The officially official Devuan Forum!

You are not logged in.

#1 Re: Other Issues » Script for acting like systemctl? » 2020-01-10 21:00:35

bgstack15 wrote:

I realize this is a bizarre topic. Bear with me.

It's not bizarre at all. I think it's a good idea. I had the same idea about two years ago when I was learning how to set up a Debian server.

Phil

#2 Re: Devuan » Debian considering going systemd init only » 2019-12-12 06:07:36

yeti wrote:

Voidlinux looks nice. Unluckily only a rolling release. If enough migrants from De??an gather around it, making a spinoff in a stable+security flavor could be a plan-b too.

This looks quite interesting:

https://www.hyperbola.info/
https://wiki.hyperbola.info/doku.php?id=:en:start
https://distrowatch.com/table.php?distr … =hyperbola

I learned about it yesterday.


Phil

#3 Re: News & Announcements » ASCII 2.1 point release » 2019-10-23 22:09:16

I'm not seeing any updates at all. The last update I saw was tcpdump on Monday.

#4 Re: Installation » firefox 52.9 esr » 2019-09-17 08:02:21

James1138 wrote:

SeaMonkey does not support Encrypted Media Extensions and therefore cannot load the Widevine Content Decryption Module.

It doesn't matter because the OP didn't mention that as a requirement; he or she requires support for the old type of Firefox extensions. If someone also wants support for Widevine, then I recommend using Chromium, or a web browser based on Chromium such as Google Chrome, Opera, Vivaldi, etc. After all, there's nothing stopping anyone from having more than one web browser.


Phil

#5 Re: Installation » firefox 52.9 esr » 2019-09-16 05:19:09

Ron wrote:

It really isn't safe to use older browser versions. Have you considered using browsers that support legacy extensions and are still maintained with security and bug fixes? There's Pale Moon, Basilisk, and Iceweasel-UXP to choose from (and the upcoming Borealis Navigator). There are still choices out there. smile While it can't be said that all legacy extensions will work on them, the vast majority will.

There's also SeaMonkey, and there's a deb package available for it from MX Linux.

For info on using the MX Linux repo with Devuan, see:
https://dev1galaxy.org/viewtopic.php?pid=17503#p17503


Phil

#6 Re: Desktop and Multimedia » wine32 » 2019-09-01 16:38:35

For comparison sake, and to give you some additional information, I am using Devuan ASCII and didn't have any problems installing WINE when I followed the Debian wiki. I also don't have any elogind packages installed. And now your experience has me wondering if there's been a big change between ASCII and Beowulf.

Phil

#8 Re: Off-topic » ZombieLoad Attack (CVE-2018-12130), hyperthreading -how to disable it? » 2019-08-28 16:59:07

boycottsystemd wrote:

(... I suppose you are using latest firmware...)

That is correct.

Phil

#9 Re: Off-topic » Marginalizing systemd » 2019-08-27 14:30:33

pj1967 wrote:

So, a customer of ours is insisting on RHEL7 (don't know why but I suspect those that make such decisions are not very technically savvy).

I think you should ask them why they want RHEL7. And perhaps you could try to explain to them why it may not be the best choice for an embedded system.

Phil

#10 Re: Off-topic » ZombieLoad Attack (CVE-2018-12130), hyperthreading -how to disable it? » 2019-08-26 16:42:29

Here's mine:

# grep -R . /sys/devices/system/cpu/vulnerabilities
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, STIBP: disabled, RSB filling
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable
/sys/devices/system/cpu/vulnerabilities/mds:Vulnerable: Clear CPU buffers attempted, no microcode; SMT disabled
/sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion; VMX: EPT disabled
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: usercopy/swapgs barriers and __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI

Doesn't look good. sad


Phil

#11 Re: DIY » MX Repos for Devuan? » 2019-08-25 16:15:30

Head_on_a_Stick wrote:

@pcalvert, why pin the rest of the repository to 50?

Because aptitude was trying to pull other packages (e.g., intel-microcode) from that repo during upgrades, and pinning the rest of the repository to 50 stopped that behavior. Pinning it to 100 didn't work. I thought it would, but it didn't.


Head_on_a_Stick wrote:

Also, their Flash package downloads updated Flash versions without needing to be updated itself so using the .deb might be the best option.

I'm not sure what you mean by that.


Phil

#12 Re: DIY » MX Repos for Devuan? » 2019-08-24 13:10:51

I use an MX repo for one package by using apt-pinning.

