| bb|hcb | rwp: Numeric owner/group is just an inconvenience, but imagine what happens if the same uid gets assigned to another user - that is the reason why users should not be deleted, only disabled | 02:50 |
|---|---|---|
| rwp | If /var/lib/bind for example is left behind and the uid is reused for certbot for example do you think cerbot is going to attack something using leftover contents of /var/lib/bind? | 02:58 |
| rwp | Both of them are packages in the repository. If you find malicious code in a package in the repository then that would be a grave bug. | 02:59 |
| rwp | Also if I purge a package and it leaves anything behind without an okay from me (mariadb, munin, there are examples of packages that will ask if you really want long term data to be purged) then that would alos be a bug. | 03:00 |
| bb|hcb | rwp: Right, I was talking about the joedoe1 to joedoe2 transition. Assuming that system users have separate space for uids, it is unlikely that to happen between normal user and system user. Anyways, that is another aspect of admin's preference - I see both cases preferrable in different scenarios | 04:23 |
| rwp | We are talking about packages and users created by packages for things like certbot and named and those types of users. | 04:29 |
| rwp | Some packages purge out their added accounts. I like those. Some do not. I curse at those and then remove the accounts in my own post purge editing step. | 04:30 |
| bb|hcb | It would be best that to be a global setting. I'd prefer the reverse of yours (only to be the same policy as with normal users), but I see nothing wrong with having both ways available and configurable | 04:32 |
| rwp | I would definitely be happy with a configurable system where both ways work on their respective systems. | 04:43 |
| fsmithred | I was testing ceres this morning to help Freshman (aka freshman) in #devuan and after upgrade, I couldn't boot. See conversation in #devuan about 3 hours ago. | 14:59 |
| fsmithred | I had to set a runlevel without X and boot into that using the 6.5 kernel because 6.6 wouldn't boot. (cryptsetup couldn't find any devices to decrypt.) | 15:00 |
| fsmithred | added usermerge and pretty much hosed the system | 15:00 |
| fsmithred | So now I'm making a second ceres VM with the usrmerge symlinks in place from the start so I can separate the problems with it. | 15:01 |
| fsmithred | debootstrap failed on cron-daemon-common until I added "--include=systemd-standalone-sysusers" | 15:02 |
| fsmithred | ok, that didn't work. debootstrap didn't make the symlinks for /lib and /bin | 15:03 |
| fsmithred | is there an option for that? | 15:03 |
| fsmithred | found it | 15:04 |
| fsmithred | There was more conversation with Freshman about 15 hours ago | 15:08 |
| fsmithred | debootstrap still failing. cron-daemon-common needs systemd-standalone-sysusers which needs libcap2 | 15:42 |
| fsmithred | apt and apt-get are not installed | 15:42 |
| fsmithred | I downloaded libcap2 deb and installed it. cron-daemon-common and systemd-standalone-sysusers were in /var/cache/apt/archives. Installed all and couldn't figure out how to proceed. I'm trying again with excalibur but I expect it to fail the same way. | 16:06 |
| fsmithred | Yeah, same problem in excalibur. | 16:21 |
| cousin_luigi | Greetings. | 16:28 |
| cousin_luigi | Trying to fix the init of a debian package: does anyone here have experience with launching daemons with capsh? | 16:29 |
| golinux | Has anyone ever heard of this derivative? https://sourceforge.net/projects/devuanpup/ | 16:32 |
| golinux | If I have, I can't remember! | 16:33 |
| golinux | Shouldn't they be on our derivatives list? | 16:34 |
| fsmithred | I think I've heard of it. Does it still exist? | 16:36 |
| golinux | Updated to Daedalus | 16:37 |
| golinux | so yes | 16:37 |
| golinux | Email asking about it was posted to the freedom email | 16:37 |
| golinux | Something for tomorrow's meet, I think. Will put it on the pad when it appears . . . | 16:38 |
| fsmithred | someone needs to download iso and see if uses devuan repos. It says it is puppy linux with devuan packages. I don't know what that means. | 16:41 |
| gnu_srs1 | RFC: Maybe it is time to: (regarding usrmerge) | 16:51 |
| gnu_srs1 | 1) Revert all changes of moving stuff to /usr by forking. | 16:51 |
| gnu_srs1 | 2) Find another upstream? | 16:51 |
| gnu_srs1 | 3) Any other idea (not installing usrmerge)? | 16:51 |
| fsmithred | I just installed a small daedalus system from live-iso. Can I manually do the usrmerge by moving everying in /bin to /usr/bin and same for /lib and /lib64 and then making symlinks? I'm in a live system with the installed system mounted right now. | 17:12 |
| bgstack15 | I don't think our community has the time and energy to fork everything to avoid usrmerge. Maybe we should strategically reach out to the dpkg maintainer dude who has hated usrmerge and wrote that fsys-usr-unmess thing and ask him to consider joining our community. | 17:12 |
| bgstack15 | Our current charter is to be Debian + init diversity. I fear that usrmerge is outside that currently stated goal. We might need to officially update our public goals or else leave usrmerge alone.... | 17:13 |
