Download | Devuan.org | Git | Bugs | Packages

The officially official Devuan Forum!

You are not logged in.

Pages: 1 2 3 4 5 6 11

#76 Hardware & System Configuration » Passwordless root execution in scripts » 2019-07-06 18:44:02

siva
Replies: 16

I know what you're thinking, but bear with me.  I'm not sure the best way to phrase the question.  So, please consider the following situation.

I want to run a script with the following conditions:

- The script has to execute a task that only root can perform
- The script can only be executed as a user
- The user cannot be prompted to enter a password
- The user cannot execute the script by logging in as root or using sudo
- The user can log in as root or use sudo to modify permissions
- The commands su or sudo can be used in the script
- visudo cannot be accessed or modified

An example script could look like the following:

#!/bin/sh

tcpdump -h

But, please don't link me to the guides on running tcpdump as non-root.  If it's easier to follow, replace the command with any other app that, by default, requires root.

Alright, here's the section where I explain why I'm asking this.

Simply put, if I've ever had a script that needs to do this, I just do something like sudo tcpdump -h (using the previous example as a reference) and add a line to visudo.  On the other hand, apps like wicd seem to only need group access in order to perform wpasupplicant tasks (wireshark to perform tcpdump, etc).  I'm wondering how these are configured to do so.

I skimmed the wicd source and, maybe I'm looking in the wrong places, but I'm not really finding anything.

#77 Re: Off-topic » Boom Times or financial apocalypse » 2019-07-03 14:29:33

siva
Panopticon wrote:

...it wont be long until they want to pay in libra to your fb account or whatever offshoot the zuck buck determines. I find it alarming banks are backing it...

I mean, banks have had deals with credit card companies for awhile now.  Many debit cards, tied to checking accounts, can be processed as credit because of Visa partnerships.  And, as you rightly pointed out, most users never question this.

There is another disturbing worldview developing: the belief that companies have all your information, so there's no reason not to give up everything all the time for any situation.  This kind of cynicism lets people disregard any responsibility for their actions, and as a consequence, they end up giving everything -- and they're okay with that.

Because of user mindsets, it wouldn't be surprising if banks teamed up with Facebook.  On the other hand, I remain skeptical that Facebook in particular might become "the" platform for this kind of transaction, though.  Third-party information sharing is already pretty pervasive.  I challenge the notion that neither banks nor social media behemoths could get further information about users already.

Back to hiding in a cave for another month.

#78 Re: Off-topic » ZombieLoad Attack (CVE-2018-12130), hyperthreading -how to disable it? » 2019-05-16 13:56:55

siva
boycottsystemd wrote:

There is anoher intel vulnerability which uses hyperthreading.

Similar vulnerabilities, especially from Intel, will keep coming.  2018 was the year of microcode exploits.  Until Intel releases a mass-recall to fix their hardware (they won't), just sit back and enjoy the show.

Any idea pls ?

It's good practice to find research whether or not the CVE has been resolved:
https://www.debian.org/security/2019/dsa-4444

#79 Re: Devuan » What happened at devuan.org? » 2019-04-04 19:16:46

siva
TotallyDoneWithLinuxNow wrote:

How do I know that other “jokes” aren’t lurking in my system?

I know what you mean.  I went to compile the 5.0.6 kernel the other day and found the entirety of Louis C.K. stand-up videos encoded in base64 in a patch file.  Naturally I beat it repeatedly with a hammer and incinerated it in a large firepit.  It really makes you wonder what's on your system.  #totallydonewithlinuxnow #spectredoesntexist #alsoopenbsdhasitsownsetofbugssoiwouldrecommendkeepingupwiththeirmailinglists

#80 Re: Devuan » Using Debian packages » 2019-04-04 11:59:55

siva

Last time I used the Spotify "app," it felt an awful lot like I was using the web version. 

I still wonder what the differences were.  But, I don't use Spotify.

#81 Re: Devuan » What happened at devuan.org? » 2019-04-03 22:15:17

siva

I get that tensions are high.  Talking heads are going to talk. People who would never have used devuan are going to use it as a speaking point.  The devuan team has acknowledged the issue, and many people here who use it are going to keep using it.

That leaves a substantial potential member base.

And, as evidenced by the new members here, I'm pretty sure it's not the end of the world.

Or the project.

Give it time.

#82 Re: Devuan » What happened at devuan.org? » 2019-04-03 12:44:27

siva
pulsar wrote:

For what it's worth, I knew virtually nothing about Devuan until I saw an article referencing the "pwned" page and it prompted me to research the project. Now I have a registered account on the project forum...Just flashed ascii release to usb.

Talking heads aside, can we take a second and appreciate this post?
All press is good press.  Any serious project gets dumped on from time to time.  That should be a good sign.

@pulsar, welcome to the madhouse. smile

#83 Re: Devuan Derivatives » ThomOS - the new outrageous devuan-based switchblade OS » 2019-03-13 19:47:39

siva
fsmithred wrote:

Suggested listing:
  ThomOS (formerly Crunkbong)

I'm down with it.