/etc/apt/preferences.d/mxrepo-pinning :

Package: adobe-flashplugin
Pin: origin "mxrepo.com"
Pin-Priority: 100

Package: *
Pin: origin "mxrepo.com"
Pin-Priority: 50

/etc/apt/sources.list.d/mx-17.list :

# MX Community Main and Test Repos

deb http://mxrepo.com/mx/repo/ stretch non-free main

#deb http://mxrepo.com/mx/testrepo/ stretch test

Download the repo keyring and install it:

wget http://mxrepo.com/mx/repo/pool/main/m/mx-archive-keyring/mx-archive-keyring_2018.2mx17_all.deb
sudo dpkg -i mx-archive-keyring_2018.2mx17_all.deb

Phil

#14 Re: Other Issues » [SOLVED] Security update delays » 2019-07-14 02:16:50

My results:

$ apt policy firefox-esr
firefox-esr:
  Installed: 60.7.2esr-1~deb9u1
  Candidate: 60.7.2esr-1~deb9u1
  Version table:
 *** 60.7.2esr-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/main i386 Packages
        100 /var/lib/dpkg/status
     60.6.3esr-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-updates/main i386 Packages
     60.6.1esr-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii/main i386 Packages

Debian Stretch version: 60.8.0esr-1~deb9u1


Phil

#15 Re: Other Issues » [SOLVED] Security update delays » 2019-06-24 22:25:40

Update: The problem seems to have been fixed.

$ apt policy firefox-esr
firefox-esr:
  Installed: 60.7.1esr-1~deb9u1
  Candidate: 60.7.1esr-1~deb9u1
  Version table:
 *** 60.7.1esr-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/main i386 Packages
        100 /var/lib/dpkg/status
     60.6.3esr-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-updates/main i386 Packages
     60.6.1esr-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii/main i386 Packages

Phil

#16 Re: Hardware & System Configuration » SDHC Nothing but Problems » 2019-06-24 02:13:33

This info may help:

SSD’s, Journaling, and noatime/relatime
https://tytso.livejournal.com/61830.html

Improving the Resilience of HDDs & Ext4
https://myles.sh/improving-the-resilience-of-your-hdds/
[Especially the section on tuning ext4.]

Phil

#17 Re: Desktop and Multimedia » Does this reminds you of systemd? » 2019-06-24 01:36:43

Try using aptitude. It may give you some other options, some of which may allow you to get rid of pulseaudio and pulseaudio-utils.

Phil

#18 Re: Desktop and Multimedia » [SOLVED] firefox-esr update » 2019-06-22 00:45:56

I downloaded the Firefox ESR package from here:
https://packages.debian.org/stretch/firefox-esr

Then I installed it using gdebi.

Result:

$ apt policy firefox-esr
firefox-esr:
  Installed: 60.7.1esr-1~deb9u1
  Candidate: 60.7.1esr-1~deb9u1
  Version table:
 *** 60.7.1esr-1~deb9u1 100
        100 /var/lib/dpkg/status
     60.7.0esr-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/main i386 Packages
     60.6.3esr-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-updates/main i386 Packages
     60.6.1esr-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii/main i386 Packages

Phil

#19 Re: Other Issues » [SOLVED] Security update delays » 2019-06-16 17:00:12

Here's my result:

$ date && apt policy thunderbird
Sun Jun 16 12:56:56 EDT 2019
thunderbird:
  Installed: 1:60.7.0-1~deb9u1
  Candidate: 1:60.7.0-1~deb9u1
  Version table:
     2:52.9.1-2~mx17+2 50
         50 http://mxrepo.com/mx/repo stretch/main i386 Packages
 *** 1:60.7.0-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/main i386 Packages
        100 /var/lib/dpkg/status
     1:60.6.1-1~deb9u1 500
        500 http://deb.devuan.org/merged ascii/main i386 Packages

#20 Re: Other Issues » [SOLVED] Security update delays » 2019-05-18 21:18:47

Here's some more data:

$ apt policy intel-microcode:amd64
intel-microcode:amd64:
  Installed: (none)
  Candidate: 3.20190514.1~deb9u1
  Version table:
     3.20190514.1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/non-free amd64 Packages
     3.20180807a.2~deb9u1 500
        500 http://deb.devuan.org/merged ascii/non-free amd64 Packages
$ apt policy intel-microcode
intel-microcode:
  Installed: 3.20180807a.2~deb9u1
  Candidate: 3.20180807a.2~deb9u1
  Version table:
 *** 3.20180807a.2~deb9u1 500
        500 http://deb.devuan.org/merged ascii/non-free i386 Packages
        100 /var/lib/dpkg/status
     3.20180807a.1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/non-free i386 Packages

So, the package for 64-bit systems is up to date, but the one for 32-bit systems is not. Although I am by no means an expert on Devuan, this seems to suggest that Amprolla is not working properly.

