Re: [arch-general] Stronger Hashes for PKGBUILDs
> > So what do you guys think if we make our implicit standards available > somewhere on the wiki. This would make it more transparent on how we > build stuff, how TUs should package and give a guideline for AUR > maintainers, as they might not know about some details like this. > The best way to get that ball rolling is to just add it somewhere. The maintenance team usually weighs in pretty quickly on the talk pages. Possible pages for the info could be: https://wiki.archlinux.org/index.php/Arch_packaging_standards or https://wiki.archlinux.org/index.php/Arch_User_Repository
Re: [arch-general] minidlna problems
On Sun, Dec 4, 2016 at 6:55 PM, SET wrote: > Le dimanche 4 décembre 2016 17:17:02 CET Mike Cloaked via arch-general a > écrit > : > > The version current in arch is minidlna 1.1.6-1 but perhaps the comment > > earlier in the thread about version 2.x is a heads-up for when the > version > > in arch is updated in the future at some point to make sure that 2.x does > > support UPnP. Certainly minidlna 1.1.6-1 works fine once it is set up > > correctly. > > The 2.x comment above concerns VLC, and not minidlna. I'm using the same > version as yours, on ALARM too. > Current vlc in arch is version vlc 2.2.4-5, and I have just double checked that it works for UPnP - loading vlc in my desktop, and on the LAN, I can immediately connect to my minidlna server running on a little odroid-c2 machine on the same network and can play video and see the other media files on UPnP. So if there was any issue on an earlier version of 2.x it doesn't seem to be an issue currently. -- mike c
Re: [arch-general] Stronger Hashes for PKGBUILDs
On 12/03/2016 07:21 PM, sivmu wrote: > > > Am 03.12.2016 um 06:27 schrieb fnodeuser: > >> >> if an upstream does not sign the files, does not have https enabled, and/or >> refuses to take security and privacy seriously, sha512 must be used in the >> PKGBUILD files. > > But using and hash value without the possibility to verify the hashed > files, adds no security. It provides a false sense of security instead. > > I agree that we should use a strong hash by default where it makes > sense. But in the absense ob effective validation of upstream packages, > this is meaningless. > It adds (possible) security for those who want to rebuild the package at a later time or modify the PKGBUILD. It ensures they get the exact same sources as the original publisher. This comes especially into place if you live inside a country where you do not have much freedom online. I also like the suggestion to also sign the ISO files with sha512sums. It would not cause any trouble to add one more hash and a lot more people will be happy. Great idea! I also got a request from AUR: https://aur.archlinux.org/packages/snap-sync/ Those suggestions should be written down somewhere. I agree with this, as I also did a lot of things wrong and the PKGBUILD police (anthraxx) corrected those for me. I think a simple checklist with examples would be nice. This could contain: * Use https whenever possible * Use GPG whenever possible * Ask upstream if they do not use https and gpg yet (with some templates I made) * Use strong hashes * Add a note about the simple devtools chroot build and updpkgsums function * Use unique sources (if you are building in the same source directory) * Mask all variables with quotes * Use .xz sources wherever possible (to speed up downloads on instable/slow connections) * Do not delete users on uninstall * Use an underscore for user variables * https://lists.archlinux.org/pipermail/aur-general/2016-October/032845.html So what do you guys think if we make our implicit standards available somewhere on the wiki. This would make it more transparent on how we build stuff, how TUs should package and give a guideline for AUR maintainers, as they might not know about some details like this. ~Nico signature.asc Description: OpenPGP digital signature
Re: [arch-general] minidlna problems
Le dimanche 4 décembre 2016 17:17:02 CET Mike Cloaked via arch-general a écrit : > The version current in arch is minidlna 1.1.6-1 but perhaps the comment > earlier in the thread about version 2.x is a heads-up for when the version > in arch is updated in the future at some point to make sure that 2.x does > support UPnP. Certainly minidlna 1.1.6-1 works fine once it is set up > correctly. The 2.x comment above concerns VLC, and not minidlna. I'm using the same version as yours, on ALARM too.
