| gnarface | if fonky comes back someone tell them they can disable the igpu with a kernel command-line... might help, if there's another video card to use or a serial adapter | 04:36 |
|---|---|---|
| gnarface | so, i dunno if anyone remembers, cares, or is paying attention, but i just noticed that the virtual pseudo-xbox360 gamepads that the Steam Controller spawns at some point have changed naming slightly, requiring an update to that custom udev rule set i made for them to work without systemd way some years back now. if any of you out there are still working off the rules i was sharing here back then, yours probably need | 04:56 |
| gnarface | updating too | 04:56 |
| gnarface | i think that currently the only update required is that all instances of ATTRS{name}=="Microsoft X-Box 360 pad" need to be changed to something like ATTRS{name}=="Microsoft X-Box 360 pad [0-9]*" but i'm only like 90% sure that will work for all cases, need more data... | 04:58 |
| gnarface | (basically the name i was seeing changed from "Microsoft X-Box 360 pad" to "Microsoft X-Box 360 pad 0" but i suspect that last integer will iterate if there's more than 1 connected now, hence the wildcard, but i have some questions about how these wildcards work exactly which remain unanswered... should it actually be ATTRS{name}=="Microsoft X-Box 360 pad*" or maybe ATTRS{name}=="Microsoft X-Box 360 pad[ ]?[0-9]*" or | 05:00 |
| gnarface | something else? maybe a udev expert can weigh in here... | 05:00 |
| gnarface | ) | 05:00 |
| gnarface | maybe this is all not needed on daedalus anymore anyway though... it seems like another machine i have here that never got the script is using the steam controller just fine so ymmv | 05:03 |
| onefang | Try the wildcard elsewhere "* X-Box 360 *" maybe? I also dunno the wildcard syntax, never messed with these rules. | 05:08 |
| onefang | Closest thing I have to one of those is my original PS3 controller. No idea if any of it still works. | 05:09 |
| onefang | Now that I have stopped moving house I intend to unpack everything eventually and see what still works, what I can get rid of. | 05:10 |
| gnarface | onefang: i'm not having a problem, it's working now, i'm just aware of some ambiguity in the gaps between my understanding of regexp, my understanding of regular shell wildcards, and the brief 1-sentence description of how they work in udev that i was able to locate, which inferred a lot but from one example but left even more completely unaddressed | 05:14 |
| gnarface | the inference being that these wildcards seem to share behaviors of both regular filesystem globs and regexp character groups, but it doesn't quite come out and say that despite that the example shows it working in both contexts, so i worry about pushing the limits too far using rules i've gathered from PCRE research | 05:17 |
| gnarface | (the examples are very brief and don't for example address what expected behavior would be if you chained two patterns together such as "[ ]?[0-9]*" | 05:19 |
| gnarface | ) | 05:19 |
| darwin | i believe Devuan is the original Debian and the current Debian is illegitimate | 06:02 |
| gnarface | darwin: i think that's a valid opinion but you should take it to #devuan-offtopic anyway. they reserve this channel specifically for support issues precisely so that it won't devolve into #debian | 06:52 |
| darwin | ok | 06:54 |
| xwindows | Hello folks. | 13:10 |
| xwindows | I'm in early preparation for my future Devuan installation (I'm running the last pre-SystemD Debian). | 13:11 |
| xwindows | I have always been installing Debian using optical "CD1" | 13:11 |
| xwindows | (to archive a known start point, and avoid making spotty Internet a showstopper); | 13:11 |
| xwindows | but this time with Devuan, I would like to make my own install disc, with a custom list of packages to install. | 13:12 |
| xwindows | So, I would like to know if there is a dedicated documentation on how to do so? | 13:12 |
| debdog | xwindows: how many systems do you intend to set up and are they all the same or do they need different sets of packages? | 13:14 |
| xwindows | I intend to do this to have my own version of "CD1", so, only single set of package. | 13:15 |
| xwindows | And I'm aiming to install on 1 machine. (But may be several times) | 13:16 |
| debdog | I am not aware of any guide, sadly. if you're ok with going with live installs, refracta might be a good starting point: https://get.refracta.org/ | 13:17 |
