You are not logged in.
- Topics: Active | Unanswered
#626 Re: Installation » Installing from src and apt » 2024-02-10 19:42:20
Hello:
... create a deb package ...
... tools for creating deb packages that involve hundreds of MB of dependencies ...
Seems all rather complex for my pay grade.
Still getting over having installed it. 8^°
If all you want is a .deb ...
... don't care how nice it is ...
That's about it.
I only want a certain level of system compliance (to call it something) and have apt, aptitude and synaptic properly know about it.
... just use checkinstall.
Thanks for the heads up.
I'll look into it.
Unless I am mistaken, xarchiver is added to the Devuan repositories without intervention as it is not dependent on or require the presence of systemd in the system. That being so, I may only have to wait a bit till this last version makes it into Debian (stable or testing) just and install it.
Note: It has already made it to Debian trixie and as a result, to Devuan ceres.
That would replace the one I installed and solve (?) the issue as long as the dependencies remain the same.
Would there be a problem with that?
----
Edit:
Yes.
gdebi says there is a dependency problem - version of libc6 needs to be higher than the one installed.
ie: higher than libc6 2.28-10+deb10u2
----
Thanks to both for your input.
Best,
A.
#627 Re: Installation » Daedelus install on Lenovo T480 boots, locks up. » 2024-02-10 16:16:21
Hello:
... get to a cLi login prompt and I can log in as root or as user.
That sort of narrows things down a bit.
... enter 'starx' as user the desktop ... | ... loads but locks right up ...
Right ...
Xserver definitely involved and may have an issue (?) with that xfce plug-in.
Not at all surprised.
When I first set up xfce, the first thing I discovered was that I had to get rid of anything xfce power management related.
But then I have a workstation, not a laptop.
That said, I don't think it anyone will be able to help past this preliminary evaluation unless you post some more data.
I certainly cannot.
You may want to consider posting:
1.
the dmesg printout
~$ sudo dmesg --level=alert,crit,err,warn2.
the Xorg.0.log file
~$ cat /var/log/Xorg.0.logYou may also want to consider running a test by logging in as root and completely removing the xfce4-power-manager software package.
Then reboot and see if you can start the desktop without it.
~$ sudo apt-get purge --auto-remove xfce4-power-manager Using the purge options along with auto-remove, will get rid of everything regarding the xfce4-power-manager package.
That will be good for if/when you want to reinstall it again.
ie: (supposedly) no debris left behind.
Best,
A.
#628 Installation » Installing from src and apt » 2024-02-10 14:45:58
- Altoid
- Replies: 16
Hello:
I recently compiled and then installed an application from source.
A milestone for me. 8^)
If interested in the whats and hows, see here.
I decided to install it ie: not from the Devuan/Debian repository without any worries because a) it is practically universal b) does not have strange dependencies or ties to anything Poetteringesque and c) it is a new version with a significant improvement.
Now, the tricky part here is that apt, aptitude and synaptic have no knowledge of this installation of mine.
Obviously because they had no part in it.
ie: no *.deb package involved.
Does not seem to be an issue as the application works exactly as expected but leaving apt, aptitude and synaptic out of the loop would seem to be contrary to proper practise.
I don't expect this new version of the application to be backported to my Devuan Beowulf (5.10.127-2~bpo10+1)* so I am at a loss as to what to do.
Ideas and suggestions welcome.
Thanks in advance.
Best,
A.
* I refuse to deal with the useless bloat that is Network-Manager, so I will stick with Devuan Beowulf and WiCD.
#629 Re: Desktop and Multimedia » xarchiver 0.5.4.22 - update » 2024-02-09 00:41:48
Hello:
Thank you ...
You're welcome but it is really all IB's merit.
He is the one who has been keeping this very nice/useful (ca. 2005) application running and up to date for the last 9/10 years.
Best,
A.
#630 Desktop and Multimedia » xarchiver 0.5.4.22 - update » 2024-02-08 13:50:54
- Altoid
- Replies: 2
Hello:
This is a continuation of this thread on xarchiver 0.5.4.14 and the use of passwords with compatible archive formats. ie: those that support passwords.
... this may probably be the fastest/lightest and most versatile archiving utility for Linux.
It is mature and still works a wonder, which is why I have insisted on using it.