| fsmithred | ok, I'm installing the usrmerge package on daedalus | 17:20 |
| fsmithred | That seems to have worked ok in daedalus. I was able to reboot. I'll upgrade to ceres later. That will be slow. | 17:24 |
| bgstack15 | Separate topic: Is it just me or does zenity look really weird now? I seem to recall it would make native window dialogs, but now it's some sort of weird popup thing (maybe GNOMEish?) | 17:26 |
| fsmithred | in daedalus? | 17:27 |
| bgstack15 | Ceres | 17:27 |
| bgstack15 | lol, it is 4.0.0 and depends on libgtk-4-1. So of course it's downright ridiculous looking now. *sigh* | 17:27 |
| bgstack15 | What do you use now fsmithred? | 17:27 |
| fsmithred | and that's why I started using lxqt on one laptop | 17:28 |
| fsmithred | just to find another path | 17:28 |
| fsmithred | usually use xfce | 17:28 |
| fsmithred | sometimes openbox with lxpanel | 17:28 |
| fsmithred | my lxqt is sort of like that - minimal | 17:28 |
| bgstack15 | OK, yad still uses libgtk-3-0 | 17:29 |
| fsmithred | oh good. Thanks for checking that. | 17:30 |
| bgstack15 | If yad ever goes libgtk4, then I'm going to fork it myself/keep the last binary available on my own repos, or else just downgrade to xmessage. | 17:43 |
| bgstack15 | And now I'm going to investigate building the last version of zenity with gtk3 on current Devuan Ceres. Come to find out, Steam depends on zenity. | 17:56 |
| fsmithred | Got the following on normal upgrade in daedalus after installing usrmerge: | 18:10 |
| fsmithred | This system uses merged-usr-via-aliased-dirs, going behind dpkg's | 18:10 |
| fsmithred | back, breaking its core assumptions. This can cause silent file | 18:10 |
| fsmithred | overwrites and disappearances, and its general tools misbehavior. | 18:10 |
| bgstack15 | yep, dpkg guy hates usrmerge | 18:19 |
| bgstack15 | Debian's only supported method of usrmerge is the "merged-usr-via-aliased-dirs". I read about it somewhere; probably lwn or debian bits or dedoimedo or somewhere. | 18:20 |
| fsmithred | normal upgrade of daedalus did not complete. I came back to a console with no prompt. | 18:40 |
| fsmithred | I rebooted and apt wants me to run dpkg --reconfigure -a | 18:40 |
| fsmithred | Upgrade stopped to ask me about /etc/sysctl.conf and I looked at the diff. Highlighted my edit and when I tried a right-click to copy, the terminal disappeared. | 18:42 |
| fsmithred | Yay! I found a consistent error. It did it again on right-click. | 18:43 |
| fsmithred | Huh. I can copy/paste in terminal now that dpkg is done. (using two tabs in case you're wondering) | 18:53 |
| fsmithred | lol, ok I went straight to ceres. It boots ok in 6.6.9 kernel and that's with an encrypted root partition. Not getting the cryptsetup errors I got on the ceres VM that I upgraded yesterday. | 18:57 |
| fsmithred | Possibly significant - this current system does not have dbus installed. (it's pinned to -1) The system that failed had task-xfce-desktop and whatever else in default install. | 18:58 |
| bgstack15 | Well, due to Open Build Service+debian-usrmerge stupidity, I cannot get zenity 3.44.2-1 built (last one with gtk3) in there, but the sources can be used to compile it on Devuan Ceres, and now I have gtk3-based zenity so I can purge libgtk4. | 20:53 |
| bgstack15 | I should rename my blog to, "Fighting stupid tech decisions" | 20:54 |
| gnu_srs1 | (16:52:05) gnu_srs1: RFC: Maybe it is time to: (regarding usrmerge) | 23:11 |
| gnu_srs1 | (16:52:05) gnu_srs1: 1) Revert all changes of moving stuff to /usr by forking. | 23:11 |
| gnu_srs1 | (16:52:05) gnu_srs1: 2) Find another upstream? | 23:11 |
| gnu_srs1 | (16:52:05) gnu_srs1: 3) Any other idea (not installing usrmerge)? | 23:11 |
| gnu_srs1 | Hi, is there a way to identify devuan in a debian/rules file? dpkg-architecture only gives architecture-specific info. | 23:44 |
| fsmithred | gnu_srs1, 1. Fork every package that uses commands or libraries in /bin /lib /sbin ? | 23:44 |
| fsmithred | 2. What's upstream other than debian? | 23:46 |
| rrq | would be to fork all packages that now (for no other reason than causing trouble!) changes their install path from being "/something" to be "/usr/something" ... | 23:47 |
| gnu_srs1 | Seems like dpkg-vendor --is devuan would work in a rules file. I'll try. | 23:48 |
| gnu_srs1 | fsmithred: 2) People mentioned void linux?? | 23:50 |
| fsmithred | gnu_srs1, does void use dpkg? | 23:50 |
| fsmithred | or do we need to change all the tools? | 23:51 |
| fsmithred | the tools we use, I mean | 23:51 |
| rrq | a recent was Clint Adams <clint@debian.org> changing sed | 23:51 |
| rrq | before I noticed Debian Kernel Team <debian-kernel@lists.debian.org> changing firmware-iwlwifi | 23:53 |
| rrq | I'm afraid I don't have their names | 23:54 |
| gnu_srs1 | Another problematic package is netcat-traditional, binary moved to /usr/bin but not update-alternatives in the postinst file :( | 23:57 |
| gnu_srs1 | More problem to come... Many give up already and install usrmerge. Also the Devuan project? | 23:58 |
| fsmithred | They forgot to edit the postinstall file in the same package that moved the binary? | 23:59 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!