Re: [DNG] Only a few packages now still on hold

[Mark Hindley]

Hendrik,

As suggested by Rod, I also prefer plain apt to aptitude. In general it is a
very good package manager and is pretty successful at resolving dependencies and
not breaking your system.

On Sun, Aug 01, 2021 at 09:58:47PM -0400, Hendrik Boom wrote:
> > And today I did aptitude update and aptitude upgrade in the CLI instead 
> > of in the interactive apttude.  Just about everything just worked, 
> > except for 3 packages:
> >   elogind
> >   libpam-elogind
> >   libelogind0
> > They do nog get upgraded.
> > 

> > Following this with
> >   aptitude dist-upgrade
> > tells me these will be upgraded, but then balks, telling me to remove 
> >   libpam-elogind 
> 
> This is what it says:
> 
> root@notlookedfor:~# aptitude dist-upgrade
> The following packages will be upgraded: 
>   elogind libelogind0 libpam-elogind{b} 
> 3 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
> Need to get 861 kB of archives. After unpacking 0 B will be used.
> The following packages have unmet dependencies:
>  libpam-elogind : Breaks: libpam-ck-connector but 0.4.6-6 is installed
> The following actions will resolve these dependencies:
> 
>  Remove the following packages:
> 1) libpam-elogind [234.4-1+devuan1.5 (now)]
> 
> Accept this solution? [Y/n/q/?] 
> 
> > 
> > How safe is this?  isn't elogind kind of important?

Yes it can be, but no more so than consolekit. There are 2 alternatives for 
managing
seats and sessions in Devuan: consolekit (actually consolekit2) and elogind.

Consolekit was probably the default in ascii. It is inactive upstream, but still
works.  Elogind is active and well supported and is the default since
beowulf. However, the codebase derives from systemd and therefore some people
will prefer not to use it.

So, you need one or other, but not both or a mixture.

aptitude seems to suggest that you already have elogind installed and this is an
upgrade. You will have to allow apt to remove the consolekit related packages
(libpam-ck-connector and possibly some policykit libraries). Alternatively,
stick with consolekit and remove all of the elogind related packages. The choice
is yours. Both will work once you have a clean installation based on a single
logind alternative.

Mark
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] May I use Netaid source as an example of good code?

[aitor]

Hi,

On 2/8/21 0:44, aitor wrote:
Better said, the suid binary can check whether or not the gui has 
handled the signal as expected because
the default behavior of SIGUSR1 (User defined signal 1) is to 
terminate the process. See the table at the

end of the link:

https://en.wikipedia.org/wiki/Signal_(IPC)#POSIX_signals 



I.e., when such a intruder is acting the 
PSTAT_BINARY="SOMEWHERE_DEFINED_NAME" with process ID="PID"

no longer exists.


Here you are the code:

https://www.gnuinos.org/suid/ 


** HOWTO: **

1) Install Jude Nelson's libpstat:

$ git clone https://github.com/jcnelson/libpstat.git
$ cd libpstat
$ make OS=LINUX
$ sudo make install PREFIX=/ INCLUDE_PREFIX=/usr


2) Open an empty directory and download the files:

$ wget https://www.gnuinos.org/suid/Makefile
$ wget https://www.gnuinos.org/suid/gui.c
$ wget https://www.gnuinos.org/suid/suid.c
$ wget https://www.gnuinos.org/suid/intruder.c


3) Install libgtk-3-dev:

$ sudo apt-get install libgtk-3-dev


4) Build the files:

$ make


5) Run the GUI in the command line and click on the button several times:

$ ./gui

You'll get:

From GUI: Received a 10 (SIGUSR1) signal sent from the suid
From SUID: Ok, go on!


6) Open a new tab in the command line and run the intruder (the GUI 
remains running):


$ ./intruder

You'll get:

Foreign PID to use: 4301
From SUID: Stop, you're an intruder!

If you have a look at the code of both programs, they're trying to do 
the same (using the intruder a foreign pid).
Keep in mind that, for our testing purposes, all the binaries must be 
located in the same directory, since

we're using:

key_t key = ftok(".", 's');

to access the same shared memory segment.

Cheers,

Aitor.