It has gotten better yet.
The actual maintainer (Ingo Brückl) kindly accepted to add code so that it would be easier/more straightforward to add a password to a file generated via the right.click -> 'Compress ...' action in PCManFM.
I expect that this also works in OpenBox and Thunar.
Now, creating a file from PCManFM with xarchiver 0.5.4.22 ('Compress ...') will open the 'Add files' window which now has the 'Options' previously available only when creating a 'New' file from xarchiver itself.
ie: 'Actions' -> 'Include subdirectories', 'Delete files after adding' | 'Compression' (levels 1 to 9) and 'Encryption'.
Source code here, a *.deb package arriving eventually at your neighbourhood Devuan/Debian repositories.
Best,
A.
#631 Re: Other Issues » [SOLVED] Can't connect to repos » 2024-02-07 23:43:04
Hello:
... not able to contact the repos ...
Anybody else getting this?
Not with synaptic (daedalus is not in my sources.list file) but wget got me a *.deb file a couple of minutes ago without issues:
~$ wget http://deb.devuan.org/merged/pool/DEBIAN/main/s/sudo/sudo_1.9.13p3-1+deb12u1_amd64.deb
--2024-02-07 20:35:19-- http://deb.devuan.org/merged/pool/DEBIAN/main/s/sudo/sudo_1.9.13p3-1+deb12u1_amd64.deb
Resolving deb.devuan.org (deb.devuan.org)... 131.188.12.211, 147.78.194.22, 195.85.215.180, ...
Connecting to deb.devuan.org (deb.devuan.org)|131.188.12.211|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1889484 (1.8M) [application/x-debian-package]
Saving to: 'sudo_1.9.13p3-1+deb12u1_amd64.deb'
sudo_1.9.13p3-1+deb12u1_amd64.deb 100%[=============|<-snip->|=================>] 1.80M 652KB/s in 2.8s
2024-02-07 20:35:23 (652 KB/s) - 'sudo_1.9.13p3-1+deb12u1_amd64.deb' saved [1889484/1889484]
~$HTH.
Best,
A.
#632 Re: Devuan Derivatives » refracta 32 » 2024-02-07 16:54:09
Hello:
Seeing that today is Wednesday 7 and I remembered to take my pills. 8^°
A couple of hints.
Wrong url or other reason ...
1. No. That is not it.
... refuse to update using sudo.
2. To (very loosely) paraphrase what someone once said about something ...
You're holding doing it wrong
Hopefully, that should send you on your way.
Best,
A.
BTW: do read the Release Notes for every release, that's exactly what they are for.
#633 Re: Installation » [SOLVED] Where is gfw? » 2024-02-06 11:30:17
... that was a typo. I looked through Symantec ...
Now, that was a real blast from the past. 8^°
Had not come across that name in maybe 15 years now.
I recall having seen some *.gho files and the MS portable executable to read them in one or two CDs somewhere within the pile of stuff to get rid of.
That said, you are (quite obviously) referring to synaptic, the GUI package manager a great many Linux users are fond of.
So that would make for two typos. 8^P !
Best,
A.
#634 Re: DIY » Announcement of the OpenMATE desktop environment » 2024-02-04 23:41:47
Hello:
... FOSS people just ignoring that github is owned by Microsoft.
Indeed ...
+1
A.
#635 Re: Devuan » Interesting article and post at The Register » 2024-01-29 17:27:06
Hello:
... waiting for the interesting part ...
I wrote it was interesting (to me and from where I sit) because I did not know about 90% of the things mentioned in the article.
... if (like me) you cannot relate to most of the history being recalled/cited.
That and that the concept/idea the author meant to get across made sense, again, to me.
ie: standards and consensus
... comment is interesting ...
Indeed it is.
I think it describes to a tee the present situation for Linux in general and Devuan in particular.
The US DoD thing should be taken with a few grains of salt but I don't think it is something to be dismissed.
If it does happen, it will have a cost for the Linux ecosystem.
Thank you for your input.
Best,
A.
#636 Devuan » Interesting article and post at The Register » 2024-01-29 10:57:15
- Altoid
- Replies: 4
Hello:
I've come across a very interesting article published at The Register by one of their frequent contributors, Steven J. Vaughan-Nichols.