| debdog | for a installer CD https://git.devuan.org/devuan/installer-iso might be a nice starting point | 13:18 |
| xwindows | It's Gitea, good grief. | 13:20 |
| debdog | OR, tbh I am not certain whether it really it's worth the hassle, mayhap devuan's DVD1 might hold at least most of the packages you need, it's called "desktop":https://www.devuan.org/get-devuan#iso-guide-for-i386-and-amd64 | 13:20 |
| xwindows | What file which this line appeared though? | 13:21 |
| debdog | sorry, I do not understand | 13:23 |
| xwindows | So you intened to write just the URL (and not `"desktop":`) in the front, right? | 13:23 |
| debdog | oh, my bad | 13:24 |
| debdog | OR, tbh I am not certain whether it really it's worth the hassle, mayhap devuan's DVD1 might hold at least most of the packages you need, it's called "desktop": https://www.devuan.org/get-devuan#iso-guide-for-i386-and-amd64 | 13:24 |
| xwindows | Okay, you meant the "desktop" section of images listing, okay. | 13:24 |
| debdog | there's a list of servers to download said desktop DVD | 13:24 |
| debdog | right | 13:24 |
| xwindows | I'm planning to use DVD as the backup option, yeah. (It required too much disk space to download for my liking) | 13:26 |
| xwindows | Oh, and side question: if one would like to install Devuan using `debootstrap` from an existing Debian system, | 13:26 |
| xwindows | what extra preparation/precautions need to be made? | 13:27 |
| debdog | if you're aware of such a guide for debian, you prolly can go with that except use devuan's installer | 13:28 |
| debdog | sorry, never done debootstrap. hang on, someone will know | 13:28 |
| xwindows | Okay. | 13:28 |
| xwindows | (Never tried Debootstrap myself either, but I would like to try this option on super-minimal bare metal bootable VM installation) | 13:33 |
| rrq | you should probably use devuan;s debootstrap for devuan | 13:33 |
| xwindows | Well, the main reason I asked about that is I'm going to do it from Debian (Wheezy). | 13:34 |
| xwindows | I don't have Devuan yet (and once it got installed, it wouldn't become my main setup for years). | 13:35 |
| fsmithred | you can do a debootstrap install from the live isos | 13:35 |
| fsmithred | and the desktop iso mentioned above is in the section for "installer isos" | 13:36 |
| fsmithred | which is not the same thing as the desktop-live iso | 13:36 |
| xwindows | Wait, the "desktop:" image has debootstrap? | 13:36 |
| fsmithred | the desktop-live and minimal-live have debootstrap installed | 13:37 |
| fsmithred | I'm not sure which installer isos have debootstrap on them | 13:37 |
| xwindows | Hm... | 13:37 |
| rrq | (well, the installation of the base system is a debootstrap :) | 13:38 |
| fsmithred | debootstrap pretty much assumes that you will be installing from network | 13:38 |
| xwindows | fsmithred: It doesn't work with local repository? | 13:38 |
| fsmithred | yeah, local repo should work. I've never done it. | 13:38 |
| fsmithred | where you gonna get the local repo? Use the desktop dvd? | 13:40 |
| fsmithred | If that's the case, you may as well just use the dvd installer and un-check everything at the tasksel window | 13:40 |
| rrq | (or a netinstall without a network set up) | 13:41 |
| xwindows | fsmithred: "un-check everything at the tasksel window", so the package listing screen in the installer is actually a program called `tasksel`? | 13:41 |
| fsmithred | yeah, if you're running wheezy you might not remember it. | 13:42 |
| fsmithred | it lists "tasks" not individual packages | 13:42 |
| fsmithred | like different desktop environments to choose from | 13:43 |
| xwindows | Oh, TIL that it's also a component of actual installed Debian system. | 13:43 |
| xwindows | So selecting something on it would have the same effects as marking packages for install in Synaptics? | 13:44 |
| fsmithred | more or less the same | 13:44 |
| fsmithred | Pictures here: https://www.devuan.org/os/documentation/install-guides/daedalus/install-devuan#installing | 13:45 |
| * xwindows have no idea what it actually does when running on an already-installed system. | 13:45 | |
| fsmithred | oh, on an installed system, I guess it would install all the dependencies of the chosen task(s) | 13:45 |
| fsmithred | pretty sure | 13:45 |
| fsmithred | i.e. pretty sure I've done it. | 13:46 |
| xwindows | "install all the dependencies of the chosen tasks", immediately after pressing "Ok"? | 13:46 |