Re: [arch-general] minidlna problems
On Sun, Dec 4, 2016 at 4:19 PM, Peter Nabbefeld wrote: > Hello Mike, > > I cannot find any important differences between Your files and mine. I've > tested VLC, and if this is broken, the test doesn't have any relevance, so > I need some other client first. > > Kind regards > Peter In my case I can run vlc from another machine within my LAN to see the files on my media server running minidlna - one thing worth checking is that you don't have any firewall blocks for the required ports on the server. Again in my case the server is entirely within my home LAN and not visible to the wider internet, so there are less security concerns in this case than if the server was being accessed from the WAN. The version current in arch is minidlna 1.1.6-1 but perhaps the comment earlier in the thread about version 2.x is a heads-up for when the version in arch is updated in the future at some point to make sure that 2.x does support UPnP. Certainly minidlna 1.1.6-1 works fine once it is set up correctly. -- mike c
Re: [arch-general] minidlna problems
Le 4 décembre 2016 17:10:33 GMT+01:00, Peter Nabbefeld a écrit : >Thank You for Your answer. Could You recommend me some other dlna >client >then? >>> The wiki page refered to above mentions Totem and Kodi. You could try your luck, didn 't test them. I find it more comfortable to watch UPnP streams on my Android phone.
Re: [arch-general] minidlna problems
Hello Mike, I cannot find any important differences between Your files and mine. I've tested VLC, and if this is broken, the test doesn't have any relevance, so I need some other client first. Kind regards Peter Am 04.12.2016 um 17:03 schrieb Mike Cloaked via arch-general: On Sun, Dec 4, 2016 at 1:08 PM, Peter Nabbefeld wrote: Hello, I've installed minidlna (community/minidlna 1.1.6-1), but cannot access any files. When I access it on port 8200, statistics count some audio files, but those are videos (mp4). I also cannot see a list of the files (well, I even don't know, if this would be expected behaviour). If I try to connect via UPnP using VLC, I cannot even see any file. Portscan detected port 8200 listening, but neither 80 nor 1900. So, I do have some questions: - Why are my mp4 files recognized as audio files? - Is minidlna expected t oshow a list of files in its DB somewhere? - How can I detect minidlna working correctly? It took me a while to get minidlna going (though I run it on an archlinuxarm machine) - and it is referred to with a different name in the wiki: https://wiki.archlinux.org/index.php/ReadyMedia There are a number of things that have to be set right to make it work - the permissions on directories including the home directory of the user where the files are stored need to be set to allow the non-root user running minidlna to access the files with the media. eg in my case on my little media server: $ ls -l /home total 8 drwx-- 2 alarm alarm 4096 Feb 22 2016 alarm drwxr-xr-x 6 mike mike 4096 Jun 6 20:57 mike then the minidlna.service file is: $ cat /etc/systemd/system/minidlna.service [Unit] Description=minidlna server After=network.target [Service] Type=simple User=minidlna Group=minidlna ExecStart=/usr/bin/minidlnad -S ProtectSystem=full ProtectHome=read-only PrivateDevices=on NoNewPrivileges=on [Install] WantedBy=multi-user.target and this service is started in my case with a systemd timer to avoid startup timing issues on the small SoC on which this runs. Then the minidlna conf file is: $ cat /etc/minidlna.conf # port for HTTP (descriptions, SOAP, media transfer) traffic port=8200 # network interfaces to serve, comma delimited #network_interface=eth0 