You are not logged in.
Debian instructions wrt porting packages also apply to devuan, e.g. https://wiki.debian.org/CreatePackageFromPPA
wrong thread pretty sure
What difference would it make, you do the same...
find fault
unusable
crap
it sucks
its a waste
Everywhere you go.
Then, if anyone should dare propose an improvement to this supposedly terrible situation, out comes the...
Why not try
I bet it could be done
I am not brave enough to try
You moan, but you do not do. You rubbish free software, but you do not work on it, even to help yourself. You insult groups and individuals, you belittle their achievements, but you will not even attempt works comparable to theirs.
Your sole contribution to a thread asking how to do a thing is to state that you're not brave enough to try, but someone else might... And even there, you misrepresent my statement.
In any case, I'm done with this thread, and I'm tired of the whinging and politics on this board in general. I'm currently running xlibre on Gentoo, and If anyone wants to try it on Devuan I invite you to read the extensive Debian packaging docs and figure it out.
Otherwise, feel free to hop over to a distro/board/irc channel with less moaning and more doing.
What the hell is that?
The ongoing trend of endless talk about politics, ideology, and trivia such as the personality of individual contributors or wording of a readme, all while "hoping" "someone" (else) will do the real work.
There is no "brave enough" in software development, and there is no danger in trying.
If you put as much energy into learning to compile or contribute to projects that you claim interest you as you do political ranting, you might even have some substance (i.e. technical points) to add to your usual "I hate [x], because feels/language/supposed power imbalance" nonsense.
Don't like "frog animations" (or whatever latest pointless rant was about)? Easy, don't look at them. Do something constructive instead.
Think xenocera is a better option for Devuan than xlibre? Cool, why not spend that energy compiling them on Devuan, testing them, and making a convincing case for one over the other?
You constantly spit bile at people and projects you don't like, yet those people and projects have, undeniably, made something. What have you made, besides noise?
You insult GNOME devs, but those GNOME devs made a complete desktop environment and gave it away for free, to all and sundry. You call youtubers you disagree with "parasites", yet even they put effort into learning video production and built a following... Where's your channel? Where's your competitor for gnome or wayland?
The real "Irony, irony, irony" here is that you depend entirely on software built by others, to insult the people who build such software.
IOW, define:parasite
Cut us some slack, give us time to catch up...we all have busy lives outside of linux.
Oh that wasn't meant for you, you're making things. It was for the "I bet it could be done", "not brave enough", "I do hope that SOMEONE will", "above my pay grade", "Perhaps you would like to" bikeshedding crowd.
arm64.iso
Sun Ultra 24
The Ultra 24 is amd64, what on earth made you think an arm kernel would boot on it? They're completely different architectures.
I hear steve_v was trying to compile it for that purpose.
I don't know if he did.
I built Xlibre on Gentoo, because that's my main these days and the only Devuan installs I have are headless servers I'm not about to screw around with for something they wouldn't even use.
There is now an overlay hosted at github.com/X11Libre/ports-gentoo, so trying it on Gentoo is no more difficult than installing any other live build.
I see no reason the xlibre devs would be against a similar arrangement for Devuan, were somebody with an appropriate build environment to adapt the Xorg spec files and build test packages. That shouldn't be particularly difficult to do (though personally I find the Debian packaging workflow somewhat convoluted and unpleasant), since the project structure is still very close to Xorg.
I mean I could probably do it in a VM or chroot, but not to put too fine a point on it... That's a lot of mucking about and the lack of effort from anyone else around here (who, unlike me, stand to benefit directly) isn't particularly motivating.
being very harsh.
scum bag... stupid... arrogant... a-hole... fascist...
Oh wait, that wasn't me saying those things, was it.
I bet it could be done in devuan too.
Exactly this ^
You claim Xenocara is "the best option", but offer no technical arguments or comparisons to back it up. You claim it "could be done", but don't actually do it, even just for testing, even just for yourself.
You claim Xlibre "could be good", but you haven't tried building or using it... And your "doubts" are vague aspersions on the lead developers politics, rather than a technical assessment.
Why not try compiling that?
Why don't you try compiling that, if it's a project you want to promote?
As usual, it's all just talk, all just pontificating on what other people should or shouldn't do, passing judgement on people you have never met, and minor variations of "xyz developers I don't know are assholes/scumbags/[insert insult here]".
Go contribute to the project in question, go work with the people concerned... Then maybe you get to call them names. Raging from afar is pointless and childish, regardless of how easy it is to spit at a faceless organisation you have no real contact with.