| fsmithred | probably. I don't remember if it asks anything else. | 13:47 |
| * xwindows do remember the sequence of screens in Debian text installer, but doesn't know at which point which program started or stopped. | 13:47 | |
| xwindows | rrq: "or a netinstall without a network set up", noted. | 13:48 |
| xwindows | I'm curious, how/where "taskes" in `tasksel` are defined? | 13:49 |
| * xwindows feels this is where the actual packages list of the installer goes. | 13:49 | |
| rrq | it collates packages naemed task-* from the repository points it has available | 13:50 |
| * xwindows checks `man tasksel`... | 13:50 | |
| rrq | note that devuan's tasksel is a fork | 13:50 |
| xwindows | rrq: "collates packages naemed task-* from the repository", so such packages install files in `/usr/share/tasksel/` directory? | 13:50 |
| xwindows | rrq: "note that devuan's tasksel is a fork", understood. | 13:51 |
| fsmithred | aptitude search ^task | 13:51 |
| rrq | it finds packages before thay ar installed; I'm not sure excatly how | 13:51 |
| rrq | (ok:) | 13:52 |
| fsmithred | ^^^ to see a list of packages that start with "task" | 13:52 |
| * xwindows summons Synaptic instead... | 13:52 | |
| fsmithred | then... apt show <package> | 13:52 |
| fsmithred | to see the dependencies | 13:52 |
| fsmithred | that'll work | 13:52 |
| xwindows | Oh, there are multiple tasks* packages... | 13:53 |
| xwindows | Only two installed on mine are... `task-desktop` and `task-xfce-desktop`. | 13:54 |
| rrq | maybe you're rght that it relies on /usr/share/tasksel/descs files | 13:54 |
| xwindows | ^ Apart from `tasksel` and `tasksel-data` themselves. | 13:54 |
| xwindows | I have only single file in my Wheezy's /usr/share/tasksel/descs/ ... | 13:56 |
| xwindows | `/usr/share/tasksel/descs/debian-tasks.desc`, which is from main `tasksel-data`. | 13:56 |
| rrq | ... builds a menu from those that are tagged "Section: user" I guess | 13:56 |
| xwindows | ...It seems that other `task-*` packages don't put files, they simply have tons of dependencies (which I guess being the list of software to install). | 13:57 |
| ted-ious | xwindows: Don't think of tasksel as anything like synaptic. | 13:58 |
| ted-ious | They're not related. | 13:58 |
| ted-ious | Synaptic lets you install individual packages and the dependencies get installed automatically. | 13:59 |
| ted-ious | tasksel installs a whole cluster of packages for each entry that you check or uncheck. | 13:59 |
| ted-ious | That's why if there is a bunch of things you don't want installed you should just unckeck everything and install them later. | 14:00 |
| ted-ious | You can start with a bare bones system and once it's booted just do apt-get install xfce-terminal for example. | 14:01 |
| ted-ious | And you'll get only the minimal xfce needed to support that. | 14:01 |
| ted-ious | There's absolutely no benefit to making your own install media for installing only one system. | 14:02 |
| xwindows | "tasksel installs a whole cluster of packages", hm... but don't tasksel just "install" a package like `task-desktop` (and let APT pull its whole bunch of "dependencies" list to install)? | 14:02 |
| ted-ious | No. | 14:02 |
| ted-ious | You can't tell it you want to install a different browser because it doesn't have that as an option. | 14:03 |
| ted-ious | You either get the whole desktop or not. | 14:03 |
| xwindows | I know. | 14:03 |
| ted-ious | You either get the web server or not. | 14:03 |
| xwindows | So I aim to craft my own `task-*` package, so that I could `tasksel` it on. | 14:04 |
| ted-ious | That's why I'm telling you that what you want will be acheived the best by unchecking everything and then only installing the things you decide you want. | 14:04 |
| ted-ious | You're welcome to do that if it's fun for you but there's absolutely no benefit to doing that for only one system. | 14:04 |
| xwindows | ted-ious: "acheived the best", I would like to create an archivable (non-chaning) install media; so doing that wouldn't what I would like to do? | 14:05 |
| ted-ious | Even for 2 or 3 you will spend days making something that you can acheive by hand in 15 minutes of clicking. | 14:05 |
| ted-ious | Why do you want that install media? | 14:05 |
| ted-ious | You said you're only going to have one system. | 14:05 |
| xwindows | "15 minutes of clicking"; er, not if the Internet at the place of install is measured in sub KiB/sec. | 14:06 |
