit, Jessie should work
> more or less as expected.

systemd-shim still means systemd.  Devuan is supposed to fix this, but in
the meantime -- or if you prefer staying with Debian proper -- you can use
my repository of deinfested packages:

jessie:
deb http://angband.pl/debian nosystemd main
unstable/stretch:
deb http://angband.pl/debian nosystemd-stretch main

If some package you want is missing, please let me know -- I deinfest them
only when I encounter something that tries to pull systemd into my system,
which means I have no exposition to, for example, the Gnome world.

-- 
⢎⣉⠂⠠⠤⡀⣄⠤⡀⠠⡅⠀⠤⡧⠄⡄⠀⡄⠀⠀⠀⠠⡅⠀⡠⠤⠄⠀⠀⠀⢴⠍⠀⡠⠤⡀⣄⠤⡀⠀⠀⠀⠤⡧⠄⣇⠤⡀⡠⠤⡀⠀⠀⠀⡄⠀⡄⡠⠤⡀⠠⠤⡀⡇⡠⠄⠀⠀⠀
⠢⠤⠃⠪⠭⠇⠇⠀⠇⠀⠣⠀⠀⠣⠄⠨⠭⠃⠣⠀⠬⠭⠂⠀⠀⠀⠸⠀⠀⠣⠤⠃⠇⠀⠀⠣⠄⠇⠀⠇⠫⠭⠁⠀⠀⠀⠣⠣⠃⠫⠭⠁⠪⠭⠇⠏⠢⠄⠀⠄⠀
(https://github.com/kilobyte/braillefont for this hack)
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Will there be a MirDevuan "WTF"?

[James Powell]

D-Bus isn't great, but currently it is still a cross-UNIX IPC in userspace. BSD 
uses it, Illumos uses it, and so does GNU/Linux.

D-Bus is way down my list of software to steer clear of any more.

From: miro.ro...@croatiafidelis.hr
Sent: ‎7/‎22/‎2015 12:23 PM
To: dng@lists.dyne.org
Subject: Re: [DNG] Will there be a MirDevuan "WTF"?

On Wed, Jul 22, 2015 at 02:51:59PM -0400, Steve Litt wrote:
> On Wed, 22 Jul 2015 20:03:03 +0200
> miro.ro...@croatiafidelis.hr wrote:
>
> > On Wed, Jul 22, 2015 at 11:50:44AM -0400, Jude Nelson wrote:
> > > >
> > > >
> > > > If I was able to understand correctly, vdev works with dbus.
> > >
> > >
> > > Vdev does not use dbus.  No idea how or why you came to this
> > > conclusion. Search the code if you don't believe me.
> > >
> > > -Jude
> > I believe you. You never appeared dishonest to me. And I'm very glad
> > that I was wrong!
>
> Am I the only one who doesn't understand one word of this thread?
>
> I'll say one thing though: Like miro.rovis, if I had my ideal system,
> it would lack dbus. I was actually able to accomplish that with one
> alternate-initted Manjaro-OpenRC. No dbus. I used oss instead of alsa,
> and it worked great.
And I have in my Gentoo alsa working perfectly (and surely: without
pulseaudio), without dbus, really a nice, intrusion unfriendly install,
and improving.

And on my Debian when I mostly (not completely) succeeded in applying
lots of stuff from:

MirDebian "WTF" Repository
https://www.mirbsd.org/~tg/Debs/debidx.htm
(from another, the-then location, actually; and, speaking of changes, it
appears MirDebian WTF has even more to offer now then back then, and is
regularly updated)... Thorsten, are you reading this (see the attached
"550 Unrouteable address" in the 2nd mail of mine in this thread if
anybody wonder why I'ask)?

I, then, had my Debian running pure alsa as well (but couldn't get the
audio for TV-card to work...), and without most any of the other
poetterware. And I made that Tips page about it (see my
first-in-this-thread mail). It's not as read as my Grsec Install Tips
page for Debian (see my 1st mail), not only was, but still is (still
is!), but it did grew to a few thounsad views, it did. Ask golinux, xhe
was suprised I looked like talking to muself in that page...

Meaning, Debianers were able to follow it and clean their systems from
systemd and dbus and pulseaudio with more or less success, or at the
very least were eager too!