I for one do not give a fat rat's behind about the "principles in place" or whether or not the lead developer is a [facist|furry|wears a gimp suit on sundays], I care about ability, technical merit, and whether or not a piece of software is a: solving the problem at hand, and b: copyleft licenced so it can be forked if needed.
If something looks interesting, I'll try it. If there aren't distro packages yet, I'll build it. If it's promising, I might even try to contribute to it. I'm not an accomplished C/C++ coder by any stretch, but you don't always need to be to contribute in a useful way - case in point, even building and testing on different platforms can be productive, assuming you report any bugs you find.
So, how's Xenocera working out for you on $distro_of_choice? Any problems getting the code built? Any bugs to report or technical suggestions to pass upstream?
Ed. Thought that might happen... While I'm still trying to solve a bunch of nonsensical GPU crashes (result: not Xlibre's fault, it's a power management bug in the amdgpu kernel driver), Stefan goes live with an Xlibre-git overlay for any clown to try it out.
This is why I've largely moved over to Gentoo, where the arguments are just a smoke-screen for sneakily getting stuff done.
Packaging for Devuan... Not me, I don't run any Devuan desktops, and headless/CLI installs don't need any of this. For Gentoo OTOH... Hold my beer (If I don't get beaten to the punch that is, which I likely will).
That's all contingent on the Xlibre project not imploding under the mass of reddit-warrior attention of course, but so far so promising.
I know I could just compile, but I'd rather trust an experienced packager
Well somebody has to actually test the thing, no? If we all just sit around waiting for the magical pixies to do everything, nothing gets done.
I VIL not install Wayland and I VIL be happy.
To be fair, wayland is *mostly* usable... But my own year-or-so living with it came to an end fairly recently, because upstream apparently has no interest whatsoever in getting from "mostly" to "fully" usable, or considering any use-case beyond "works for normie tasks on my laptop/corpo-drone workstation".
Every single proposition or pull request furthering feature-parity with X11 or backwards compatibility of any kind results in endless stonewalling, recursive arguments, and NIH bullshit. One can smell the "Desktop Linux belongs to us, toe the line or GTFO" excreta dribbling down from Redhat and IBM suits a mile away.
So back to a display server that works it is... And FUD aside, Xorg still does.
Not "works if you use the right compositor on the right day of the week".
Not "works if the app you want to use has been updated in the last 5 minutes".
And certainly not "works if you squint a bit and ignore broken DPI scaling, janky session restore, buggy clipboards, screwed up window placement, missing features, and general dogs breakfast of competing, poorly concieved, partly implemented protocols"...
No, Xorg *just works*. It even works for 20 year old software, with minimal (and often no) changes... Imagine that.
So far, I can't really tell the difference between Xorg and Xlibre from an end-user POV, which is exactly as it should be.
Meanwhile, the "X is insecure" apocalypse is still stubbornly failing to materialise. I'm sure it sucks for somebody somewhere when reality gets all uncooperative like that.
I'll be keeping a dual-stack around in case wayland ever grows up (15 years and counting), but I'm not going to hold my breath.
@steve_v *is waiting for Xlibre to finish compiling right now*
And you? Yeah, that's what I thought...
GNOME is taking the scum bag approach still
Zapper is taking the "whine about evil overlords rather than doing anything constructive, in hopes others will validate with more whining" approach still.
FTFY.
GNOME / freedesktop / Redhat / IBM has an agenda, one that involves agressively pushing thier (weak copyleft or "open source") solutions as dominant standards. This is not new. This is not unexpected. This will not change, no matter how much childish name-calling you do.
If you don't like what Redhat is doing, don't use thier solutions (or better, fork them and fix them). If you don't like wayland, run X11 and/or contribute to Xlibre instead.
If you're going to pick fault with all alternatives because you don't like the personalities or supposed politics involved... Congratulations, you're part of the problem.
Aside, on GNOME in general, for many years now: ∨∨∨
Oh, the huge manatee
This was a minor addition to the grub-mkconfig scripts to autodetect installed init systems and make alternate entries with 'init=foo' on the kernel command line. Nothing more.
It was not some involved patch to GRUB itself (which doesn't care about init at all, starting PID1 is the kernels job), it's not required for GRUB to work with sysvinit (or anything else for that matter), and it's trivial to reintroduce. It was simply a convenience feature that the original author no longer wants to maintain.
The ongoing trend of raging against the machine and devolving into politics continues, rather than learning how things actually work and *shock* configuring your stuff directly or *horror* doing some entry-level shell scripting.
The OP asked about much more than that.
The OP asks about running apps without a physical phone, and gives a couple of generic examples with no implementation details.