| ted-ious | You don't strike me as the sort of person who's going to wipe their one system every other week and install a new distro on it. :) | 14:06 |
| fsmithred | you don't need the internet if you're using the desktop dvd | 14:06 |
| xwindows | "You don't strike me as", no, but I do keep the optical disk I installed/tested (and install from that same disk), decade later. | 14:07 |
| ted-ious | Why would you do that? | 14:07 |
| fsmithred | and you can do the same - install only the base system and then add what you want from the dvd | 14:07 |
| ted-ious | It's going to be full of out of date packages. | 14:07 |
| xwindows | ted-ious: And that's the point. | 14:07 |
| ted-ious | Even if for some crazy reason you wanted to stay on devuan 5 when devuan 11 was current you'd still have hundreds of out of date devuan 5 packages that needed to be updated immediately. | 14:08 |
| xwindows | ted-ious: I would like to make sure that the version I of every have match with everything I noted, even decade later. | 14:08 |
| xwindows | ted-ious: "for some crazy reason", else I wouldn't be typing this from Wheezy, aren't I? | 14:08 |
| ted-ious | Are you going to leave this system unplugged from the internet forever? | 14:08 |
| ted-ious | If you're on an unpatched wheezy system I really hope you're behind a very good firewall. | 14:09 |
| rrq | xwindows: make sure your /etc/apt/apt.conf includes Binary::apt::APT::Keep-Downloaded-Packages "true"; and then you can copy those packages from /var/cache/apt/archive/ | 14:10 |
| ted-ious | I read a report recently that somebody put a new server up on a brand new unused ip address with no dns entry and it only took 3 seconds for the first http attack to hit it. | 14:10 |
| xwindows | ted-ious: I know. | 14:10 |
| ted-ious | Well then I'm sorry I can't see how what you're planning is anything but crazy and inefficient. :) | 14:11 |
| xwindows | fsmithred: "if you're using the desktop dvd", that's fair, but I would like CD, if possible (thus custom pagckages list). | 14:11 |
| xwindows | rrq: "Binary::apt::APT::Keep-Downloaded-Packages "true"", wait, isn't that default? | 14:11 |
| ted-ious | fsmithred: Doesn't he need more than one dvd to do an offline install if there are packages and dependencies that aren't on the first one? | 14:11 |
| rrq | the installer DVD contains complete dependency closures of its options | 14:12 |
| xwindows | Okay, so the easiest (not custom) option for media would be a full-DVD download... | 14:14 |
| ted-ious | rrq: But what about packages that aren't on the installer dvd like the zig compiler or vim python bindings or some uncommon i3 window manager widget? | 14:15 |
| ted-ious | xwindows: I'm pretty sure it's multiple dvd's. | 14:15 |
| xwindows | ...For custom package list, craft a custom `task-something` package with all things wanted as its dependencies; | 14:15 |
| xwindows | ...then edit '/usr/share/tasksel/descs/debian-tasks.desc' to make it appear in `tasksel`. | 14:16 |
| xwindows | ^ Or mod custom version of `tasksel-data` to make it so. | 14:16 |
| rrq | why not just a text file with the wanted packages including the versions? | 14:17 |
| xwindows | rrq: Does the installer allow using that? (Or I'd have to feed that manually into APT?) | 14:17 |
| ted-ious | apt-get install $(cat packages.txt) | 14:18 |
| rrq | yes you feed it manually to apt-get | 14:19 |
| ted-ious | I guess if you want to spend days building your own install environment you can go thru the exericise. | 14:19 |
| ted-ious | I hope you have a virtual environment so you don't have to burn and waste all those test cd's. :) | 14:19 |
| xwindows | ted-ious: I know about that. But my goal is not to require me to pause installation, switch to shell, forgo progress bar and such. | 14:19 |
| ted-ious | xwindows: I'm talking about doing all this stuff after the base install is booted where things are convenient and not restricted by the installer. | 14:20 |
| xwindows | ted-ious: I can VirtualBox-boot CD images, thank you. (Provided it was CD, I ain't have space enough for dvd+VM image) | 14:20 |
| ted-ious | If you don't have the space for a second dvd image how are you going to store half a dozen of them? | 14:21 |
| ted-ious | How many dvd's is the full archive up to now? | 14:21 |
| rrq | yes the "sensible" approach is to install the base system and then add your selections, manually | 14:21 |
| rrq | not necessrily the most fun approach though :) | 14:22 |
