Download | Devuan.org | Git | Bugs | Packages

The officially official Devuan Forum!

You are not logged in.

Pages: 1 41 42 43 44 45 80

#1051 Re: Hardware & System Configuration » [SOLVED] Devuan Beowulf: can't get rid of AppArmor » 2021-12-28 22:59:01

Altoid

Hello:

Head_on_a_Stick wrote:
Altoid wrote:

But Poettering seems to be in charge

Don't be silly.

Tsk, tsk ...
No name calling ... 8^D !!!   

Altoid wrote:

But Poettering massive, faceless, psychopathic corporate entities seem to be in charge.

Better?
So, if not Potty, then it is the MFPCEs but the issue (for me) stands.

ie:
You don't go to the cinema with a bathing trunk under your trousers, just in case you decide to go for a swim at the beach, 400 km. away.

Whoever decided this apparmor setup is a dick should seriously reconsider.

Thanks for taking the time to explain all this and for the humour.

Best,

A.

#1052 Re: Hardware & System Configuration » [SOLVED] Devuan Beowulf: can't get rid of AppArmor » 2021-12-28 19:01:31

Altoid

Hello:

Head_on_a_Stick wrote:

See ...
... which package(s) own(s) those files.

Thanks for the link.
Quite useful.

Head_on_a_Stick wrote:

Debian make several separate packages ...
Arch lump everything together in their apparmor package ...
... *must* have the AppArmor user space utilities installed ...
... not the case in Debian, which seems like an improvement to me.

I'm not in a situation to argue for or against.

But to me it seems like an unwarranted excess on behalf of the Debian crew.

Just like having apparmor installed and enabled by default.
Or ignoring the fact that it is disabled in the kernel command line to reinstall and enable it again when upgrading the kernel.
But Poettering seems to be in charge, so I'm not at all surprised.

My point is that if you want to install apparmor, then do it installing all the needed dependencies/utilities with it.
No need to fill up the system with files I won't be using.

It's like going to the cinema with a bathing trunk under my trousers.
Just in case I decide to go for a swim at the beach.
The nearest one being 400 km. away.

Head_on_a_Stick wrote:

... the AppArmor functionality is actually provided by the kernel itself ...

I'm quite aware of that.

Thank you very much for taking the time to explain this. 8^ )

Best,

A.

#1053 Re: Hardware & System Configuration » [SOLVED] Devuan Beowulf: can't get rid of AppArmor » 2021-12-28 15:02:46

Altoid

Hello:

Head_on_a_Stick wrote:

Because the dbus package has been built with AppArmor support ...

I see.

Head_on_a_Stick wrote:

... AppArmor libraries won't ever be used if AppArmor is disabled ...
... should be able to remove them manually ...

Sure.
I know well enough not to muck with stuff in /etc so I will let that be for the moment.

But it isn't so much that I'm bothered by them.
I'm bothered by the fact that they are quite obviously* apparmor files and not dbus files.
* /etc/apparmor/*, /etc/apparmor.d/*, /etc/apparmor/init/*

In my "non-expert/developer/programmer" opinion, they should not be there unless apparmor is actually installed and enabled.
ie: What do I need them there for? They got there because apparmor is installed and enabled by default.

How come they are not removed/purged when apparmor is removed?

apparmor and tomoyo should not be foisted onto your installation unless you actually want to install them.

I have the idea that something is not right here.
For whatever reason it reminds me of how MS wove IE into Windows 95 so as to make it almost inoperable if it was pulled out*.
* to be able to choose an alternate browser. 

Eventually MS were found out and exposed, but by then the damage was already done.

Thanks for your input.

Best,

A.

#1054 Re: Hardware & System Configuration » [SOLVED] Devuan Beowulf: can't get rid of AppArmor » 2021-12-28 13:07:37

Altoid

Hello:

Why is there a dbus dependency on libapparmor1?
I don't understand what is going on.

ascii w/backported kernel installation: 

groucho@devuan:~$ aptitude why libapparmor1
i   slim Depends dbus                    
i A dbus Depends libapparmor1 (>= 2.8.94)
groucho@devuan:~$

ascii VM:

groucho@dev-pihole:~$ sudo aptitude why libapparmor1
i   dbus-x11 Depends dbus                    
i A dbus     Depends libapparmor1 (>= 2.8.95)
groucho@dev-pihole:~$

chimaera VM:

root@chimaera:~# aptitude why libapparmor1
i   dbus Depends libapparmor1 (>= 2.8.94)
root@chimaera:~#

apparmor is not installed in any of these three Devuan machines.
Yet, from ascii on, there seems to be a constant apparmor infiltration.

This is the apparmor stuff I have in my main installation:

groucho@devuan:~$ uname -a
Linux devuan 5.10.0-0.bpo.3-amd64 #1 SMP Debian 5.10.13-1~bpo10+1 (2021-02-11) x86_64 GNU/Linux
groucho@devuan:~$ 
groucho@devuan:~$ apt list | grep installed | grep -i apparmor
--- snip ---
libapparmor1/oldstable,now 2.13.2-10 amd64 [installed]
groucho@devuan:~$ 
groucho@devuan:~$ locate apparmor
/etc/apparmor.d
/etc/apparmor.d/local
/etc/apparmor.d/usr.sbin.tcpdump
/etc/apparmor.d/local/usr.sbin.tcpdump
/lib/x86_64-linux-gnu/libapparmor.so.1
/lib/x86_64-linux-gnu/libapparmor.so.1.6.0
/usr/share/doc/libapparmor1
/usr/share/doc/libapparmor1/changelog.Debian.gz
/usr/share/doc/libapparmor1/copyright
/usr/share/lintian/overrides/libapparmor1
/usr/src/linux-headers-5.10.0-0.bpo.3-amd64/include/config/default/security/apparmor.h
/usr/src/linux-headers-5.10.0-0.bpo.3-amd64/include/config/security/apparmor
/usr/src/linux-headers-5.10.0-0.bpo.3-amd64/include/config/security/apparmor.h
/usr/src/linux-headers-5.10.0-0.bpo.3-amd64/include/config/security/apparmor/hash
/usr/src/linux-headers-5.10.0-0.bpo.3-amd64/include/config/security/apparmor/hash.h
/usr/src/linux-headers-5.10.0-0.bpo.3-amd64/include/config/security/apparmor/hash/default.h
/var/lib/dpkg/info/libapparmor1:amd64.list
/var/lib/dpkg/info/libapparmor1:amd64.md5sums
/var/lib/dpkg/info/libapparmor1:amd64.shlibs
/var/lib/dpkg/info/libapparmor1:amd64.symbols
/var/lib/dpkg/info/libapparmor1:amd64.triggers
groucho@devuan:~$

This is what I have in one of my VMs:

groucho@dev-pihole:~$ uname -a
Linux dev-pihole 4.9.0-17-amd64 #1 SMP Debian 4.9.290-1 (2021-12-12) x86_64 GNU/Linux
groucho@dev-pihole:~$ 
groucho@dev-pihole:~$ apt list | grep installed | grep -i apparmor
--- snip ---
libapparmor1/oldoldstable,now 2.11.0-3+deb9u2 amd64 [installed,automatic]
groucho@dev-pihole:~$ 
groucho@dev-pihole:~$ locate apparmor
/etc/apparmor
/etc/apparmor.d
/etc/apparmor/init
/etc/apparmor/init/network-interface-security
/etc/apparmor/init/network-interface-security/usr.sbin.ntpd
/etc/apparmor.d/local
/etc/apparmor.d/tunables
/etc/apparmor.d/usr.sbin.ntpd
/etc/apparmor.d/usr.sbin.unbound
/etc/apparmor.d/local/usr.sbin.ntpd
/etc/apparmor.d/local/usr.sbin.unbound
/etc/apparmor.d/tunables/ntpd

This is what I have in another one of my VMs:

groucho@chimaera:~$ uname -a
Linux chimaera 5.10.0-9-amd64 #1 SMP Debian 5.10.70-1 (2021-09-30) x86_64 GNU/Linux
groucho@chimaera:~$ 
root@chimaera:~# apt list | grep installed | grep -i apparmor
--- snip ---
libapparmor1/stable,now 2.13.6-10 amd64 [installed,automatic]
root@chimaera:~# 
root@chimaera:~# locate apparmor
/etc/apparmor
/etc/apparmor.d
/etc/apparmor/parser.conf
/etc/apparmor.d/abstractions
/etc/apparmor.d/local
/etc/apparmor.d/lsb_release
/etc/apparmor.d/nvidia_modprobe
/etc/apparmor.d/tunables
/etc/apparmor.d/usr.bin.man
/etc/apparmor.d/abstractions/X
/etc/apparmor.d/abstractions/apache2-common
/etc/apparmor.d/abstractions/apparmor_api
/etc/apparmor.d/abstractions/aspell
/etc/apparmor.d/abstractions/audio
/etc/apparmor.d/abstractions/authentication
/etc/apparmor.d/abstractions/base
/etc/apparmor.d/abstractions/bash
/etc/apparmor.d/abstractions/consoles
/etc/apparmor.d/abstractions/cups-client
/etc/apparmor.d/abstractions/dbus
/etc/apparmor.d/abstractions/dbus-accessibility
/etc/apparmor.d/abstractions/dbus-accessibility-strict
/etc/apparmor.d/abstractions/dbus-network-manager-strict
/etc/apparmor.d/abstractions/dbus-session
/etc/apparmor.d/abstractions/dbus-session-strict
/etc/apparmor.d/abstractions/dbus-strict
/etc/apparmor.d/abstractions/dconf
/etc/apparmor.d/abstractions/dovecot-common
/etc/apparmor.d/abstractions/dri-common
/etc/apparmor.d/abstractions/dri-enumerate
/etc/apparmor.d/abstractions/enchant
/etc/apparmor.d/abstractions/exo-open
/etc/apparmor.d/abstractions/fcitx
/etc/apparmor.d/abstractions/fcitx-strict
/etc/apparmor.d/abstractions/fonts
/etc/apparmor.d/abstractions/freedesktop.org
/etc/apparmor.d/abstractions/gio-open
/etc/apparmor.d/abstractions/gnome
/etc/apparmor.d/abstractions/gnupg
/etc/apparmor.d/abstractions/gvfs-open
/etc/apparmor.d/abstractions/hosts_access
/etc/apparmor.d/abstractions/ibus
/etc/apparmor.d/abstractions/kde
/etc/apparmor.d/abstractions/kde-globals-write
/etc/apparmor.d/abstractions/kde-icon-cache-write
/etc/apparmor.d/abstractions/kde-language-write
/etc/apparmor.d/abstractions/kde-open5
/etc/apparmor.d/abstractions/kerberosclient
/etc/apparmor.d/abstractions/ldapclient
/etc/apparmor.d/abstractions/libpam-systemd
/etc/apparmor.d/abstractions/likewise
/etc/apparmor.d/abstractions/mdns
/etc/apparmor.d/abstractions/mesa
/etc/apparmor.d/abstractions/mir
/etc/apparmor.d/abstractions/mozc
/etc/apparmor.d/abstractions/mysql
/etc/apparmor.d/abstractions/nameservice
/etc/apparmor.d/abstractions/nis
/etc/apparmor.d/abstractions/nvidia
/etc/apparmor.d/abstractions/opencl
/etc/apparmor.d/abstractions/opencl-common
/etc/apparmor.d/abstractions/opencl-intel
/etc/apparmor.d/abstractions/opencl-mesa
/etc/apparmor.d/abstractions/opencl-nvidia
/etc/apparmor.d/abstractions/opencl-pocl
/etc/apparmor.d/abstractions/openssl
/etc/apparmor.d/abstractions/orbit2
/etc/apparmor.d/abstractions/p11-kit
/etc/apparmor.d/abstractions/perl
/etc/apparmor.d/abstractions/php
/etc/apparmor.d/abstractions/php5
/etc/apparmor.d/abstractions/postfix-common
/etc/apparmor.d/abstractions/private-files
/etc/apparmor.d/abstractions/private-files-strict
/etc/apparmor.d/abstractions/python
/etc/apparmor.d/abstractions/qt5
/etc/apparmor.d/abstractions/qt5-compose-cache-write
/etc/apparmor.d/abstractions/qt5-settings-write
/etc/apparmor.d/abstractions/recent-documents-write
/etc/apparmor.d/abstractions/ruby
/etc/apparmor.d/abstractions/samba
/etc/apparmor.d/abstractions/smbpass
/etc/apparmor.d/abstractions/ssl_certs
/etc/apparmor.d/abstractions/ssl_keys
/etc/apparmor.d/abstractions/svn-repositories
/etc/apparmor.d/abstractions/ubuntu-bittorrent-clients
/etc/apparmor.d/abstractions/ubuntu-browsers
/etc/apparmor.d/abstractions/ubuntu-browsers.d
/etc/apparmor.d/abstractions/ubuntu-console-browsers
/etc/apparmor.d/abstractions/ubuntu-console-email
/etc/apparmor.d/abstractions/ubuntu-email
/etc/apparmor.d/abstractions/ubuntu-feed-readers
/etc/apparmor.d/abstractions/ubuntu-gnome-terminal
/etc/apparmor.d/abstractions/ubuntu-helpers
/etc/apparmor.d/abstractions/ubuntu-konsole
/etc/apparmor.d/abstractions/ubuntu-media-players
/etc/apparmor.d/abstractions/ubuntu-unity7-base
/etc/apparmor.d/abstractions/ubuntu-unity7-launcher
/etc/apparmor.d/abstractions/ubuntu-unity7-messaging
/etc/apparmor.d/abstractions/ubuntu-xterm
/etc/apparmor.d/abstractions/user-download
/etc/apparmor.d/abstractions/user-mail
/etc/apparmor.d/abstractions/user-manpages
/etc/apparmor.d/abstractions/user-tmp
/etc/apparmor.d/abstractions/user-write
/etc/apparmor.d/abstractions/video
/etc/apparmor.d/abstractions/vulkan
/etc/apparmor.d/abstractions/wayland
/etc/apparmor.d/abstractions/web-data
/etc/apparmor.d/abstractions/winbind
/etc/apparmor.d/abstractions/wutmp
/etc/apparmor.d/abstractions/xad
/etc/apparmor.d/abstractions/xdg-desktop
/etc/apparmor.d/abstractions/xdg-open
/etc/apparmor.d/abstractions/apparmor_api/change_profile
/etc/apparmor.d/abstractions/apparmor_api/examine
/etc/apparmor.d/abstractions/apparmor_api/find_mountpoint
/etc/apparmor.d/abstractions/apparmor_api/introspect
/etc/apparmor.d/abstractions/apparmor_api/is_enabled
/etc/apparmor.d/abstractions/ubuntu-browsers.d/java
/etc/apparmor.d/abstractions/ubuntu-browsers.d/kde
/etc/apparmor.d/abstractions/ubuntu-browsers.d/mailto
/etc/apparmor.d/abstractions/ubuntu-browsers.d/multimedia
/etc/apparmor.d/abstractions/ubuntu-browsers.d/plugins-common
/etc/apparmor.d/abstractions/ubuntu-browsers.d/productivity
/etc/apparmor.d/abstractions/ubuntu-browsers.d/text-editors
/etc/apparmor.d/abstractions/ubuntu-browsers.d/ubuntu-integration
/etc/apparmor.d/abstractions/ubuntu-browsers.d/ubuntu-integration-xul
/etc/apparmor.d/abstractions/ubuntu-browsers.d/user-files
/etc/apparmor.d/local/README
/etc/apparmor.d/local/lsb_release
/etc/apparmor.d/local/nvidia_modprobe
/etc/apparmor.d/local/usr.bin.man
/etc/apparmor.d/tunables/alias
/etc/apparmor.d/tunables/apparmorfs
/etc/apparmor.d/tunables/dovecot
/etc/apparmor.d/tunables/global
/etc/apparmor.d/tunables/home
/etc/apparmor.d/tunables/home.d
/etc/apparmor.d/tunables/kernelvars
/etc/apparmor.d/tunables/multiarch
/etc/apparmor.d/tunables/multiarch.d
/etc/apparmor.d/tunables/proc
/etc/apparmor.d/tunables/run
/etc/apparmor.d/tunables/securityfs
/etc/apparmor.d/tunables/share
/etc/apparmor.d/tunables/sys
/etc/apparmor.d/tunables/xdg-user-dirs
/etc/apparmor.d/tunables/xdg-user-dirs.d
/etc/apparmor.d/tunables/home.d/site.local
/etc/apparmor.d/tunables/home.d/ubuntu
/etc/apparmor.d/tunables/multiarch.d/site.local
/etc/apparmor.d/tunables/xdg-user-dirs.d/site.local
/etc/init.d/apparmor
/etc/rcS.d/K88apparmor
/etc/systemd/system/apparmor.service
/etc/systemd/system/sysinit.target.wants/apparmor.service
/usr/lib/x86_64-linux-gnu/libapparmor.so.1
/usr/lib/x86_64-linux-gnu/libapparmor.so.1.6.3
/usr/share/doc/libapparmor1
/usr/share/doc/libapparmor1/changelog.Debian.gz
/usr/share/doc/libapparmor1/copyright
/usr/src/linux-headers-5.10.0-9-amd64/include/config/default/security/apparmor.h
/usr/src/linux-headers-5.10.0-9-amd64/include/config/security/apparmor
/usr/src/linux-headers-5.10.0-9-amd64/include/config/security/apparmor.h
/usr/src/linux-headers-5.10.0-9-amd64/include/config/security/apparmor/hash
/usr/src/linux-headers-5.10.0-9-amd64/include/config/security/apparmor/hash.h
/usr/src/linux-headers-5.10.0-9-amd64/include/config/security/apparmor/hash/default.h
/var/cache/apparmor
/var/cache/apparmor/c08a2770.0
/var/cache/apparmor/c08a2770.0/.features
/var/cache/apparmor/c08a2770.0/lsb_release
/var/cache/apparmor/c08a2770.0/nvidia_modprobe
/var/cache/apparmor/c08a2770.0/usr.bin.man
/var/lib/dpkg/info/apparmor.list
/var/lib/dpkg/info/apparmor.postrm
/var/lib/dpkg/info/libapparmor1:amd64.list
/var/lib/dpkg/info/libapparmor1:amd64.md5sums
/var/lib/dpkg/info/libapparmor1:amd64.shlibs
/var/lib/dpkg/info/libapparmor1:amd64.symbols
/var/lib/dpkg/info/libapparmor1:amd64.triggers
/var/lib/systemd/deb-systemd-helper-enabled/apparmor.service.dsh-also
/var/lib/systemd/deb-systemd-helper-enabled/sysinit.target.wants/apparmor.service
/var/lib/systemd/deb-systemd-helper-masked/apparmor.service
root@chimaera:~#

See what I am referring to?

Then there's what happens when you add apparmor=0 to the kernel command line.
Only the ascii VM reports it as being disabled:

groucho@dev-pihole:~$ sudo dmesg | grep AppArmor
[    0.286356] AppArmor: AppArmor disabled by boot time parameter
groucho@dev-pihole:~$

The chimaera VM does not:

root@chimaera:~# dmesg | grep AppArmor
root@chimaera:~#

Not does the ascii installation with the backported kernel:

groucho@devuan:~$ sudo dmesg | grep AppArmor
groucho@devuan:~$

I fail to see what an apparmor library has to do with dbus.
Or why the chimaera file system has acquired all these apparmor related files if it is not installed or has been purged.

Anyone know or have comments about this?

Thanks in advance.

Best,

A.

#1055 Re: Hardware & System Configuration » [SOLVED] Devuan Beowulf: can't get rid of AppArmor » 2021-12-27 17:49:19

Altoid

Hello:

Altoid wrote:

... faint memory of having come across this before ...

Found it.
It was me bitching about AppArmor earlier this year:

https://dev1galaxy.org/viewtopic.php?id=4329

Now I have to re-check and see if it is really true that security=none disables both tomoyo and AppArmor, making apparmor=0 unneccesary.

Best,

A.

#1056 Re: Hardware & System Configuration » [SOLVED] Devuan Beowulf: can't get rid of AppArmor » 2021-12-27 17:32:27

Altoid

Hello:

Head_on_a_Stick wrote:

Thanks for the link, I'll have a look later on.

Head_on_a_Stick wrote:

EDIT: the AppArmor lines in dmesg are from the kernel module.

My main system is this one and as you can see it is Devuan Beowulf with a backported kernel:

groucho@devuan:~$ uname -a
Linux devuan 5.10.0-0.bpo.3-amd64 #1 SMP Debian 5.10.13-1~bpo10+1 (2021-02-11) x86_64 GNU/Linux
groucho@devuan:~$

AppArmor is not installed but like in the OP, libapparmor1 is there:

groucho@devuan:~$ apt list | grep installed | grep -i apparmor
--- snip ---
libapparmor1/oldstable,now 2.13.2-10 amd64 [installed]
groucho@devuan:~$

But with this kernel it does not make itself known via dmesg like with the Beowulf kernel.

groucho@devuan:~$ sudo dmesg | grep -i apparmor
groucho@devuan:~$

Makes me wonder why ...

Thanks for your input.

Best,

A.

#1057 Hardware & System Configuration » [SOLVED] Devuan Beowulf: can't get rid of AppArmor » 2021-12-27 15:43:48

Altoid
Replies: 12

Hello:

I am in the process of building a (light as possible) Beowulf installation on a separate disk in my box.

root@devuan3:~# uname -a
Linux devuan3 4.19.0-18-amd64 #1 SMP Debian 4.19.208-1 (2021-09-29) x86_64 GNU/Linux
root@devuan3:~#

One of the things I do not want running is AppArmor.

I added the bit security=none to the kernel command line and purged it but I still get this in dmesg:

root@devuan3:~# dmesg | grep -i apparmor
[    0.328030] AppArmor: AppArmor initialized
[    0.569017] AppArmor: AppArmor Filesystem Enabled
[    1.257404] AppArmor: AppArmor sha1 policy hashing enabled
root@devuan3:~#

So I looked to see what was going on:

root@devuan3:~# apt list | grep -i installed | grep -i apparmor
--- snip ---
libapparmor1/oldstable,now 2.13.2-10 amd64 [installed,automatic]
root@devuan3:~#

AppArmor is not installed but it left behind its crap, which seems difficult to get rid of:

root@devuan3:~# apt purge libapparmor1
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 dconf-service : Depends: default-dbus-session-bus but it is not installable or
                          dbus-session-bus
E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.
root@devuan3:~#

So what is causing this?

root@devuan3:~# aptitude why libapparmor1
i   dbus Depends libapparmor1 (>= 2.8.94)
root@devuan3:~#

dbus is installed and up to date:

root@devuan3:~# apt install dbus
Reading package lists... Done
Building dependency tree       
Reading state information... Done
dbus is already the newest version (1.12.20-0+deb10u1+devuan1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@devuan3:~#

And dbus-session-bus can't be installed:

root@devuan3:~# apt install dbus-session-bus
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Note, selecting 'dbus-x11' instead of 'dbus-session-bus'
dbus-x11 is already the newest version (1.12.20-0+deb10u1+devuan1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@devuan3:~#

I have a faint memory of having come across this before but I cannot find it in the forum.

Any ideas?

Thanks in advance,

A.

#1058 Re: Off-topic » Colour of the future? » 2021-12-22 20:33:56

Altoid

Hello:

golinux wrote:

Interesting that you would say that . . .

I think we could consider (in some way) honouring the name.

I could not find a colour associated to Daedalus (the architect, father to Icarus), but there is a butterfly (found all over Africa), called Hamanumida daedalus [genus - species], which has a lovely green colour in its wings:

https://www.learnaboutbutterflies.com/H … 0-001a.jpg

https://www.ecoregistros.org/site/imagen.php?id=125883

That would be HEX: #806a55, RGB: rgba(128,106,85,255) or something close to that.

https://www.ecoregistros.org/site/imagen.php?id=125883

Best,

A.

#1059 Re: Installation » [SOLVED] laptop fan running too much: cyber currency miner? Clam inop? » 2021-12-21 18:01:42

Altoid

Hello:

nobodyuknow wrote:

... the final report.
--- snip ---
... a hardware problem all along.

Hmmm ....

Head_on_a_Stick wrote:

... meaningless marketing term with no legal basis. s/refurbished/cleaned/g.

nobodyuknow wrote:

It was a hardware problem all along due to ridiculously poor/negligent workmanship.   <--- reads accurately now

Been there and done that.
Quite a few times actually.

Assuming that because it was a [Sun/HP/IBM/Dell/Sony/whatever] unit, it could not be what I suspected from the start.
25+ years later, I know better.

Glad you got it worked out.  8^D

Best,

A.

#1060 Re: Hardware & System Configuration » [SOLVED] jED, line numbers and user » 2021-12-20 16:49:06

Altoid

Hello:

Head_on_a_Stick wrote:

/etc/jed.d/*.sl
The system wide configuration files (this is a special Debian feature).

Yes, that did it.
Thank you very much.  8^)

Edit:
Only problem is that if you configure for line numbers, scraping the content (copy to paste) will do so with both the content and the line numbers.
I think (?) most editors behave in the same manner.

Best,

A.

#1061 Hardware & System Configuration » [SOLVED] jED, line numbers and user » 2021-12-20 14:02:41

Altoid
Replies: 2

Hello:

Although I have yet to master it, jED is my favourite editor.
Must be my many years under the shadow of MS editors.  8^/

One issue I solved long ago was the line numbering which (for some strange reason) is not set up by default.
Or an option to be quickly configured in a drop down menu.

You just generate a .jedrc file in your /home/user folder with this content:

LINENUMBERS = 2;

public define global_mode_hook (hook_name)
{
   
       set_line_number_mode (1);
}

See:  https://travelingfrontiers.wordpress.co … ed-editor/

The problem with this is that it is set up on a user basis and I'd like for this to be the default system-wide setting.

This came up while needing jED with line numbers while working on a VM without sudo.
I had to su or su - and line numbers were not available.

Any idea on how to get that done?

Thanks in advance,

A.

#1062 Re: Hardware & System Configuration » [SOLVED] WiCD and Chimaera » 2021-12-17 22:51:38

Altoid

Hello:

golinux wrote:

... might look in chimaera-proposed-updates.
https://git.devuan.org/devuan/wicd/src/ … ed-updates

Yes, it seems to be the same one I cited in my post.
ie: Version 1.7.4+tb2-6+devuan2

But the questions you originally posed remain:

1. Is anyone actually using it?
2. What issues if any?
3. Is it secure?

Thanks for your input.

Best,

A.

#1063 Hardware & System Configuration » [SOLVED] WiCD and Chimaera » 2021-12-17 14:20:28

Altoid
Replies: 3

Hello:

The time to move to Devuan Chimaera is slowly getting nearer.

Whatever happened to ...

golinux wrote:

... the possibility of running wicd in Chimaera.  Does it work for you?  What issues if any?  Is it secure? Report your experiences here.

If I can avoid it, I'd really want to continue using both WiCD and SLiM.
I see the SLiM 1.3.6-5.2+devuan1 package is in the /merged  chimaera/main amd64

I run a netbook which is i386 (Asus 1000HE), is SLiM available for devuan_chimaera_4.0.0_i386?

I also see the WiCD 1.7.4+tb2-6+devuan2 package is in /merged  chimaera-proposed-updates/main amd64

Anyone using it reliably?

Thanks in advance.

A.

#1064 Desktop and Multimedia » xorg-server 21.2.0 - Security and DPI fixes » 2021-12-15 15:33:38

Altoid
Replies: 0

Hello:

This came into my mailbox a while ago:

---

[ANNOUNCE] xorg-server 21.1.2

This release fixes 4 recently reported security vulnerabilities and several regressions.

In particular, the real physical dimensions are no longer reported by the X server anymore as it was deemed to be a too disruptive
change. X server will continue to report DPI as 96*.

* seems they heard HoaS.  8^ )

--- snip ---

xorg-server-21.1.2.tar.gz

https://xorg.freedesktop.org/archive/in … 1.2.tar.gz
PGP:  https://xorg.freedesktop.org/archive/in … tar.gz.sig

---

Cheers,

O.

#1065 Re: Installation » [SOLVED] laptop fan running too much: cyber currency miner? Clam inop? » 2021-12-15 01:23:10

Altoid

Hello:

nobodyuknow wrote:

Recently the fan started going on ...
... something it never did before ...

Have you checked with top or htop to see what may be running the CPU hot?

Also, if you suspect something foul, try running lynis, chkrootkit and rkhunter to see what/if they come up with.
I believe they are all in the repository.

Best,

A.

#1066 Re: Desktop and Multimedia » X.Org Security Advisory » 2021-12-14 16:57:46

Altoid

Hello:

Head_on_a_Stick wrote:

Thanks for the heads-up ...

You're welcome.

Head_on_a_Stick wrote:
Altoid wrote:

on systems where the X server is running privileged

... does not apply to any Devuan beowulf (or later) systems that use startx ...

I'm still using SLiM which I'm happy to see made it into /merged chimaera/main amd64.

Head_on_a_Stick wrote:

... posted from Wayland

Whatever rocks your boat desktop.  =^)

Best,

A.

#1067 Desktop and Multimedia » X.Org Security Advisory » 2021-12-14 14:33:16

Altoid
Replies: 2

Hello:

Just got this in my mailbox, good to see things are working as they should:

---

X.Org Security Advisory: December 14, 2021

Multiple input validation failures in X server extensions
=========================================================

All of the following issues can lead to local privileges elevation on
systems where the X server is running privileged and remote code
execution for ssh X forwarding sessions.

* CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds
access

The handler for the CompositeGlyphs request of the Render extension does
not properly validate the request length leading to out of bounds memory
write.

* CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier
out-of-bounds access

The handler for the CreatePointerBarrier request of the XFixes extension
does not properly validate the request length leading to out of bounds
memory write.

* CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access

The handler for the Suspend request of the Screen Saver extension does
not properly validate the request length leading to out of bounds memory
write.

* CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access

The handlers for the RecordCreateContext and RecordRegisterClients
requests of the Record extension do not properly validate the request
length leading to out of bounds memory write.

Patches
-------

Patches for this issues have been commited to the xorg server git
repository (https://gitlab.freedesktop.org/xorg/xserver). xorg-server
21.1.2 will be released shortly and will include these patches.

commit ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60

    render: Fix out of bounds access in SProcRenderCompositeGlyphs()

    ZDI-CAN-14192, CVE-2021-4008

    This vulnerability was discovered and the fix was suggested by:
    Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

commit b5196750099ae6ae582e1f46bd0a6dad29550e02

    xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()

    ZDI-CAN-14950, CVE-2021-4009

    This vulnerability was discovered and the fix was suggested by:
    Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

commit 6c4c53010772e3cb4cb8acd54950c8eec9c00d21

    Xext: Fix out of bounds access in SProcScreenSaverSuspend()

    ZDI-CAN-14951, CVE-2021-4010

    This vulnerability was discovered and the fix was suggested by:
    Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

commit e56f61c79fc3cee26d83cda0f84ae56d5979f768

    record: Fix out of bounds access in SwapCreateRegister()

    ZDI-CAN-14952, CVE-2021-4011

    This vulnerability was discovered and the fix was suggested by:
    Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Thanks
======

This vulnerability was discovered by Jan-Niklas Sohn working with
Trend Micro Zero Day Initiative.

--
Povilas Kanapickas

---

Best,

A.

#1068 Hardware & System Configuration » Interesting article - Ventoy » 2021-12-11 01:21:16

Altoid
Replies: 11

Hello:

Anyone seen this?

https://www.theregister.com/2021/12/10/ … foss_fest/

https://www.ventoy.net/en/index.html

Best,

A.

#1069 Re: Hardware & System Configuration » [SOLVED] ifup interface eth0: time delay too long without carrier » 2021-12-10 15:35:48

Altoid

Hello:

bai4Iej2need wrote:

... my other laptop, without a carrier in the eth0, it has a very long timeout ...

Answer is probably here, check out this thread and specifically post by Ralph.R: https://dev1galaxy.org/viewtopic.php?pid=6783#p6783

Best,

A.

#1070 Hardware & System Configuration » Devuan, ssh and a Palm T|X » 2021-12-06 22:15:20

Altoid
Replies: 0

Hello:

After seeing Élisabeth's plight to recover from a damaged laptop keyboard problem, I started thinking about the different ways you could get out of a problem like that one.

I long ago made it a point of always having at least one spare kb at hand and in case that fails, BIOS enabled RS232 and on-board USB ports.

But as Murphy is always lurking, I set out to see if eg: I could make do with my Palm T|X on the ADSL router via WiFi.

I would have preferred to use a cable to RJ45 port solution but I don't know of any PalmOS TCP/IP applications or adaptors and the Palm T|X only has a USB port.

Easier said that done.

I was quite surprised to see that ssh applications for PalmOS5 are practically non-existent: I only found three and one of them (Top Gun ssh) was just for older models like the Palm Pilot Professional.

The other two are TUssh and pssh, I finally settled on this last one.

Tl;dr:
After many hours of fiddling/browsing and some great help from a chap at comp.security.ssh, I managed to ssh into the Devuan ascii VBox VM I have running PiHole for my Devuan Beowulf installation.

If anyone is interested, you can see most if not all the gory details here: https://groups.google.com/g/comp.securi … u0VvfEQudc

Of course, I am quite aware that ssh'ing into a system using deprecated protocols obviously implies security issues, but in this specific case I think I have attenuated them with three four things:

1. Access to the ADSL router via WiFi is MAC filtered. ie: it will only allow *this* specific Palm T|X handheld to log in.

2. A (relatively) complex WPA/WPA2 PSK Mixed PW such as this one is used: 4N@8974+6231, obviously with room to improve.

Unfortunately, the good people at Palm saw it fit to make the last Personal security upgrade only to WEP/WPA-PSK with a pre-shared key which made it useless outside the realm of home routers.

Enterprise security got EAP-TLS, EAP-TTLS, PAP, CHAP, MSCHAP, MSCHAPv2, EAP-GTC (password), EAP-MD5-Challenge, EAP-MSCHAPv2, EAP-PEAP (v0 and v1), MSCHAPv2, GTC (password), MD5-Challenge, LEAP and Dynamic WEP (WEP encryption with 802.1x based authentication).

3. For the time being, WiFi is enabled on a per-case basis till I can think up a more complex PW.

4. The destination machine's default port for ssh has been changed from 22 to one above 1024 / below 5000.

Best,

A.

#1071 Re: Hardware & System Configuration » OpenSSH questions » 2021-12-02 20:25:34

Altoid

Hello:

Dutch_Master wrote:

OpenSSH is a project from the OpenBSD folks ...

I'll have a look.
Don't have much idea wrt SSH.

All I know is how to log-in to the machines connected to my router.
No need for much else.

Thanks for your input.

Best,

A.

#1072 Hardware & System Configuration » OpenSSH questions » 2021-12-02 18:08:44

Altoid
Replies: 2

Hello:

I'm trying to solve an SSH problem but I don't know if Dev1 is the place for that.

The problem is related to a Palm OS5.4.1 application (Tungsten T|X) that can only deal with DES-EDE3-CBC ciphers.
This means that I need to generate a key that this application con handle.

There's really no security problem involved as the link is via WiFi through an ADSL router with a WPA/WPA2 PSK mixed password and a MAC filter.
Plus WiFi is only enabled on a per-case basis.

I cannot find a SSH user's mail list.

Any ideas?

Thanks in advance,

A.

#1073 Re: Other Issues » [SOLVED] Need to reset root password » 2021-12-01 10:58:54

Altoid

Hello:

Élisabeth wrote:

... no Apple or Windows in this house.

8^)

Élisabeth wrote:

... got into single user mode.

Glad you are making progress.

Best,

A.

#1074 Re: Other Issues » [SOLVED] Need to reset root password » 2021-11-30 21:25:31

Altoid

Hello:

Élisabeth wrote:

... on my mobile phone.

I see.

Don't have one of those so it did not ocurr to me.
I use an old Blackberry 9320.  8^ )

Élisabeth wrote:

And it's a pain in the back.

Yes.
I can relate to that.
Is it an android device?

Best,

A.

#1075 Re: Other Issues » [SOLVED] Need to reset root password » 2021-11-30 21:00:52

Altoid

Hello:

Head_on_a_Stick wrote:

How about ssh from another machine?

Élisabeth wrote:

That's my only machine.

I'm sorry, maybe I've missed something.

Couldn't you try to ssh from the machine you are writing from now?
I am obviously assuming that it is not your laptop and that whatever machine you are using to post has an available ethernet port you can access.

Best,

A.

Pages: 1 41 42 43 44 45 80

Board footer

Forum Software