network_interface=eth0 # specify the user account name or uid to run as user=minidlna #user=mike # set this to the directory you want scanned. # * if you want multiple directories, you can have multiple media_dir= lines # * if you want to restrict a media_dir to specific content types, you # can prepend the types, followed by a comma, to the directory: # + "A" for audio (eg. media_dir=A,/home/jmaggard/Music) # + "V" for video (eg. media_dir=V,/home/jmaggard/Videos) # + "P" for images (eg. media_dir=P,/home/jmaggard/Pictures) # + "PV" for pictures and video (eg. media_dir=PV,/home/jmaggard/digital_camera) #media_dir=/opt media_dir=A,/home/mike/Music/ media_dir=P,/home/mike/Pictures/ media_dir=V,/home/mike/Videos/ # set this to merge all media_dir base contents into the root container # note: the default is no #merge_media_dirs=no # set this if you want to customize the name that shows up on your clients #friendly_name=My DLNA Server friendly_name=Odroid Media Server # set this if you would like to specify the directory where you want MiniDLNA to store its database and album art cache #db_dir=/var/cache/minidlna db_dir=/var/cache/minidlna # set this if you would like to specify the directory where you want MiniDLNA to store its log file #log_dir=/var/log # set this to change the verbosity of the information that is logged # each section can use a different level: off, fatal, error, warn, info, or debug #log_level=general,artwork,database,inotify,scanner,metadata,http,ssdp,tivo=warn # this should be a list of file names to check for when searching for album art # note: names should be delimited with a forward slash ("/") album_art_names=Cover.jpg/cover.jpg/AlbumArtSmall.jpg/albumartsmall.jpg/AlbumArt.jpg/albumart.jpg/Album.jpg/album.jpg/Folder.jpg/folder.jpg/Thumb.jpg/thumb.jpg # set this to no to disable inotify monitoring to automatically discover new files # note: the default is yes inotify=yes # set this to yes to enable support for streaming .jpg and .mp3 files to a TiVo supporting HMO enable_tivo=no # set this to strictly adhere to DLNA standards. # * This will allow server-side downscaling of very large JPEG images, # which may hurt JPEG serving performance on (at least) Sony DLNA products. strict_dlna=no # default presentation url is http address on port 80 #presentation_url=http://www.mylan/index.php # notify interval in seconds. default is 895 seconds. notify_interval=900 # serial and model number the daemon will report to clients # in its XML description serial=12345678 model_number=1 # specify the path to the MiniSSDPd socket #minissdpdsocket=/var/run/minissdpd.sock # use different container as root of the tree # possible values: # + "." - use s
Re: [arch-general] minidlna problems
Thank You for Your answer. Could You recommend me some other dlna client then? Kind regards Peter Am 04.12.2016 um 15:55 schrieb SET: So, I do have some questions: - Why are my mp4 files recognized as audio files? - Is minidlna expected t oshow a list of files in its DB somewhere? - How can I detect minidlna working correctly? Kind regards Peter I didn't have any success with the stock minidlna.service file, which I disabled. I'm using this one : * [Unit] Description=PostBoot Minidlna Requires=network.target After=network.target [Service] Type=forking ExecStart=/usr/bin/minidlnad -R User=minidlna [Install] WantedBy=multi-user.target * According to comments I read somewhere, it's not considered safe ! Please note you'll have to create an unprivileged user that owns all files. As for VLC, UPnP browsing is just broken in 2.x. It seems this module is completely re-written in 3.x, not yet out. Regards.
Re: [arch-general] minidlna problems
On Sun, Dec 4, 2016 at 1:08 PM, Peter Nabbefeld wrote: > > Hello, > > I've installed minidlna (community/minidlna 1.1.6-1), but cannot access > any files. When I access it on port 8200, statistics count some audio > files, but those are videos (mp4). I also cannot see a list of the files > (well, I even don't know, if this would be expected behaviour). If I try to > connect via UPnP using VLC, I cannot even see any file. Portscan detected > port 8200 listening, but neither 80 nor 1900. > > So, I do have some questions: > - Why are my mp4 files recognized as audio files? > - Is minidlna expected t oshow a list of files in its DB somewhere? > - How can I detect minidlna working correctly? > > It took me a while to get minidlna going (though I run it on an archlinuxarm machine) - and it is referred to with a different name in the wiki: https://wiki.archlinux.org/index.php/ReadyMedia There are a number of things that have to be set right to make it work - the permissions on directories including the home directory of the user where the files are stored need to be set to allow the non-root user running minidlna to access the files with the media. eg in my case on my little media server: $ ls -l /home total 8 drwx-- 2 alarm alarm 4096 Feb 22 2016 alarm drwxr-xr-x 6 mike mike 4096 Jun 6 20:57 mike then the minidlna.service file is: $ cat /etc/systemd/system/minidlna.service [Unit] Description=minidlna server After=network.target [Service] Type=simple User=minidlna Group=minidlna ExecStart=/usr/bin/minidlnad -S ProtectSystem=full ProtectHome=read-only PrivateDevices=on NoNewPrivileges=on [Install] WantedBy=multi-user.target and this service is started in my case with a systemd timer to avoid startup timing issues on the small SoC on which this runs. Then the minidlna conf file is: $ cat /etc/minidlna.conf # port for HTTP (descriptions, SOAP, media transfer) traffic port=8200 # network interfaces to serve, comma delimited #network_interface=eth0 network_interface=eth0 # specify the user account name or uid to run as user=minidlna #user=mike # set this to the directory you want scanned. # * if you want multiple directories, you can have multiple media_dir= lines # * if you want to restrict a media_dir to specific content types, you # can prepend the types, followed by a comma, to the directory: # + "A" for audio (eg. media_dir=A,/home/jmaggard/Music) # + "V" for video (eg. media_dir=V,/home/jmaggard/Videos) # + "P" for images (eg. media_dir=P,/home/jmaggard/Pictures) # + "PV" for pictures and video (eg. media_dir=PV,/home/jmaggard/digital_camera) #media_dir=/opt media_dir=A,/home/mike/Music/ media_dir=P,/home/mike/Pictures/ media_dir=V,/home/mike/Videos/ # set this to merge all media_dir base contents into the root container # note: the default is no #merge_media_dirs=no # set this if you want to customize the name that shows up on your clients #friendly_name=My DLNA Server friendly_name=Odroid Media Server # set this if you would like to specify the directory where you want MiniDLNA to store its database and album art cache #db_dir=/var/cache/minidlna db_dir=/var/cache/minidlna # set this if you would like to specify the directory where you want MiniDLNA to store its log file #log_dir=/var/log # set this to change the verbosity of the information that is logged # each section can use a different level: off, fatal, error, warn, info, or debug #log_level=general,artwork,database,inotify,scanner,metadata,http,ssdp,tivo=warn # this should be a list of file names to check for when searching for album art # note: names should be delimited with a forward slash ("/") album_art_names=Cover.jpg/cover.jpg/AlbumArtSmall.jpg/albumartsmall.jpg/AlbumArt.jpg/albumart.jpg/Album.jpg/album.jpg/Folder.jpg/folder.jpg/Thumb.jpg/thumb.jpg # set this to no to disable inotify monitoring to automatically discover new files # note: the default is yes inotify=yes # set this to yes to enable support for streaming .jpg and .mp3 files to a TiVo supporting HMO enable_tivo=no # set this to strictly adhere to DLNA standards. # * This will allow server-side downscaling of very large JPEG images, # which may hurt JPEG serving performance on (at least) Sony DLNA products. strict_dlna=no # default presentation url is http address on port 80 #presentation_url=http://www.mylan/index.php # notify interval in seconds. default is 895 seconds. notify_interval=900 # serial and model number the daemon will report to clients # in its XML description serial=12345678 model_number=1 # specify the path to the MiniSSDPd socket #minissdpdsocket=/var/run/minissdpd.sock # use different container as root of the tree # possible values: # + "." - use standard container (this is the default) # + "B" - "Browse Directory" # + "M" - "Music" # + "V" - "Video" # + "P" - "Pictures" # + Or, you can specify the ObjectID of your desired root container (eg. 1$F for Music/Playlists) # if you specify "B" an
Re: [arch-general] After upgrade
On Sun, Dec 04, 2016 at 09:29:00 +0100, Ralf Mardorf wrote: > On Sat, 3 Dec 2016 22:22:16 +0100, Martin Kühne via arch-general wrote: > >We're having extreme gravity fluctuations, please move your pc to the > >floor rapidly. > > It was in the news today. At CERN by accident a black hole was > produced. It expands, Switzerland already is lost, now the black hole > eats words from emails, since it has got impact on German Internet > nodes. If we don't stop replying, the black hole will grow by eating > word by word and soon it will suck under the third stone from sun. I'm in Bern, and I'm still perfectly alive. Although, the Swiss government may have taken precautions to ensure the survival of their people, so perhaps they transformed the country into a giant floating ship and bailed, explaining why the news reports us as "gone". The air is cold and the Sun is low on the horizon. I might be on to something... I may need to take a trip to the borders and check that. signature.asc Description: PGP signature
Re: [arch-general] After upgrade
> It was in the news today. At CERN by accident a black hole was > produced. It expands, Switzerland already is lost, now the black hole > eats words from emails, since it has got impact on German Internet > nodes. If we don't stop replying, the black hole will grow by eating > word by word and soon it will suck under the third stone from sun. > > Coming soon. Roland Emmerich's "The Black Hole". Thanks for this. At least we get a good laugh out of this thread :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] minidlna problems
ERRATUM >Please note you'll have to create an unprivileged user that owns all files. Please note you'll have to create an unprivileged user that can read all files.
Re: [arch-general] minidlna problems
> > So, I do have some questions: > > - Why are my mp4 files recognized as audio files? > > - Is minidlna expected t oshow a list of files in its DB somewhere? > > - How can I detect minidlna working correctly? > > > > Kind regards > > Peter I didn't have any success with the stock minidlna.service file, which I disabled. I'm using this one : * [Unit] Description=PostBoot Minidlna Requires=network.target After=network.target [Service] Type=forking ExecStart=/usr/bin/minidlnad -R User=minidlna [Install] WantedBy=multi-user.target * According to comments I read somewhere, it's not considered safe ! Please note you'll have to create an unprivileged user that owns all files. As for VLC, UPnP browsing is just broken in 2.x. It seems this module is completely re-written in 3.x, not yet out. Regards.
Re: [arch-general] After upgrade
On Sun, 4 Dec 2016 13:34:45 + (GMT), piequiex wrote: >On Sat, 3 Dec 2016 16:05:18 +0100, Jelle van der Waa wrote: >>Your kenrel is tainted, mainline does not support tainted kernels. >Look on subject. Tainted distro. I fixed your broken quoting and provide the following link for the second time. https://unix.stackexchange.com/questions/118116/linux-what-is-a-tainted-kernel Maybe you installed a proprietary driver. Assuming a proprietary driver should cause the issue, you need to get in contact with the support of the vendor, providing this proprietary driver. Assuming a proprietary graphics driver should be the culprit, it would be important to get more information. Why did you install it? Perhaps you don't need it and could use a FLOSS driver instead? We already do a lot of guessing to help you. I provided a link to help you, to help us, to help you. Here it is again: http://www.catb.org/~esr/faqs/smart-questions.html Regards, Ralf -- https://de.wikipedia.org/wiki/Wikipedia:Humorarchiv/Friedrich-Wilhelm-Heft
Re: [arch-general] After upgrade
On 12/04/16 at 01:34pm, piequiex wrote: > > On 12/02/16 at 05:47am, piequiex wrote: > > > -BEGIN PGP SIGNED MESSAGE- > > > [ 65.955101] BUG: unable to handle kernel paging request at > > > 81e0 > > > > Welp, sounds like you a kernel bug, either the kernel just locked up or > > hit a BUG_ON(). > > > [ 65.956510] IP: [] __memmove+0x24/0x1a0 > > > [ 65.957874] PGD 1a09067 PUD 1a0a063 PMD 0 > > > [ 65.959198] Oops: [#17] PREEMPT SMP > > > [ 65.993921] CPU: 2 PID: 892 Comm: loadkeys Tainted: P DO > > > 4.8.11-1-ARCH #1 > > > > Your kenrel is tainted, mainline does not support tainted kernels. > Look on subject. Tainted distro. I've tried to be nice and helpful after the previous drama. But it seems your attitude doesn't improve. So sorry I can't help you. P.S. You don't have to taint your kernel, by using nouveau... -- Jelle van der Waa signature.asc Description: PGP signature
Re: [arch-general] After upgrade
> On 12/02/16 at 05:47am, piequiex wrote: > > -BEGIN PGP SIGNED MESSAGE- > > [ 65.955101] BUG: unable to handle kernel paging request at > > 81e0 > > Welp, sounds like you a kernel bug, either the kernel just locked up or > hit a BUG_ON(). > > [ 65.956510] IP: [] __memmove+0x24/0x1a0 > > [ 65.957874] PGD 1a09067 PUD 1a0a063 PMD 0 > > [ 65.959198] Oops: [#17] PREEMPT SMP > > [ 65.993921] CPU: 2 PID: 892 Comm: loadkeys Tainted: P DO > > 4.8.11-1-ARCH #1 > > Your kenrel is tainted, mainline does not support tainted kernels. Look on subject. Tainted distro. -- Have a nice day!
Re: [arch-general] minidlna problems
For port 1900, I did incorrect port scanning, as it uses UDP, and it is present. - P. Am 04.12.2016 um 14:08 schrieb Peter Nabbefeld: Hello, I've installed minidlna (community/minidlna 1.1.6-1), but cannot access any files. When I access it on port 8200, statistics count some audio files, but those are videos (mp4). I also cannot see a list of the files (well, I even don't know, if this would be expected behaviour). If I try to connect via UPnP using VLC, I cannot even see any file. Portscan detected port 8200 listening, but neither 80 nor 1900. So, I do have some questions: - Why are my mp4 files recognized as audio files? - Is minidlna expected t oshow a list of files in its DB somewhere? - How can I detect minidlna working correctly? Kind regards Peter
[arch-general] minidlna problems
Hello, I've installed minidlna (community/minidlna 1.1.6-1), but cannot access any files. When I access it on port 8200, statistics count some audio files, but those are videos (mp4). I also cannot see a list of the files (well, I even don't know, if this would be expected behaviour). If I try to connect via UPnP using VLC, I cannot even see any file. Portscan detected port 8200 listening, but neither 80 nor 1900. So, I do have some questions: - Why are my mp4 files recognized as audio files? - Is minidlna expected t oshow a list of files in its DB somewhere? - How can I detect minidlna working correctly? Kind regards Peter
Re: [arch-general] After upgrade
On Sat, 3 Dec 2016 19:31:55 + (GMT), piequiex wrote: >> Logical conclusion: It crashed. What more do you want us to say? >> We're not kernel devs. > >Perfect conclusion! >Advice? On Sat, 3 Dec 2016 16:05:18 +0100, Jelle van der Waa wrote: >Your kenrel is tainted, mainline does not support tainted kernels. Piequiex, we cannot read out aloud, you need to read it yourself: https://unix.stackexchange.com/questions/118116/linux-what-is-a-tainted-kernel Regards, Ralf PS: On Sat, 3 Dec 2016 21:13:08 + (GMT), piequiex wrote: >Why cencored? We are just kidding, since your mails don't provide the required details. >> do this, since I don't sign mails sent to mailing lists. >This happen automatically on mail service side. I see nothing >offensive in this action. At least at this point you should have noticed the sarcasm, since censoring a signed mail is tricky. On Sat, 3 Dec 2016 22:22:16 +0100, Martin Kühne via arch-general wrote: >We're having extreme gravity fluctuations, please move your pc to the >floor rapidly. It was in the news today. At CERN by accident a black hole was produced. It expands, Switzerland already is lost, now the black hole eats words from emails, since it has got impact on German Internet nodes. If we don't stop replying, the black hole will grow by eating word by word and soon it will suck under the third stone from sun. Coming soon. Roland Emmerich's "The Black Hole".