| xwindows | ted-ious: Hey, note that I always spoke of "CD1". | 14:22 |
| ted-ious | rrq: It's not even really all that manual when apt-get does all the fetching and dependency resolution for you. :) | 14:22 |
| ted-ious | xwindows: Yes and I still don't understand why. | 14:22 |
| ted-ious | People normally just borrow a usb flash drive for a few hours and throw the installer iso onto that. | 14:23 |
| xwindows | It is simply because I had always been doing it this way, and my sanity depends on software staying the same version when I install something with the same manner. | 14:23 |
| xwindows | s/manner/banner/ | 14:24 |
| ted-ious | I get that you want to save it in case you need to rebuild things later but you can probably buy a 32 gb flash drive in a gas station with the change you find in your couch's cushions. :) | 14:24 |
| ted-ious | xwindows: I think your paranoia is preventing you from realizing that none of us are telling you that you have to change anything after your system is running the way you like it. | 14:25 |
| ted-ious | xwindows: I sympathize with your security paranoia I really do. | 14:25 |
| xwindows | "change anything after", no, I aim for "not changing anything *before*". | 14:26 |
| ted-ious | But this room is full of people who are very good at security and you should consider the possibility that some of them are better than you and want to help. | 14:26 |
| ted-ious | Devuan's community is especially full of security minded people who are probably on exactly the same page as you. | 14:26 |
| xwindows | And I'm not asking for a security advice. I'm doing this specifically for "best practice be damned" reason. | 14:27 |
| ted-ious | And "not changing anything *before*". doesn't make any sense to me so sorry I can't help with that. | 14:27 |
| ted-ious | Well maybe you could explain that reason and the people who you came here to get help from could help you. :) | 14:28 |
| xwindows | ted-ious: "doesn't make any sense to me", it mean making combo of every software installed immutable, before the installer starts. | 14:28 |
| xwindows | ted-ious: Like installing from Debian snapshot; but Devuan doesn't have snapshot service, is it? | 14:29 |
| ted-ious | I don't think any linux distro has what you're describing. | 14:29 |
| xwindows | Debian does. | 14:29 |
| xwindows | https://snapshot.debian.org/ | 14:30 |
| rrq | the installer installs a base system using packages from its pool, unless there is a netwrk to update from | 14:30 |
| ted-ious | Mainly because it's crazy to run complex software systems without ever patching future security bugs. | 14:30 |
| ted-ious | xwindows: Are you going to write protect most of your filesystems? | 14:31 |
| xwindows | rrq: Yeah, and I would like that pool to be constant; so either stock DVD you've been hinting, or custom CD that I've been seeking to build. | 14:31 |
| ted-ious | That would make sense and there are systems like nixos that are specifically designed to work with that. | 14:31 |
| rrq | you can combine the installers on-iso pool with your own usb stick of packages, and stay with that | 14:32 |
| ted-ious | But even nixos needs to update browsers every few weeks because browsers are such a huge security nightmare. | 14:32 |
| xwindows | rrq: Okay, so that is another (hybrid) choice. | 14:32 |
| rrq | saving you a bit of work, since building/chaing the installer is a bit of a chore | 14:33 |
| xwindows | ted-ious: Note that the exact-version-combo is critical for software testing; I just happen to "live" inside of my test system. | 14:34 |
| ted-ious | xwindows: I'm very familiar with that concept. :) | 14:34 |
| xwindows | ted-ious: And I see supplier-gone-rogue as even more a threat than usual "security" threats people speak of. | 14:34 |
| ted-ious | But professionals create new exact-version-combo's after every necessary update. | 14:35 |
| xwindows | I'm not professional, and I see that as being essential to the kind of software I write. | 14:35 |
| ted-ious | xwindows: Some of us have been aware of that threat for longer than others here have been alive. :) | 14:35 |
| rrq | you might want to learn using refractasnapshot, which makes an iso of the running system | 14:36 |
| xwindows | rrq: Is that a tool from Refracta project? | 14:37 |
| ted-ious | The problem is you expose yourself to a potential rce disaster every time you load a web page and the only think keeping you even slightly safe is continuous updates. | 14:37 |
| rrq | yes I think so | 14:37 |
| xwindows | rrq: That's very interesting, thank you for a pointer. | 14:37 |
| gnarface | xwindows: i agree with rrq that it sounds like you actually want refractasnapshot, and that would theoretically cover ted-ious's concern about outdated software as long as you periodically update your snapshot. | 14:54 |
| gnarface | also, you don't have to make a custom installer to get a custom package list, the normal installer supports something called "preseeding" which is basically just feeding it a list of packages and debconf states up front | 14:55 |
| xwindows | gnarface: "refractasnapshot, and that would theoretically cover", I actually wanted to do the *exact* thing that [t]ed-ious tried to dissuade me from. | 14:58 |
| gnarface | well, far be it for me to discourage you from your original goal (and someone should have told you by now that the build scripts are on git.devuan.org somewhere and you're free to build your own images with them) because i absolutely side with you on using old static personally frozen versions of software for certain tasks, (especially the ones that involve old hardware and don't involve sending traffic past my own LAN) | 14:59 |
| gnarface | but personally i try not to complicate backups and i'd just probably image the disk with dd and then xz compress it | 14:59 |
| xwindows | gnarface: But I will consider that tool nonetheless. | 14:59 |
| gnarface | i just use dd, but i'm not obsessed with the installer part | 14:59 |
| gnarface | of recovery | 14:59 |
| gnarface | also, just fyi in regards to the debootstrap question you had earlier, because i didn't see anyone actually answer it: the devuan debootstrap version will run on debian. just copy it over, then it will work. | 15:00 |
| xwindows | gnarface: "the normal installer supports something called "preseeding"", I'm curious, I didn't remember seeing such as user-visible option in Debian text/expert-graphics installer, do I have to start the installer program with special flag? | 15:01 |
| gnarface | xwindows: yea it's not part of the interface, as i recall you have to drop a preeseed.cfg file somewhere in a location it expects it | 15:01 |
| xwindows | gnarface: Okay. | 15:02 |
| xwindows | gnarface: "the devuan debootstrap version will run on debian", but what would happen if I just used the Debian version? (Or just that no one tried that yet thus "don't ask us questions if it failed"?) | 15:02 |
| gnarface | the debian one doesn't work. it's missing a 1-line patch that recognizes devuan release names as valid\ | 15:03 |
| gnarface | it would just throw an error at you and exit | 15:03 |
| gnarface | yes, people here have tried it | 15:03 |
| xwindows | Okay, so that's the difference; thanks for the heads up. | 15:03 |
| gnarface | if you dug into the source code of both versions it'd probably be pretty obvious | 15:03 |
| gnarface | (it might be more than 1 line but it's not much) | 15:04 |
| xwindows | "just copy it over", I'm curious, can I just install .deb of Devuan (probably Devuan Jessie) on Debian? | 15:04 |
| gnarface | sure, dpkg -i [package name] | 15:04 |
| xwindows | s/of Devuan's debootstrap/ | 15:04 |
| xwindows | Okay, so that would be the first thing I would try when I try out Debootstrap method then. | 15:05 |
| gnarface | cross-upgrading directly from debian jessie to devuan jessie should work though still | 15:05 |
| gnarface | might not be pain free since that's an archived release but it should work | 15:06 |
| gnarface | though i guess if you are bandwidth constrained then it's not a great idea to try to upgrade from jessie to ascii to beowulf to chimaera to daedalus if you can just do a fresh daedalus install | 15:07 |
| gnarface | (daedalus == bookworm, current stable) | 15:08 |
| xwindows | I don't really upgrade though release; 16 years of using Debian, I only install-anew. So that is not a concern. | 15:08 |
| gnarface | i just meant for fun | 15:08 |
| gnarface | :) | 15:08 |
| xwindows | But speaking of "archived release", is there a way to config APT so that it will keep using an "expired" key, when signature of an (archived) repository match that "expired" signing key? | 15:08 |
| xwindows | ^ That is, without forgoing the entire validation? | 15:09 |
| gnarface | yea, you can just pass some flag to tell it to ignore invalid keys | 15:09 |
| xwindows | Not ignore it though: use it as if it was "valid". | 15:10 |
| gnarface | yea, pass that to download the new key package first, then the rest should work normally | 15:10 |
| xwindows | There is no new key package for the repository I'm currently use; so I would like to make it use the key as-is from now on. | 15:11 |
| xwindows | gnarface: "just pass some flag", what flag though? So I could check if it actually do what I described. | 15:12 |
| gnarface | i'm trying to remember | 15:12 |
| gnarface | hmm, well you could always just change the system clock while you're installing things... | 15:14 |
| joerg | ^^^ | 15:14 |
| xwindows | That will be really screwy for unpacked files tho. | 15:14 |
| xwindows | (And the files generated from package's configuration process too) | 15:14 |
| gnarface | certainly there's a better option than using some abandoned repo? | 15:15 |
| gnarface | that seems counter to your goal of self sufficient permanence | 15:15 |
| xwindows | I *am* installing things from Debian archive, so there is no better option. | 15:15 |
| gnarface | they have expired keys on jessie? | 15:16 |
| xwindows | Wheezy. | 15:16 |
| gnarface | hmm | 15:16 |
| gnarface | there's gotta be a better way to deal with that, but short of cloning the repo locally i dunno | 15:16 |
| xwindows | Ah, or patching APT, then. | 15:17 |
| xwindows | I do half-expect it would come to that; but well, it's within my ability. | 15:18 |
| gnarface | i found a way to subvert gpg with the --fake-system-time option, but it's not clear if there's any easy way to get apt to call gpg like that | 15:24 |
| gnarface | could an alias work? | 15:24 |
| gnarface | hmm.... | 15:24 |
| gnarface | i think if i had a specialized case like this i'd seriously consider making a local snapshot repo of just the packages i need | 15:26 |
| gnarface | and i'd probably keep all the source packages too just for good measure | 15:27 |
| xwindows | Hm... installing from archive repository is not a specialized case; | 15:39 |
| xwindows | I have seen multiple instances of people asking exactly that. | 15:39 |
| xwindows | So I would patch APT (once I find the time), and try to get it into upstream. | 15:40 |
| xwindows | Of course, with so many people ingrained in the techno-fashionista way of computing, I'm pessimistic about it passage; | 15:41 |
| xwindows | but I'll release patches and *.deb independently if it come to that. | 15:41 |
| rrq | trusting an outdated key is a bit of security risk | 15:42 |
| xwindows | Less risk than just blindly accepting UNAUTHENTICATED though. | 15:43 |
| xwindows | And that is the risk I am (and people like me who use archive repo are) willing to take. | 15:43 |
| ted-ious | Have you authenticated any of the debian developers in person? | 15:47 |
| ted-ious | Which ones work for which intelligence agencies? :) | 15:47 |
| xwindows | "authenticated any of the debian developers", No, don't have any reason or chance to, I'm not a DD. | 15:48 |
| rrq | it might work using Acquire::Check-Valid-Until false; in /etc/apt/apt.conf ... would feel like one notch smaller hole than --allow-unauthenticated | 15:54 |
| xwindows | rrq: I think I have heard about that specific option before... thanks for reminding me; | 15:55 |
| xwindows | rrq: I'll have to hunt down to see if this exists in Wheezy version or not (and cherry-pick that if not). | 15:56 |
| xwindows | Hm... seems to be listed in my version of `man apt.conf` too; I didn't remember if I tried that before... | 15:57 |
| xwindows | But I'll have to run now (though my client will stay connected); | 15:58 |
| xwindows | thank you all for the advices (and non-advices). | 15:59 |
| gnarface | have a good one | 15:59 |
| xwindows | Hm, `apt-get -o Acquire::Check-Valid-Until=false update` completed with a bunch of `W: GPG error: http://archive.debian.org wheezy/SOMETHING Release: The following signatures were invalid: KEYEXPIRED ...`; | 16:17 |
| gnarface | but it worked? | 16:17 |
| xwindows | And using `apt-get -o Acquire::Check-Valid-Until=false install inn` still show the "WARNING: The following packages cannot be authenticated!" | 16:18 |
| xwindows | and the "Install these packages without verification [y/N]?" prompt; | 16:18 |
| xwindows | just like when I didn't specify that. | 16:18 |
| gnarface | probably expected behavior | 16:18 |
| xwindows | So, that probably still require patch... | 16:19 |
| xwindows | Off for real now. | 16:19 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!