*you* moved the goalposts by adding custom authentication and token generators.
The app the OP refers to is the bank's custom application running on a smartphone in the way I previously described.
If you have a working crystal ball, feel free to open-source the schematics. Otherwise you're putting words in somebody else's mouth to further your own agenda.
If what what you really want to do is shoot down every suggestion so you can whine about "big tech" control some more (with much talk and no action of course), you do you... But constant "old man yells at cloud" bitching (a common pastime around here apparently) never achieved anything constructive.
As far as I can tell, Google et al have absolutely no involvement
GSF has built-in 2fa authentication for apps to use, with various levels of physical device integrity checks. Whether a specific app uses it or rolls their own is up to the app developer. Even when they do roll their own 2fa auth, they're likely going to be using GSF to verify the integrity of the app, OS, and device before they allow you to start that process.
Unless you are somehow under the impression that there is only one bank in the world, with one app, you're making the assertion that your personal situation with your particular bank is also the only one the OP could possibly be in. This is infantile.
Banks are run by experienced white collar crooks, not idiots.
Which is why authentication is (or should be) handled server-side, and any on-device security handled by widely deployed, trusted frameworks. The "app" can then be (and IME often is) little more than a thin interface for the web api, with hooks into GSF for 2fa.
If an app does require integrity checks (e.g. allows fingerprint or facial recognition auth and does it on-device), that's exactly what the android integrity and hardware crypto apis are for. Most apps use those, because security is hard and reinventing wheels is stupid... They're also far more secure than relying on something like cell network registration / IMEI, which is notoriously easy to screw about with (see many real-world examples of sim-swapping / device cloning attacks).
My bank also has an app, it's not mandatory, it only uses 2fa for initial setup, and it works perfectly in a VM. The same goes for a host of "special deal only in our app spyware" situations, virtual boarding passes, concert tickets et al., extracting login tokens or DRM decryption keys for reuse in third-party apps, and countless other things besides.
Those will all do what was asked in the OP, run "Android in a VM". None of them will register a real IMEI on a real cellular network though, because that requires a physical radio connecting to a physical cell site...
So it depends how your authenticator works. If it uses basic google APIs, then you just need to sign in to google from the virtual device with a real account. If it needs hardware device attestation (safetynet/play protect/etc.), uses SMS, or otherwise relies on the mobile carrier, you're probably SOL.
There are ways to spoof device attestation, but it's a cat-and-mouse game with google and far too complicated to go into here. Hit up xda forums.
Android studio can create any number of full-featured emulated devices, with android versions and api levels of your choice, in just a few clicks.
It is of course a google product and not to be trusted, but using the standard development environment does have advantages wrt compatibility.
I'd suggest a version a year or two old, so as to avoid the worst of the Artificial Idiocy that google seems determined to infict on man + dog.
I wonder if it will be a software issue going forward if I used a non-uefi system to start with if the board will support it?
Highly unlikely. The only software that cares about UEFI/MBR distinctions is the bootloader and whatever is installing/updating it, and I don't see GRUB or LILO dropping MBR support any time soon.
If it ever did come to that, converting an installed system to UEFI isn't particularly difficult anyway.
The more likely scenario is that at some point you will need to replace the motherboard, and find you have to pay a premium for one that still supports MBR boot.
What you *need* UEFI for is booting from (almost all) NVME drives, and that is a technical/architectural limitation... So as storage moves in that direction, sooner or later you will have to adapt.
Also worthy of side-note is that resizable BAR (or whatever $GPU_vendor is calling it these days) support in BIOS is currently being used as a wedge to push people toward UEFI. There's no technical reason for one to require the other, but that's what consumer board vendors (and more to the point, Microsoft) are doing.
I'd suggest being practical and consider specific NAS-OS's like HexOS, TrueNAS Scale, UnRAID or ProxMox instead.
Why? We're not talking about a home NAS here, and using a turnkey NAS distro adds precious little of value to a webserver.
online criminals will have a field day hacking your machine and turning it to making them money whichever way they want
If you are an idiot and run compromised or misconfigured services, sure. Or you could... *shock* read the Debian security manual.
I know plenty of people (myself included) running public webservers on general-purpose GNU/Linux or BSD distros, none of them have been pwned, and I call FUD.
Devuan simply doesn't have a GUI tool that makes configuring it suitable for online use, like HexOS is for TrueNAS.
Devuan is exactly as "suitable for online use" as Debian, and both can do everything TrueNAS does if configured appropriately.
Debian powers vast numbers of webservers and has for decades, whether it has an easy-mode "GUI tool" or "setup wizard" for a given role is neither here nor there. "Universal operating system" and all that.