The Land Before Linux: Let's talk about the Unix desktops
It takes more than open source, it takes open standards and consensus
More interesting yet (at least to me) is a post in the discussion page by commentard 'bazza':
... for the moment, SystemD has not displaced those well understood library functions, the dBus route for name resolution is an option. But, for how much longer? They're already re-routing conventional library call DNS requests to resolveD by messing with the default configuration files.
Given the attitude of RedHat / IBM, and their SystemD / Gnome teams, I would not put it past them to deprecate the library calls, and use their weight within the Linux distro world to make that stick.
The article makes for a very interesting read, even if (like me) you cannot relate to most of the history being recalled/cited.
But the post I am making reference to should make anyone here at Dev1 reflect.
Because it is all happening.
Now.
Best,
A.
#637 Re: Devuan » Praise for the security updates » 2024-01-26 13:27:35
Hello:
... would prefer X11 to be solid and future-proof.
Sure ...
Why not.
Seems to be doing fine. -> see steve_v's excellent explanation above
But ...
What about the security holes you have made reference to?
Please, humour me.
... not an expert ...
Neither am I, like you, just a user with just a few years' experience with MS and Linux under my belt.
ie: not a coder/programmer/maintainer. Can hardly manage to $ ./configure | $ make | # make install once in a blue moon.
... the view that Wayland is more secure is becoming more and more common.
Well, you should know by now that to get to more and more common all you need are enough posts constantly beating that same drum over and over again till it ends up becoming common enough.
Along the same lines and only to illustrate my point: <- no intention of starting a discussion
In the US, the view that Wayland Donald Trump is more secure the best president they ever had is becoming more and more common.
... missing is a really good comparison of the security aspects of X11 and Wayland.
I see.
Lacking that important piece of IT review, it would then seem that ... the view that Wayland is more secure ... does not have much to stand on.
Yes?
... competent confirmation that X11 is at least as secure as Wayland ...
Given the bloat and its provenance, I (very) seriously doubt it.
Of course, YMMV.
Tell me, Altoid, that X11 in Devuan is at least as secure as Wayland ...
Like I said, I am (like you) just a user so I cannot/would not do that.
ie: I lack the needed know-how / training.
What I can tell you is that I have continuously used X11 for a great many years through (in hindsight) far too many distributions and have had no issues with respect to security or anything a well written xorg.conf could not (99% of the time) fix.
As far as I am concerned, the burden of proof is on Wayland and not on X11.
ie: Wayland has to prove to be both better and more secure than X11.
Not the other way around.
Thank you for your input.
Best,
A.
#638 Re: Devuan » Praise for the security updates » 2024-01-26 11:08:09
Hello:
... but with X11 there are apparently security holes that aren't being fixed.
I would greatly appreciate your being a bit more specific as to which security holes you are referring to.
That said, I am sure you are aware of the difference between aren't being fixed ie: a won't fix label and has not been fixed yet.
The first highly doubtful for a security hole, the second quite possible.
Best,
A.
#639 Re: Forum Feedback » [SOLVED] Quote Button » 2024-01-23 12:14:35
Hello:
Please excuse this rather off-topic (not 'Quote Button' related) post.
<LeePen> golinux: the solution for end users is to install usrmerge.
Indeed.
--- snip ---
Like I have said before, this */usr merge* thing is nothing but
a smoke and mirrors act to distract Devuan from the very real menace
posed by systemd and its second stage, the dropping of support for
sysvinit.Not being a dev or a coder, I am still rather at odds with the /usr
merge idea but I can work with it being so (ie: I don't care one way
or another), as long as the distribution I am using is both
consistent through installs/updates/upgrades *and* works properly/as
expected.To rid the Devuan collective of said distraction a decision *has* to
be made and a course to follow set.ASAP.
My take is that Devuan should (once and for all) just accept that the
/usr merge thing is a fact of life and get on with seeing about the
most important issue in front of it:Its survival as a "Debian dependent" Linux distribution.
--- snip ---
That said, I can clearly understand that this homogenization of all things Debian/Devuan with respect to the file system tree can (and most probably will) offer a more standardised way to attack any Debian based Linux system, but we will all just have to be more vigilant and careful.
This usrmerge is just one battle, not the war.
Some battles must be avoided to be able to stand and be able to fight another, more important one.
Devuan can and will eventually be able to work around this usrmerge issue.
In my opinion (YMMV), a minor one.
I think that there are other Devuan users [many?/a lot?] that are in the same boat as I am and if so, it may be a good thing to consider that this usrmerge thing be the default from whatever Devuan version our overworked/understaffed devs/admis think would be least problematic onwards.
If interested, full post here.
Also see this article at ElReg.
"The 255th version of systemd is here, banishing support* for split and unmerged /usr directories but enriching its UKI boot support."
--- snip ---
"... this release requires** distributions to have completed the /usr merge process."
--- snip ---
* underline is mine
** emphasis by article's author
Best,
A.
#640 Re: Other Issues » Archive is cpio archive. Decompression error. » 2024-01-22 22:53:11
Hello:
... it is a bug and it has not been identified and fixed.
... see it rarely, but I do see it on certain installs - and I can not tell what I do to create it.
For what it is worth, I have been told that this type of 'bug' is referred to as Heisenbug.
ie: a sporadic and non-reproducible bug
Real fun to work on. 8^°
Best,
A.
#641 Re: Off-topic » [SOLVED] What is your view on major distros dropping X11 and requiring Wayland? » 2024-01-19 01:57:13
Hello:
How does anyone in their right mind not scream bloody murder ...
Well ...
This thread could go on for weeks on end with the hows/whys/etcs.
No sense doing that.
The very ugly truth is that most people these days are basically stupid/ignorant dickheads that think IoTs, internet enabled toasters/washing machines/refrigerators/TVs, automated lightbulbs, intelligent [whatevers], internet enabled baby cams and doorbells, cars and snoop-phones with incorporated AI and crap like that are oh! soooo convenient.
Unbelievable.
But that is where we are at in 2024 and it will only get worse.
Much worse.
We are only seeing the tip of the crapberg.
Best,
A.
#642 Re: Off-topic » [SOLVED] What is your view on major distros dropping X11 and requiring Wayland? » 2024-01-19 01:05:57
It is a harvester of info from I understand.
An huge understatement.
See https://web.archive.org/web/20090418021 … eZeitgeist
And that bit is from back in 2009, imagine where it is now ... 8^°
Mark my words: sooner than later we will see zeitgeist code merged into systemd.
Best,
A.
#643 Re: Off-topic » [SOLVED] What is your view on major distros dropping X11 and requiring Wayland? » 2024-01-18 22:21:59
Hello:
... having issues with clipit, replaced by Diodon and laced with zeitgeist.
If I were you, I'd get rid of that zeitgeist crap ASAP.
There was a lot written about it in late 2022.
But after that, nothing else.
One day, it will be too late to say anything much.
Best,
A.
#644 Re: Installation » DropBox App Install » 2024-01-18 12:48:45
Hello:
... convince him not to use a proprietary software.
Convince who?
The court?
Surely you jest ...
I expect that AK will be lucky if he gets a proper hearing.
Best,
A.
#645 News & Announcements » [ANNOUNCE] xwayland 23.2.4 » 2024-01-16 14:20:47
- Altoid
- Replies: 0
Hello:
Just got this in my box.
Best,
A.
---
This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg/2024- … 61525.html
* CVE-2023-6816
* CVE-2024-0229
* CVE-2024-21885
* CVE-2024-21886
* CVE-2024-0408
* CVE-2024-0409
Additionally, it also contains several other fixes for glamor, libEI support,
and FreeBSD.
Jan Beich (2):
os: Use LOCAL_PEERCRED to determine local client PID on FreeBSD
os: Use KERN_PROC_ARGS to determine client command on DragonFly and FreeBSD
José Expósito (2):
Xi: do not keep linked list pointer during recursion
Bump version to 23.2.4
Michel Dänzer (3):
glamor: Don't override source alpha to 1.0 if it's used for blending
glamor: Make glamor_set_alu take a DrawablePtr
glamor: Fall back for mixed depth 24/32 in glamor_set_alu
Olivier Fourdan (3):
xwayland: Pass the correct oeffis device types
glx: Call XACE hooks on the GLX buffer
ephyr,xwayland: Use the proper private key for cursor
Peter Hutterer (10):
Xi: require a pointer and keyboard device for XIAttachToMaster
dix: don't allow for devices with 0 axes
xwayland: override the XTest sendEventsProc for all devices
dix: initialize the XTest sendEventsProc for all devices
dix: allocate enough space for logical button maps
dix: Allocate sufficient xEvents for our DeviceStateNotify
dix: fix DeviceStateNotify event calculation
Xi: when creating a new ButtonClass, set the number of buttons
Xi: flush hierarchy events after adding/removing master devices
dix: when disabling a master, float disabled slaved devices too
git tag: xwayland-23.2.4
https://xorg.freedesktop.org/archive/in … 2.4.tar.xz
SHA256: a99e159b6d0d33098b3b6ab22a88bfcece23c8b9d0ca72c535c55dcb0681b46b xwayland-23.2.4.tar.xz
SHA512: ac3ff208cbef5bbe4637c335cfda226489c93b0a3768f2f4fb0201c588485ede38262fbce77ef1425b3d2a0be61b6580df53341c7b95e6072c8b6371ad29d187 xwayland-23.2.4.tar.xz
PGP: https://xorg.freedesktop.org/archive/in … tar.xz.sig
---
Best,
A.
#646 News & Announcements » [ANNOUNCE] xorg-server 21.1.11 » 2024-01-16 14:19:08
- Altoid
- Replies: 0
Hello:
Just got this in my box.
---
This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg/2024- … 61525.html
* CVE-2023-6816
* CVE-2024-0229
* CVE-2024-21885
* CVE-2024-21886
* CVE-2024-0408
* CVE-2024-0409
Additionally, it also contains a fix for XRandR to allow for multiple virtual
monitors on a physical display.
José Expósito (2):
Xi: do not keep linked list pointer during recursion
xserver 21.1.11
Michael Wyraz (1):
Removing the code that deletes an existing monitor in RRMonitorAdd
Olivier Fourdan (2):
glx: Call XACE hooks on the GLX buffer
ephyr,xwayland: Use the proper private key for cursor
Peter Hutterer (6):
dix: allocate enough space for logical button maps
dix: Allocate sufficient xEvents for our DeviceStateNotify
dix: fix DeviceStateNotify event calculation
Xi: when creating a new ButtonClass, set the number of buttons
Xi: flush hierarchy events after adding/removing master devices
dix: when disabling a master, float disabled slaved devices too
git tag: xorg-server-21.1.11
https://xorg.freedesktop.org/archive/in … .11.tar.gz
SHA256: 1aa0ee1adad0b2db7f291f3823a4ab240c7f4aea710e89f5ef4aa232b6833403 xorg-server-21.1.11.tar.gz
SHA512: e41bf71955691e66084a67fc20643632087f0326d5eddc31e6edd118d05005b8ab536738c181f4c352f331ec8fc8f23ae1b45f237592fa5d7eddbffe43638b08 xorg-server-21.1.11.tar.gz
PGP: https://xorg.freedesktop.org/archive/in … tar.gz.sig
---
Best,
A.
#647 News & Announcements » X.Org Security Advisory: X.Org X server and Xwayland » 2024-01-16 14:17:34
- Altoid
- Replies: 0
Hello:
Just got this in my box.
Good to see X.Org at work.
---
Issues in X.Org X server prior to 21.1.11 and Xwayland prior to 23.2.4
=====================================================
Multiple issues have been found in the X server and Xwayland implementations
published by X.Org for which we are releasing security fixes for in
xorg-server-21.1.11 and xwayland-23.2.4.
1) CVE-2023-6816 can be triggered by passing an invalid array index to DeviceFocusEvent or ProcXIQueryPointer.
2) CVE-2024-0229 can be triggered if a device has both a button and a key class and zero buttons.
3) CVE-2024-21885 can be triggered if a device with a given ID was removed and a new device with the same ID added both in the same operation.
4) CVE-2024-21886 can be triggered by disabling a master device with disabled slave devices.
5) CVE-2024-0409 can be triggered by enabling SELinux xserver_object_manager and running a client.
6) CVE-2024-0408 can be triggered by enabling SELinux xserver_object_manager and creating a GLX PBuffer.
------------------------------------------------------------------------
1) CVE-2023-6816: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
Introduced in: xorg-server-1.13.0 (2012)
Fixed in: xorg-server-21.1.11 and xwayland-23.2.4
Fix: https://gitlab.freedesktop.org/xorg/xse … 3c58a9e7e3
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for
each logical button currently down. Buttons can be arbitrarily mapped to
any value up to 255 but the X.Org Server was only allocating space for the
device's number of buttons, leading to a heap overflow if a bigger value
was used.
xorg-server-21.1.11 and xwayland-23.2.4 have been patched to fix this issue.
2) CVE-2024-0229: Reattaching to different master device may lead to out-of-bounds memory access
Introduced in: xorg-server-1.1.1 (2006)
Fixed in: xorg-server-21.1.11 and xwayland-23.2.4
Fixes:
- https://gitlab.freedesktop.org/xorg/xse … 636109d6a5
- https://gitlab.freedesktop.org/xorg/xse … cde53553d5
- https://gitlab.freedesktop.org/xorg/xse … e0d5981b74
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
If a device has both a button class and a key class and numButtons is
zero, we can get an out-of-bounds write due to event under-allocation in
the DeliverStateNotifyEvent function.
xorg-server-21.1.11 and xwayland-23.2.4 have been patched to fix this issue.
3) CVE-2024-21885: Heap buffer overflow in XISendDeviceHierarchyEvent
Introduced in: xorg-server-1.10.0 (2011)
Fixed in: xorg-server-21.1.11 and xwayland-23.2.4
Fix: https://gitlab.freedesktop.org/xorg/xse … dce503cbd1
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
The XISendDeviceHierarchyEvent() function allocates space to store up
to MAXDEVICES (256) xXIHierarchyInfo structures in info.
If a device with a given ID was removed and a new device with the same
ID added both in the same operation, the single device ID will lead to
two info structures being written to info.
Since this case can occur for every device ID at once, a total of two
times MAXDEVICES info structures might be written to the allocation,
leading to a heap buffer overflow.
xorg-server-21.1.11 and xwayland-23.2.4 have been patched to fix this issue.
4) CVE-2024-21886: Heap buffer overflow in DisableDevice
Introduced in: xorg-server-1.13.0 (2012)
Fixed in: xorg-server-21.1.11 and xwayland-23.2.4
Fixes:
- https://gitlab.freedesktop.org/xorg/xse … 54dd0ce36b
- https://gitlab.freedesktop.org/xorg/xse … 10cc07c3a8
Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
The DisableDevice() function is called whenever an enabled device
is disabled and it moves the device from the inputInfo.devices linked
list to the inputInfo.off_devices linked list.
However, its link/unlink operation has an issue during the recursive
call to DisableDevice() due to the prev pointer pointing to a
removed device.
This issue leads to a length mismatch between the total number of
devices and the number of device in the list, leading to a heap
overflow and, possibly, to local privilege escalation.
xorg-server-21.1.11 and xwayland-23.2.4 have been patched to fix this issue.
5) CVE-2024-0409: SELinux context corruption
Introduced in: xorg-server-1.16.0 (2014)
Fixed in: xorg-server-21.1.11 and xwayland-23.2.4
Fix: https://gitlab.freedesktop.org/xorg/xse … ea702c94f7
Found by: Olivier Fourdan
The Xserver uses the mechanism of "privates" to store additional data to its
own objects, each private has an associate "type". Each private is allocated
for the relevant size of memory that is declared at creation.
The cursor structure in the Xserver goes as far as having two keys, one for
the cursor itself and another one for the bits that make the cursor shape.
XSELINUX also uses privates but it's a bit of a special case because it uses
the same privates keys for all different objects.
What happens here is that the cursor code in both Xephyr and Xwayland uses the
wrong type of private at creation, using the cursor bits type with the cursor
private and when initiating the cursor, the overwrites the XSELINUX context.
xorg-server-21.1.11 and xwayland-23.2.4 have been patched to fix this issue.
6) CVE-2024-0408: SELinux unlabeled GLX PBuffer
Introduced in: xorg-server-1.10.0 (2011)
Fixed in: xorg-server-21.1.11 and xwayland-23.2.4
Fix: https://gitlab.freedesktop.org/xorg/xse … fe5e15dac3
Found by: Olivier Fourdan and Donn Seeley
The XSELINUX code in the Xserver labels the X resources based on a hook. What
happens here is that the GLX PBuffer code does not call that XACE hook when
creating the buffer, so it remains unlabeled, and when the client issues
another request to access that resource (as here with a GetGeometry) or even
when it creates another resource which needs to access that buffer (such as a
GC), the XSELINUX code will try to use an object that was never labeled and
crash because the SID is NULL.
xorg-server-21.1.11 and xwayland-23.2.4 have been patched to fix this issue.
---
Best,
A.
#648 Re: Other Issues » Ceph on Devuan » 2024-01-16 13:58:59
Hello:
What is systemctl in Devuan? Can it imitate systemd services management?
See here.
Description-en:
daemonless "systemctl" command to manage services without systemd "systemctl" is a replacement command to control system daemons without systemd. "systemctl" is useful in application containers where systemd is not available to start/stop services.This script can also be run as init of an application container (i.e. the main "CMD" on PID 1) where it will automatically bring up all enabled services in the "multi-user.target" and where it will reap all zombies from background processes in the container. When stopping such a container it will also bring down all configured services correctly before exit.
Best,
A.
#649 Re: Desktop and Multimedia » [Solved] xarchiver 0.5.4.14 issue » 2024-01-15 20:37:32
Hello:
I have finally made progress with xarchiver and encryption.
For better or worse, the process of adding a password to protect a compressed file using xarchiver is not too at all intuitive.
To wit:
If you open PCManFM, point to select a file and right-click/select 'Compress ...' and save it, you get exactly that.
A compressed file.
/rant start
Now ...
Do you want an extra serving of password with that?
Forget it, not on the menu.
/rant end
You have to do it the proper way:
Step 1.
Open up the xarchiver application
Applications -> Accesories -> xarchiver
Archive -> New
Step 2.
Add a name, a location to save to and and hit 'Create'
You now you have an empty *.zip file* with a name and the xarchiver UI open.
* this provided you have chosen the default compression file type as zip in Preferences -> Preferred archive format.
Step 3.
Now ...
Action -> Add gets you the 'Add files' window where in the 'Selection' tab you can choose a file and whether to store full paths or not.
Right next to it is the 'Options' tab with the 'Actions' | 'Compression' | 'Encryption Options'.
The rest is straightforward.
Cannot imagine why pointing to select a file in PCManFM and right-clicking/selecting 'Compress ...' does not take you directly Step 3.
Maybe it is a PacManFM thing?
Right ...
Have you seen any evidence that xarchiver can do anything with encryption?
The answer is yes.
Pity that finding out how it had to be done proved to be an ordeal worthy of a much better cause.
But make no mistake, this may probably be the fastest/lightest and most versatile archiving utility for Linux.
It is mature and still works a wonder, which is why I have insisted on using it.
Problem solved.
Best,
A.
#650 Re: Other Issues » Ceph on Devuan » 2024-01-15 15:51:15
Hello:
... interesting for the larger community
Indeed.
https://docs.ceph.com/en/latest/start/o … endations/
the above claims ceph can use sysvinit or systemd
Does it?
Or is it open to interpretation?
... any distribution that includes a supported kernel and supported system startup framework ...Does the Daedalus kernel actually fit into that definition?
ie: is sysvinit a supported system startup framework for Debian?
the below says systemd is required for cephadm
https://docs.ceph.com/en/latest/cephadm/install/
Yes.
BUT at the top of the page it has a banner that reads:
This document is for a development version of Ceph.That said, maybe it is just showing, as with many other packages, the road to be taken as of sysvinit's demise?
Also see https://pkginfo.devuan.org/cgi-bin/pack … .2.11+ds-2
Package: cephadm
Version: 16.2.11+ds-2
--- snip ---
Depends:
adduser, lvm2, python3:any
--- snip ---
Description-en:
utility to bootstrap ceph daemons with systemd and containers
Ceph is a massively scalable, open-source, distributed
storage system that runs on commodity hardware and delivers object,
block and file system storage.
The cephadm utility is used to bootstrap a Ceph cluster and to manage
ceph daemons deployed with systemd and containers.According to the Devuan Package information page, there is no systemd dependency in that package.
Maybe there is some detail that our (overworked) Devuan maintainers missed.
Best,
A.
Board footer