Siva, you didn't mention it, but login/password are thomos/thomos

Original post updated.

System boots to console login. Login leads to automatic graphical session in openbox. I don't know how you got no autologin without adding 'noautologin' to the boot command, but you need to either add 'nox11autologin' or do something else to get rid of /etc/profile.d/zz-live-config_xinit.sh.

Fixed.

The boot item for foreign language does not work. The syntax 'lang=it_IT' is specific for lightdm along with refracta-lang, a custom live-config script for changing locale and keyboard at boot. I don't know if it still works. (you don't have that script, anyway). The standard method does work:
locales=it_IT.UTF-8 keyboard-layouts=it

I went ahead and omitted this.

That's as far as I got for now. More later. Looks good so far.

Thanks!  And good to hear from you. big_smile

Note: I'll be uploading the new iso later.  I currently don't have internet at the new place.

#84 Devuan Derivatives » ThomOS - the new outrageous devuan-based switchblade OS » 2019-03-05 13:59:35

siva
Replies: 8

The crunkbong project has migrated to devuan ascii.  I decided to rename it after a good friend who got me into Linux. 

The project follows the same core values of simplicity, versatility, adaptability, and accommodation.  The idea is to use it when you need to accomplish a specific task in a live environment.

It boots to a console.  If you want a graphical session, you still have a choice of openbox (default) or dwm.  With the resources saved from stripping unnecessary components, I've fit a bunch of applications for fixing and monitoring. 

The thom-utils scripts have been updated.  wefe, for instance, has been (as far as I can tell) debugged and heavily modified for a variety of uses. 

Since this is the initial (0.1) release, I'm looking for testers and criticism.

Default login: thomos/thomos

Project page:
https://gitlab.com/souperdoupe/thomos

Download link:
https://sourceforge.net/projects/thomos/files/

#85 Re: Off-topic » The End of Trust » 2019-03-05 13:47:27

siva
golinux wrote:
imhigh.today wrote:

I'm disturbed that GitLab is on that list. sad

FYI . . . the Devuan team is looking at alternative options to gitlab.

Any progress?

#86 Off-topic » Holiday thread/traditions » 2018-12-25 13:26:50

siva
Replies: 6

Since we're all from different parts of the world and different walks of life, I was wondering what everyone's holiday tradition(s) are.

Every year, on the 25th, my brother and I go to Waffle House at some point.  It's an inside joke from a couple of years when we were vacationing over Christmas break and our parents couldn't get us actual food, because pretty much everything is understandably closed.  My digestive tract hates me for it every year.

Whatever your tradition is, I hope you enjoy it.

leadsanta.jpg

#87 Re: Off-topic » OpenBSD » 2018-12-20 17:09:59

siva
Ogis1975 wrote:

the easiest way to offer-fork it.

Then fork it already.

#88 Re: Off-topic » OpenBSD » 2018-12-20 16:46:15

siva
Ogis1975 wrote:

discretion of nvidia corporation...

Quite right. Nvidia has neither the time nor the desire to work with tedious sectarians who consider themselves elite.

This makes me wonder how often Theo de Raadt assumes an alternate online persona and strategically troll-posts against his own distro.

#89 Re: Off-topic » OpenBSD » 2018-12-20 15:45:03

siva

^"stubborn sectarians" just sounds like a capcha.

nvidia drivers have always been a pain, foss or otherwise (especially the otherwise).  Given their aims, it isn't worth their time.  If you want it to be, then become the "unofficial" nvidia contributor (or fork openbsd) and be the change you complain about.

#90 Re: Off-topic » OpenBSD » 2018-12-20 14:18:47

siva

Its developers are fanatically committed to the UNIX philosophy of each piece of software doing one thing well...The base installation is minimalistic: Kernel, init, X, networking stack, and administrative tools are all part of the OS...

Their stock utilities are exceptional -- its variant of ifconfig is god-tier compared to Linux.

OpenBSD maintains its own kernel, init, X server, and repository of third-party packages. It is therefore fairly immune to poor outside decisions...Scrupulous attention to code correctness and documentation.

"Poor outside decisions" is the key phrase here, although the whole quote should really be revised to say something like, "prioritizes user control over applications."  (I've been told they're similar to gentoo/slackware in this way, but I've never used either distro.)  The ports and package manager is legit, just a little tedious to learn at first. 

P.S. If you decide to install OpenBSD to give it a try, I would strongly recommend installing it to a non-production machine or, if to your production machine, to a second harddrive.

Salient advice.  The way it partitions may be unusual to someone venturing from stock Debian-based systems.

MiyoLinux wrote:

I could never figure out how to install it on a single partition on my multiple partitioned hard drive.