I'm not knocking TrueNAS mind, it's a fine distro... Claiming that it's somehow more reliable or more secure than Devuan because it has a graphical wizard though, that's kinda ridiculous... As is shelling out $199 per box for HexOS beta, the mind boggles.
EFI/MBR is a BIOS thing, grab the manual for the board you're considering. If it mentions "legacy" mode/CSM, you can likely still use MBR boot.
I've learned the hard way that SSDs aren't great for long term data storage, especially with static data (files that don't change). Based on what I can figure out from research, the SSDs memory cells suffer from voltage drift over time.
I've learned the hard way that *all* readily available storage media is subject to this kind of bitrot, and the only viable solution (besides exotic media like etched sapphire) is file and/or block checksums, regular readability tests, and sufficient redundancy for the inevitable repairs...
That means ZFS or BTRFS for anything important, with regular scrubs.
I've had all manner of RAID failures and filesystem corruption over the years, but I haven't seen a single damaged file in the decade+ I've been running ZFS on Debian/Devuan...
I do get the occasional:
"One or more devices has experienced an unrecoverable error... Applications are unaffected... Determine if the device needs to be replaced... Repaired [x]M in [y] hours with 0 errors"
type mail though, because all disks suck.
"desktop" disks suck hard, "green" disks suck harder, and "laptop" disks suck hardest of all. You get what you pay for, server (or "NAS") grade storage is worth every penny in reducing both risk and aggravation. Goes for HDD, SSD, or NVME, the price/performance/reliability triangle is the same.
I have a preference for AMD CPU/GPU's as they generally play much better with linux than Nvidia does.
GPU brand is utterly irrelevant for a webserver... having a GPU at all is irrelevant for that matter, the vast majority of webservers just use IPMI KVM or serial console.
Unless you need a GPU for media en/decoding or AI nonsense wasting energy, put those PCIe slots to a more constructive use like HBAs or more NICs.
There is a pretty good argument for AMD over Intel on the CPU front though, namely getting ECC support without the Xeon tax.
My take on storage would be ext4 on an (md)RAID1 of small SSDs for the OS and anything that doesn't play nice with COW filesystems (like the database if you CBF with filesystem tuning), and ZFS (mirror or RAIDZ) on 2 or 3 "NAS" grade spinners for data.
None of this is a substitute for backups of course, you should have those (and test them regularly) too.
As for other hardware, I'm not up with current pricing so I don't have any specifics, but in general: ECC memory and plenty of it, a not-bargain-basement motherboard, and somewhere to put at least 2 (preferrably 4 or 5) drives.
Everything else is negotiable, CPU load serving mostly static web content will be bugger all and disk latency won't matter much if you have enough RAM for a decent cache.
You'll want a quality PSU and a UPS with monitoring properly configured as well of course.
Youtube (as with much of the "modern" web) can and will cause your browser to consume fairly insane quantities of memory...
The behaviour of the linux kernel under heavy memory pressure can be somewhat pathological (at least for desktop workloads, where killing memory hogs early is preferable to compromising interactivity), in that memory reclaim may livelock for quite some time (especially when swap is involved), and the OOM killer will only trigger once all other avenues are exhausted (i.e. potentially many minutes of thrashing, swapping pages in and out, and repeatedly evicting the page cache). Paradoxically, this is often exacerbated by fast (ssd or nvme) swap devices.
There are ways to tune this, but the easiest solution for desktop use is probably a more proactive OOM killer such as earlyoom, nohang, oomd, or (obviously not here) systemd-oomd.
Better explanations of my statements above can be found in the first two linked repos.
shouldn't you swap area be larger than your RAM
Only if one intends to use it for suspend-to-disk.
isn't an appimage already partially sandboxed?
Appimages aren't sandboxed, they're essentially just a compressed directory with an executable header to handle the library path shenanigans. Nothing stopping you running one in firejail, bubblewrap, etc. like any other application though.
Flatpak and Snap do include sandboxing (of somewhat dubious effectiveness IMO), but that's a whole other kettle of fish.
Any "self-contained" or "unversal" package will likely use more memory (and definitely more disk) than a native package, due to shared-library duplication.
on just one partition without making separate ones for /home and for /.
Why? Separate partitions with / as r/o or squashfs and /home, /var as r/w or tmpfs is the obvious answer here, is it not?
Personally, I wouldn't use a debian-based distro for this. Security bugs in old software go way beyond just the browser, and by the time you find and fix/update all vulnerable packages (and rebuild the revdeps) you may as well have started from something more aligned with the "use modern software, and aggressively optimise for memory use" approach... Like TinyCore, or a custom build (gentoo, LFS, etc.) with uclibc-ng or musl, -Os, and minimal feature-bloat compile-time options.
