IRC Logs for #crux Saturday, 2017-06-24

*** druid_droid has joined #crux00:52
druid_droidhey crux'ers00:52
Romsterhi00:52
druid_droidjust finish rebuild of a rebuild of a rebuild of core, and yes, I should not build again stuff under gresecurity kerne00:52
druid_droid*kernel00:52
druid_droidI changed glibc-32, added something about errors, like the other glibc have, it was giving error00:53
druid_droidalso I don't mess to much adding packages to pkgmk.conf00:54
druid_droidI mean their costum flags00:54
druid_droidhey I'm happy :D just lost one day watching lines passing ...00:54
druid_droidI think I'm since 2014 if I'm not wrong just stuffing arround crux00:55
druid_droidI learn how to break a system :D00:56
druid_droidwell, thanks you all for this system,00:57
druid_droid<300:58
Romsteri had a custom patch for pkgmk to alow costom C CXX LD flags to each package00:58
Romsterbut i repackaged it all in this tarball http://hvlinux.net/distfiles/pkgutils-5.40.3.tar.xz01:00
Romsterand it's rather old now.01:00
Romsterif i was todo that again i would make a pkgmk.d directory and ad a file per a name= and do it in there than in pkgmk.conf directly.01:01
Romsterbut eh there is some other tool aground somewhere for patching Pkgfiles but that wont work so well with the .signature01:01
Romsterhas mirror:// support among a bunch of other changes01:07
druid_droidRomster: I just have a branch from official 3.301:09
druid_droidof the ports, I change them, then rebase,01:09
druid_droidsome conflicts, for example I change all http and ftp to https, but not that hard to maintain until now01:09
Romsterdruid_droid, is your stuff anywhere where i can take a look?01:15
Romsterthe change to https should be merged into crux IMO01:15
*** onodera has quit IRC01:50
*** ileach has quit IRC01:59
Romsterhttp://romster.me/distfiles/hash/ocaml-4.04.2.tar.xz/sha256/ keeps silent file changes02:15
Romsteri haven't looked yet to see the diff02:15
*** _________mavric6 has quit IRC02:27
*** _________mavric6 has joined #crux02:29
druid_droidRomster: I have a complete mirror of crux.nu, with wiki, gitweb and so on, but I fail renewing let's encrypt certificate, I must wait 7 days before I try again02:35
druid_droidbut tomorrow I will share on github02:35
druid_droidmy change was recursive replace (grep + sed) then I just fixed the ones I have installed and try to update,02:36
druid_droidI have done it in opt, not yet in core since I have all the sources, and commit is not clean sorry02:39
druid_droidbut I will share and let you know02:39
Romsteri'm going though ports and fixing trivial things02:41
druid_droidyes I know your collection :) I will need it as I need in the past02:46
druid_droidRomster: hvlinux.net have not https02:48
druid_droidI just blocked 80 on firewall, since I don't have yet firefox and current browser keep redirecting to http02:48
Romsteri know another todo02:49
brian|lfswhy don't you have chromium or firefox druid_droid02:49
druid_droidbrian|lfs: firefox fail to build, but I know now why03:21
druid_droidit was a broken core collection plus building with grsecurity03:21
druid_droidthe only one that build was a webkit based, epiphany03:21
druid_droidmy favorit is dillo03:22
*** lounge has joined #crux03:34
brian|lfsya broken core could be problematic04:31
*** tilman_ has joined #crux04:34
*** tilman has quit IRC04:37
*** ileach has joined #crux09:38
*** lounge has quit IRC10:02
*** john_cephalopoda has joined #crux10:09
*** ubuuu has joined #crux10:18
*** tsaop has joined #crux10:24
*** ubuuu has quit IRC10:31
*** deus_ex has joined #crux11:31
*** pedja has quit IRC11:32
*** elderK has quit IRC11:39
*** tsaop has quit IRC11:50
cruxbot[opt.git/3.3]: wine: 2.10 -> 2.1112:13
*** onodera has joined #crux12:38
cruxbot[opt.git/3.3]: nss: additional headers, library, pkgconfig files12:40
cruxbot[opt.git/3.3]: nss: updated signature12:40
*** druid_droid has quit IRC13:07
j_vfrinnst: thank you13:12
cruxbot[opt.git/3.3]: gstreamer: 1.12.0 -> 1.12.113:17
cruxbot[opt.git/3.3]: gst-plugins-base: 1.12.0 -> 1.12.113:17
frinnstno worries. im always open to improvements :-)13:22
cruxbot[contrib.git/3.3]: gst-plugins-good: 1.12.0 -> 1.12.113:24
cruxbot[contrib.git/3.3]: gst-plugins-bad: 1.12.0 -> 1.12.113:24
cruxbot[contrib.git/3.3]: gst-plugins-ugly: 1.12.0 -> 1.12.113:24
cruxbot[contrib.git/3.3]: gst-libav: 1.12.0 -> 1.12.113:24
cruxbot[contrib.git/3.3]: gst-python: 1.12.0 -> 1.12.113:24
cruxbot[contrib.git/3.3]: gstreamer-vaapi: 1.12.0 -> 1.12.113:24
j_vvery cool...13:26
*** chinarulezzz has quit IRC13:35
cruxbot[compat-32.git/3.3]: gstreamer-32: 1.12.0 -> 1.12.113:35
cruxbot[compat-32.git/3.3]: gst-plugins-base-32: 1.12.0 -> 1.12.113:35
*** chinarulezzz has joined #crux14:00
Romsternice we should see openjdk in contrib maybe j_v  <<14:16
j_vthat would be fine. the nss port was the main thing that would have made it complicated. i'd like to refine the ports some for building with a bootstrap openjdk so that a user who only wanted the actual jdk wouldn't be forced to jump through the hoops of bootstrapping all the way from gcj-jdk, openjdk6, openjdk7, to openjdk814:23
j_vi'm thinking that the ports the do the bootstrapping i should rename to *-bootstrap or some such and have the openjdk7 and openjdk8 ports build with prebuilt jdk's.14:25
j_vbut i'd like to look at trying to strip down the bootstrapper packages so that they aren't so monsterous to download14:26
j_vi intend to work on that this weekend14:29
Romsteri would take a look at my ghc and fpc ports i've made them bootstrap from the system and if they can't from the system they pull down the necessary files to bootstrap14:29
Romsterno name= renaming involved14:30
j_vveru cool, i will look at them. sounds like good way to do it.14:31
Romsteri'd personally like to be able to build all the way up from gcj-jdk but then as i get to openjdk8 i can then rebuild openjdk8 from itself on the system14:31
j_vs/veru/very/14:31
Romsterit's a bit of work in the Pkgfile but it makes it easy for the end user.14:31
Romsteri intend to look over that rust/cargo stuff i just haven't touched that yet.14:32
j_vi get what you're saying and i think it would be worth the legwork14:32
Romsteron top of that i'll offer built packages14:33
j_vno worries about the rust stuff, i was just curious if it was possible... i still haven't come up with a reasonable path to installing cargo (crux style).14:33
Romsteri wonder if i can run minecraft chatty and other things with openjdk. that would be way cool.14:33
Romsteri'm going to try with the sources.14:33
j_vthose would be good tests, think i will take a look a that too14:34
Romsteri had to bootstrap python-* and pyhton3-* ports for pip/install as well.14:34
Romsterbut that's a bit different to ghc fpc14:35
j_vthe python stuff seemed to have worked out pretty well14:35
Romsteri spent a lot of time testing every case14:35
Romsterand made sure i covered them all.14:35
j_vnice... i've been trying to get better about that14:36
Romsterhence why the complexity in the build() it also throws up warnings if something is missing.14:36
j_vi did a lot of testing of all the packages effected by nss before proposing the changes to frinnst14:36
j_vthat was how i uncovered FS#143214:38
Romsterah14:42
Romsteri did some changes to mpv and ffmpeg to configure stuff if it finds *.pc files.14:46
Romsterto remove the hard dependencies and make them soft dependencies that get included if found.14:46
j_vnice, that is a good way to go14:47
Romsterj_v,  i just /today/ made a new quick script and a change to my pkg-clean script to add --keep PACKAGE14:48
ryu0whatever you do though, don't tell it to keep package lawyer. you'll get sued.14:48
Romster--keep dependency tree and i now sort the packages depending on dependencies so i don't have to uninstall and install all the packages for every package i build in docker.14:48
Romsterhah ryu014:49
Romsterhttps://gist.github.com/therealromster/7e08737aeccd568b38019cf73e4ee60c it's a hack up job currently.14:49
Romsteri know it's ugly but i'll get it cleaned up. and make a script out of it.14:49
j_vi will take a look... might be a good addition for my pkgwrap stuff14:50
Romsternote it uses a feather of pkg-clean i haven't pushed to my ports tree yet14:50
Romstererr s/feather/feature/14:51
Romster-_-14:51
ryu0Romster is a bird brain.14:51
ryu0:-)14:51
Romsterit's nearly 1am and i knew you would comment...14:51
ryu0anyway.14:51
*** ileach has quit IRC15:04
*** ma0 has joined #crux15:29
Romsterhttps://gist.github.com/therealromster/3f3a24f46c2e2f9ed0bbb9f019c9ff4b pkg-clean.diff  that is in romster/pkg-clean15:34
Romsteri'll add that feature soonish still tweaking15:35
j_vcool, i look at eventually incorporating pkg-clean into my pkgwrap stuff. i've been meaning to add general build containers that were based on core + basic xorg, core + mesa3d, etc15:40
j_vpkg-clean would make it easier to reuse those containers instead of just cloning the basic build container then always adding the necessary packages to build a port15:42
Romsterthat's what i am doing re-using the same container16:04
Romsterdocker > ccache > distcc over my 8 machines16:06
Romsterand pkg-clean and some other scripts doing the work.16:06
Romsterryu0, and i made the faster revdep, that i use a lot more often now that it doesn't take 8 minutes to run.16:07
*** chinarulezzz has quit IRC17:31
*** brian|lfs has quit IRC17:35
*** brian|lfs has joined #crux17:36
brian|lfsLinux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code at root. Major Linux and open source distributors made patches available Monday, and systems running Linux, OpenBSD, NetBSD, FreeBSD or Solaris on i386 or amd64 hardware should be updated soon.17:37
brian|lfsThe risk presented by this flaw, CVE-2017-1000364, becomes elevated especially if attackers are already present on a vulnerable system. They would now be able to chain this vulnerability with other critical issues, including the recently addressed Sudo vulnerability, and then run arbitrary code with the highest privileges, said researchers at Qualys who discovered the vulnerability.Linux, BSD, Solaris and other open source systems are vulnerable to a local17:37
brian|lfsprivilege escalation vulnerability known as Stack Clash that allows an attacker to execute code at root. Major Linux and open source distributors made patches available Monday, and systems running Linux, OpenBSD, NetBSD, FreeBSD or Solaris on i386 or amd64 hardware should be updated soon.17:37
brian|lfsThe risk presented by this flaw, CVE-2017-1000364, becomes elevated especially if attackers are already present on a vulnerable system. They would now be able to chain this vulnerability with other critical issues, including the recently addressed Sudo vulnerability, and then run arbitrary code with the highest privileges, said researchers at Qualys who discovered the vulnerability.17:37
john_cephalopodabrian|lfs: Is it fixed in some kernel release already?17:43
brian|lfsnot sure17:50
brian|lfsbut scarey17:50
brian|lfsI just saw it17:50
*** tsaop has joined #crux18:13
*** j_v has joined #crux18:22
j_vthere's more stack guard fixes in most recent kernel releases for 4.9/4.11 branches. if you are upgrading your kernel due to CVE-2017-1000364, might consider 4.9.34 or 4.11.7.18:26
*** john_cephalopoda has quit IRC18:53
*** john_cephalopoda has joined #crux18:55
*** amonn_ has quit IRC19:01
frinnstrunning windows 10 on an ssd is like running windows xp on a regular harddrive19:12
frinnstrunning windows 10 on a spinning disk is unbearable19:12
*** elderK has joined #crux19:12
*** onodera has quit IRC19:16
][_R_][Running windows at all is depressing19:21
*** onodera has joined #crux19:21
*** ma0 has quit IRC19:27
cruxbot[opt.git/3.3]: thunderbird: updated to 52.2.119:29
*** frinnst_ has joined #crux19:33
*** onodera has quit IRC19:34
*** j_v has quit IRC19:52
*** j_v has joined #crux19:54
*** tsaop has quit IRC20:09
*** chinarulezzz has joined #crux21:22
*** onodera has joined #crux21:22
*** Piraty has quit IRC22:30
*** Piraty has joined #crux22:31
*** Duskmourn has joined #crux22:32
*** john_cephalopoda has left #crux ("Trees can see into your soul.")22:42

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!