The officially official Devuan Forum!

You are not logged in.

#1 2018-04-03 19:10:08

miroR
Member
From: Zagreb, Croatia
Registered: 2016-11-30
Posts: 195
Website

A repo serving Pale Moon

Current title: A repo serving Pale Moon
---
This is the next stage after having compiled Pale Moon for months. See:
Palemoon installation from source
https://dev1galaxy.org/viewtopic.php?id=616
---

Only advanced users could make it here. Not trivial...
But I did successfully installed my newly built Pale Moon from:

https://www.croatiafidelis.hr/foss/dev1miro/

I have (with manual adjusting in /var/lib/apt/lists managed to apt-get install my:

$ palemoon --version
Moonchild Productions Pale Moon 27.8.3
$

from it.
Here the log how it went:

$ apt-get install palemoon
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages will be upgraded:
  palemoon
1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/30.5 MB of archives.
After this operation, 19.5 kB of additional disk space will be used.
Running external script with list of all .deb file: '/usr/bin/apt-listchanges --apt || test $? -lt 10'
Reading changelogs... Done
Running external script with list of all .deb file: '/usr/sbin/dpkg-preconfigure --apt || true'
(Reading database ... 224942 files and directories currently installed.)
Preparing to unpack .../palemoon_27.8.3~repack-3_amd64.deb ...
Unpacking palemoon (27.8.3~repack-3) over (27.8.0~repack-2) ...
Setting up palemoon (27.8.3~repack-3) ...
Processing triggers for mime-support (3.60) ...
Processing triggers for libc-bin (2.27-3) ...
Processing triggers for hicolor-icon-theme (0.17-2) ...
Running external script: '/usr/bin/test -x /sbin/paxrat && /sbin/paxrat 1>/dev/null || true'
Running external script: 'if [ -x /usr/bin/rkhunter ] && grep -qiE '^APT_AUTOGEN=.?(true|yes)' /etc/default/rkhunter; then /usr/share/rkhunter/scripts/rkhupd.sh; fi'
$

As I wrote on:
A Pale Moon repo for Devuan/Debian
https://forum.palemoon.org/viewtopic.php?f=37&t=18805

I was only able to do it after manually tweaking and copying files to /var/lib/apt/lists. More coming about it, but (likely) in slow time.


Devs/testers/users of FOSS, what might be ahead for GNU/Linux after we lost PaX Team and spender? spender wrote:
https://forums.grsecurity.net/viewtopic … 699#p17127
Google made the choice to engage in underhanded competition against us with our own code...
grsecurity ripoff by Google, w/ Linus approval https://lists.dyne.org/lurker/message/2 … 4b.en.html

Offline

#2 2018-04-03 21:27:02

miroR
Member
From: Zagreb, Croatia
Registered: 2016-11-30
Posts: 195
Website

Re: A repo serving Pale Moon

The story how I apt-get'ed my NMU ([N]on-[M]aintainer [ U]pload]) palemoon package, and how other people, esp. people who wish to build a non-dbus Devuan machines (that's not yet completely feasible in Devuan; it is feasible in GNU/Linux, because Gentoo offers a completely dbus-free installation at least since a couple of years ago)...

Namely, once the repo is all set up well, and not provisorily as it is now (long term, I surely would like to contribute in Devuan development with Amprolla and git.devuan.org, but I'm not really yet capable of doing real advanced developer's work), you'll be able to more comfortable browse and see the changes btwn my NMU upload and what is offered on:
https://download.opensuse.org/repositor … venpusser/
( currently it is palemoon packages:
https://download.opensuse.org/repositor … ebian_9.0/ )
In short, it's SSL-key logging, and the mozconfig is meaner.

But how to get it and install it in your machine (NO WARRANTIES, the risk is all yours, gentle reader!) is...

Let's start from here:

DebianRepositoryUseThirdParty Instructions to connect to a third-party repository
https://wiki.debian.org/DebianRepositor … list_entry

In the case of my repo it is:

$ wget -O /usr/share/keyrings/dev1miro.gpg https://www.croatiafidelis.hr/foss/dev1-miro/keyring.gpg

For tor users (I'm only tickling readers' imagination: Devuan works well with Tor, but I've not time to explain it, and the place is not here anyways), it would be:

$ torsocks wget -O /usr/share/keyrings/dev1miro.gpg https://www.croatiafidelis.hr/foss/dev1-miro/keyring.gpg

( and www.CroatiaFidelis.hr --it's rented space, I'm not a wizzard to be able to cope with and maintain my own full time server-- takes tor+https fine )