___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Starting outline for the DNG Safe Programmer Certificate

[Hendrik Boom]

On Mon, Aug 02, 2021 at 02:03:09AM -0400, Steve Litt wrote:
> Josef Grosch via Dng said on Sun, 1 Aug 2021 14:58:18 -0700
> 
> >On 8/1/21 12:50 PM, Steve Litt wrote:
> >> wirelessduck--- via Dng said on Sun, 1 Aug 2021 22:43:35 +1000
> >>  
>  On 1 Aug 2021, at 21:56, Hendrik Boom 
>  wrote:
> 
>  On Fri, Jul 30, 2021 at 01:49:46PM -0400, Steve Litt wrote:  
> > Josef Grosch via Dng said on Thu, 29 Jul 2021 15:32:05 -0700
> >
> >  
> >> Another suggestion I have is to use the variable and method
> >> naming convention that java uses. I like the way it looks and I
> >> think camel case is more readable than snake case.  
> > This reminds me of something not yet in the outline. The
> > originating author should place, in comments, near the top, his
> > or her syntax conventions including naming conventions, brace
> > placements if not Python, spaces or tabs.
> >
> > I'm hidiously guilty of using violating my own conventions (or not
> > having any), so I should make that document at the start of a
> > project. Matter of fact, I should make it BEFORE my next project.
> > Naturally, one such stylesheet must be made for Python, another
> > for C, etc.
> >
> > In an ideal world, here's how I'd do C blocks:
> >
> > if(mybool)
> >{
> >do_my_stuff()
> >}  
>  I tend to use
>  if(mybool)
>    { do_my_stuff();
>  do_other_stuff);
>    }
> 
>  I really believe matching braces should be on the same line, or,
>  failing that, at the same level of indentation; i.e., above one
>  another.
> 
>  And I'd like the compile to warn me of deviations from that.
> 
>  -- hendrik
>   
> > However, I do it the way Vim preformats for me, to make my life
> > easier:
> >
> > if(mybool){
> >do_my_stuff()
> > }
> >
> > #ifndef AUTHOR
> >char * AUTHOR = "SteveT"
> > #endif
> >
> > AUTHOR
> >
> > Steve Litt  
> >>> Just use indent(1) and forget about all stying problems? I prefer
> >>> `indent -kr`, none of that GNU styling craziness!!
> >>>
> >>> https://manpages.debian.org/buster/indent/indent.1.en.html  
> >> I just spent 2 hours trying out indent. As far as I can tell, -bli
> >> doesn't work, and I could find no way to put statements in block at
> >> the same level with the block's parentheses. So what I want is this:
> >>
> >> int myfunc()
> >> {
> >> do_something();
> >> do_more();
> >> if(mybool)
> >>{
> >>do_special()
> >>}
> >> }
> 
> [snip]
> 
> 
> >> SteveT
> >>  
> >
> >It looks like you are trying to get what was once called the
> >Whitesmiths style.
> >
> >
> >https://en.wikipedia.org/wiki/Indentation_style#Whitesmiths_style
> 
> It is indeed Whitesmith style. I learned it at Santa Monica College's
> Pascal course, and when I busted into programming professionally, I
> used Whitesmith Pascal so everyone used Whitesmith style, except with
> "begin" and "end" instead of braces.
> 
> First time I saw the beginning brace at the end of the if() or
> declaration was in the Linux world, and I almost barfed. But because
> the beginning brace at the end of the if() or declartion was default
> for Vim, I started using beginning brace at end.
> 
> I still think that for a language that has a begin and end for a block,
> Whitesmith is best. For a language that has stuff like "endwhile" or
> "endif" or "fi", beginning brace at end of if() is what I prefer.

As an old Algol 68 programmer who is accustoed to 'fi', the only layout 
that makes sense to me is

  IF condition
  THEN do something
   do more
  ELSE do something else
   do other stuff
  FI

This assumes relatively short keywords.