Phil

#21 Re: Other Issues » [SOLVED] Security update delays » 2019-05-18 00:11:23

Here's another example:

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4447-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 15, 2019                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : intel-microcode
CVE ID         : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
                 CVE-2019-11091

This update ships updated CPU microcode for most types of Intel CPUs. It
provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware
vulnerabilities.

To fully resolve these vulnerabilities it is also necessary to update
the Linux kernel packages as released in DSA 4444.

For the stable distribution (stretch), these problems have been fixed in
version 3.20190514.1~deb9u1.

We recommend that you upgrade your intel-microcode packages.

For the detailed security status of intel-microcode please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/intel-microcode

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

More than 60 hours later and the update has not shown up yet:

$ apt policy intel-microcode
intel-microcode:
  Installed: 3.20180807a.2~deb9u1
  Candidate: 3.20180807a.2~deb9u1
  Version table:
 *** 3.20180807a.2~deb9u1 500
        500 http://deb.devuan.org/merged ascii/non-free i386 Packages
        100 /var/lib/dpkg/status
     3.20180807a.1~deb9u1 500
        500 http://deb.devuan.org/merged ascii-security/non-free i386 Packages

Phil

#22 Re: Installation » Interested in installing devuan, couple questions before I do » 2019-05-11 14:01:01

krauser wrote:

While I doubt Debian repositories work as intended on Devuan, let's say I want to install Lutris. The most common way to do that under Debian is to add a repo and then update and install. Could I add that Debian repo on Devuan?

Yes. The instructions for Debian found on this web page should also work for Devuan:

https://lutris.net/downloads/


Phil

#23 Re: Other Issues » [SOLVED] Security update delays » 2019-03-18 05:24:04

fsmithred wrote:

/etc/apt/preferences.d/mxrepo (or some other file name)

Package: *
Pin: origin "mxrepo.com"
Pin-Priority: 400

I think that will work. The man page for apt_preferences says that origin can match a hostname. I don't know if you need to make a separate entry for la.mxrepo.com or if the one will get both.


It turned out that a pin priority of 400 is too high. Even 100 is too high. I lowered it to 50 and now it works; 99 probably would have also worked, but I didn't bother testing it since the problem was already solved.

EDIT:

I thought I had this working, but further testing (via routine usage of the system) proved me wrong. I believe I have it working now, though, using this configuration:

Package: adobe-flashplugin
Pin: origin "mxrepo.com"
Pin-Priority: 100

Package: *
Pin: origin "mxrepo.com"
Pin-Priority: 50

Phil

#24 Re: Other Issues » [SOLVED] Security update delays » 2019-03-05 20:52:12

@fsmithred: That works. Thank-you!

@anonymous: Try running aptitude update or apt-get update and then check again.

Here are my results:

$ apt policy openssh-client
openssh-client:
  Installed: 1:7.4p1-10+deb9u6
  Candidate: 1:7.4p1-10+deb9u6
  Version table:
 *** 1:7.4p1-10+deb9u6 500
        500 http://deb.devuan.org/merged ascii-security/main i386 Packages
        100 /var/lib/dpkg/status
     1:7.4p1-10+deb9u5 500
        500 http://deb.devuan.org/merged ascii/main i386 Packages

Phil

#25 Re: Other Issues » [SOLVED] Security update delays » 2019-03-05 02:23:28

The reason I set ASCII as the default release was because I am using an MX Linux repo for their adobe-flashplugin package.

Contents of /etc/apt/sources.list.d/mx-17.list:

# MX Community Main and Test Repos

deb http://mxrepo.com/mx/repo/ stretch non-free #main

#deb http://la.mxrepo.com/mx/testrepo/ stretch test

However, with the MX-17 repo enabled, APT tries to pull in other packages:

$ aptitude upgrade -s
The following packages will be upgraded: 
  intel-microcode unrar 
2 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,557 kB of archives. After unpacking 9,216 B will be used.

Note: Using 'Simulate' mode.
Do you want to continue? [Y/n/?]

If I lower the priority of the MX-17 repo to 400, will that solve this problem? If so, how do I do that?

Board footer

Forum Software