Then again, I wouldn't bother with a 32bit machine as a general-purpose desktop to begin with. Used 64bit hardware is dirt-cheap now (Sandybridge/Ivybridge boxes can often be had for literally nothing), and modern browser engines kinda blow that 512MB memory target away all by themselves.
FWIW, TinyCore/Coreplus runs just fine on a Pentium 233 with 64Mb RAM. With 128MB, it's even pretty snappy... And it doesn't run decade-old software to achieve it.
Pipewire works out-of-the-box on Debian, because Debian is (primarily) a systemd distro. All major Debian desktop configurations have a mechanism for user-services by default, there is no RFE to file, and no additional package is required.
This could maybe be a wishlist item as far as Debian is concerned, but frankly I don't think anyone over there really cares at this point.
I don't see how this is anything but a systemd-free problem, systemd-free is Devuan's only available desktop configuration (and primary claim-to-fame), that makes it a Devuan problem.
you've been arguing vehemently the importance of whatever it is you're arguing about, but then in the above sentence you freely admit it may be important to like 3 people.
I've been arguing that Devuan, as a leading systemd-free distribution, should be taking a (pro)active role in solving the problems that arise from not shipping systemd... Or at least making some decisions on how these things should be handled.
The "3 people" comment was, of course, with regard to the potential userbase of yet another tiny single-developer derivative of a derivative, and the duplicated effort of creating one to solve problems better tackled where they can benefit all Devuan derivatives - i.e. in Devuan itself.
I can solve this particular problem for myself, and I already have, in several different ways. I really don't see the point in building a distro to prove it.
What I would like to know is: Which way does Devuan intend to handle this, and is there anything that needs doing there? What solutions are being considered? I contributed one possibility way upthread, is it worth persevering with or is Devuan going to do something totally different?
Is anything at all happening, or are we just going to do the "wait for debian to make a move, then delay release for 3 months while we put out fires" thing again?
Slackware has an official solution in the repos, which works out of the box. Gentoo has an official solution in the repos, which works out of the box. Artix has an official solution in the repos, which works out of the box. The latter 2 also have wiki pages on the subject, listing several alternative solutions.
Devuan unstable has... *goes looking to confirm the obvious* A pipewire package pulled verbatim from Debian, a non-functional pipewire.service, and no documentation.
I only mentioned the tasks that are currently not being maintained.
Ahh, I see. Pipewire wasn't on the list, nor were was user services in general. Do I take that to mean this is well under control and Devuan's pipewire-launcher and autostart files are being actively maintained?
I mean it sure doesn't look that way to me, is there some secret-squirrel development branch I don't know about?
Devuan doesn't require Pulse or Pipe or apulse or anything else for sound.
Of course it doesn't.
What it does need those for is a convenient desktop multimedia end-user experience that comes anywhere close to current proprietary O/S offerings and other popular GNU/Linux distributions.
ALSA can do many things, I know, I've been there. What it has failed to do for multiple decades now is be intuitive or well-documented enough for most users to even know of its capabilities, let alone use them.
IME writing ALSA configuration files that do what you want often means reading the kernel source code, expecting such of every neophyte who wants a taskbar widget for switching their headphones, in YOLD 3191, is insane.
I can stream video and audio just fine to my TV without a "sound server".
Ahem...
without interrupting playback... smoothly
Yes, ALSA can do bluetooth, and there are a myriad ways to stream audio. My point was that a sound server like pipewire makes output switching, rate conversion, stream duplication, loopback recording and mixing, all the other things you could do with a convoluted string of alsa plugins and the like seamless, gapless, and transparent to applications.
Pipewire can also do much of what JACK can do, with comparable latency (my main gripe with pulseaudio), without having to switch your whole audio workflow over to JACK and all the aggravation that usually entails.
That's a working browser
That's a webview with some basic nav elements in GTK. Nifty, but calling it a "browser" when webkit (aka khtml) is doing 99.99% of the work is a mite disingenuous.
Then again, this is digressing. To reiterate, I'll be happy to pitch in with code and/or packaging when devuan decides on a sane and maintainable way to handle user services... Assuming I don't move entirely to gentoo or die of old-age first.
*And no, @golinux, I'm not interested in doing theming or having anything to do with refracta. I really wouldn't care if it was text-based d-i netinstall or nothing, and my artistic talent is exactly zero... Unless you want a satanic deathmetal theme for the next release, which I might be inclined to take a stab at.