Re: [arch-general] latest kernel update surprise
On Sunday, March 22, 2020 2:28:13 PM CET Piscium via arch-general wrote: > Before Arch I used Fedora for 7 years. I found Fedora far more stable > than Arch when upgrading to a new Fedora version 3 months after > release when most bugs have been fixed. With Arch there is always > something that does not work properly and then days or weeks later it > starts working again. It is not Arch's fault, rather it results from > its KISS principle of making minimal or no changes to upstream > packages so you get all the issues from upstream. Fedora does lots of > patching and updates things less often so it is more stable than Arch. > > My suggestion is that if you are looking for reliability to use Debian > Stable which has a big choice of packages and it stable, or else > Fedora which is in between Debian Stable and Arch with respect to > up-to-date packages and stability. Arch might not be the best distro > for you. My €0.02. I kind of disagree, I think that the KISS, no-magic approach of arch is perfect for visually impaired or blind power users like Jude. However, maybe you should consider using the LTS kernel, packages as linux- lts? I have it installed and boot into it every ~4 years when something critical like wifi breaks. The LTS kernel has never broken for me, you might have a better experience with that. Cheers, Bennett signature.asc Description: This is a digitally signed message part.
Re: [arch-general] External monitors are no longer detected (Intel graphics)
On Wednesday, July 3, 2019 2:59:01 PM CEST Genes Lists via arch-general wrote: > On 7/3/19 3:58 AM, Bennett Piater wrote: > > To clarify: I did not find an upstream bug, and I don't know that this > > is an upstream issue. > > It is an upstream bug - peraps my previous email didn't get through - > will quote it again - sorry if its a dup: > > --- > On 7/2/19 1:48 PM, Genes Lists via arch-general wrote:> > > Check youor mesages and look for EDC asset. There is a fix teed up which > may help your case. > > I have seen this "EDC assert" issue with 8265 [1] and the fix is given > in comment #42. I have tested it on kernel 5.2-rc7 and works fine. > This impacts all pre-9000 intel wifi cards. > > This will NOT make it into 5.2, as Emmanual G points out, as its late in > the cycle; presumably will be in 5.2.1 and 5.3. > > A work around you might try is to add this iwlwifi option - then reboot. > > # cat >> /etc/modprobe.d/iwlwifi.conf > options iwlwifi swcrypto=1 > > regards, > > gene > > [1] https://bugzilla.kernel.org/show_bug.cgi?id=203315 > --- I was talking about external monitors not working, you are talking about wifi cards. Herzlich, Bennett signature.asc Description: This is a digitally signed message part.
Re: [arch-general] External monitors are no longer detected (Intel graphics)
On 2019-07-03 10:24, Ralf Mardorf via arch-general wrote: Hi, since I didn't follow this thread close enough, I don't know if this is an Arch or upstream related issue. However, it's crass if you consider it to be most likely an upstream bug and you think somebody else should do your job. "Once you have reported a bug upstream or have found other relevant information from upstream, it might be helpful to post this in the Arch bug tracker, so both Arch developers and users are made aware of it." - https://wiki.archlinux.org/index.php/Bug_reporting_guidelines#Upstream_or_Arch? Regards, Ralf To clarify: I did not find an upstream bug, and I don't know that this is an upstream issue. You could be the first one reporting it upstream. My impression when reading this thread is, that those participating in this thread have got the impression, that it is an upstream bug. The Wiki also mentions, in bold letters: "If Arch is not responsible for a bug, the problem will not be solved by reporting the bug to Arch developers." Keep in mind that you suffer from this bug. If a maintainer doesn't experience this bug, the maintainer hardly can report the bug upstream and in the end you are the one who is affected, if the bug will never get fixed. My intention isn't to teach you to follow rules. I don't care at all if you do or do not. I only want to inform you, that unlikely something will happen, if a bug is reported at the wrong place. Thanks, I'm always willing to learn. At the very least, now other archers can easily find out about the bug. When I have more time, I'll try if I can find out more in dmesg or something. Cheers, Bennett
Re: [arch-general] External monitors are no longer detected (Intel graphics)
On 2019-07-03 09:51, Ralf Mardorf via arch-general wrote: On Wed, 03 Jul 2019 09:25:46 +0200, Bennett Piater wrote: I opened an Arch bug so we can track it: https://bugs.archlinux.org/task/63079 The maintainers can report it further upstream, they know where - that's what they are for :) Hi, since I didn't follow this thread close enough, I don't know if this is an Arch or upstream related issue. However, it's crass if you consider it to be most likely an upstream bug and you think somebody else should do your job. "Once you have reported a bug upstream or have found other relevant information from upstream, it might be helpful to post this in the Arch bug tracker, so both Arch developers and users are made aware of it." - https://wiki.archlinux.org/index.php/Bug_reporting_guidelines#Upstream_or_Arch? Regards, Ralf To clarify: I did not find an upstream bug, and I don't know that this is an upstream issue.
Re: [arch-general] External monitors are no longer detected (Intel graphics)
On 2019-07-03 06:38, Oliver Jaksch via arch-general wrote: Glad that this (4.19 in your case) works for you, too. Good idea in general. But where? Seems that this is Intels' thing again and their list of open bugs is already extensive :( I opened an Arch bug so we can track it: https://bugs.archlinux.org/task/63079 The maintainers can report it further upstream, they know where - that's what they are for :) Cheers, Bennett Btw., I saw a bug for the wireless issue on the tracker, so that is reported as well.
Re: [arch-general] External monitors are no longer detected (Intel graphics)
On Tuesday, July 2, 2019 9:59:57 AM CEST Oliver Jaksch via arch-general wrote: > There are *some* issues with intel gpu's and recent kernels. I can't use > multiple monitors in most of the cases as the i915 module misinterpret > possible resolutions, for example. > > https://bbs.archlinux.org/viewtopic.php?id=246230 > https://bugzilla.redhat.com/show_bug.cgi?id=1570392 > https://intel-gfx-ci.01.org/cibuglog/open_bugs.html > > I'm stuck on aur/linux-lts49 on my Zotac CI547 in the meanwhile as > everything works there. But better than nothing - or 1024x768 ;) I rebooted into linux-lts (4.19.56-1-lts) and everything works. I guess I'll stick with that for the time being. This is exciting - I never actually needed my fallback LTS bootloader entry before! :D Should I open a bug? Cheers, Bennett signature.asc Description: This is a digitally signed message part.
Re: [arch-general] External monitors are no longer detected (Intel graphics)
Have you checked the troubleshooting options on https://wiki.archlinux.org/index.php/Intel_graphics. I also recall an intel issue with recent kernels, but can't put my hand on a link. The problems experienced with some are listed in the wiki. There are *some* issues with intel gpu's and recent kernels. I can't use multiple monitors in most of the cases as the i915 module misinterpret possible resolutions, for example. https://bbs.archlinux.org/viewtopic.php?id=246230 https://bugzilla.redhat.com/show_bug.cgi?id=1570392 https://intel-gfx-ci.01.org/cibuglog/open_bugs.html I'm stuck on aur/linux-lts49 on my Zotac CI547 in the meanwhile as everything works there. But better than nothing - or 1024x768 ;) Thanks guys. The wiki doesn't list my exact issue, so I'll try booting into linux-lts when I get home and see if that helps. Cheers, Bennett
[arch-general] External monitors are no longer detected (Intel graphics)
Hi, I'm using a Thinkpad T450s with Intel graphics. Yesterday, I could no longer connect external monitors via miniDP. They were not detected at all, either by xrandr in i3 or by sway (wayland). I didn't have time to dig out a VGA cable and try that, so I cannot rule out physical damage yet - I did try 2 monitors with different cables, both of which work with my wife's Thinkpad. Since wayland doesn't make a difference, I'm thinking maybe something broke with the (my?) drivers? Is there any other possibility apart from physical damage, and what do I try next? Cheers, Bennett
Re: [arch-general] How long do you make the passphrase for the private key?
On 2019-06-25 12:11, Ralf Mardorf via arch-general wrote: Six words are just six words out of an assessable vocabulary. "This level of unpredictability assumes that a potential attacker knows that Diceware has been used to generate the passphrase, knows the particular word list used, and knows exactly how many words make up the passphrase." - https://en.wikipedia.org/wiki/Diceware You seem to be misunderstanding that statement. The minimum entropy is calculated _assuming_ that the attacker knows that you are using diceware *and* which word list you used. That is part of the threat model. Think of it this way: In a normal password, you have an alphabet of ~80 chars and use 10-15 of them. In diceware, you have an alphabet of >= 8K words and use at least 6 of them. So a diceware passphrase of appropriate (word) length has the same entropy as a password with equivalent (char) length, but the diceware passphrase is much easier to remember.
Re: [arch-general] How long do you make the passphrase for the private key?
On 2019-06-25 11:09, Ralf Mardorf via arch-general wrote: On Tue, 25 Jun 2019 09:35:53 +0100, Ralph Corderoy wrote: Are you familiar with https://xkcd.com/936/ ? Too funny, that is the method I described and while I was writing my email, you posted that cartoon. However, even this suffers from the pitfall, that it is not that easy to use this mnemonic as described by the cartoon. I use diceware passphrases for my master passwords (login, hardware encryption, GPG, password manager) and they are much easier to remember than normal (safe) passwords.
Re: [arch-general] Arch Linux USB stick won't boot
On Saturday, March 23, 2019 6:05:59 AM CET David C. Rankin wrote: > In the past there was a wonderful "Beginner's Guide" with detailed a > detailed install procedure with expanded explanations for each step. When > the arch installer went away, it was removed shortly thereafter. It would > be worth considering resurrecting the page. > > The manual install is by far the way to go as it can be tailored to whatever > you need. The only downside is if you have not done one before, the > existing Installation guide is much too terse to be of much use for your > first manual install. Somewhere there is a happy medium between the > Beginner's guide and what we have as the Installation guide at present. > > Good luck with your Arch install. It is by far the best Linux distribution > that you will ever install. FWIW, I came to Arch after following the beginner's guide, alone, without help. I trashed 2 VM installs until I grasped everything, then transferred the knowledge to my production hardware using the succinct install guide (not the beginner's guide). That thing brought me here, I would love to have it resurrected :) Cheers, Bennett signature.asc Description: This is a digitally signed message part.
Re: [arch-general] Why is permission for /run/user/1000/gvfs denied for root?
>Perhaps there is something provided by >e.g. KDE, that allows to access an Android filesystem. I recommend Dolphin - or KDEConnect, which works outside of KDE. -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808
Re: [arch-general] Aur git - missing .SRCINFO hook declined to update refs/heads/master - help?
On 06/04/2018 12:41 PM, David C. Rankin wrote: > That is the tarball generated by: > > $ makepkg --printsrcinfo > .SRCINFO > $ makepkg -S --sign -f > > That results in the two untracked files: > > console-blanking-0.0.1-4.src.tar.gz > console-blanking-0.0.1-4.src.tar.gz.sig > > The tarballs are the source package for the console-blanking package I am > trying to push. The flat files are there as well. I don't think the tarballs are relevant here since git doesn't use them, and the AUR generates it's own, so let's keep looking on the git side. > $ git ls-files > .SRCINFO > LICENSE > PKGBUILD > console-blanking.service > > and show the files that are currently being tracked in the repo. There must > be some other strange issue that isn't readily apparent -- at least to me. That indeed looks good - How many unpushed commits do you have? I don't know how the pre-receive hook works, but it may be that it verifies every incoming commit, not just the last one. Do you have an unpushed commit that may not pass muster, even if it is not the last? If so, you could try squashing all unpushed commits together to one using git rebase. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Aur git - missing .SRCINFO hook declined to update refs/heads/master - help?
On 06/04/2018 11:39 AM, David C. Rankin wrote: > On 06/04/2018 04:30 AM, Bennett Piater wrote: >> This is a different error, is it not? >> Does your most recent commit contain the LICENSE file, or did you only >> add PKGBUILD and .SRCINFO? > > Oh, it's there... > > $ tar -tzf console-blanking-0.0.1-4.src.tar.gz > tar: Ignoring unknown extended header keyword 'SCHILY.fflags' > console-blanking/ > tar: Ignoring unknown extended header keyword 'SCHILY.fflags' > console-blanking/PKGBUILD > tar: Ignoring unknown extended header keyword 'SCHILY.fflags' > console-blanking/LICENSE > ^^^ > tar: Ignoring unknown extended header keyword 'SCHILY.fflags' > console-blanking/.SRCINFO > tar: Ignoring unknown extended header keyword 'SCHILY.fflags' > console-blanking/console-blanking.service > Where does that tarball come from? What I am asking is if the commit contains the files. If you got that tarball from the aur, then it obviously doesn't contain what the rejected commit does since that is not online yet :) Or are you trying to push a commit containing the tarball? That's not going to work, the aur expects flat files. Also feel free to ping me on irc if you think that's more productive, just be aware that my timezone is CEST, GMT+2 :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Aur git - missing .SRCINFO hook declined to update refs/heads/master - help?
On 06/04/2018 11:27 AM, David C. Rankin wrote: > Well I tried without `-a` and no changes to .SRCINFO or PKGBUILD were > incorporated. Did you add the files before committing? > remote: error: missing source file: LICENSE This is a different error, is it not? Does your most recent commit contain the LICENSE file, or did you only add PKGBUILD and .SRCINFO? Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Aur git - missing .SRCINFO hook declined to update refs/heads/master - help?
On 06/04/2018 10:49 AM, Tinu Weber wrote: >> $ git commit -am "console-blanking-0.0.1-2" >> > On Mon, Jun 04, 2018 at 03:38:08 -0500, David C. Rankin wrote: > > It appears you've committed also the built package files into the repo.> never git commit -a. always manually track files using git add - in your case, git add .SRCINFO PKGBUILD LICENSE *.service and then commit without the a. That way, you will always only push what is needed. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] How to access mythes or other thesaurus from the commandline?
On 05/19/2018 10:40 AM, Jens John wrote: > On Fri, May 18, 2018 at 11:39:05PM +0200, Jeanette C. via arch-general > wrote: > > You may want to use something like > > tell () { dict "$@" | colorit | less -R > } > > to get a coloured output, which is much more practical for long result > lists (colorit is part of the dictd package). Jeanette is blind, so anything that doesn't translate to brltty or screen readers won't help her. Will still be useful for others, though :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Interesting Dual Boot Problems
On 04/10/2018 12:44 PM, Hunter Jozwiak via arch-general wrote: > I do not have a spare laptop or network card. Everything was working > perfectly fine before I installed Windows, so I have no idea what is > going on here. Interesting. Maybe windows turned something off? Broken power saving feature that turned off something in the card maybe? -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808
Re: [arch-general] Interesting Dual Boot Problems
On 04/10/2018 12:10 PM, morganamilo via arch-general wrote: > > > On 10/04/18 10:45, Hunter Jozwiak via arch-general wrote: > Campus wifi is usually wpa enterprise which I've always had trouble > with. I don't know how installing windows could cause this or how to fix > this but I would recommend trying to connect to a normal wpa2 network > and see if that is broken too. > > A mobile hotspot should suffice if you're living on campus with no > access to a home network. eduroam and other wpa2-enterprise work for me. Do you have a means to try your config with another laptop/network card? -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808
Re: [arch-general] Virtualbox under KDE plasma
On 02/13/2018 06:13 AM, Shridhar Daithankar wrote: > On Tuesday 13 February 2018 8:33:09 AM IST you wrote: > > kde plasma wayland to be specific :( It all works under kde plasma Xorg. Yes, do definitely file a bug upstream. Also, plasma wayland is still considered experimental, so don't expect it to work 100%. Should be stable enough for personal testing, but it's not production ready. IOW, if you want to use it, be prepared to file a few bugs :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Tips for a stable GNOME Shell?
On 02/06/2018 11:08 PM, Giovanni Santini via arch-general wrote: > Good evening, > I am writing here since I do believe people here might have found > solutions already to my problems. > > Sadly, I am the problem, as I love GNOME Shell (ops). > Jokes aside, I love its interface and behaviour; although, it is really > hard to use it on a real-context basis for me. > What it happens is that if I execute RAM-consuming applications, GNOME > Shell behaves really badly, swapping a lot with memory. > > The usual scenario is me trying to send some e-mails, while I have > Visual Studio Code and Firefox for some coding; usually, this leads to > huge slowdown, up to making the system unusable. > > This doesn't happen when using a GNOME-friendly i3 session, executing by > far many more RAM-consuming applications (such as running Franz with > multiple services, Telegram Desktop and others). > > I got some good boosts from the following actions: > - Disabling almost all the Shell extensions, except for my 'essential' ones. > - Using a X11 session instead of Wayland > - Tweaking swap and VFS parameters (there is a web article referenced in > the ArchWiki which is really good) > > So I have two questions: > 1. Am I nuts? Did I do something really bad to my GNOME Shell without > knowing that? How could I repair my setup? > 2. If this is it (GNOME Shell is TOO heavy), is there any lightweight DE > that offers something similar? I would need at least the search within > apps and files for sure. > > Thanks in advance for replies and sorry for such a long message. > I think the only way to get a stable GNOME shell is to not use it. Plasma is much lighter than it used to be, so maybe roll with that? This is even more important on wayland because GNOME is also the Wayland compositor there - if it crashes, it can't restart like on X, everything dies. And the stability of GNOME won't improve unless they address core architecture issues, which will take years at best. So the only real short/mid term solution for Wayland is Plasma (or Sway, if you are into that). Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] AUR and missing/unidentifiable GPG keys
> Quick tip or link of a howto? It's been ages since I set anything up > with GPG and co. cat ~/.gnupg/gpg.conf: [...] # auto-key-retrieve : automatically fetch keys as needed from the keyserver when verifying signatures or when importing keys that have been revoked by a revocation key that is not present on the keyring. So, add keyserver-options auto-key-retrieve Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] AUR and missing/unidentifiable GPG keys
> I know this can be circumvented by editing the pkgbuild file and > removing the verification option, but that feels wrong. Is there a > systematic way to update the relevant keys? You are supposed to manually download the keys, ideally from a trusted source. Another option would be to configure gpg to automatically download missing keys from a key server. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] How to build nvidia driver?
> > Where can I get this "downgrade" command? > I don't want to put any words in Ralf's mouth, but I don't know of any other > way to do it :) There is a downgrade package in AUR which does that automatically :)
Re: [arch-general] Why there is no NetworkManager in ArchISO
On July 24, 2017 9:36:39 AM GMT+02:00, Junayeed Ahnaf via arch-generalwrote: >All fine and good but I don't see arch being installed on something >other than desktop/laptop. Of course there are niche cases as arch >server I do not doubt but how much of arch install base is traditional >desktop? I think it's rather high. You are missing the point. Many arch users don't simply install a desktop environment and use its defaults. If that's what you want, you may want to use another distribution, preferably one that focuses on your DE. I use a very minimal setup without DE, and I don't want bloated catch-all solution that doesn't integrate nicely into my configuration, thank you very much. -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808
Re: [arch-general] Kde + Gnome dual-install issues
On 06/27/2017 04:15 PM, Francesco Porro via arch-general wrote: > > I'm having another trouble, but this time is about QT-apps looks on > Gnome, so maybe it's better discussing to a new mail-thread. I assume you mean that QT5 apps don't use any theme? There are several ways to fix that, you can find them in the QT wiki page. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Mount point of MTP devices?
On April 2, 2017 7:06:59 AM GMT+02:00, Rijul Gulati via arch-generalwrote: >Hello, >I have recently installed Arch on my desktop machine (KDE). >I want to access android device (MTP) from terminal. The device is >accessible from file manager (Dolphin). This means it has to be mounted >somewhere (right?). >It's not mounted in '/run/user/1000/gvfs' directory > >I have following packages installed: >gvfs-mtp 1.30.3-1 >libmtp 1.1.12-1 >mtpfs 1.1-2 > >Where are mtp devices mounted? Open it in dolphin, open the terminal, type pwd? -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808
Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)
Reply-To is not what you are supposed to look into; look at In-Reply-To! On 03/07/2017 11:06 AM, fnodeuser wrote: > test > -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] [arch-dev-public] AUR ToS (aka making AUR user names public)
On 03/06/2017 10:03 AM, Ralf Mardorf wrote: > I did not wrote about the NSA. I only pointed out that even the NSA > doesn't get all the data as a gift. Why should a researcher get such > data as a gift? You are seemingly already that used to data mining and > offended privacy, that it's good and natural from your point of view, > if data is misused and any concerns are just crap in your opinion. That > usernames are used in public and maybe even a list might be already > published, is different to actively give the same data away to > "researchers" and to formally allow them to use the data. You seem not > to understand the principle of privacy. If you don't lock the street > door, this does not automatically indicate that you want people to come > into your house and take away your property. Btw. what is the aim of > the research and how could the research be used or possibly misused? We > don't need to care about such questions, if data isn't given away as a > matter of principle. I also don't think that the list should be published. -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Why isn't SELinux officially supported?
Have a look at aurutils :) On 03/01/2017 05:45 PM, Robert Wong via arch-general wrote: > But I'm not meaning disappealing, I just felt uncomfortable when I > see the packages from the AUR can't be updated by the pacman and I > don' feel like using yaourt... Probably it's my obsessive compulsive > disorder overtaking me. I'm looking forward to build a local repos > for all my installed AUR packages so that they can upgraded by pacman > -Syu. -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] sandboxing
On 02/02/2017 07:28 PM, Leonid Isaev wrote: > I already described an approach when one always runs browsers, pdf readers, > etc, inside an lxc container, as an unprivileged user. That container resides > on a filesystem mounted with nosuid (so things like ping, su, sudo won't > work), > and has a locked root account. On top of that, it connects to a xephyr session > running on the host, to avoid X11 sniffing attacks. > > I have been using such setup on all my desktops for over a year now. The only > way to break out of such a container is a local kernel privilege escalation. > Of > course, having *privileged* userns *might* help because inside container UID=0 > will map to smth like UID=123456 on the host, but this doesn't seem worth > doing > given all the ussues with userns. This sounds cool. Do you happen to have written that up somewhere? :) -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Getting freeze on early start with linux 4.9-1 kernel.
On 12/23/2016 03:17 PM, Mauro Santos via arch-general wrote: > There is an LTS kernel in the repos, which you > can have installed exactly for things like this. Exactly. I never actually needed it, but I have linux-lts installed and configured in systemd-boot for cases like this. Keeping old kernels around doesn't solve more than this does, *and* opens up more security issues. I even remember to test that every now and then :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Why was wpa_supplicant.conf renamed wpa_supplicant.conf.pacsav??
> Other than that, I don't like gentoo's way of dealing with this > problems other than the fact they ship tooling to actually deal with > the 3-way merge pacman expects from the user. I'd welcome suggestions > on this and actually was not smart enough up to now to somehow have a > script dig up the old version's unmodified configuration file (to be > used in said merge). I know there's the pacman cache, but pacman > itself doesn't seem to need that to know there's a merge going on. > There's definitely potential in doing this that might benefit > everyone, please approach me for a follow-up. What's wrong with pacdiff(1)? That will happily call vimdiff, or meld, or whatever else you want in the background. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Stronger Hashes for PKGBUILDs
>> Is there any voting system that we have so that we can also >> democratically vote for stronger hashes? > > The Arch developers decide this, not a democratically vote ;). Arch is not a democracy, that has been said many times. -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Stronger Hashes for PKGBUILDs
> You are partly right. For a checksum CRC would be best. Fast and > simple, as its meant as checksum, not as a hash. You misunderstand something. Every checksum is also a hash (a mapping to another domain), and cryptographic hash functions always produce checksums. > So possibly we should get our point of view into the direction that > those hashes are not checksums, but rather integrity checks. This is wrong. Checksum checks *are* integrity checks. That's what they are. I think you should read up on some terminology because either you misunderstand something very basic, or you confuse others by using words differently from everyone else. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Stronger Hashes for PKGBUILDs
On 12/07/2016 11:17 AM, Gregory Mullen wrote: > If the argument left is, I don't want (better checksum) because it's > shouldn't be thought of as a security check, and I want a security check. > > Why can't the requirement be PGP sig's are now required, and we drop the > checksum completely? Won't work because many upstreams don't provide signatures. Maybe giving a warning ("source authenticity was not verified due to lack of GPG signature") would work? -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Stronger Hashes for PKGBUILDs
> In fact, I am making CRC the default. I assume this to be sarcasm. In any case, this may not be a good idea because the younglings will have never heard about it and don't know how insecure it is ;) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] After upgrade
> It was in the news today. At CERN by accident a black hole was > produced. It expands, Switzerland already is lost, now the black hole > eats words from emails, since it has got impact on German Internet > nodes. If we don't stop replying, the black hole will grow by eating > word by word and soon it will suck under the third stone from sun. > > Coming soon. Roland Emmerich's "The Black Hole". Thanks for this. At least we get a good laugh out of this thread :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] After upgrade
I prever ancient greek, so here you go: τῇ καλλίστῃ :) I knew it would pay of to learn that :D Cheers, Bennett On 12/02/2016 06:53 PM, Martin Kühne via arch-general wrote: > Wait a minute, wait a minute. > I just realized some crucial aspect of your fnord. > You stripped the context yourself, ad on purpose. > That's some seriously τη καλλίστη stuff you got there. > > cheers! > mar77i > -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] On containers. WAS: Re: snapcraft.io ...
> Another very useful case would be using containers as a chroot replacement > for having clean (only what's in the recipe), reproducable build environments > for building arch packages. It would also allow installing makedeps only in > the container/chroot or make cross-compilation easier to manage. > > Are there plans to support this in makepkg? I believe xbps has this. Out of curiosity, what's wrong with makechrootpkg? -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] snapcraft.io IMO gets across the message that snaps are appropriate for Arch Linux
> o...@ubuntu.com is deeply involved in working on snappy. > ^^ > ^^ > > Date: Sun, 09 Oct 2016 14:40:32 +0200 > Subject: Re: Question about Snaps > To: ubuntu-us...@lists.ubuntu.com > From: o...@ubuntu.com > > [snip] > > snaps are the future in the ubuntu ecosystem (and most likely also in > many others, when looking at the consortium of different distros and > projects that decide on their direction now in the technical oversight > board [1]) [snip] > > > [1] appstream, Arch, debian, elementary, KDE, Ubuntu, VLC, Fedora > > Trying to take over the world, eh? ;) -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Does LTS package really not fit to Rolling Release model and Arch Philosophy?
> Ralf, exactly, and that is to what I'm attracted. That they maintain it doesn't necessarily mean that they will also make sure that it works with new library versions. It sounded more like bug- and security fixes to me. Arch is not like Debian or even Ubuntu. Most libraries get updated as soon as upstream releases new versions, which is quite often. I doubt the KDE developers will guarantee that the LTS version will work with every library upgrade. It's just too much work. The kernel is not only critical, but also much easier to manage - compared to something like Plasma, which depends on anything and everything, the kernel is for most intents and purposes a self-contained, interchangeable box. Userspace software is an entirely different category, and a huge DE like Plasma makes things even harder. Someone might try to maintain it on the AUR, but that could easily mean upwards of 50 packages that constantly need to be tested against new versions of their dependencies. > In my experience, linux GUI environment(DE) > tends to be easily broken with frequent upgrades Early Plasma versions where horrible, but its much better now. If it's still not stable enough for you, you might want to consider switching to something lighter, like XFCE or even a simple window manager (WM). I have a full Plasma installation to play around with, but my day-to-day use is entirely in i3wm. Properly set up, that beats even as good a DE as Plasma for me. If tiling is not your thing, there are other options out there, such as Openbox. (And mny more: [0]) Cheers, Bennett [0]: https://wiki.archlinux.org/index.php/Window_manager -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] ensuring integrity of sources (was: [arch-dev-public] todo list for moving http -> https sources)
On 11/01/2016 12:40 AM, Allan McRae wrote: > I would like some bourbon. > > Allan I like your sense of humor :) > > * It might appear unrelated, but I can spend time on pacman/makepkg if I > don't have to work for bourbon. Then again, bourbon reduces the quality > of my coding after a point... I wasn't asking you to do more work, you do enough good work already. I might work on that myself, my studies take up too much time right now though. Remotely related: https://www.xkcd.com/323/ Btw, maybe I might by you some bourbon one day, I'm in Europe though. What kind do you like? Or would you want actual scotch instead? > ** makepkg --source --sign I know about that, it won't help the AUR though :) -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] ensuring integrity of sources (was: [arch-dev-public] todo list for moving http -> https sources)
> Any PKGBUILD kept in git can already optionally have this feature. See > git-commit(1), specifically, its --gpg-sign option. I know that, I have [commit] gpgsign = true in my ~/.gitconfig. It would be nice if more people did that and if makepkg checked that, though. It would probably be counter-productive to enforce it on the AUR through a git hook, but maybe a warning or something? I might post that to aur-general at some point. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] ensuring integrity of sources (was: [arch-dev-public] todo list for moving http -> https sources)
On 10/31/2016 06:04 PM, Levente Polyak wrote: > On the other side we have a dev/TU authenticating the buildscript. > Both cover certain areas but are still independent and one does not make > the other futile. Since this thread is helpfully on arch-general now, I want to quickly chime in and say that I would really like authenticated buildscripts at some point :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Unlocking the screen through fprintd
> Not using fprint, but merely an idea (you have possibly already checked > that): maybe the PAM-file for the screenlocker has a higher priority for > passwords than for the fingerprint sensor while the rest has it the > other way around. > > iirc this depends on the ordering of the corresponding modules in the > respective PAM-files. Thanks for chiming in! I had already checked that, in fact I wrote the PAM-files for the screen lockers myself. It doesn't matter though, since pressing enter without typing a password works, as I said in my reply to Ralf. I'll be doing that from now on :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Unlocking the screen through fprintd
> Unfortunately I can't help you, I'm just curious. Well, you did anyway! > If you type no password at all, just push enter, does the fingerprint > check allow you to unlock the screen? Or doesn't it appear, if you just > push enter without typing a password? I tested it with kscreenlocker and xlockmore and it works perfectly. Thanks a lot, I finally have a working setup now :) Curiosity didn't kill the cat, keep nurturing it ;) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
[arch-general] Unlocking the screen through fprintd
Hi all, I have been trying to get fprint working properly with screen lockers for months and have yet to find a working solution. I am using i3wm without DM. Login on the TTY and sudo work properly: They ask me to swipe the finger and then ask for my password if that didn't work. However, every screen locker I have tried that supports PAM at all (i3lock, xlockmore, xscreensaver, kscreenlocker) all ask for my fingerprint AFTER I typed in my password. Is there no way to make them check for my fingerprint first, and then for my password? Does anyone here do something similar? Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] arch-audit: pkg-audit-like tool for Arch Linux
On 09/24/2016 11:59 AM, Andrea Scarpino wrote: > Hi everybody, > > I'm happy to announce my tiny project named arch-audit[1]. > > It parses the CVE wiki page[2] and reports which packages on your system are > affected by a vulnerability and if a fixed version for that package is > already > available. > Something like pkg-audit on FreeBSD, but not so powerful (yet!!!). > > I just made it and released, so it's more than alpha and your feedbacks are > needed! > > I hope you find it useful. Thanks a bunch for this, it's great! :) Gives me some small-scale rust code to read for learning that, too, so that's nice as well ;) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] i3wm (randomly?) freezes; SIGCONT seems to fix it
Oh, that looks promising. I'll read through those issues tomorrow. Thank you! :) Cheers, Bennett On 09/11/2016 09:08 PM, Martin Kühne via arch-general wrote: > Oh, this stuff might all be related to the issue: [0], [1], [2] > > cheers! > mar77i > > [0] > https://faq.i3wm.org/question/4631/dont-sigstop-when-in-hide-mode/here.html > [1] https://github.com/ultrabug/py3status/issues/253 > [2] https://github.com/i3/i3/issues/2280 > -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] i3wm (randomly?) freezes; SIGCONT seems to fix it
> No freeze since the one I told you about! I will definitely > investigate further if/when I get a new one. Very weird... I had another one yesterday, but again, no clue what caused it. $(killall -CONT i3) fixed it again, so be sure to try that if you get another freeze :) Sadly, the logs contained zero indication, so I don't know how to proceed. Thanks, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] i3wm (randomly?) freezes; SIGCONT seems to fix it
> Comparing your pacman.log with mine (mine taken from 2016-08-23 to > 2016-09-05), here is the list of common packages we both have either > installed or upgraded: > > - man-db > - mariadb > - mariadb-clients > - mediainfo > - nano > - networkmanager > - openvpn > - pacman-mirrorlist > - python2-appdirs > - python2-setuptools > - python-appdirs > - python-setuptools > - webkit2gtk > - xdotool Merci beaucoup! :) Interestingly, none of these packages look like they could cause this - I could maybe imagine xdotool, but anything else... Did the freeze happen again for you, or has it stopped? Thanks, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] i3wm (randomly?) freezes; SIGCONT seems to fix it
> .xsession-errors contains the output of every GUI app you are running, > as if you would launch all those apps in terminals. That's good to know, thank you :) I'm very curious as to what I will (or won't) find next time the freeze happens. It hasn't happened this boot, ever since I sent SIGCONT. I will reboot tomorrow to find out if that "resets" the problem. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] i3wm (randomly?) freezes; SIGCONT seems to fix it
> Regarding > > https://www.google.de/?gws_rd=ssl#q=+linux+no+.xsession-errors > https://bbs.archlinux.org/viewtopic.php?id=143068 > http://www.linuxquestions.org/questions/slackware-14/where-is-~-xsession-errors-log-867498/ > > $ startx 2> ~/.xsession-errors > > should do the job. Thank you, I will change that in my .profile and see if that contains useful information. However, if sending SIGCONT to i3 works the next time this happens, I don't think that X has anything to do with it... Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] i3wm (randomly?) freezes; SIGCONT seems to fix it
I do not have that file. Cheers, Bennett On 09/09/2016 05:17 PM, Ralf Mardorf wrote: > On Fri, 9 Sep 2016 16:11:48 +0200, Bennett Piater wrote: >> I've had a very elusive and frustrating problem this week and don't >> know where to look anymore. > > Where did you already look? > > $ less $HOME/.xsession-errors > > ? > > Regards, > Ralf > -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] i3wm (randomly?) freezes; SIGCONT seems to fix it
> (I think I managed to trace them back to Sept 1st and Sept 5th). My last update before the apparently breaking one was 2016-08-24. So, maybe some upgrade between 2016-08-24 and 2016-09-04 doesn't play well with i3... Would you mind cross-checking your upgrades between 2016-08-24 and 2016-09-01 with my log [0] when you have the time? > After a quick look at my journalctl, I can't really see anything suspicious. i3wm doesn't log to systemd. I produce my logs by starting i3 with exec i3 --shmlog-size=26214400 -V -d all > ~/.i3/logs/$(date -Iseconds).log in my ~/.xinitrc. However, they don't produce any useful information AFAICT, even with debug verbosity. Is it possible that i3 receives SIGSTOP for some reason? Merci beaucoup, Bennett [0]: https://vps1.piater.name/commie/#dvm1K6lg -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
[arch-general] i3wm (randomly?) freezes; SIGCONT seems to fix it
Hi all, I've had a very elusive and frustrating problem this week and don't know where to look anymore. Maybe one of you has an idea? :) Since 2016-09-04, i3wm freezes every once and a while; often after waking the screen (even if it wasn't locked), a few times also directly or a few minutes after logging in. I have not yet found a conclusive pattern. The freeze is complete; no reaction to mouse or keyboard activity, not even in the debug logs. However, I can interact with the focused window just fine (I obviously cannot change focus). i3 also doesn't react to IPC calls (tried with i3-msg). Up to now, I had sent SIGTERM to important programs that had been running and KILLed i3 (it doesn't react to SIGTERM, either). Today, in my frustration, I tried sending SIGCONT instead. To my surprise, i3 immediately sprung back to life. What I do not understand is that i3 hasn't been updated in a while, let alone since Sunday. FWIW, I am running the fork i3-gaps instead of i3, but that is very close to upstream and has been stable forever. I posted /var/log/pacman.log from the day when it started on my server [0]. Does anyone have any clue what could be causing this? Thanks, Bennett [0]: https://vps1.piater.name/commie/#dvm1K6lg -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Announcing pacpak
On 08/06/2016 03:40 PM, pelzflorian (Florian Pelz) wrote: > Thank you. I now tend towards pacbub; bubblepac seems too long. pacbub > is similar to pacman and pacpak. It is also a pun on pacman because in > German “der bub” is “the boy”. I like that too :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Pacman doesn't optionally require fakeroot
> fakeroot is part of core, > https://www.archlinux.org/packages/core/x86_64/fakeroot/ . Oh, I completely missed that. Thanks, that makes perfect sense :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
[arch-general] Pacman doesn't optionally require fakeroot
Hi, I have a quick question. Makepkg, which is provided by pacman, doesn't work without fakeroot. Is there a reason why pacman doesnt opdep on it? Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Announcing pacpak
On 07/10/2016 02:18 PM, pelzflorian (Florian Pelz) wrote: > The intention is that, once implemented, `pacpak -Syu` or maybe `pacpak > -Su` will install a current version of all apps and runtimes. Old > versions of apps and app runtimes that are not used by any app could be > cleaned by `pacpak -Sc` or a similar command (or automatically?); I’m > not yet sure what the best interface is. Thanks for your reply. That would be the best you could do on the Arch side, but the problem is mostly that every upstream dev would need to maintain and keep his container up to date, isn't it? :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Announcing pacpak
> A specter is haunting the GNU/Linux ecosystem: the specter of per-user > containerization. Software like Flatpak and Snappy promise fully > sandboxed GNU/Linux application bundles (instead of merely launching an > application with fewer privileges but without hiding the operating > system, like Bubblewrap or Firejail do). Bundles ship with the version > of their dependencies which they need. Dependencies are not > force-upgraded with the operating system, but easily upgradable by the > bundle creator. The same files in different bundles and versions are > deduplicated to save space. Applications can be containerized once for > all modern GNU/Linux operating systems. Unlike Docker, Flatpak works > without root privileges. Are you planning to address the catastrophy that ensues when 5000 different versions of important libraries are installed at the same time, most of which will always be 5 critical security updates behind? Or the absurd memory consumption caused by the effective end of dynamic linking? I am very cynical about this container trend... :/ Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Mailing list etiquette
> Unsubscribe To unsubscribe, use the request address instead of the main one. -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] GTK2 GUIs became a PITA after upgrade
> It's a PITA that even users who don't use GNOME, KDE or similar crap > nowadays get broken environments, because even apps that are not from a > bloatware DE break. FWIW, I'm using a lot of KDE apps in i3WM and don't have any problems. I have the GTK problems of course, but all my QT things behave like I want them to, including the KDE ones. I do have a minimal KDE environment installed to test every now and then, so I have export XDG_CURRENT_DESKTOP=KDE in my .xinitrc and do my QT5 settings there. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Win 10 Dual boot nightmare
On 03/15/2016 06:26 PM, Zachary Kline wrote: > Hi Murari, > > Thank you for this suggestion. It seems to have worked as expected. My laptop > defaults to Arch, but I can boot Windows with the second entry. > I hope I remember to upgrade the renamed image when systems-boot changes. I > don’t anticipate that being too often, thankfully. > > Best and thanks again, > Zack. You could write yourself a pacman hook to do that for you if you feel like it. Seems like it would be exacly what you need. Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Ksnapshots not work
Ksnapshot doesn't exist anymore. It was replaced by spectacle. Did you read the logs after the upgrade? On 02/16/2016 03:16 PM, Maykel Franco wrote: > Hi, after update archlinux system, ksnapshot not work fine... Te key impr > pet sys not work... > > Anybody with the same problem? > -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
[arch-general] Is Linux 4.3 stable?
Hi everyone, I just saw that 4.3.3-2 hit stable. There are still open bugs, one of them critical, about the 4.3 series on the bug tracker. I heard of a lot of issues around this kernel on the dev-public mailing list. Does anyone have problems with this update? Also, does anyone have problems using Intel graphics? Thanks, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Is Linux 4.3 stable?
> Where ? I couldn’t find any. The only critical bug I was aware of is > about old Intel GFX, but it has been solved in 4.3.3-2. Simple, maybe naive search [0]. But you are right, I misread - there is no critical bug left. > No problem here, with HD4600 on one and 945GM on another one. ;) Thanks, and thanks for the other reply. I'll go ahead and upgrade then :) Merci beaucoup! Cheers, Bennett [0]: https://bugs.archlinux.org/index.php?string=4.3=1%5B%5D=%5B%5D=%5B%5D=%5B%5D=%5B%5D=%5B%5D=%5B%5D=open%5B%5D=index -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] [OT?] Which is most future-proof desktop environment?
I'm another extremely satisfied i3wm user. Dmenu is amazing, and everything about i3 is so clean. The config file syntax, the design principles, the container system, the looks... I use ranger as a (text-mode) file manager and dolphin when I want a graphical one. Gwenview as image viewer. I tend to like KDE apps though. I use VimFX for Firefox. It's incredibly fast, stable and very configurable while remaining much more approacheable than awesome. You can even upgrade it without logging out and back in or losing the layout, which is a *huge* bonus. You can have x sessions running for months without having to log out. I have decided. I don't think I'll ever leave i3. On 12/28/2015 12:12 PM, Emil Lundberg wrote: > I've been very happy with i3wm since I started using it, but I suppose it > probably doesn't qualify as a desktop environment. I like the flexible > keyboard-driven layouting and vim-like keybindings, and dmenu gives random > access to any application without the need for menus or the like. I don't > like the interruption of having to reach for the mouse. Combined with vim, > tmux and Pentadactyl (a vim shell for Firefox), I get a setup where I > rarely need to take my hand off the keyboard. If I were to choose a setup > to stick with forever, this would be it. > -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Dropping Plasma 4
> I believe you can find extra icons either in the repos or in the AUR. If > nothing else, then you can also try http://kde-look.org/ He was talking about *system tray* icons. A lot of "generic" system tray things didn't show up in Plasma 5 because they changed to a new spec and completely dropped the old freedesktop standard. I saw people on G+ say that it works now, so I guess that they added back the support for legacy tray icons. Read the whole post next time :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
[arch-general] netctl-auto and netctl refuse to work (probably due to wpa_supplicant)
Hello, I cannot connect to wifi networks using netctl or netctl-auto. Some journalctl -xe output is attached for the two types of errors I encountered. The only action I could remember that could have had anything to do with this was an upgrade of wpa_supplicant, so I googled and found [0]. However, unlike the commenters on that bug, it still didn't work after downgrading wpa_supplicant. Did anyone else experience anything similar? I'm using intel network hardware. Thanks, Bennett [0]: https://bugs.archlinux.org/task/44731 -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 -- Unit netctl-auto@wlp3s0.service has begun starting up. Dec 10 13:29:39 Shadowfax polkitd[1740]: Registered Authentication Agent for unix-process:3810:43011 (system bus name :1.74 [/usr/bin/pkttyagent --notify-fd 4 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, loca Dec 10 13:29:39 Shadowfax systemd[1]: netctl-auto@wlp3s0.service: Control process exited, code=exited status=1 Dec 10 13:29:39 Shadowfax sudo[3809]: pam_unix(sudo:session): session closed for user root Dec 10 13:29:39 Shadowfax systemd[1]: Failed to start Automatic wireless network connection using netctl profiles. -- Subject: Unit netctl-auto@wlp3s0.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit netctl-auto@wlp3s0.service has failed. -- -- The result is failed. Dec 10 13:29:39 Shadowfax polkitd[1740]: Unregistered Authentication Agent for unix-process:3810:43011 (system bus name :1.74, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus) Dec 10 13:29:39 Shadowfax systemd[1]: netctl-auto@wlp3s0.service: Unit entered failed state. Dec 10 13:29:39 Shadowfax systemd[1]: netctl-auto@wlp3s0.service: Failed with result 'exit-code'. Dec 10 13:29:39 Shadowfax netctl-auto[3816]: Could not create the configuration file for interface 'wlp3s0' Dec 11 07:15:28 Shadowfax systemd[1]: Starting Automatic wireless network connection using netctl profiles... Dec 11 07:15:28 Shadowfax netctl-auto[31322]: Included profile 'home' Dec 11 07:15:28 Shadowfax netctl-auto[31322]: Included profile 'UIBK' Dec 11 07:15:28 Shadowfax wpa_actiond[31344]: Starting wpa_actiond session for interface 'wlp3s0' Dec 11 07:15:28 Shadowfax systemd[1]: Started Automatic wireless network connection using netctl profiles. Dec 11 07:15:33 Shadowfax wpa_actiond[31344]: Terminating wpa_actiond session for interface 'wlp3s0' sudo netctl-auto switch-to home WPA association/authentication failed for interface 'wlp3s0' signature.asc Description: OpenPGP digital signature
[arch-general] netctl-auto and netctl refuse to work (probably due to wpa_supplicant)
Hello, I cannot connect to wifi networks using netctl or netctl-auto. Some journalctl -xe output is attached. The only action I could remember that could have had anything to do with this was an upgrade of wpa_supplicant, so I googled and found [0]. However, unlike the commenters on that bug, it still didn't work after downgrading wpa_supplicant. Did anyone else experience anything similar? I'm using intel network hardware. Thanks, Bennett [0]: https://bugs.archlinux.org/task/44731 -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 -- Unit netctl-auto@wlp3s0.service has begun starting up. Dec 10 13:29:39 Shadowfax polkitd[1740]: Registered Authentication Agent for unix-process:3810:43011 (system bus name :1.74 [/usr/bin/pkttyagent --notify-fd 4 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, loca Dec 10 13:29:39 Shadowfax systemd[1]: netctl-auto@wlp3s0.service: Control process exited, code=exited status=1 Dec 10 13:29:39 Shadowfax sudo[3809]: pam_unix(sudo:session): session closed for user root Dec 10 13:29:39 Shadowfax systemd[1]: Failed to start Automatic wireless network connection using netctl profiles. -- Subject: Unit netctl-auto@wlp3s0.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit netctl-auto@wlp3s0.service has failed. -- -- The result is failed. Dec 10 13:29:39 Shadowfax polkitd[1740]: Unregistered Authentication Agent for unix-process:3810:43011 (system bus name :1.74, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus) Dec 10 13:29:39 Shadowfax systemd[1]: netctl-auto@wlp3s0.service: Unit entered failed state. Dec 10 13:29:39 Shadowfax systemd[1]: netctl-auto@wlp3s0.service: Failed with result 'exit-code'. Dec 10 13:29:39 Shadowfax netctl-auto[3816]: Could not create the configuration file for interface 'wlp3s0' signature.asc Description: OpenPGP digital signature
Re: [arch-general] Rerun bootloader from initramfs
> I've been searching if rerunning the bootloader from an initramfs is > possible but my searches have come up empty. > > Anyone here knows how to do it or if it is possible? I would be happy if > someone could provide me with some pointers. I'm afraid I can't help you, but now I'm curious as to why you would want to do that :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] systemd-networkd and netctl with multiple interfaces
> Say you start out on wifi, and open an ssh connection. Then you plug in > ethernet. The ssh session will remain on the wifi route until it is > closed. There's no way* to make an existing connection "jump ship" from > one route to another. If you were to disable the wifi connection as soon > as the ethernet connection, your ssh session would die. Thanks a lot, that is both new and helpful indeed. So does this mean that new connections will use the new network, while old connections retain theirs? Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] systemd-networkd and netctl with multiple interfaces
> Well, it depends on whether wlan0 and eth0 are on different networks. If > they are, then the answer is yes, and you are screwed. > > If both interfaces get the same ip, then you can maintain persistent > connection. For example, let's assume that you constantly switch between > different interfaces (wlan0 <--> eth0), when you move between buildings on > campus. > > In the latter case, you can bond wlan0 and eth0 (bond0 := wlan0 + eth0) and > use > bond0 in all your networking scripts (but still, wpa_supplicant runs on > physical wlan0). In this case, nothing but the kernel cares what physical > interface carries the traffic. Last time I checked about a year ago, > systemd-networkd had some obscure bug in this situation, so I'm using netctl > that works perfectly. If you need, I can dig out the relevant profiles. I mostly just use LAN when I need to download a lot of stuff at home, because WIFI is much slower even at 54 Mb/s, especially since my home network is 1 Gbps. So I could just turn WIFI off in those cases, that would be an acceptable situation. However, I want to understand all of this as fully as possible. So, yes, I would appreciate your profiles - but please take your time digging them out :) Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
[arch-general] systemd-networkd and netctl with multiple interfaces
Hello! I installed Arch on my new Thinkpad T450s over the weekend. Everything works well, but I have a question: I use systemd-networkd to manage my network interfaces and netctl for the connections. I set everything up according to (this)[0] and (this)[1] to get automatic activation of wifi via netctl-auto and netctl-ifplugd. My question is as follows: I use i3wm, and i3status shows *both* ethernet and wifi as connected if I plug in the cable while having a wifi connection. What does this mean exactly, and how is my traffic routed? Thanks in advance for clearing that up. Cheers, Bennett [0]: https://wiki.archlinux.org/index.php/Systemd-networkd#Wired_and_wireless_adapters_on_the_same_machine [1]: https://wiki.archlinux.org/index.php/Netctl#Automatic_switching_of_profiles -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] systemd-networkd and netctl with multiple interfaces
> I don't use netctl, but you can usually see what default route it uses with > > ip route Thanks for that, I didn't know that command. The LAN is shown above WIFI, which (I assume) means that it takes precedence. > > I have made the experience that newly configured interfaces "steal" the > default route (although this can usually be configured - again, I don't > use netctl). > > I can imagine the default route passing through the WiFi interface in > your scenario. If I plug in LAN while having an active WIFI connection, it seems to steal the route. I checked it by monitoring steam download speeds. Thanks! Cheers, Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] FS mount for google drive
On 06/15/2015 07:39 PM, Javier Vasquez wrote: Do you know if it works under a firewall? Does it support http_proxy env var? Sorry, I do not know either. Just ask (the maintainer)[0], he's really helpful and friendly. Cheers, Bennett [0]: od...@ualberta.ca -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] FS mount for google drive
On 06/14/2015 01:46 AM, Javier Vasquez wrote: I was looking for a way to mount google drive as a FS, and found [1] and [2]. [...] If someone is using whether fuse-google-drive or gdrivefs, please share any drawbacks, pitfalls, how to make it work in teh case of fuse-google-drive, and some other stuff you might want to share. I'm looking for light non gui dependent options, :-) Hi, Does it have to be mounted as a FS? I do not have any experience with any of these, but am using this cli-client [0] which works very well and is actively (though unofficially) supported by a Google insider. It is also available in the (AUR)[1]. It does not do background syncs as it's creator prefers a vcs-like push pull workflow. It's definitely light and allows you to download only exactly what you need without waiting for the rest to finish. Cheers, Bennett [0]: https://github.com/odeke-em/drive#why-another-google-drive-client [1]: https://aur.archlinux.org/packages/drive/ -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] Add wpa_supplicant to the Group 'Base'
In my opinion wpa_supplicant is an important tool, so is it possible to add it to the group 'base'? I strongly disagree. wpa_supplicant is pretty huge and unnecessary for many people, and it also introduces a large additional surface area for exploits. Bennett -- GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808 signature.asc Description: OpenPGP digital signature
Re: [arch-general] [arch-dev-public] Trimming down our default kernel configuration
I am a complete noob and only follow the lists out of interest. I am also very young, so please forgive my impertinence. Thanks Thomas for your work!! Just my 2c: On 03/27/2014 08:34 PM, Nicolas Iooss wrote: 2014-03-27 16:31 GMT+01:00 Bigby James bigby.ja...@crepcran.com: On Thu, Mar 27, 2014 at 09:07:23AM +0100, Nicolas Iooss wrote: Here are three arguments to motivate my disagreement. * First, removing LSM support makes it difficult for users to test LSM. Before 3.13 kernel, users needed to recompile their kernel (or to install linux-selinux AUR package) to be able to use SELinux. This is a hard first step and I know too many people who thinks I don't want to recompile my kernel as I've already done magical things to make my graphic card works and I don't want to break my fragile config. Now people just needs to install packages (from unofficial repos or from the AUR) as described in the wiki [4] and reboot to start using SELinux. * Second, it's possible to compile things which are disabled at runtime. For example, I don't need to compile the kernel without IPv4 to test what breaks when running a non-IPv4 kernel, I only need to add a boot parameter and/or a file in /etc/sysctl.d/. It's the same thing for LSM. Even if they are compiled, they can be enabled/disabled with such runtime configuration and this config doesn't require much work. * Third, users who want to combine several unofficial features for their kernel already have to do weird things. For example, I'm using a grsec kernel with SELinux. A few months ago, there were linux-grsec and linux-selinux in the AUR but no package which provided both. Hence I needed to build a custom package to have both. Now, the next time linux-grsec's maintainer will sync its config with the official repo, SELinux will be available in this package (unless I've missed something) and I'll no longer need to build my custom kernel. As a lowly end-user, I'll have to disagree with you. The bulk of your reasoning comes down to *I* use it, so don't take it away from me. But your case is hardly representative; I highly doubt that the typical desktop user (that is, the typical Arch user) makes use of SELinux or its cohorts; no doubt there are people running Arch servers that use it, but again that's not representative of the community at large, in which many people just install Arch on their laptops and desktops for everyday production and entertainment use. When I build a custom kernel for my laptop, the LSM stuff and kernel debugging options are the first to go, as they have absolutely no benefit for someone who uses a computer primarily for reasearch and writing, coding and design work, web browsing and music. They're complements for specific use-cases---server administration (most likely when multiple users are involved) and kernel hacking, respectively---and are of no use to anyone who doesn't partake in those use-cases (how necessary is MAC to someone who interacts with and monitors a single machine all day?). Besides, as you've said, you already need to build the userspace utilities from source (because not too long ago, the devs voiced their opposition to maintaining SELinux officially), so leaving such features in the kernel to ease testing is both specious and a mismeasure of how useful or vital they might be. Suppose the majority of people who test SELinux decide to drop it, as seems to be the case in my (admittedly limited) observations. Of what value, then, is the work the devs did to maintain it? Sorry if my message sounded too much as I use it so I want other people to make my life easier. That was not the intended tone at all. If you need a bit more background about how I use ArchLinux, let me say I'm using it on my laptop, where I don't fear to do things that breaks my system (and if often breaks) because I have easy physical access. When I needed to set up SELinux on a server (not running Arch) a few months ago, I decided to first familiarize myself with this software on my laptop. It took me a long time before having a working system and I'm trying to reduce that time for other users who might have same ideas as I (eg. by reporting and helping fixing bugs like http://lists.gnu.org/archive/html/bug-coreutils/2014-01/msg9.html). Of course, I'm biased when I speak of SELinux so basically I try to imagine the state of mind of normal people by replacing SELinux with Linux containers, which I've never used and see as unneeded weight (this is a biased unmotivated statement which may be untrue). I don't know if currently to run LXC or systemd-nspawn you need to recompile your kernel, but you need at least UTS namespaces, network namespaces... and I don't know if anyone will consider disabling these features, but I expect voices to be raised if someone thinks of removing CONFIG_UTS_NS and CONFIG_NET_NS (or are such decisions expected to happen without anybody
Re: [arch-general] NetworkManager 0.9.8.8-2 does not work with systemd 208
Just as another FYI: I wanted to credit Sébastien Luttringer, who is well known to anyone following the Arch mailing lists, for running the A.R.M. ;) Merci Séblu! --Bennett On 02/24/2014 03:46 AM, Kyle Terrien wrote: On 02/23/2014 06:30 PM, Mark E. Lee wrote: Salutations, I downgraded and can confirm that fixes the situation. This was a pretty bad situation for me since I don't keep a package cache (I run on usb); I ended up rebuilding network manager 0.9.8.8-1 using an old PKGBUILD. Why was networkmanager pushed before systemd? Regards, Mark Hi, Just an FYI: Someone is maintaining an Arch Rollback Machine again. You can find all the NetworkManager builds there (among other things). Wiki: https://wiki.archlinux.org/index.php/Arch_Rollback_Machine NetworkManager: http://seblu.net/a/arm/packages/n/networkmanager/ --Kyle signature.asc Description: OpenPGP digital signature
Re: [arch-general] Is there a burning tool able to replace K3b?
Personally, I fell in love with AwesomeWM. It's quick to set up, and i've never looked back. Everything works well automagically! B On 01/25/2014 04:46 AM, David Rosenstrauch wrote: On 01/24/2014 09:24 PM, David C. Rankin wrote: On 01/21/2014 04:43 AM, Ralf Mardorf wrote: I'm experimenting with getting rid of Xfce and I'm testing Jwm at the moment, but generating the menu is PITA and to find good replacements for editors, file browsers etc. isn't easy. fluxbox is my favorite non-KDE/GTK desktop. Menu generation is a snap (any text editor pointed to ~/.fluxbox/menu will do) IIRC dfm is a good dual-pane file manager that is Qt/GTK independent. +1 for fluxbox. Openbox and fvwm-crystal are also nice lightweight wm's. DR signature.asc Description: OpenPGP digital signature