-- hendrik

> 
> >
> >
> >Back when the earth was still cooling, 1991 or so, I worked at
> >Motorola in Chicago and this was the preferred coding style for the
> >project I was a member of. Configuring indent was always a matter of
> >trail and error and the docs could be better.  Using a config file,
> >~/.indent.pro made things easier. I might still have a copy of that
> >file somewhere, I'll look.
> 
> I'd love to see it!
> 
> Thanks,
> 
> SteveT
> 
> Steve Litt 
> Spring 2021 featured book: Troubleshooting Techniques of the Successful
> Technologist http://www.troubleshooters.com/techniques
> ___
> Dng mailing list
> Dng@lists.dyne.org
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Devuan as a hypervisor?

[hal]

On 7/30/21 20:25, yami...@cock.li wrote:


Currently I'm between Xen and Qemu, but I'm open to other options.
Which would be the best option in this case, and is this even a good idea?


I've been running KVM/QEMU/Virt-Manager on Devuan for many years with 3-4 VMs 
and haven't had any issues directly related to Devuan. It's not my intent to 
bash systemd but it's worth mentioning that I've had many other issues with 
Debian based hypervisors over the past few years (50+ VMs across several 
hypervisors) that involve systemd when reviewing logs post-mortem. Hypervisors 
will sometimes not reboot. Even when trying to un-stick with Magic SysRq. The 
console will just show systemd errors instead. Likewise, when systems do 
reboot, sometimes they inexplicably stop booting and need to have the power 
button hit. Another time, OpenSSH would not work due to /var/run/sshd missing 
during boot. Another issue involved systemd and a LUKS encrypted partition. 
Another time was missing LVM devices. This happens across systems of varying 
age so hardware issues are kind of ruled out. The issues keep getting more 
frequent and odd as months go by. It's like these systems have regressed to 
what L
inux was in 1995.

I would strongly suggest running your virtualization on Devuan. The simplicity 
and stability is currently unmatched in my experience.

PCI Passthrough gets tricky. I recently used it for a network card jacked into 
a SPAN port. It seems to be working OK. I've tried doing it in the past with my 
graphics card (for OpenGL support in the VM) and could not get it working. 
Maybe that has changed in the past couple years though, or I was doing 
something wrong. It wasn't quick-and-easy at the time.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Only a few packages now still on hold

[wirelessduck--- via Dng]

> On 2 Aug 2021, at 19:02, Mark Hindley  wrote:
> 
> Yes it can be, but no more so than consolekit. There are 2 alternatives for 
> managing
> seats and sessions in Devuan: consolekit (actually consolekit2) and elogind.
> 
> Consolekit was probably the default in ascii. It is inactive upstream, but 
> still
> works.  Elogind is active and well supported and is the default since
> beowulf. However, the codebase derives from systemd and therefore some people
> will prefer not to use it.
> 
> So, you need one or other, but not both or a mixture.
> 
> aptitude seems to suggest that you already have elogind installed and this is 
> an
> upgrade. You will have to allow apt to remove the consolekit related packages
> (libpam-ck-connector and possibly some policykit libraries). Alternatively,
> stick with consolekit and remove all of the elogind related packages. The 
> choice
> is yours. Both will work once you have a clean installation based on a single
> logind alternative.
> 
> Mark

Is seatd likely to get anywhere in the next Debian development cycle after 
bullseye/chimaera? Would this allow us to just need only one option for users 
to install?

-- 
Tom
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Only a few packages now still on hold

[Arnt Karlsen]

On Mon, 2 Aug 2021 22:15:31 +1000, wirelessduck--- wrote in message 
<3a609fa9-9cca-42e3-a66f-fd9f66d69...@gmail.com>:

> > On 2 Aug 2021, at 19:02, Mark Hindley  wrote:
> > 
> > Yes it can be, but no more so than consolekit. There are 2
> > alternatives for managing seats and sessions in Devuan: consolekit
> > (actually consolekit2) and elogind.
> > 
> > Consolekit was probably the default in ascii. It is inactive
> > upstream, but still works.  Elogind is active and well supported
> > and is the default since beowulf. However, the codebase derives
> > from systemd and therefore some people will prefer not to use it.
> > 
> > So, you need one or other, but not both or a mixture.
> > 
> > aptitude seems to suggest that you already have elogind installed
> > and this is an upgrade. You will have to allow apt to remove the
> > consolekit related packages (libpam-ck-connector and possibly some
> > policykit libraries). Alternatively, stick with consolekit and
> > remove all of the elogind related packages. The choice is yours.
> > Both will work once you have a clean installation based on a single
> > logind alternative.
> > 
> > Mark  
> 
> Is seatd likely to get anywhere in the next Debian development cycle
> after bullseye/chimaera?

