IRC Logs for #crux-devel Tuesday, 2014-07-22

jaeger-fstack-protector-strong seems to be added in gcc 4.9 from what I can see00:02
jaegerthe other options should be available in 4.8.x, though00:03
mechaniputerCorrect, "-fstack-protector-strong" is new in GCC 4.9 but earlier versions still have the less thorough "-fstack-protector"00:08
Worksterso what non-breaking options re safe to even try?00:35
Worksteri even managed to break glibc compiles setting sse options, or setting an march other than x86-64 in the past00:36
jaegertheoretically, -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=200:36
jaegeror using gcc 4.9, -fstack-protector-strong00:36
Worksteri haven't redone my patch yet that i used to use for setting per a Pkgfile variables yet. but this time i feel like making a directory. like /etc/pkgmk.d/ and drop files in to omgoptimise or just sane defaults that work. like say using clang for all stuff that works with that.00:37
Workstera way to rice without having to edit Pkgfiles00:38
Worksterprobably not in the interests of crux to import that though. but that stuff and hardened crux could be on a wiki page as a howto00:39
jaegeryeah, nice to have options for those users who want to do it that way00:40
Worksteralthough having the directory users could teak there own system though, doesn't sound like a bad idea.00:41
jaegerI'm building a 3.1 VM to mess with it in spare time01:28
*** mavrick61 has quit IRC02:24
*** mavrick61 has joined #crux-devel02:25
*** jaeger has quit IRC03:14
*** jaeger has joined #crux-devel03:21
*** mechaniputer has quit IRC03:59
*** mike_k has joined #crux-devel06:04
*** mike_k has quit IRC06:07
frinnstI remember patching gcc with ibm'a propolice patches way back when08:28
teK__-fstack-protector-strong <- strong? Seriously? :D08:35
frinnstheh. its in gcc 4.908:36
*** mike_k has joined #crux-devel08:55
AmnesiaI'll try and upgrade:)08:57
Amnesiastill running 3.0 though:)08:58
mike_kpushing to contrib 3.0 fails for me (after a fresh clone and some commits):
frinnstthere were some git troubles a few days ago09:01
frinnstyes iirc there were some permission problems the other day. perhaps tek/jaeger have access so they can fix it?09:02
mike_kfrinnst: thanks. I'll wait for them to show up09:03
frinnstdid you try to push to 3.1? that *should* work09:03
frinnstor maybe not when reading your paste09:03
*** Lukc` has quit IRC09:06
Amnesiafrinnst: would it be enough to update the rsync files in /etc/ports/ to upgrade from 3.0 to 3.1?09:08
frinnstonly if you are prepared to deal with a lot of breakage09:10
frinnstand you need to manually fix / remove / add packages09:11
Amnesiahm ok09:11
Amnesiasounds like the best way is to reinstall?09:11
frinnstcheck out setup-helper on the ISO09:11
frinnstjust upgrade from the iso09:11
Amnesiaah neat09:12
frinnstyou could also manually update the packages from the iso and do what setup-helper tells you:09:17
Amnesiamuchas gracias09:18
teK__mike_k: retry09:43
teK__and frinnst has the permisssions to change ownerships himself ;)09:43
frinnstyes but not here at work :)09:45
*** novak_ has quit IRC09:54
*** novak has joined #crux-devel09:56
mike_kteK__: thanks, it is OK now10:03
*** dutch has joined #crux-devel10:34
*** mike_k has quit IRC12:08
jaegermike_k is the only one who can push to contrib currently, I imagine :)12:10
jaegerfixed the permissions on the log files12:16
*** mechaniputer has joined #crux-devel12:53
*** mike_k has joined #crux-devel13:11
jaegergoing to update jre since jue is gone13:47
jaegershould I cherry-pick the jre update back into 3.0 since it has security fixes? probably so13:47
frinnstyeah if you feel kind :)13:54
jaegereasy enough to do13:54
Romsteri always make sure i am using PIC but i never gave any thought to PIE14:04
Romsterneat script.14:08
Romsterthis rpath stuff isn't it bad having rpaths set? or worse not having them to avoid injecting code.14:08
AmnesiaRomster: check out ld's manpage14:15
RomsterIf -rpath is not used when linking an ELF executable, the contents of the environment variable "LD_RUN_PATH" will be used if it is defined.14:25
Romsternot setting rpath seems more insecure.14:25
AmnesiaRomster: well, actually it's a two sided blade14:33
Amnesiarpath/LD_LIBRARY_PATH are both ignored when it're setuid/setgid binaries though14:33
Amnesiadouble-edged sword*14:35
Romsteryeah hard to say which is best but setuid/setgid arn't so nice.14:36
Amnesiawhat'd you like to set it to?14:37
Amnesia(most distro's leave it empty)14:38
Romsteri dunno what is best for rpath i just use what the programs defaults are set too14:38
Amnesiathen I'd suggest to leave it empty14:39
Amnesia those defaults are kinda sane imo14:42
Romstersome are optimize only things, doens't seem a lot.14:47
*** mechaniputer has quit IRC15:45
*** mechaniputer has joined #crux-devel19:39
nrxtxhi Romster ideas for color schemas? :D19:49
frinnstjaeger: 3.12.25 was just released :)20:20
frinnstsure took a while20:20
jaegerit can go into the updated ISOs. :P20:22
frinnstit sure doesnt seem like a reliable branch20:22
frinnstyuck. firefox and thunderbird releases20:23
frinnstI hate my [notify] commits. They always vary so much. I should prepare a template or something20:28
frinnstSubject: Your message to CRUX awaits moderator approval20:30
frinnsthow does this stuff work?20:30
teK__you go to the mailman admin panel and approve/reject it20:30
teK__did that.20:33
frinnsti dont think i have the admin stuff20:34
teK__k :p20:36
teK__want it?20:36
*** mike_k has quit IRC20:50
frinnstmight as well21:42
*** deus_ex has quit IRC22:10
*** deus_ex has joined #crux-devel22:10
*** dutch has quit IRC22:53

Generated by 2.11.0 by Marius Gedminas - find it at!