A trick is, in your Linux/Devuan system, use fdisk/cfdisk, to mark a predefined partition as "openbsd" (I think it's A6).  Then, the openbsd installer will ask you if you want to install to OpenBSD space.  iirc, post-installation, you'll have to reinstall grub if you still want to use grub.

Side note, if anyone's interested, I wrote a few scripts (including a wifi utility) for openbsd: https://github.com/souperdoupe/crunkbon … er/openbsd

#91 Re: Off-topic » At first I thought it was insane, but then I saw who was behind it. » 2018-12-15 01:33:45

siva
Ron wrote:

golinux wrote:
@siva . . . You'd think a quick search would be the first thing to do.  But is sooo much easier to let someone else do it.

If you go back, you'd see that I did say I'd research it when I have the time. You know, I have a full time job, and a wife and kid that takes quite a bit of my time. I don't live on the computer. I really don't know what I said to warrant such passive aggression. And who was whining? That crack was unwarranted.

All I'm saying is, who controls the rc scripts, controls the universe.  Openbsd has the right idea there imo

#92 Re: Off-topic » At first I thought it was insane, but then I saw who was behind it. » 2018-12-14 01:20:38

siva

It's a pretty simple manager.  To be fair, I wish I just better understood rc scripts and took the time to manage them better.

Back to the original topic: the plot thickens...

# apt-get remove --purge avahi-daemon
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libavahi-core7 libdaemon0 libre2-3
Use 'apt autoremove' to remove them.
The following packages will be REMOVED:
  avahi-daemon* libnss-mdns*
0 upgraded, 0 newly installed, 2 to remove and 59 not upgraded.
After this operation, 386 kB disk space will be freed.
Do you want to continue? [Y/n]

I wonder what GTK3 the OP was referring to.

In any case, it did give me an excuse to just uninstall it ^_^

#93 Re: Off-topic » At first I thought it was insane, but then I saw who was behind it. » 2018-12-14 00:36:21

siva

Bruh, google it.  (Or startpage it.)

#94 Re: Off-topic » Show your desktop (rebooted) » 2018-12-05 14:28:11

siva
zephyr wrote:

VOID Linux Openbox (crowz configs)
URxvt + neofetch + pianobar
wallpaper speaks for its self!

I'm assuming that's conky running just below tint2.  Is that a crowz config?  If not, can you link it?  It looks good.

#95 Re: Off-topic » The End of Trust » 2018-12-04 13:22:07

siva

I saw that, too.  I found that sensible filtering practices can block (or at least mitigate) this kind of tracking:

https://www.ghacks.net/2017/11/24/how-t … -tracking/

You can use a browser extension like NoScript, uBlock Origin or uMatrix to block these scripts from being loaded on sites you visit. This protection works only if you don't allow the scripts to run on sites you visit though, so keep that in mind.

I'll bet w3m doesn't have these issues wink

P.S. Something else I found interesting on the Princeton site, our friends at Google and Amazon don't have any of these listed.  I also appreciated the irony that a Javascript-based filter is used.  (If you disable scripts, it'll fallback to a simple list of all the notorious sites.)

#96 Re: Off-topic » The only thing I don't love about Devuan » 2018-11-30 16:39:45

siva
cynwulf wrote:

Why thank you, but I have absolutely nothing against headstick...  big_smile

I was thinking to some DUF posts that I read awhile ago and it seemed like there was a serious feud between him and a few other members.  (Last I had checked, gl posted an awesome PDF and I'm reading through a few of the essays, rather than the post itself.  [I probably won't finish the post, either, tbh.])

Both of you do have an interesting post history, in your own contexts, at FDN.  Your reputation is quite notorious.

That said, if there really is some kind of user-based fanclub for any user, please remove me from the mailing lists.

#97 Re: Off-topic » The only thing I don't love about Devuan » 2018-11-30 14:26:31

siva
cynwulf wrote:

Found some more "nice, courteous and helpful..." comments for the reading delight of the resident headstick fanclub :

It depends on how you've encountered him tbh.  You guys have history in a way that a lot of users just don't.  Doesn't make either of you horrible people imo.

#98 Re: Off-topic » The only thing I don't love about Devuan » 2018-11-30 13:37:51

siva
MiyoLinux wrote:

...though it may not be obvious to those unfamiliar with him, I interpret his response as an attempt to add humor to the thread...

+1

#99 Re: Off-topic » The only thing I don't love about Devuan » 2018-11-29 17:22:35

siva
dasein wrote:

Reproducible problems are fixable.

#100 Re: Devuan Derivatives » Anyone install Kali tools on Devuan? [solved] » 2018-11-16 17:41:27

siva

If you also used the default, kali-rolling repo, it might be beneficial to note the number of packages it tries to upgrade.  I noticed a sizeable upgrade list of critical software when I tried that one in a nonpersistent environment: things like g++, if I remember correctly.  May not make a difference in the short term, but could pose compatibility errors later on, as I'm fairly certain rolling is based on sid.

Pages: 1 2 3 4 5 6 11

Board footer

Forum Software