..I guess not, unless Debian dumps systemd:
https://git.sr.ht/~kennylevinsen/seatd

> Would this allow us to just need only one option for users to install?
> 

..we should probably do our own packaging of this, and much more, 
chk output of: how-can-i-help --old |less

..103 packages due to be kicked out now, many of these were left 
behind by DD leaving since the systemd coup... 
arnt@d44:~$ how-can-i-help --old |grephttps://tracker.debian.org/pkg/ \
|cut -d" " -f5 |sort |uniq |wc -l 
103

..more details in: apt-cache show $(how-can-i-help --old |grep \
https://tracker.debian.org/pkg/ |cut -d" " -f3 |sort |uniq ) |less


..806 since I began capturing said sad output into my own list. 
arnt@d44:~$ cat how-can-I-help |grep https://tracker.debian.org/pkg/ \
|cut -d" " -f5 |sort |uniq |wc -l 
806
arnt@d44:~$

-- 
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Only a few packages now still on hold

[Arnt Karlsen]

On Sun, 1 Aug 2021 21:58:47 -0400, Hendrik wrote in message 
<20210802015847.d7gxxdu7ts753...@topoi.pooq.com>:

> On Sun, Aug 01, 2021 at 09:54:33PM -0400, Hendrik Boom wrote:
> > On Sun, Aug 01, 2021 at 01:13:26PM -0400, Hendrik Boom wrote:  
> > > On Sun, Aug 01, 2021 at 05:33:23PM +0200, Bernard Rosset via Dng
> > > wrote:  
> > > > On 31/07/2021 22:03, Hendrik Boom wrote:  
> > > > > I'm practicing upgrades on my spare laptop, getting ready for
> > > > > doing my server upgrade from ascii to beowulf..
> > > > > 
> > > > > They are both running ascii.
> > > > > 
> > > > > Starting, of course, by making the ascii up to date still as
> > > > > ascii, before I try tye upgrade to beowulf.
> > > > > 
> > > > > Having trouble doing even this innocuous act.
> > > > > 
> > > > > I tried starting by using interactive aptitude to just update
> > > > > and upgrade.  
> > > > 
> > > > After changing your sources to point to the new release,  
> > > 
> > > I have not yet changed my sources.  I figured I should make sure
> > > the ascii system is up-to-date as an ascii system before I start
> > > to upgrade to beowulf.
> > >   
> > > > have you run
> > > > "apt-get upgrade" or "apt-get dist-upgrade"?
> > > > It looks to me as if you did the former.  
> > > 
> > > I used the update and upgrade inside the interactive aptitude.
> > > 
> > > I guess I have to do dist-upgrade outside the interacctive
> > > aptitude.  
> > 
> > And today I did aptitude update and aptitude upgrade in the CLI
> > instead of in the interactive apttude.  Just about everything just
> > worked, except for 3 packages:
> >   elogind
> >   libpam-elogind
> >   libelogind0
> > They do nog get upgraded.
> > 
> > Following this with
> >   aptitude dist-upgrade
> > tells me these will be upgraded, but then balks, telling me to
> > remove libpam-elogind   
> 
> This is what it says:
> 
> root@notlookedfor:~# aptitude dist-upgrade
> The following packages will be upgraded: 
>   elogind libelogind0 libpam-elogind{b} 
> 3 packages upgraded, 0 newly installed, 0 to remove and 0 not
> upgraded. Need to get 861 kB of archives. After unpacking 0 B will be
> used. The following packages have unmet dependencies:
>  libpam-elogind : Breaks: libpam-ck-connector but 0.4.6-6 is installed
> The following actions will resolve these dependencies:
> 
>  Remove the following packages:
> 1) libpam-elogind [234.4-1+devuan1.5 (now)]

..this IME often happens when a newer version needs the old version
stopping it's service(s) and a purge before installing and starting 
up the new version.

> 
> 
> Accept this solution? [Y/n/q/?] 