Regards!
--
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Ashley Madison hack

[James Powell]

The problem with some of these known attacks are the effectiveness of each.

Example:

Last night I was thinking about how it could have happened, but actually during 
a system evaluation I did in my head, I actually hit a large wall.

Shadow can use cryptographic algorithms of at least 512-bit keys, and if 
combined with cracklib and Linux-PAM, presents a formidable defense if PAM is 
set to warn/deny and cracklib enforces a strong password with at least 14 
alphanumerical characters and symbols.

Even with orphcrack and a Rainbow Table, you're still going to be waiting a 
long time to which an Intrusion Detection System is going to alert someone.

As far as internet protocols, again a wall.

Library and Database injections are effective, but only against a weakened 
system and poor design and controls. Again, PAM and a SQL server would be 
problematic.

By that, we know at least one server was running Red Hat. Red Hat, by default, 
if I'm not mistaken, uses SELinux, PAM, and enforces Shadow with high 
encryption keys and Cracklib. This would make OpenSSH a problem due to it can 
be controlled with PAM.

You'd have to really spoof PAM and fool the IDS to some extent, and you have 
Firewalls to get past.

To do this without getting caught, you would need to have a clear path into the 
system via a Backdoor, and it would have had to exist, and be known, but so far 
this, from my own conclusion is circumstantial at best.

Even from my own thinking, this was a feet nothing short of interesting, and 
honestly, from an analytical point of view, I'd love to know how they did it.

From: Nuno Magalhães
Sent: ‎7/‎22/‎2015 12:09 PM
To: dng@lists.dyne.org
Subject: Re: [DNG] Ashley Madison hack

You're forgetting SQL injection and XSS, to name a few. Wireshark in a
cybercafé pops into mind too plus a gazillion of windows
vulnerabilities.

I'm placing no bets on Whether-or-not-it-was-systemd and find that
discussion moot unless there's any solid details on the hack.

Does Devuan keep up to date with known CVEs in its repositories (for
apache and what not) would qualify as devual-related and relevant.

And i try not to project my a/moral views on others so the fact the
site is about adultery is totally irrelevant to me, from a
computer-security perspective.

But that's just me.

Cheers,
Nuno
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] Multi-seat on Devuan, do we actually need that useless curiosity?

[Vlad]

I think that the pretty useless feature which helped systemd into Debian in the 
first place was discussed some time ago.
As you might know multi seat is supposed  to make possible for multiple users 
to utilize a single desktop or laptop system in full blown GUI mode via special 
USB  hubs, the main selling point of this curiosity was as a way to run schools 
in 3rd world countries.
However these extension hubs actually cost more than a Raspberry Pi, and the Pi 
has the extra selling point that the student can take it home and use it there.
I do not see any real need for silly things like multi seat and with every 
nanometer less and every new cell phone the price and power consumption per Ghz 
falls.
There is also the cloud and BIOD to consider, as well as laptops and tablets.
In my opinion 99+% of users really won't care about this curiosity, which is a 
cool concept with less and less actual relevance or practical purpose behind it 
with every passing day.
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Multi-seat on Devuan, do we actually need that useless curiosity?

[James Powell]

There is ConsoleKit2...

From: Vlad
Sent: ‎7/‎22/‎2015 5:49 PM
To: dng@lists.dyne.org
Subject: [DNG] Multi-seat on Devuan, do we actually need that useless curiosity?

I think that the pretty useless feature which helped systemd into Debian in the 
first place was discussed some time ago.
As you might know multi seat is supposed  to make possible for multiple users 
to utilize a single desktop or laptop system in full blown GUI mode via special 
USB  hubs, the main selling point of this curiosity was as a way to run schools 
in 3rd world countries.
However these extension hubs actually cost more than a Raspberry Pi, and the Pi 
has the extra selling point that the student can take it home and use it there.
I do not see any real need for silly things like multi seat and with every 
nanometer less and every new cell phone the price and power consumption per Ghz 
falls.
There is also the cloud and BIOD to consider, as well as laptops and tablets.
In my opinion 99+% of users really won't care about this curiosity, which is a 
cool concept with less and less actual relevance or practical purpose behind it 
with every passing day.
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Multi-seat on Devuan, do we actually need that useless curiosity?

[Isaac Dunham]

On Thu, Jul 23, 2015 at 03:49:32AM +0300, Vlad wrote:
> I think that the pretty useless feature which helped systemd into Debian in 
> the first place was discussed some time ago.
> As you might know multi seat is supposed  to make possible for multiple users 
> to utilize a single desktop or laptop system in full blown GUI mode via 
> special USB  hubs, the main selling point of this curiosity was as a way to 
> run schools in 3rd world countries.
> However these extension hubs actually cost more than a Raspberry Pi, and the 
> Pi has the extra selling point that the student can take it home and use it 
> there.
> I do not see any real need for silly things like multi seat and with every 
> nanometer less and every new cell phone the price and power consumption per 
> Ghz falls.
> In my opinion 99+% of users really won't care about this curiosity, which is 
> a cool concept with less and less actual relevance or practical purpose 
> behind it with every passing day.

Somehow it seems to me like someone trying to reinvent the dumb terminal,
but with less distance possible.
I could imagine one situation where it makes sense:
 $site is running commercial software for x86{,_64}, licensed on a per-
 processor basis with multiple users permitted; said commercial software
 requires a decent processor but not much GPU.

Other than that, I can't picture a use.

All that said, I *can* picture a way to implement it using X(fbdev?) and
perhaps mdev (which I thought about not long ago...):
- *disable* input device hotplug in X11
- keyboards get renamed /dev/input/kbd$N, like how mice are named
- for new keyboards, mice, and framebuffer/drm nodes, run a helper
  script that will spawn an X11 login if the appropriate devices exist
  for the current $N.
You could even use hard links, bind mounts, and unshare to make
restricted containers for different users.
(I'm thinking of putting hard links to the device in /dev/seat$N/, but
with normal naming conventions under that. Then each seat gets a new
mount namespace and a private bind-mount over /dev.)

In theory, that should be a pretty small amount of work.
But I don't have any hardware suitable for testing, and don't feel that
it really justifies getting said hardware.

Thanks,
Isaac Dunham
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Multi-seat on Devuan, do we actually need that useless curiosity?

[T.J. Duchene]

On Thu, Jul 23, 2015 at 03:49:32AM +0300, Vlad wrote:




However these extension hubs actually cost more than a Raspberry Pi, and the Pi 
has the extra selling point that the student can take it home and use it there.
I do not see any real need for silly things like multi seat and with every 
nanometer less and every new cell phone the price and power consumption per Ghz 
falls.
In my opinion 99+% of users really won't care about this curiosity, which is a 
cool concept with less and less actual relevance or practical purpose behind it 
with every passing day.


Just my 2 cents

What I am about to say is not a judgement on you, but just because you might 
not find a feature useful does not mean that someone else doesn't. Perhaps the 
majority of the Linux programmer culture does not, but that does not mean that 
it is never used.  Multi-seat logins are very useful in situations where users 
do not understand how to run X11 applications with different user permissions.  
It is an easy mechanism that is familiar to users from other systems coming 
over to Linux. You don't have to have it installed on your copy, but having an 
option is not a bad thing.



___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Will there be a MirDevuan "WTF"?

[miro . rovis]

On Wed, Jul 22, 2015 at 03:28:28PM -0700, James Powell wrote:
> D-Bus isn't great, but currently it is still a cross-UNIX IPC in
> userspace. BSD uses it, Illumos uses it, and so does GNU/Linux.
>
Since you would still like it around, in opportunistic or in some other
way that I should call it, I think a question is due.

Can you tell to the public what is the purpose of the
user-not-asked-about, in fact mostly user-never-even-knowing-about-it
encrypted ssh channel that dbus sets up, along with all the
non-GNU-compatible remote procedure calls (which are there for what
purpose?) that dbus implements?

Is that for FOSS stands for?

> D-Bus is way down my list of software to steer clear of any more.
Your choice. Does that mean you won't look favorably that us who don't
want dbus have a way with our Devuan installs? I hope not.
> 
> On Wed, Jul 22, 2015 at 02:51:59PM -0400, Steve Litt wrote:
> > On Wed, 22 Jul 2015 20:03:03 +0200
> > miro.ro...@croatiafidelis.hr wrote:
> >
> > > On Wed, Jul 22, 2015 at 11:50:44AM -0400, Jude Nelson wrote:
> > > > Vdev does not use dbus. [...]
> > > > -Jude
> > > [...] And I'm very glad that I was wrong!
> >
> > I'll say one thing though: Like miro.rovis, if I had my ideal system,
> > it would lack dbus. [...]
> And I have in my Gentoo alsa working perfectly (and surely: without
> pulseaudio), without dbus, really a nice, intrusion unfriendly install,
> and improving.
> 
> And on my Debian when I mostly (not completely) succeeded in applying
> lots of stuff from:
> 
> MirDebian "WTF" Repository
> https://www.mirbsd.org/~tg/Debs/debidx.htm
> [...]
> without [...]  poetterware. And I made that Tips page about it (see my
> first-in-this-thread mail). It's not as read as my Grsec Install Tips
> page for Debian (see my 1st mail), not only was, but still is (still
> is!), but it did grew to a few thounsad viewsi [...]
> 
> Meaning, Debianers were able to follow it and clean their systems from
> systemd and dbus and pulseaudio with more or less success, or at the
> very least were eager too!
> 

Regards!

-- 
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr


signature.asc
Description: PGP signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Multi-seat on Devuan, do we actually need that useless curiosity?

[miro . rovis]

On Wed, Jul 22, 2015 at 11:39:23PM -0500, T.J. Duchene wrote:
> >On Thu, Jul 23, 2015 at 03:49:32AM +0300, Vlad wrote:
> Multi-seat logins are very useful in situations where users do not
> understand how to run X11 applications with different user
> permissions.
I guess so.
> It is an easy mechanism that is familiar to users from
> other systems coming over to Linux.
Fine...
> You don't have to have it installed on your copy,
Intrinsically and absolutely important. I won't have'em in my copy! And
if I get to teach newbies Grsec for Devuan, if Devuan gets fully-foss
(in the terms of true freedom, such as SELinux, the spy-tool, certainly
is not) or close enough to, as I hope (see the MirDevuan "WTF" thread
too currently being contributed to), I will always recommend against
multiseat too.
> but having an option is not a bad thing.
In controlled (I mean user controlled) cases, fine!

Because, prove me wrong. Often the surveillors most used tools, since
otherwise they wouldn't be able to follow their targets, is exactly
multiseats.

They see, sitting in their bunkers, which public at large has mostly
never any notion about, and thanks to stuff like dbus, multiseat,
pulseaudio (pulsoaudio was designed by those tools of the
one-Ring-cravers for eavesdropping!), and surely systemd goes to
perfection in bulk collection and worse!...

They see, sitting in their bunkers, their target's every move, every
move! On their screen, replicated what the torget does. In real time!
And most of them wouldn't be able to follow their targets without such
aides, because they're not all experts, really.

A little harder following their tagets without any poetterware.

A disclaimer: fine, the spies following targets, fine! When we really
talk terrorists and criminals, you should follow those, I approve of
that! But for the love of God, not wholesale surveillance on the general
population, please!

Regards!

-- 
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr


signature.asc
Description: PGP signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Will there be a MirDevuan "WTF"?

[James Powell]

First off cool your jets, and trying call me out on knowing the internals of an 
IPC in Userspace I didn't develop is very childish.

I honestly don't care if D-Bus what it does other than be a communication and 
messaging relay between applications and processes, as long as it does what it 
does, and doesn't infringe on anything else.

D-Bus is used and is a requirement for some services and software. You're 
unfortunately not going to have your cake and coffee with getting rid of D-Bus. 
Yes, it's not the greatest design, but it is friendly at least to the whole 
UNIX spectrum.

Devuan's main purpose is getting rid of systemd as a hard dependency and 
allowing user choice in init software, not ripping apart every project to cater 
to ever niche and fundamentalist out there preaching what they feel is FOSS, 
and also to not start a witch hunt on software projects.

From: miro.ro...@croatiafidelis.hr
Sent: ‎7/‎22/‎2015 9:43 PM
To: dng@lists.dyne.org
Cc: James Powell
Subject: Re: [DNG] Will there be a MirDevuan "WTF"?

On Wed, Jul 22, 2015 at 03:28:28PM -0700, James Powell wrote:
> D-Bus isn't great, but currently it is still a cross-UNIX IPC in
> userspace. BSD uses it, Illumos uses it, and so does GNU/Linux.
>
Since you would still like it around, in opportunistic or in some other
way that I should call it, I think a question is due.