( stable Jessie users, pls. study the wiki.debian.org link above, you might currently have more work to do here; I'm on Ceres, the unstable/testing Devuan beast )

And then get yourself this file, to look more or less exactly like this:

# cat /etc/apt/sources.list.d/dev1miro.list 
deb [signed-by=/usr/share/keyrings/dev1miro.gpg] https://www.CroatiaFidelis.hr/foss/dev1miro/ ceres main

For tor users it would be:

# cat /etc/apt/sources.list.d/dev1miro.list 
deb [signed-by=/usr/share/keyrings/dev1miro.gpg] tor+https://www.CroatiaFidelis.hr/foss/dev1miro/ ceres main

And then the usual apt-get update should get it... But it wouldn't work for me... Too many tries I did, but the errors that I always got verge around, e.g. (the try at  16:17:29 on 2018-04-03):

# cat ~mr/LOG_/apt-get_update_180403_161729_O
Get:1 tor+https://www.CroatiaFidelis.hr/foss/dev1miro ceres InRelease [4,458 B]
Err:1 tor+https://www.CroatiaFidelis.hr/foss/dev1miro ceres InRelease
  The following signatures were invalid: 47FEB28B15B8B727D4C9A64BFEF460A2666186A9
Reading package lists...
W: GPG error: tor+https://www.CroatiaFidelis.hr/foss/dev1miro ceres InRelease: The following signatures were invalid: 47FEB28B15B8B727D4C9A64BFEF460A2666186A9
E: The repository 'tor+https://www.CroatiaFidelis.hr/foss/dev1miro ceres InRelease' is not signed.
#

Truth is, after I cloned the Freight repo and hacked it a little, and got it capable of adding sources to my repo (which the current version 0.3.11 couldn't do, that story will, hopefully soon, appear in code on: https://github.com/miroR/freight, along with a pull request or two to https://github.com/freight-team/freight/ ), I had to create InRelease manually, but it's full correct InRelease, check it out from it's place in the repo:

https://www.croatiafidelis.hr/foss/dev1 … /InRelease

And once you got my PGP-key you download it it can only be good signature with gpg --verify InRelease if the internet is calm on all participating sides for it.

And all else having failed, I decided I will simply reconstruct my /var/lib/apt/lists/www.CroatiaFidelis.hr_foss_dev1miro_dists_ceres_InRelease (what you see there, and what you downloaded from there --later readers are likely to see a different InRelease than of the time of this writing-- is what I manually placed in there, Freight wouldn't do it. Freight does a lot of other things just right, I hope it's a fine repo tool...

So that same InRelease (I hope this is a temporary measure and later readers just won't need it) you too can put in your:

# cp -iav InRelease /var/lib/apt/lists/www.CroatiaFidelis.hr_foss_dev1miro_dists_ceres_InRelease
# chown root:root /var/lib/apt/lists/www.CroatiaFidelis.hr_foss_dev1miro_dists_ceres_InRelease

( the chowning here and below is just in case, won't harm, and might be necessary )

And then you also need to download:

https://www.croatiafidelis.hr/foss/dev1 … 4/Packages

and copy:

# cp -iav Packages /var/www/html/foss/dev1miro/dists/ceres/main/binary-amd64/Packages
# chown root:root /var/www/html/foss/dev1miro/dists/ceres/main/binary-amd64/Packages

Next, you can simply download the palemoon package, say with:

$ wget https://www.croatiafidelis.hr/foss/dev1miro/pool/ceres/main/p/palemoon/palemoon_27.8.3~repack-3_amd64.deb

and copy it to:

# cp -iav palemoon_27.8.3~repack-3_amd64.deb /var/cache/apt/archives/

And if you followed all the steps that I just posted (and if I haven't forgotten to tell some piece of instruction, which I hope I haven't), you now should be able to install my NMU Pale Moon with:

# apt-get install palemoon

Reports are welcome!

Last edited by miroR (2018-04-03 21:27:50)


Devs/testers/users of FOSS, what might be ahead for GNU/Linux after we lost PaX Team and spender? spender wrote:
https://forums.grsecurity.net/viewtopic … 699#p17127
Google made the choice to engage in underhanded competition against us with our own code...
grsecurity ripoff by Google, w/ Linus approval https://lists.dyne.org/lurker/message/2 … 4b.en.html

Offline

#3 2018-04-04 07:35:51

miroR
Member
From: Zagreb, Croatia
Registered: 2016-11-30
Posts: 195
Website

Re: A repo serving Pale Moon

Likewise (see about Packages in previous post), you download:

https://www.croatiafidelis.hr/foss/dev1 … ce/Sources

and make it be:

/var/lib/apt/lists/www.CroatiaFidelis.hr_foss_dev1miro_dists_ceres_main_source_Sources

and then you can:

$ apt-get source palemoon
Reading package lists... Done
Need to get 124 MB of source archives.
Get:1 tor+https://www.CroatiaFidelis.hr/foss/dev1miro ceres/main palemoon 27.8.3~repack-3 (dsc) [1,896 B]
Get:2 tor+https://www.CroatiaFidelis.hr/foss/dev1miro ceres/main palemoon 27.8.3~repack-3 (tar) [124 MB]
Get:3 tor+https://www.CroatiaFidelis.hr/foss/dev1miro ceres/main palemoon 27.8.3~repack-3 (diff) [28.2 kB]
Fetched 124 MB in 1min 3s (1,954 kB/s)                                                       
dpkg-source: info: extracting palemoon in palemoon-27.8.3~repack
dpkg-source: info: unpacking palemoon_27.8.3~repack.orig.tar.xz
dpkg-source: info: unpacking palemoon_27.8.3~repack-3.debian.tar.xz
dpkg-source: info: applying allow-sslkeylogfile
$

And:

$   dscverify --no-default-keyrings --keyring  /usr/share/keyrings/dev1miro.gpg  palemoon_27.8.3~repack-3.dsc 
palemoon_27.8.3~repack-3.dsc:
      Good signature found
   validating palemoon_27.8.3~repack.orig.tar.xz
   validating palemoon_27.8.3~repack-3.debian.tar.xz
All files validated successfully.

BTW, it would belong to the topic on Pale Moon forum (the --now-- months long one), but I'm pressed with time, these are some of the commands (they are, essentially, from my /home/$USER/.bash_history) which I issued when compiling, this time around:

ts=$(date +%y%m%d_%H%M%S) ; echo $ts ; read FAKE ; dpkg-source -x palemoon_27.8.3~repack-1.dsc |& tee /some-other-where/dpkg-source-x_palemoon_27.8.3_${ts}

The "ts" stands for [ t]ime[ s]tamp, so I get the logs, and they don't truncate, the next one the previous ones, upon multiple tries.

cd palemoon-27.8.3~repack
quilt new allow-sslkeylogfile
quilt add security/nss/lib/ssl/Makefile 
patch -p0  < /some/where/palemoon-27.7.2~repack_allow-sslkelogfile.patch 
quilt refresh
quilt applied
quilt diff
quilt push

That's the SSL-keys logging patch, details on that long months Pale Moon forum topic of mine, or in links from there.

And here is where I removed libdbus, libgdbus and pulseaudio from mozconfig and also from even build-deps. My mozconfig is based on Walter Dnes's (but it's that months-long topic to refer for details):

vi -p debian/{mozconfig,control} 

Again, same principle for logging, and also, this is how you --force-sign a non-maintainer upload:

ts=$(date +%y%m%d_%H%M%S) ; echo $ts; read FAKE ; dpkg-buildpackage -j4 --sign-key=FEF460A2666186A9 --force-sign |& tee /some-other-where/dpkg-buildpackage-j4--sign-key=FEF460A2666186A9--force-sign_${ts}

Regards!


Devs/testers/users of FOSS, what might be ahead for GNU/Linux after we lost PaX Team and spender? spender wrote:
https://forums.grsecurity.net/viewtopic … 699#p17127
Google made the choice to engage in underhanded competition against us with our own code...
grsecurity ripoff by Google, w/ Linus approval https://lists.dyne.org/lurker/message/2 … 4b.en.html

Offline

#4 2018-04-04 11:43:24

miroR
Member
From: Zagreb, Croatia
Registered: 2016-11-30
Posts: 195
Website

Re: A repo serving Pale Moon

There is probably not (but I'm not good at legal stuff) any non-compliance issue with Pale Moon license with my repo, but still, some already and more discussion might be at (or linked from):

Legal on Pale Moon potential packaging and distribution
https://dev1galaxy.org/viewtopic.php?id=1974

Last edited by miroR (2018-04-04 12:29:58)


Devs/testers/users of FOSS, what might be ahead for GNU/Linux after we lost PaX Team and spender? spender wrote:
https://forums.grsecurity.net/viewtopic … 699#p17127
Google made the choice to engage in underhanded competition against us with our own code...
grsecurity ripoff by Google, w/ Linus approval https://lists.dyne.org/lurker/message/2 … 4b.en.html

Offline

Board footer