..hit [q], then restart aptitude in the interactive mode, mark 
libpam-elogind [234.4-1+devuan1.5 (now)] for removal, as it whines
"Error", hit [e] and browse aptitude's suggestions with [,] and [.] 
to see if you can agree on any solution, if not, [q] out and find
aptitude's opinion on "Broken packages" with [B].

..my _guess_ is you may be able to find old lib config files 
blocking the removal of libpam-ck-connector or some such. 
Purge them.

..hitting [e] and then [Enter] on a package, will find possible
version numbers of that package at the bottom, picking another 
newer or older version may also solve your conflict.

..as Tito, Mark, Tom, Rod and I advices, apt, apt-get and probably 
a few more, solves package conflicts differently from each other 
and from aptitude, IME I can often use e.g. apt-get or even dpkg 
when aptitude fails me.  Options I remember throwing around also 
includes --safe-update and --full-update. 

> > 
> > How safe is this?  isn't elogind kind of important?
> > 
> > I'm still just upgrading from ascii to ascii.  Beowulf is not in my 
> > sights yet.
> > 
> > -- hendrik


-- 
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Only a few packages now still on hold

[Mark Hindley]

On Mon, Aug 02, 2021 at 10:15:31PM +1000, wirelessduck--- via Dng wrote:
> Is seatd likely to get anywhere in the next Debian development cycle after 
> bullseye/chimaera? Would this allow us to just need only one option for users 
> to install?

It is already packaged in Devuan and is also waiting to enter Debian[1]. I am
aware that the wlroots maintainers need/want to to use it in version 0.14 and
later. So there is the prospect of some progress. However, currently seatd uses
other logind implementations as backends[2] so it is a layer on top of that
rather than a replacement at the moment.

Mark

[1]  https://ftp-master.debian.org/new/seatd_0.5.0-2.html

[2]  https://git.sr.ht/~kennylevinsen/seatd#whats-in-the-box

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Only a few packages now still on hold

[Michael Neuffer]

On 8/2/21 11:02 AM, Mark Hindley wrote:

Hendrik,

As suggested by Rod, I also prefer plain apt to aptitude. In general it is a
very good package manager and is pretty successful at resolving dependencies and
not breaking your system.


Or try good old dselect

Cheers

  Mike


___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Are there any other archives besides...

[Gastón via Dng]

On Sun, Aug 01, 2021 at 05:11:06PM -0400, Steve Litt wrote:
> Hi all,
> 
> Are there any other archives besides
> https://lists.dyne.org/lurker/list/dng.en.html ?
> 
Hi SteveT, you mean something like this:

https://www.mail-archive.com/dng@lists.dyne.org/

--
gast0n

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Ascii to Beowulf upgrade borked with eudev

[Brad Campbell via Dng]

On 11/5/21 12:57 pm, Brad Campbell via Dng wrote:
> G'day all,
> 
> I use a self-compiled kernel (v5.10) at the moment.
> An Ascii to Beowulf upgrade died early on because the eudev preinst script 
> isn't correctly parsing /proc/kallsyms.
> 
> Preparing to unpack .../25-eudev_3.2.9-8~beowulf1_amd64.deb ...
> Since release 198, udev requires support for the following features in
> the running kernel:
> 
> - inotify(2)    (CONFIG_INOTIFY_USER)
> - signalfd(2)   (CONFIG_SIGNALFD)
> - accept4(2)
> - open_by_handle_at(2)  (CONFIG_FHANDLE)
> - timerfd_create(2) (CONFIG_TIMERFD)
> - epoll_create(2)   (CONFIG_EPOLL)
> dpkg: error processing archive 
> /tmp/apt-dpkg-install-PJCPSM/25-eudev_3.2.9-8~beowulf1_amd64.deb (--unpack):
>  new eudev package pre-installation script subprocess returned error exit 
> status 1
>

Just got stung again by this one, this time upgrading an ascii 64 bit rpi3 
image to beowulf while using a 5.10 kernel provided by the rpi foundation.

This time I just unpacked the deb, commented out the "exit 1" and repacked the 
deb, then a bit of manual installation to get the dependencies updated.

Regards,
Brad
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng