neplevitan | yays my update somehow worked :D | 00:35 |
---|---|---|
golinux | Congrats! | 00:38 |
neplevitan | on a side note, steamos is suprisingly bad to play steam games on :3 | 00:38 |
neplevitan | atleast compared to "normal" distros | 00:38 |
golinux | neplevitan: I wouldn't know. I play solitaire. :D | 00:46 |
neplevitan | to each their own :) | 00:49 |
* man_in_shack dances | 01:53 | |
man_in_shack | just finished transferring my devuan / from a pair of sata ssds in raid0 to an nvme | 01:55 |
man_in_shack | fun fun | 01:55 |
lysoft | devuan is dope | 11:31 |
lysoft | had a little trouble tonight installing gnome3, gdm wasn't working right, but just set default back to slim and everythings going fine | 11:32 |
lysoft | not a big deal, most devuan users i'm sure are more into light wm's but i got bored --- gnome is very pretty | 11:51 |
icecat | hi | 15:56 |
icecat | can you add icecat in repo | 15:56 |
icecat | https://fr.wikipedia.org/wiki/GNU_IceCat | 15:56 |
buZz | its inside as iceweasel | 15:58 |
buZz | sure, run | 15:59 |
buZz | :) | 15:59 |
debdog | pardon he's french | 16:00 |
devoid_ | is iceweasel really icecat | 16:09 |
devoid_ | i thought it was just ff without branding | 16:09 |
gnarface | it's firefox with free branding | 16:11 |
MinceR | i thought they were two separate free-branded failfox versions | 16:11 |
MinceR | one by debian and one by GNU | 16:11 |
gnarface | hmm | 16:15 |
gnarface | yes | 16:15 |
gnarface | technically the firefox branding is non-free though | 16:15 |
gnarface | but debian did get permission back to use it | 16:15 |
gnarface | i thought they deprecated iceweasel then after that but it may still be in the repo... | 16:15 |
booyah | I wonder how hard really would it be to create a web browser | 16:18 |
booyah | Is security and privacy focused. Has no CoC. | 16:18 |
booyah | just that that mostly-correctly renders pages | 16:19 |
booyah | even JS and htmlcanvas and that crap, could be not implemented for start | 16:19 |
MinceR | depends on what you want it to do | 16:19 |
booyah | ^ | 16:19 |
MinceR | if you settle for something simple like links2 or dillo, it can't be too difficult | 16:19 |
MinceR | but if you want full "standards" compliance including pixel-perfect css and js, you're in hell | 16:19 |
MinceR | and the result will suck almost as much as all the ithers | 16:20 |
golinux | lysoft: How did you get gnome running on devuan? Are you sure it didn't pull in systemd? | 16:22 |
KatolaZ | booyah: create a new web browser from scratch? | 16:32 |
KatolaZ | :D | 16:32 |
Christobel | Hello all, is #devuan-arm avail? | 18:46 |
Christobel | Trying to join to no avail | 18:46 |
Christobel | I have a question about the Raspberry Pi Zero W, does anyone know how to make wifi work? :) | 18:48 |
Christobel | Running ASCII | 18:48 |
unixman_home | Christobel, I was able to join just now. I'm not an ARM user though. | 18:48 |
tomekdev | What's your WiFi card ? | 18:50 |
Christobel | thanks unixman_home, I'll check again in a second. | 18:50 |
Christobel | tomekdev: it's a Broadcom based chip | 18:54 |
tomekdev | Built-in ? | 18:54 |
Christobel | tomekdev: yep | 18:56 |
Christobel | unixman_home: I've finished freenode registration and I can now join #devuan-arm | 18:56 |
unixman_home | Ah, okay. | 18:56 |
tomekdev | Does it show up when you enter command "ifconfig -a" ? | 18:57 |
tomekdev | Something like "wlan0" or "wlpXXX" | 18:57 |
tomekdev | Or better does "iwconfig" show something ? | 18:59 |
Christobel | tomekdev, iwconfig, ip link show, ifconfig -a show nothing | 18:59 |
muep | it might need an RPi specific kernel, and at least it requires some firmware that debian does not ship | 18:59 |
Christobel | muep: Yep, I've grabbed FW from Debian and installed | 18:59 |
tomekdev | Does dmesg suggest something ? | 18:59 |
muep | raspbian has the wifi working out of the box, so could have that on another SD card and compare | 19:00 |
Christobel | muep/tomekdev: dmesg |grep firmware reports Direct firmware load for brcm/brcmfmac43430-sdio.txt failed with error -2 | 19:00 |
Christobel | I installed firmware-brcm80211_20161130-4_all.deb | 19:01 |
muep | for older firmware, it seemed like there would be a need to get that txt file separately | 19:02 |
muep | I remember doing that with older Fedora releases | 19:02 |
Christobel | okie, I'll look into | 19:02 |
Christobel | /lib/firmware/brcm/brcmfmac43430.txt doesn't exist, so that could be an issue lol | 19:04 |
muep | it was the same with fedora as well. that exact file had to be installed separately | 19:04 |
tomekdev | I've just wanted to write about error -2, which means "no such file or directory" | 19:05 |
Christobel | I've found a copy https://github.com/armbian/firmware/blob/master/brcm/brcmfmac43430a0-sdio.txt | 19:05 |
Christobel | just halting the Pi and am gonna dump it on there :) | 19:05 |
tomekdev | Does anybody know how to fix undetected keys in xfce ? | 19:07 |
tomekdev | Especially combinations Fn+F9 and Fn+F10 | 19:07 |
tomekdev | I want to control brightness but XFCE does not register when I press them | 19:08 |
tomekdev | In dmesg there are strange errors near GPU driver initializtion | 19:09 |
tomekdev | I'll post them in a while | 19:09 |
* Christobel reboots *prays* | 19:09 | |
tomekdev | I have Devuan 2.0.0 installed on my HP EliteBook 6930p | 19:10 |
Christobel | nada, same error | 19:10 |
tomekdev | https://pastebin.com/ZEaduTsb | 19:11 |
Christobel | ooh progress | 19:12 |
tomekdev | Is path correct ? | 19:12 |
Christobel | I have wlan0 now :) now to work out why wpa_supplicant isn't working! | 19:13 |
tomekdev | Do you have wpa_supplicant.conf ? | 19:14 |
tomekdev | Or create your own and run wpa_supplicant -D wext -i wlan0 -c YOUR_CONF | 19:15 |
tomekdev | You can also add option -B so it will run in background | 19:15 |
Christobel | iwlist scan wlan0 shows nothing though :( | 19:17 |
tomekdev | I don't know if iwlist automatically puts up interface | 19:19 |
booyah | KatolaZ: yes | 19:19 |
tomekdev | Christobel: maybe run ip link set wlan0 up before iwlist | 19:20 |
Christobel | I'm just doing some cat stuff tomekdev - brb | 19:20 |
Christobel | tomekdev: just ran those two commands and still the same | 19:21 |
tomekdev | In dmesg nothing new ? | 19:21 |
Christobel | tomekdev: Cat stuff done, just gonna boot it back up | 19:29 |
Christobel | Sad thing is, I've actually ordered an OTG ethernet adapter - it just hasn't arrived yet, my USB3 gigabit adaptor draws too much current | 19:30 |
tomekdev | You can connect that adapter to external hub with it's own power supply | 19:32 |
Christobel | tomekdev: I don't have a powered USB hub lol | 19:32 |
Christobel | tomekdev: from dmesg, I can see the usbcore has registered a new interface driver brcmfmac | 19:34 |
tomekdev | brcmfmac shows something interesting ? | 19:34 |
Christobel | tomekdev: this looks interesting, might have the solution here: https://dev1galaxy.org/viewtopic.php?id=2228 | 19:35 |
Christobel | gonna attempt grabbing those files from post 1 | 19:36 |
tomekdev | Christobel: Good idea | 19:37 |
Christobel | Doin wifi like it's 1999 | 19:37 |
tomekdev | And I'll try to fix ACPI errors in my Devuan :/ | 19:37 |
* Christobel prays - firmware and descriptor replaced, I can see the files are larger thus newer, let's see if this fixes it :) | 19:44 | |
Christobel | Nope, broken even more haha | 19:45 |
Christobel | I can see the device registered itself but we have a new error now, brcmfmac: brcmf_sdio_htclk: HT Avail timeout (1000000): clkctl 0x50 | 19:51 |
tomekdev | Hmmm... And this leads to no networks found ? | 20:04 |
Christobel | tomekdev: indeed, I'm gonna put back the binary from before | 20:10 |
Christobel | and play with different .txt configs and see if one of them brings it to life | 20:11 |
tomekdev | Christobel: Did you try files from https://www.raspberrypi.org/forums/viewtopic.php?t=138629&start=25#p970239 ? It has some broken links but that files are here: https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm | 20:18 |
Christobel | tomekdev: yep - I have, I believe they are the files I'm using right now | 20:19 |
Christobel | Unless they've gone and made their binaries systemd required ;) | 20:20 |
tomekdev | Still no luck ? | 20:20 |
Christobel | I'm doing about 3 things at once at the moment - I have another question, apt-transport-https - is this still a thing on devuan? I can see it on the debian repos but not devuan | 20:20 |
tomekdev | I always thought that packages in Devuan-only repos are these that required modifications to be freed of systemd. The rest is taken from Debian repos | 20:25 |
Christobel | interesting, I'll have to see what the dependencies for apt-transport-https are | 20:26 |
Christobel | and thank you tomekdev, I'm still fiddling with wifi too :) | 20:26 |
DocScrutinizer05 | tomekdev: Christobel: original OTG drivers explicitly blacklist any USB hubs | 20:30 |
DocScrutinizer05 | you rather use a Y-cable or a powered USB ethernet adapter | 20:31 |
tomekdev | Nah, it' s probably common on ARM architectures. I experienced the same when I was trying to get my tablet running Debian 7 2 years ago ;-P | 20:31 |
tomekdev | Another question, how to deal with ACPI region conflicts ? | 20:33 |
tomekdev | They cause that hotkeys on my laptop under linux do not work | 20:34 |
tomekdev | Under Devuan Ascii | 20:34 |
DocScrutinizer05 | I'm talking about >>my USB3 gigabit adaptor draws too much current<< - and before you ask: yes, it's perfectly safe to connect two power supplies (here: OTG host and e,g, a wallwart USB charger) to same power rail, e.g. by using a Y-cable | 20:35 |
tomekdev | Ok, got it. | 20:35 |
tomekdev | I'm wondering how to fix problem with hotkeys on my laptop under Ascii. On Jessie they worked perfectly | 20:36 |
Christobel | DocScrutinizer05: The PiZeroW is running off a 2.1A belkin adapter, I have an unpowered hub I tried connecting to USB OTG port and connected keyboard/USB3 gige ethernet | 20:40 |
Christobel | DocScrutinizer05: The Pi wasn't happy and was constantly disconnecting the keyboard/ethernet, I couldn't use the keyboard under this scenario | 20:41 |
Christobel | DocScrutinizer05: I have a USB2 OTG hub/ethernet combo on order | 20:41 |
muep | the rpi zero usb can also work as an ethernet usb device | 20:45 |
Christobel | indeed, it can | 20:45 |
muep | so you can connect it to your workstation using an ordinary microusb cable, providing both power and connectivity on one cable | 20:45 |
Christobel | but I then have to do a bridged network and iptables route everything over the usb interface from a host machine | 20:45 |
Christobel | I think to be honest, I'm just having a coffee, I'm gonna fiddle more with the brcmfmac drivers for a bit, if I can't resolve it I'll just wait for my ethernet adapter to arrive | 20:47 |
Christobel | Interesting with the apt-transport-https, I can't see any dependencies that require systemd | 20:48 |
Christobel | https://packages.debian.org/stretch/apt-transport-https | 20:48 |
tomekdev | And probably that's why it isn't on Devuan repo servers | 20:49 |
tomekdev | I think | 20:49 |
Christobel | I dont wanna sound arrogant, but it should perhaps be a priority! Depending on unencrypted http which could be MITM'd so easily for all the systems packages is clearly unsafe. | 20:51 |
Christobel | I'm just gonna grab the .deb and see what it does (this isn't on the pi, it's on another boxen) | 20:51 |
tomekdev | There is some level of security in repos. Each of the files have 3 checksums | 20:53 |
Christobel | but if you can take over the http stream entirely? | 20:54 |
muep | the repository metadata is signed | 20:54 |
muep | or actually I am not fully sure of the repository metadata, but at least the packages themselves are signed | 20:55 |
Christobel | I'm gonna attempt the install, I use the package on all my debian'ish boxes | 20:56 |
tomekdev | Usually we get the repo pubkey first usually with wget and usually rather over https | 20:56 |
tomekdev | Then download metadata and compare signatures | 20:57 |
tomekdev | And finally each downloaded file from server has checked checksums | 20:57 |
tomekdev | I think this way it works | 20:58 |
Christobel | I have just installed apt-transport-https deb, it installed no problems, updated sources.list to use https and it works so I'm happy, just weird that package isn't in the main repos | 20:59 |
tomekdev | I think when you type "dpkg -l" you'll see that some of the packages have versions with "+deb" and so on. | 21:01 |
tomekdev | This means that Devuan uses it's own repo and Debian's | 21:01 |
barnsey | Hi All, have been trying to ge the ascii raspi2 image working. gnarface suggested I check out the config.txt filr in the boot partition. I managed to get the pi to dispay some pg the kernel startup messages, but it seems to stop long before the OS has finnished booting. | 21:01 |
tomekdev | So I think that package is in main repos | 21:01 |
tomekdev | Hi barnsey, what are the last messages ? | 21:02 |
barnsey | tomekdev: hmm, will have to get back to you on that. | 21:04 |
DocScrutinizer05 | Christobel: OTG specs define a 100mA for VBUS | 21:07 |
DocScrutinizer05 | Christobel: >>which could be MITM'd so easily for all the systems packages<< AFAIK apt has its own checksummimng, no need to secure transport | 21:08 |
Christobel | DocScrutinizer05: Why does every other Debian'ish system I use have it then? Mint/Kali/Debian/Raspbian/etc | 21:10 |
DocScrutinizer05 | each package has a checksum listed in a file that itself is signed by a PKI key | 21:10 |
DocScrutinizer05 | iirc | 21:10 |
DocScrutinizer05 | poper security doesn't consist of indiscrimiantely trowing all switches to "maximum encryption", you need to understand the complete system and how it ensures uncompromised operation | 21:12 |
Christobel | DocScrutinizer05: https://nwrickert.wordpress.com/2011/03/23/pki-is-broken/ - https://www.informationweek.com/software/information-management/yes-trust-in-the-pki-is-broken/d/d-id/1075190 | 21:13 |
DocScrutinizer05 | I'm not interested in studying this in depth | 21:14 |
Christobel | DocScrutinizer05: Also, why give the 3 letter agencies cleartext on what packages you are using? They likely have selectors which make you more susceptible to being spied on, ie, you download a shitload of wifi hacking tools over cleartext, some governments would see that as a reason to monitor you | 21:14 |
Leander | the PKI they are discussing is actually the one used for HTTPS, which is kind of ironic since you ask for it :) | 21:15 |
DocScrutinizer05 | why do you ask me such questions? I mnever said anything like that | 21:15 |
muep | Christobel: I'd guess the mirror network is not available over https as well as over http | 21:15 |
muep | I am not sure if that is actually the case but if it is, http is a sensible default | 21:16 |
Leander | the PKI that Debian/Devuan and others use is not the same | 21:16 |
DocScrutinizer05 | I just say >>Depending on unencrypted http which could be MITM'd so easily for all the systems packages is clearly unsafe<< is a misleading and incorrect claim | 21:16 |
muep | it does leak information on what you are installing, but it does have any easy way for someone doing MITM to hand you arbitrary malicious packages | 21:17 |
Leander | ^ | 21:18 |
DocScrutinizer05 | on a sidenote: even with HTTPS encryption, you can usually tell pretty precisely what's been downloaded, by simply looking at the exact size of data downloaded. If you want to avoid any possibility of TLAs profiling you and same time do a favor to community, then run a apt mirror and download all, provide alternative mirror location to others | 21:27 |
DocScrutinizer05 | also | 21:30 |
DocScrutinizer05 | !amprolla | 21:30 |
infobot | nextime gave an excellent explanation how amprolla works, at https://botbot.me/freenode/devuan/2016-05-07/?msg=65646427&page=4, or https://git.devuan.org/devuan-infrastructure/amprolla, or https://git.devuan.org/devuan-infrastructure/amprolla3 | 21:30 |
* DocScrutinizer05 can see how that might introduce issues with HTTPS | 21:30 | |
* furrywolf pets RoamingFox, then tries stuffing a RoamingFox into ##furry | 21:30 | |
golinux | <muep> Christobel: I'd guess the mirror network is not available over https as well as over http | 21:32 |
golinux | Yes. This is the case | 21:33 |
golinux | afaik | 21:33 |
golinux | I think you can use https if you choose a particular mirror. | 21:35 |
golinux | http://pkgmaster.devuan.org/mirror_list.txt | 21:35 |
DocScrutinizer05 | Leander: >>...which is kind of ironic since you ask for it<< hehe indeed | 21:42 |
DocScrutinizer05 | also 2011/03/23 W*T*F? | 21:43 |
DocScrutinizer05 | the other is 12/30/2008 01:47 PM !!! | 21:44 |
DocScrutinizer05 | I don't think those help furthering Christobel's point ;-D | 21:46 |
Leander | well, the first one does because it's a problem inherent to the PKI we use for public X509 certificates, we need to trust the whole chain and are at risk of a rogue certificate authority | 21:47 |
Leander | the second one, on the other hand, is about how MD5 was already broken back in 2008, it's a technicality | 21:48 |
Christobel | https://packages.roundr.devuan.org/ has a valid LetsEncrypt SSL cert. | 22:03 |
Christobel | TLS 1.2 apparently from my end | 22:05 |
Christobel | DocScrutinizer05: Indeed, I guess it is even with HTTPS possible to model the traffic to obtain some match on what is possibly being grabbed, but sniping that down to a single particular package, is that possible? Mirroring? ;) I rarely have 2mbps with my internetz but it's a good message to push to those that have the capability to help | 22:10 |
muep | I would not be surprised to find out that an intermediary could identify the exact packages you download | 22:11 |
Christobel | Is it still better than letting the 3-letters profile you though? They might not have exact capabilities to do so (they likely do though), but why make it easy for them to casually build more a dataset on your exact usage? | 22:12 |
muep | well if you think you specifically are in risk of such profiling, you can do some special setup to add https or whatever you think is reasonable | 22:13 |
muep | but my impression is that http has to be allowed in the default setup in order to have a reasonable mirror network | 22:14 |
tomekdev | Set up TOR and automatic mirror redirecting :-P | 22:15 |
tomekdev | Your ISP can easily track you, I think | 22:16 |
Christobel | Well theres been a global push to encrypt everything possible as quickly as possible by the EFF, that I believe is a sensible move for all of human kind to maintain their given right to anonymity, we already know they are profiling everything and everyone and using relational databases to profile everyone and their risk status. | 22:17 |
Christobel | and and sorry, pretty tired | 22:17 |
Christobel | tomekdev: I think that would put you more on their radar to be honest! | 22:18 |
Criggie | <insert "encryptAllTheThings\!.gif"> | 22:18 |
Christobel | ^_^ | 22:18 |
tomekdev | Ooopsss! ;-D | 22:19 |
Christobel | So sorry, if I've been seen as testing, was just something I'd not ran into before, having a read into Amprolla | 22:19 |
golinux | https://git.devuan.org/devuan-infrastructure/amprolla3 | 22:21 |
tomekdev | golinux: quite interesting | 22:25 |
DocScrutinizer05 | just as interesting as it was when infobot provided the link | 22:25 |
DocScrutinizer05 | maybe slightly less, on repetition | 22:26 |
DocScrutinizer05 | the bless of /ignore | 22:26 |
DocScrutinizer05 | the other two link infobot provided are better in my book though | 22:28 |
DocScrutinizer05 | botbot might be stale meanwhile | 22:28 |
DocScrutinizer05 | indeed, what a pita | 22:29 |
* Christobel is outta here! Thank you for the chat everyone, have a lovely remainder of weekend. || Wifi = 0 || Knowledge of APT = +1 | 22:32 | |
DocScrutinizer05 | christobel gave a nice farewell, appreciated | 23:21 |
DocScrutinizer05 | netiquette; A+ | 23:22 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!