Can you tell to the public what is the purpose of the
user-not-asked-about, in fact mostly user-never-even-knowing-about-it
encrypted ssh channel that dbus sets up, along with all the
non-GNU-compatible remote procedure calls (which are there for what
purpose?) that dbus implements?

Is that for FOSS stands for?

> D-Bus is way down my list of software to steer clear of any more.
Your choice. Does that mean you won't look favorably that us who don't
want dbus have a way with our Devuan installs? I hope not.
> 
> On Wed, Jul 22, 2015 at 02:51:59PM -0400, Steve Litt wrote:
> > On Wed, 22 Jul 2015 20:03:03 +0200
> > miro.ro...@croatiafidelis.hr wrote:
> >
> > > On Wed, Jul 22, 2015 at 11:50:44AM -0400, Jude Nelson wrote:
> > > > Vdev does not use dbus. [...]
> > > > -Jude
> > > [...] And I'm very glad that I was wrong!
> >
> > I'll say one thing though: Like miro.rovis, if I had my ideal system,
> > it would lack dbus. [...]
> And I have in my Gentoo alsa working perfectly (and surely: without
> pulseaudio), without dbus, really a nice, intrusion unfriendly install,
> and improving.
>
> And on my Debian when I mostly (not completely) succeeded in applying
> lots of stuff from:
>
> MirDebian "WTF" Repository
> https://www.mirbsd.org/~tg/Debs/debidx.htm
> [...]
> without [...]  poetterware. And I made that Tips page about it (see my
> first-in-this-thread mail). It's not as read as my Grsec Install Tips
> page for Debian (see my 1st mail), not only was, but still is (still
> is!), but it did grew to a few thounsad viewsi [...]
>
> Meaning, Debianers were able to follow it and clean their systems from
> systemd and dbus and pulseaudio with more or less success, or at the
> very least were eager too!
>

Regards!

--
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Will there be a MirDevuan "WTF"?

[Michael Bütow]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 23/07/15 07:49, James Powell wrote:

> Devuan's main purpose is getting rid of systemd as a hard dependency and 
> allowing user choice in
init software

Well said, thank you, I very much agree with your entire post and would
prefer if there was less noise about unrelated topics.

A quick search suggests that it local D-Bus communication is
unencrypted, but it can be set up to communicate with applications on
remote hosts using SSH connections.
I am sure if someone wants to expend the energy to get rid of D-Bus
related software in Devuan, they can set up their own spin of it.

Michael
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJVsIwJAAoJEIeCTMxZltMWHBwP+wfnAIiX39GexrOz7MiddT8J
ClpFfDc7BBmfAR5WjOLeeg37DojVep4CS2plkgwQWUl5hTfD+X9C/Z4GboyCt/Iv
qJearMdoiUVAJyi1Yw9EJnoHUaSg1r4iCzENp7qREWF09Y2iyJiYe0N+RMEidPnG
6uTKtpIvd1oS01xjJCglA708TiVaswfTH0Npo1lJbXcmfawivUgCfxu2olkV98mH
hrx6ukOVzPMgyzm52cH91+/lEmHmxPQ6y0QZYPFDHIavSfV2RiL/OYa+6ZbEykKL
wiMMF9dYMsM+cNnUovlTmjxFoyF3SHFI0LgD0Tw/rE4ycP5mwYCyrqfOQ9Uf4hfn
rJedqvODzAsX3k/m+HKe9g38A58OFpsruB5yV8yZseQeQeO6x+RMfxSSeeGxDh3Y
mPexZNht5K5JaJMpNYMg7aHayzFmP7/fDVDyltO4D0WMjz/JxyhOm8zqSyWUAxZz
NFMDMu658fxhzQa5rClHzH0BthpKD0e555Kzp0Tqc4H9oUdKPw8erOXYcNCHHmP4
UA8RUdIki/zSp4ZBLPhjPDZgeIlYa7n//bAmhIFSFYU9huU4KUt7y6lfrl0J05c2
+4qP/x89Xy+FEG+9Y89Ws6WqJzgura3UiXtYEEpcWX75kp+XD9kWbzJTR1Hb/l74
igi68GlZDq7j7NKpejeP
=GFXs
-END PGP SIGNATURE-


___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng