Re: [arch-general] USB flash installation medium in BIOS machines

[Damjan Georgievski via arch-general]

> There are only my 2 installed hard drives plus a "USB HDD: ..." option.
> I am very positive that this laptop is legacy BIOS only and that it is
> somehow wrongly identified as UEFI?

It can't be "wrongly identified as UEFI". If the laptop didn't support
UEFI, then you wouldn't even see the systemd-boot menu,
because there wouldn't be anything to *load* systemd-boot, or support
it running. systemd-boot is designed to exclusively
run in the UEFI environment, and it just can not work at all in a BIOS
environment.

>>> I see the boot menu (which looks like systemd-boot menu) with only options 
>>> for UEFI boot and EFI shell option.



-- 
damjan

Re: [arch-general] No login after update

[Damjan Georgievski via arch-general]

> I don't see what all the fuss is about
>
> If you're using Arch, then you should:
>
> 1. Check Arch news before running update
> 2. Update regularly
> 3. Watch output from pacman for warnings/advice
> 4. Run pacdiff after update and before reboot
>
> After step 4 there are no longer any pacnew files

That would have shown that the new file doesn't have pam_tally2, it
wont say you wouldn't be able to login after reboot.

actually, even assuming you would know to fix the issue, but you
didn't fix the problem immediately and you went to make a coffee -
your screen saver was activated, you are locked out.


Now I don't understand all the defensiveness - let's all work together
to improve things. This is not a non-issue.

-- 
damjan

[arch-general] pam-1.3.1-2 -> 1.4.0-3 breaking change

[Damjan Georgievski via arch-general]

it seems the 1.4.0-3 removed the tally/tally2 modules and (for some
reason) I had
`auth required  pam_tally2.so` in /etc/pam.d/system-login.

Of course that broke the login and I had to rescue the installation
from a bootable USB.

I wonder if there can be some pam-lint tool that checks your
/etc/pam.d/ after upgrades.


-- 
damjan

Re: [arch-general] mkinitcpio hook for custom root decryption with systemd boot

[Damjan Georgievski via arch-general]

On Thu, 23 Jul 2020 at 12:09, Riccardo Paolo Bestetti via arch-general
 wrote:
>
> I have root encryption set up on my system and I currently boot with the 
> sd-encrypt and sd-lvm hooks.
>
> I would like to change my current crypto setup in a way that would require 
> more step to unlock the root than just typing in a passphares. For this 
> reason, sd-encrypt clearly cannot serve my use case.
>
> For this reason, I would like to write a custom hook to mount the root 
> volume. Now, systemd boot doesn't have a concept of runtime hooks. Thus, I 
> need to make a systemd unit that gets pulled in by cryptsetup.target in the 
> place of systemd-cryptsetup@.service. (Basically, I need to replace the whole 
> systemd-cryptsetup-generator and systemd-cryptsetup logic.)
>
> However, I really have no idea on how to achieve this. Should I write a 
> custom mkinitcpio hook which completely bypasses sd-crypt/cryptsetup.target 
> and instead starts a different unit with my own decryption logic? Or is there 
> a way to hook into cryptsetup.target and instruct it to pull in my logic 
> instead of systemd-cryptsetup*?
>
> Of course, the other possibility is to just stop using a systemd boot and 
> instead setting up a busybox early userspace. Then it's just a matter of 
> writing a shell script. However, since I'm already using systemd for 
> everything - from the bootloader to userspace - I don't think it makes much 
> sense to do that.
>
> Any help/guidance/suggestion/criticism is highly appreciated.
>
> Riccardo Paolo Bestetti

haven't looked more deeply into it, but luks/dm-crypt/cryptsetup can
use keys in the kernel keyring. So maybe it would be enough for you to
have a service that configures the keyring before the cryptsetup
service.

https://fossies.org/linux/cryptsetup/docs/Keyring.txt

-- 
damjan

Re: [arch-general] pacman --assume-installed in a config file?

[Damjan Georgievski via arch-general]

> > noto-fonts is pulled as a dependency of plasma-integration, but I
> > don't want it installed since it takes over the default fonts (ships
> > an aggressive fontconfig configuration) for many websites, and looks
> > quite bad *for me* (on a 14" FHD display).
> > It's also a 90MB package I don't need.
>
> Hmm, I wonder why it is a hard dependency instead of being used via
> ttf-font?

I guess it's because plasma-integration ships a
/usr/share/kconf_update/fonts_global.pl script that does some font
replacements.

https://github.com/KDE/plasma-integration/blob/master/src/platformtheme/fonts_global.pl


-- 
damjan

[arch-general] pacman --assume-installed in a config file?

[Damjan Georgievski via arch-general]

I often find myself using the `assume-installed`[1] option of pacman
when doing upgrades, since I want to avoid some (for me) nonsensical
dependencies to be installed.

Is it possible to configure this in some config file, so I don't have
to remember to type it all the time?




[1]
sudo pacman -Syu --assume-installed noto-fonts

noto-fonts is pulled as a dependency of plasma-integration, but I
don't want it installed since it takes over the default fonts (ships
an aggressive fontconfig configuration) for many websites, and looks
quite bad *for me* (on a 14" FHD display).
It's also a 90MB package I don't need.



-- 
damjan

Re: [arch-general] USB not assining port number

[Damjan Georgievski via arch-general]

>  but no USB port given
>
> lsusb gives
> Bus 002 Device 011: ID 1781:0c9f Multiple Vendors USBtiny

what is this "usb port" that you expect?

USBtiny is a HID device as far as I can remember.

-- 
damjan

Re: [arch-general] sway package systemd service

[Damjan Georgievski via arch-general]

>
> the sway package repo includes a systemd service:
> https://git.archlinux.org/svntogit/community.git/tree/trunk/sway.service?h=packages/sway
>
> This file is not included in the package though. Is this systemd
> service ready to use or just an obsolete artifact?

while on this topic, see the files here, how to integrate sway with
systemd --user even better
https://github.com/xdbob/sway-services



-- 
damjan

Re: [arch-general] Why "systemd --user" process hanging around after logout?

[Damjan Georgievski via arch-general]

On Fri, 24 Jan 2020 at 20:50, David Rosenstrauch  wrote:
>
> I've noticed recently that even after I log out of my desktop env (XFCE)
> there is a process tree left hanging around running "systemd --user"
> under my user ID (with a bunch of gvfs child processes running under
> it).

https://github.com/systemd/systemd/blob/v240/NEWS#L299






-- 
damjan

Re: [arch-general] [mkinitpcio] running as non-root creates non-root files in the cpio

[Damjan Georgievski via arch-general]

> > Alternatively, is there a better place for reporting mkinitpcio> > issues, 
> > and sending patches?
>
> I've assigned the bug to the main maintainer, but note that there is
> also a Github repo in the archlinux org.
>
> https://github.com/archlinux/mkinitcpio

Thanks, didn't know the github repo


-- 
damjan

[arch-general] [mkinitpcio] running as non-root creates non-root files in the cpio

[Damjan Georgievski via arch-general]

I've already opened a bug issue, and supplied a patch at
https://bugs.archlinux.org/task/65006
but except from the first comment by dreisner, there's not much activity.

Is it ok if I escalate here? :)

Alternatively, is there a better place for reporting mkinitpcio
issues, and sending patches?

-- 
damjan

Re: [arch-general] do i need to configure mkinitcpio.conf for my md array ?

[Damjan Georgievski via arch-general]

On Thu, 16 Jan 2020 at 14:46, Shadrock Uhuru via arch-general
 wrote:
>
>
> Hi
> i have just configured my 4 disk raid 10 array with mdadm
> the filesystem is ext4 unencrypted
> and arch is installed on a separate disk
> do i need to reconfigure mkinitcpio.conf for my md array
> so that the array is assembled and started at boot,
> all the examples i've seen have arch installed on the raid array
> including the example in the wiki https://wiki.archlinux.org/index.php/RAID
> i have not reboot the new array yet
> so i would like to make sure everything necessary is configure before i do 
> that.

you need the "mdadm" hook in HOOKS in /etc/mkinitcpio.conf, and
rebuild the initramfs.

the hook would auto-detect the raid setup, but it will also include
/etc/mdadm.conf if it exists.

-- 
damjan

Re: [arch-general] journalctl

[Damjan Georgievski via arch-general]

On Mon, 2 Dec 2019 at 10:26, Pascal via arch-general
 wrote:
>
> hello,
> when I use journalctl to track system events, I introduce line breaks for
> better readability.
> like multitail, I would like to introduce more verbose line breaks...
> I wrote these few lines but it doesn't work as expected :
>
> exec 6<&0
> exec 0< <( while :; do read -sn1 k; echo $'\n'"# $( date +%H:%M:%S )
> ---"$'\n'; done )
> journalctl -f
> exec 0<&6 6<&-
>
> the second instruction "exec 0< <( while..." played alone works perfectly
> in my terminal, but not as a redirection for journalctl.
> any leads ?
> regards, lacsaP.

Why don't you just replace the PAGER/SYSTEMD_PAGER from less to your
own tool (multitail even? never used it).


-- 
damjan

Re: [arch-general] New kernel packages and mkinitcpio hooks

[Damjan Georgievski via arch-general]

On Mon, 11 Nov 2019 at 09:18, Ondřej Hruška  wrote:
>
> Hi,
> I have a question regarding the kernel changes.
>
> It sounds like it might break my dm-crypt/luks setup with un-encrypted
> /boot partition, if the kernel is not in /boot anymore?

the kernel is no longer installed in /boot by the kernel package, but
by post-install mkinitcpio scripts. So it ends back there in /boot
anyway.

-- 
damjan

Re: [arch-general] [arch-dev-public] New kernel packages and mkinitcpio hooks

[Damjan Georgievski via arch-general]

> This has been discussed a bit on the dracut thread, as well on some other 
> threads over time.
> I *personally* don't like the complexity of kernel-install that much.

I've now read this twice on Arch mail lists, so I have to ask, without
any presumptions on my side, what are the arguments against
kernel-install?

I must say, I don't see much complexity in it. It's only a 184 line
bash script[1].
And as added feature, it decouples the kernel install from the kernel
package install (and pacman),
also defines couple of easy-to-use config locations like /etc/kernel/cmdline

But I guess I might be missing something.


[1] especially compared to dracut (not that they do the same thing),
which seems much more complex, and that complexity did introduce bugs
- for which I've sent a PR

-- 
damjan

Re: [arch-general] new packaging of the kernel/mkinitcpio/kmod

[Damjan Georgievski via arch-general]

On Thu, 31 Oct 2019 at 14:55, Giancarlo Razzolini
 wrote:
>
> Em outubro 31, 2019 9:46 Damjan Georgievski via arch-general escreveu:
> > Can someone explain in better detail the changes in
> > * kmod 26-3
> > * mkinitcpio 27-1
> > * linux 5.3.8.1-1
> > around packaging and pacman hooks?
> >
> > I can see there's some reorganization of the hooks and scripts, and
> > the kernel package no longer
> > installing directly to /boot (which is a welcome change, the kernel is
> > now only in /usr/lib/modules/5.3.8-arch1-1/vmlinuz)
> > but it's not easy for me to reverse-understand what the bash scripts do 
> > exactly.
> >
> > I'm asking because I also use pacman hooks on the kernel and some
> > other files in order to create my combined kernel+initramfs+cmdline
> > UEFI executable signed for secure-boot, and it seems I'll have to
> > adopt to a newer setup.
> >
> >
> Hi Damjan,
>
> The kernel does not install itself anymore to /boot, as you've noticed. But, 
> the mkinitcpio
> hook does that. For now, we are replicating the same behavior as before, but 
> with a little
> more flexibility.
>
>
> I'm working on dracut hooks for doing a similar job, but the idea is that we 
> eventually will
> be more flexible with our booting, giving the user more options. Keep an eye 
> on the Arch announce
> mailing list, as well as the news on the Arch site.
>
> As for your hooks, we made so that the mkinitcpio hook runs at the same step 
> the previous linux
> hook would. So, there shouldn't be any incompatibilities. But, it depends on 
> what your hooks are.
> Also, you can completely override the mkinitcpio hooks by linking their 
> filenames to /dev/null on
> /etc/pacmand.d/hooks directory. But you'll be left doing the kernel 
> installation on your own.

Thanks for the info Giancarlo,

it's true that my hook works as before (I've tested that), but even my
original hook was suboptimal anyway,
since I needed to define one hook per kernel package. I'm wondering if
I can make a more general hook,
for example triggering on usr/lib/modules/*/pkgbase (or vmlinuz?) - is
that the recommended way now?



-- 
damjan

[arch-general] new packaging of the kernel/mkinitcpio/kmod

[Damjan Georgievski via arch-general]

Can someone explain in better detail the changes in
* kmod 26-3
* mkinitcpio 27-1
* linux 5.3.8.1-1
around packaging and pacman hooks?

I can see there's some reorganization of the hooks and scripts, and
the kernel package no longer
installing directly to /boot (which is a welcome change, the kernel is
now only in /usr/lib/modules/5.3.8-arch1-1/vmlinuz)
but it's not easy for me to reverse-understand what the bash scripts do exactly.

I'm asking because I also use pacman hooks on the kernel and some
other files in order to create my combined kernel+initramfs+cmdline
UEFI executable signed for secure-boot, and it seems I'll have to
adopt to a newer setup.


-- 
damjan

Re: [arch-general] Input, Uinput, and udev problems with user access

[Damjan Georgievski via arch-general]

>
> Up until yesterday evening, the following setup would allow the Fenrir
> screen reader to access the tools it needs to read without root access in
> terminal emulators like Xterm:
>
> groupadd --system input
> groupadd --system uinput
> echo 'KERNEL==\"event*\", NAME=\"input/%k\", MODE=\"660\",
> GROUP=\"input\"' >> /etc/udev/rules.d/99-input.rules
> echo 'KERNEL==\"uinput\", SUBSYSTEM==\"misc\",
> OPTIONS+=\"static_node=uinput\", TAG+=\"uaccess\", GROUP=\"uinput\"' >>
> /etc/udev/rules.d/99-fenrirscreenreader.rules
>
> Now, however, while it can still read the screen, the keyboard does
> nothing. Has something changed, and if so, what do I need to do differently
> to get it working again?
>

What kind of keyboard is it??

You mention xterm, so you're running XOrg I presume?


-- 
damjan

Re: [arch-general] [arch-dev-public] Mkinitcpio replacement with Dracut

[Damjan Georgievski via arch-general]

On Thu, 22 Aug 2019 at 21:36, Giancarlo Razzolini 
wrote:

> Em agosto 22, 2019 16:29 Damjan Georgievski via arch-general escreveu:
> > Are there any news/updates on this front?
> >
> > I have dracut installed in one test VM, but I have to run it manually
> after
> > each kernel update. The wiki page [1] is still empty, so
> > how do I configure proper hooks to build the initramfs (and possibly also
> > disable the mkinitcpio ones)?
> >
>
> Yes. I have been working on pacman hooks for this. There are a few things
> I need
> to iron out before releasing it though. There's a need to change all
> kernels as
> well, because the hooks are deployed with them currently, this has to
> change.
>

Just in case, I'll mention kernel-install [1] once again, it's a nice
central hub where initramfs creators, bootloaders (and optionally signing
of uefi images) can hook into, and then any kernel install can call all the
users hooks with a single command.



[1]
https://www.freedesktop.org/software/systemd/man/kernel-install.html


-- 
damjan

Re: [arch-general] [arch-dev-public] Mkinitcpio replacement with Dracut

[Damjan Georgievski via arch-general]

I have been looking into dracut for some time now, I copied some stuff from
> them on a few of my own
> scripts and they also have an actual test suite, that we currently can't
> use on Arch, but I plan to
> change that.
>
>
Are there any news/updates on this front?

I have dracut installed in one test VM, but I have to run it manually after
each kernel update. The wiki page [1] is still empty, so
how do I configure proper hooks to build the initramfs (and possibly also
disable the mkinitcpio ones)?

[1]
https://wiki.archlinux.org/index.php/Dracut

-- 
damjan

Re: [arch-general] Opening a document with unicode in path

[Damjan Georgievski via arch-general]

On Fri, 2 Aug 2019 at 14:59, John Z.  wrote:

> Hi everyone,
> there's a document on Dropbox, that has unicode character in its
> path (french character). Trying to open this document with libre
> office (Plasma is running) fails with 'file not found', and the path
> shown with error clearly presents the path with that unicode
> character replaced by '??'
>
> What I tried:
> * copy the document in a path where there's no unicode - it opens
> * copy the document using shell - it works
> * copy the document using Dolphin (from Plasma) - it works
> * check $LANG - its set to `en_CA.UTF8`
>

Does `locale -a` show that locale?





-- 
damjan

Re: [arch-general] [arch-dev-public] Mkinitcpio replacement with Dracut

[Damjan Georgievski via arch-general]

>
> I have been looking into dracut for some time now, I copied some stuff
> from them on a few of my own
> scripts and they also have an actual test suite, that we currently can't
> use on Arch, but I plan to
> change that.
>

Is there any support for post hooks in Dracut?

ie. I want to sign the uefi image with sbsign, after it's built with
`dracut --uefi …`

-- 
damjan

Re: [arch-general] [arch-dev-public] Mkinitcpio replacement with Dracut

[Damjan Georgievski via arch-general]

> > dracut 049-3 on an Arch [testing] VM
> >
>
> There are a few more instances where arch must be replaced with uname -m.
>
> I'll deploy a version of dracut with that patch later:
>
> https://github.com/dracutdevs/dracut/pull/573
>

Thanks,
I've also noticed another issue about the uefi stub and sent a PR:
https://github.com/dracutdevs/dracut/pull/575


-- 
damjan

Re: [arch-general] [arch-dev-public] Mkinitcpio replacement with Dracut

[Damjan Georgievski via arch-general]

>
>
> dracut --uefi
>


This seems to fail for me:
$ sudo dracut --no-early-microcode --uefi /boot/EFI/Linux/arch-linux.efi
dracut: Executing: /usr/bin/dracut --no-early-microcode --uefi
/boot/EFI/Linux/arch-linux.efi
/usr/bin/dracut: line 1063: arch: command not found
/usr/bin/dracut: line 1069: arch: command not found
dracut: Architecture '' not supported to create a UEFI executable


any ideas why??

dracut 049-3 on an Arch [testing] VM

-- 
damjan

Re: [arch-general] Keyboard shortcuts which change based on current app

[Damjan Georgievski via arch-general]

On Thu, 14 Feb 2019 at 05:12, Oon-Ee Ng via arch-general <
arch-general@archlinux.org> wrote:

> Before I try to hack together a solution, are there any existing
> apps/frameworks which allow for the same key/button to do something
> different based on the currently focused app (in X)?
>
> My intended use-case is to use the additional buttons on my drawing tablet
> to do various functions, but depending on the current app. So in Gimp they
> would do one thing, in Libreoffice another, in Inkscape another.
>

Don't your applications have an option to customize the shortcuts?

-- 
damjan

Re: [arch-general] [arch-dev-public] Proposal: minimal base system

[Damjan Georgievski via arch-general]

(posting to general, since I can't on dev-public)

On Mon, 21 Jan 2019 at 23:03, Levente Polyak via arch-dev-public
 wrote:
>
> # Proposal
>
> There is no strict definition of what a minimal Arch Linux system
> installation must contain. However in reality we mostly don’t add any
> packages that are in the base group as a dependency to other packages,
> which basically makes it a hard requirement.
>
> The current way of defining a minimal system via a group is non-optimal
> for the following reasons:

One of the issues that might need to be fixed is this:
https://bugs.archlinux.org/task/54887
(FS#54887 - [openssl] remove perl from dependency of the openssl package)



-- 
damjan

Re: [arch-general] Kernel 4.19 preventing Firefox from playing videos

[Damjan Georgievski via arch-general]

> I have a very strange issue with kernel 4.19.1 With this kernel Firefox
> no longer plays any videos. It opens the page but the video wont play.

what video? youtube?

works well here, on intel i7-7500U, KDE on X11 (modesetting driver)
with both 4.19.1-arch1 and 4.19.2-arch1

> I'm running Gnome on a Thinkpad X201.

are you running wayland, modsettings or the intel X11 driver (the X
modesetting is perhaps recommended)

maybe try another compositor, instead of the gnome one


-- 
damjan

Re: [arch-general] i3stats depends on wireless_tools, causing "firmware load for regulatory.db failed" w/o wireless-regdb

[Damjan Georgievski via arch-general]

On 12 August 2018 at 01:48, David C. Rankin
 wrote:
> Archdevs,
>
>   There seems to be a funny depends (or missing depends) issue for *some*
> systems without wireless that have i3status installed.
>
>   This appears to be because i3stats depends on wireless_tools, which during
> boot triggers an attempt

I don't see anything in the wireless_tools package that would trigger on boot.
there are no udev rules or systemd services.


-- 
damjan

Re: [arch-general] systemd --user enable: Failed to connect to bus: No such file or directory

[Damjan Georgievski via arch-general]

On 27 June 2018 at 08:26, Bjoern Franke  wrote:
> Hi,
>
> I'm trying to create a systemd timer for a user to run duply daily. For
> one user the enabled worked fine, but another one:
>
> systemctl --user enable backup.timer
> Failed to connect to bus: No such file or directory
>
> I have no clue why this happens, systemctl daemon-reload (also with
> --user) did not fix it. I found a similar issue in the forums, but the
> solution was to "ln -s" the timer and than rebooting. But I don't think
> this would be the "correct" solution because "systemctl --user enable"
> should also work.

What distro are you running? And what are the versions of systemd and dbus?

You also should have (so confirm that)

/usr/lib/systemd/user/dbus.socket and
/usr/lib/systemd/user/dbus.service files and a
/usr/lib/systemd/user/sockets.target.wants/dbus.socket symlink too


-- 
damjan

Re: [arch-general] Why no git --depth=1 option for makepkg?

[Damjan Georgievski via arch-general]

>> This means that PKGBUILDs which checkout a specific revision are
>> actually worse than the rest, as you cannot even get the source without
>> knowing how many commits you need (rather than failing afterwards in
>> pkgver() or something).
>
> Right. I had assumed that git clone -b/--branch did also exist for
> tags.

https://www.kernel.org/pub/software/scm/git/docs/git-clone.html

--branch can also take tags and detaches the HEAD at that commit in
the resulting repository.

Re: [arch-general] Disable vboxadd.service & vboxadd-service.service after guest additions included in 4.15?

[Damjan Georgievski via arch-general]

On 11 February 2018 at 13:47, Giacomo Longo via arch-general
 wrote:
> So you want to have
>
> vboxadd-service and vboxadd systemd services not starting on Linux kernel
> versions 4.15 and above?
>
> You can manage this by creating a template systemd unit
>
> /etc/systemd/system/kernel-version-less-then@.service
> ---
> [Unit]
> Description=Check if currently installed kernel version is less than target
>
> [Service]
> Type=oneshot
> ExecStart=/usr/bin/sh -c '[[ "$(/usr/bin/vercmp %i %v)" = "1" ]]'
> Restart=no
> CollectMode=inactive-or-failed
>
> [Install]
> WantedBy=multi-user.target
>
> Then create the directories
>
> /etc/systemd/system/vboxadd.service.d/
> /etc/systemd/system/vboxadd-service.service.d/
>
> Then for each service
>
>
> /etc/systemd/system/vboxadd.service.d/kerver.conf
> -
> [Unit]
> After=kernel-version-less-then@4.15.service
> Requires=kernel-version-less-then@4.15.service
>
> /etc/systemd/system/vboxadd-service.service.d/kerver.conf
> -
> [Unit]
> After=kernel-version-less-then@4.15.service
> Requires=kernel-version-less-then@4.15.service
>
> In this way, if my bash-fu is correct, the version compare will fail the
> kernel-version-less-then@4.15.service and vboxadd and vboxadd-service will
> not start



there is ConditionKernelVersion=
man systemd.unit

-- 
damjan

Re: [arch-general] pacman man page needs at least one update

[Damjan Georgievski via arch-general]

On 22 August 2017 at 19:01, Jude DaShiell  wrote:
> pacman -g and pacman --groups both appear no longer working.  Neither in
> that form generates a current list of groups.

pacman -Sg and pacman -Qg seem to work



-- 
damjan

Re: [arch-general] Handling python venv packages breaking on glibc update

[Damjan Georgievski via arch-general]

> I use psycopg2 for postgres access in my pyramid web-app, and like most
> (all?) python developers all the dependencies are in a virtualenv,
> including psycopg2 itself.
>
> This means, of course, that the psycopg2 wheel is precompiled.
>
> With the recent glibc-2.26 update, I can no longer import psycopg2. This is
> the error message I get on the file libresolv-2-c4c53def.5.so:
>
> symbol __res_maybe_init, version GLIBC_PRIVATE not defined in file
> libc.so.6 with link time reference
>
> I'm not sure why the psycopg2 pip package bundles in libresolv (which is
> part of glibc in Arch, explaining why the Arch psycopg2 package works fine,
> even without a recompile). Where's the right place for me to fix this? With
> the psycopg2 pip maintainers or somewhere else?


why not just use the Arch package? I prefer that for pacakges that
link to system libraries.


-- 
damjan

Re: [arch-general] How can I set CAPS LOCK as Escape throughout reboot

[Damjan Georgievski via arch-general]

On 17 August 2017 at 15:51, Junayeed Ahnaf via arch-general
 wrote:
> Hello,
>
> Currently I use "setxkbmap -option caps:escape" and it works well, but
> I'd like to know how to make it persistent through reboot. I set this
> line in .xinitrc but it didn't work.


depends on your login manager and the desktop environment. Gnome will
overwrite XKB settings anyway. KDE would if configured.

some login managers (or their Xsession scripts) will read ~/.Xkbmap as
options to setxkbmap


-- 
damjan

Re: [arch-general] Why there is no NetworkManager in ArchISO

[Damjan Georgievski via arch-general]

On 24 July 2017 at 07:30, Junayeed Ahnaf via arch-general
 wrote:
> Hello,
>
> Why is there no NetworkManager in ArchISO? Isn't it widely accepted as
> the go to method of connecting to internet in Linux? Is there any reason
> for it not to be default?

I would say that the reason NM is not on ArchISO is becaues in the
past it didn't have a simple enough support for a console UI,
which made it very useless in the ArchISO text-only envrionement.

Nowdays, with `nmtui` I'd say it would be ok to have it. NM has been
buggy in the past, but these days, it's a great tool.



-- 
damjan

[arch-general] nginx package compiled on testing?

[Damjan Georgievski via arch-general]

At this moment packages in core/extra are:
nginx 1.12.1-1
pacman 5.0.2-1

nginx -V has
--with-cc-opt='-march=x86-64 -mtune=generic -O2 -pipe
-fstack-protector-strong -fno-plt -D_FORTIFY_SOURCE=2'

but the pacman 5.0.2-1 version of /etc/makepkg.conf doesn't have the
-fno-plt argument.

I'd assume nginx 1.12.1-1 was compiled on a system with pacman 5.0.2-2
from testing?

https://git.archlinux.org/svntogit/packages.git/diff/trunk/makepkg.conf?h=packages/pacman=0cd22d4454e0e1b3ae589b95274f808001465c15

Is this allowed?


I suspect this is one of the reasons I can't compile a dynamic module for nginx


-- 
damjan

Re: [arch-general] Sébastien Luttringer and Tobias Powalowski

[Damjan Georgievski via arch-general]

On 3 July 2017 at 01:22, Eli Schwartz via arch-general
 wrote:
> On 07/02/2017 07:01 PM, Ismael Bouya wrote:
>> (Mon, Jul 03, 2017 at 12:29:44AM +0200) Morten Linderud :
>>> But HTTPS doesnt matter here. We have a trusted signer inn the PKGBUILD, 
>>> anyone can MITM for the good of their life.
>>> Unless they can fake the signature (Hint; they cant), or trick Lennart into 
>>> signing something he shouldnt (Hint; he
>>> wont), we don't have a case here. It doesn't really matter if its HTTP or 
>>> HTTPS.
>>>
>>> You also didn't really reply about the threat model.
>>
>> If I understand correctly what Nicohood meant,
>> what could happen is that version X of systemd (or anything else) has a
>> well known vulnerability, fixed in X+1. X+1 is packaged, so anyone
>> up to date thinks "good I'm safe now". But since a man in the middle can
>> force to download version X (signed by the systemd maintainer so
>> considered "secure"), he can force you to download that version when you
>> create the package and you'll think you have the safe version while
>> having the unsafe one.
>
> Okay, this I am genuinely curious about.
>
> In what circumstances can I have:
> - the systemd repository cloned over the git:// protocol
> - an annotated tag for systemd v233 signed by Lennart Poettering.
> - an annotated tag for systemd v232 signed by Lennart Poettering.
> - a man in the middle attack
> - `git verify-tag --raw v233` reports a GOODSIG with a VALIDSIG
>   ${fingerprint} that matches with Lennart's known GPG fingerprint as
>   recorded in validpgpkeys
>
> And as a result, when I run the git command `git checkout
> refs/tags/v233`, I am tricked into getting v232 instead which contains a
> vulnerability. Also, I wouldn't be alerted by the verbose printing of
> the systemd version which happens during the boot process, nor by
> $systemd_binary --version
>
> ...
>
> Because I don't think git works that way, but I am willing to be proven
> wrong. Also I bet the git developers would be fascinated to hear the
> details, you might even get some sort of bounty for successfully hacking
> git like that.


On the other hand,
the systemd-stable repo doesn't have signed tags (or commits) and Arch
is probably going to move to that since it has post-release fixes for
regressions and bugs.



-- 
damjan

Re: [arch-general] kernel-install in archlinux

[Damjan Georgievski via arch-general]

On 22 June 2017 at 14:42, Mauro Santos via arch-general
<arch-general@archlinux.org> wrote:
> On 22-06-2017 12:58, Damjan Georgievski via arch-general wrote:
>> Is there any plan for moving ArchLinux to the kernel-install 
>> infrastructure[1]
>>
>> I've seen some talk about it from a year ago, but the discussion seems
>> to have died off.
>>
>> My personal use case is to have a hook that self-signs
>> kernel+initramfs+cmdline images for secure boot (using my own keys),
>> and currently I have to do that manually whenever the initramfs is
>> updated.
>>
>>
>>
>>
>> [1]
>> https://www.freedesktop.org/software/systemd/man/kernel-install.html
>> [2]
>> https://lists.archlinux.org/pipermail/arch-dev-public/2016-May/028014.html
>>
>
> You may want to check 'man alpm-hooks'. You should be able to automate
> what you want to do.


Unfortunately that's not enough, other hooks (which are unknown) can
update the initramfs, and I can't hook on /boot/initramfs-* since it's
not part of any package.

ps. and yes, I already do have a hook that triggers on the linux package

-- 
damjan

[arch-general] kernel-install in archlinux

[Damjan Georgievski via arch-general]

Is there any plan for moving ArchLinux to the kernel-install infrastructure[1]

I've seen some talk about it from a year ago, but the discussion seems
to have died off.

My personal use case is to have a hook that self-signs
kernel+initramfs+cmdline images for secure boot (using my own keys),
and currently I have to do that manually whenever the initramfs is
updated.




[1]
https://www.freedesktop.org/software/systemd/man/kernel-install.html
[2]
https://lists.archlinux.org/pipermail/arch-dev-public/2016-May/028014.html

-- 
damjan

Re: [arch-general] gnupg: systemd enable in post_install

[Damjan Georgievski via arch-general]

>> what's the rationale to enable the gnupg sockets in post_install of the
>> package?
>>
>> https://git.archlinux.org/svntogit/packages.git/tree/trunk/install?h=packages/gnupg#n21
>>
>> I don't disagree that the sockets maybe should be enabled (I have them
>> enabled for me), it's just a strange way to enable them in
>> post_install, and linking them in /etc/
>>
>> Why doesn't the PKGBUILD make the symlinks in
>> /usr/lib/systemd/user/sockets.target.wants/ ?
>
>
> I did that in the pulseaudio package at first and people complained that
> they couldn't "disable" the pulseaudio socket and "mask" also prevented a
> manual start.

got it. makes sense

though users will need root privileges to disable it then, but I guess
for Arch that doesn't matter.




-- 
damjan

[arch-general] gnupg: systemd enable in post_install

[Damjan Georgievski via arch-general]

what's the rationale to enable the gnupg sockets in post_install of the package?
https://git.archlinux.org/svntogit/packages.git/tree/trunk/install?h=packages/gnupg#n21

I don't disagree that the sockets maybe should be enabled (I have them
enabled for me), it's just a strange way to enable them in
post_install, and linking them in /etc/

Why doesn't the PKGBUILD make the symlinks in
/usr/lib/systemd/user/sockets.target.wants/ ?

dbus does that for ex.


-- 
damjan

Re: [arch-general] Unable to start gnome-terminal from KDE session

[Damjan Georgievski via arch-general]

> ...which sounds a bit like what I'm seeing, at least the slowness part.
> However, I use SDDM, so I can't put the recommended
> dbus-update-activation-environment in any .xinitrc file (which is only run 
> when
> you do startx as far as I know).
>
> So, two questions:
>
> (1) Where would I put this command so that it's run by SDDM on login?

isn't that already done via:
/etc/X11/xinit/xinitrc.d/50-systemd-user.sh


which is sourced by /usr/share/sddm/scripts/Xsession


-- 
damjan

Re: [arch-general] makepkg bind-9 FAILED (unknown public key F1B11BF05CF02E57)

[Damjan Georgievski via arch-general]

> libtool: compile:  gcc -I/home/david/arch/pkg/abs/bind/src/bind-9.11.0-P3
> -I../../.. -I./include -I./../pthreads/include -I../include -I./../include
> -I./.. -I/usr/include -D_REENTRANT -D_GNU_SOURCE -march=x86-64 -mtune=generic
> -O2 -pipe -fstack-protector-strong -DDIG_SIGCHASE -I/usr/include
> -I/usr/include/libxml2 -fPIC -W -Wall -Wmissing-prototypes -Wcast-qual
> -Wwrite-strings -Wformat -Wpointer-arith -fno-strict-aliasing
> -fno-delete-null-pointer-checks -c app.c  -fPIC -DPIC -o .libs/app.o
> In file included from /usr/include/json/autolink.h:9:0,
>  from /usr/include/json/json.h:9,
>  from ../include/isc/json.h:33,
>  from ../include/isc/mem.h:16,
>  from app.c:29:
> /usr/include/json/config.h:9:35: fatal error: string: No such file or 
> directory
>  #include  //typedef String

huh, that's a C++ style #include* and you are compiling with a C
compiler (and obviously app.c is a C program)
have no idea, see upstream.

* and indeed /usr/include/json/config.h is part of jsoncpp "C++
library for interacting with JSON"
how did that get included in a C program???

-- 
damjan

Re: [arch-general] makepkg bind-9 FAILED (unknown public key F1B11BF05CF02E57)

[Damjan Georgievski via arch-general]

>   I pulled ABS updates and got the patch mentioned in
> https://bugs.archlinux.org/task/53240. However, attempting to build bind/bind
> tools 9.11.0-P3 fails due to an unknown upstream public key:
>
> makepkg -s
> 
> ...
> ==> Verifying source file signatures with gpg...
> bind-9.11.0-P3.tar.gz ... FAILED (unknown public key F1B11BF05CF02E57)


https://wiki.archlinux.org/index.php/makepkg#Signature_checking




-- 
damjan

Re: [arch-general] Firefox 52 Audio broken

[Damjan Georgievski via arch-general]

> Since the update to firefox 52 the audio support has been broken.

nope, it works fine.

alas, ALSA support in Firefox has become unmaintained …
this means if Arch reverts to ALSA it'll be shipping worse code just
for the few people that choose to not use Pulseaudio (for their own
reasons).

> This seems to be because pulse audio is now a dependency by default in 
> firefox.
> However firefox can still be build with ALSA support.
>
> Without getting into any dicussion about issues about pulseaudio itself, I 
> believe it should be possible to use firefox on arch without being forces to 
> use pulse
> audio. I am certainly not the only one to have banned this package from my 
> boxes. And having more choices is certainly a good thing.
>
> Not sure this is the right place but I would like to ask to change back to 
> the old defaults (ALSA).
> With the old defaults, the user can choose to use pulse audio (or JACK) or 
> stay with plain ALSA support.



-- 
damjan

Re: [arch-general] Ping: 100% package loss

[Damjan Georgievski via arch-general]

> And the most surprising thing is, that it worked for one single moment,
> see the PS, and stopped working after the next reboot - with all what I
> tried to make it work still untouched and in place.
>
> Any further tipps here?

do you even have an IPv6 service from your ISP?
try pinging [2a00:1450:401b:801::2004] (an address I get for www.google.com)

also, ping now has the -4 and -6 options to specify which protocol to use.
otherwise, AFAIK the resolver in glibc autodetects if it'll use ipv4
or ipv6 by defult

-- 
damjan

Re: [arch-general] uwsgi-2.0.14-15 segfaults with php plugin

[Damjan Georgievski via arch-general]

https://bugs.archlinux.org/task/52406

the packager is a bit irresponsible

On 17 January 2017 at 17:14, David Runge  wrote:
> Hey all,
>
> ran into the issue, that after updating from uwsgi 2.0.14-1 to uwsgi
> 2.0.14-5 (php plugin of the same version), all php based webapps make
> uwsgi segfault (tested with wordpress and stikked)!
>
> Something like the below will happen (including after reboot):
>
> Jan 17 16:24:20 frqrec systemd[1]: Starting uWSGI service unit...
> Jan 17 16:24:20 frqrec uwsgi[2370]: [uWSGI] getting INI configuration
> from /etc/uwsgi/wordpress.ini
> Jan 17 16:24:20 frqrec uwsgi[2370]: *** Starting uWSGI 2.0.14 (64bit) on
> [Tue Jan 17 16:24:20 2017] ***
> Jan 17 16:24:20 frqrec uwsgi[2370]: compiled with version: 6.3.1
> 20170109 on 10 January 2017 00:34:54
> Jan 17 16:24:20 frqrec uwsgi[2370]: os: Linux-4.8.13-1-ARCH #1 SMP
> PREEMPT Fri Dec 9 07:24:34 CET 2016
> Jan 17 16:24:20 frqrec uwsgi[2370]: nodename: frqrec
> Jan 17 16:24:20 frqrec uwsgi[2370]: machine: x86_64
> Jan 17 16:24:20 frqrec uwsgi[2370]: clock source: unix
> Jan 17 16:24:20 frqrec uwsgi[2370]: pcre jit disabled
> Jan 17 16:24:20 frqrec uwsgi[2370]: detected number of CPU cores: 2
> Jan 17 16:24:20 frqrec uwsgi[2370]: current working directory: /
> Jan 17 16:24:20 frqrec uwsgi[2370]: detected binary path: /usr/bin/uwsgi
> Jan 17 16:24:20 frqrec uwsgi[2370]: setgid() to 33
> Jan 17 16:24:20 frqrec uwsgi[2370]: setuid() to 33
> Jan 17 16:24:20 frqrec uwsgi[2370]: your processes number limit is 15780
> Jan 17 16:24:20 frqrec uwsgi[2370]: your memory page size is 4096 bytes
> Jan 17 16:24:20 frqrec uwsgi[2370]: detected max file descriptor number:
> 1024
> Jan 17 16:24:20 frqrec uwsgi[2370]: lock engine: pthread robust mutexes
> Jan 17 16:24:20 frqrec uwsgi[2370]: thunder lock: disabled (you can
> enable it with --thunder-lock)
> Jan 17 16:24:20 frqrec uwsgi[2370]: *** Cache "wordpress" initialized:
> 64MB (key: 2136 bytes, keys: 2136000 bytes, data: 65536000 bytes,
> bitmap: 0 bytes) preallocated ***
> Jan 17 16:24:20 frqrec uwsgi[2370]: - SystemD socket activation detected
> -
> Jan 17 16:24:20 frqrec uwsgi[2370]: uwsgi socket 1 attached to UNIX
> address /run/uwsgi/wordpress.sock fd 3
> Jan 17 16:24:20 frqrec uwsgi[2370]: !!! uWSGI process 2370 got
> Segmentation Fault !!!
> Jan 17 16:24:20 frqrec uwsgi[2370]: *** backtrace of 2370 ***
> Jan 17 16:24:20 frqrec uwsgi[2370]: /usr/bin/uwsgi(uwsgi_backtrace+0x2c)
> [0x466eec]
> Jan 17 16:24:20 frqrec uwsgi[2370]: /usr/bin/uwsgi(uwsgi_segfault+0x21)
> [0x4672b1]
> Jan 17 16:24:20 frqrec uwsgi[2370]: /usr/lib/libc.so.6(+0x330b0)
> [0x7f9a019ea0b0]
> Jan 17 16:24:20 frqrec uwsgi[2370]:
> /usr/lib/uwsgi/php_plugin.so(+0x53ca) [0x7f9a001fa3ca]
> Jan 17 16:24:20 frqrec uwsgi[2370]: *** end of backtrace ***
> Jan 17 16:24:20 frqrec systemd[1]: uwsgi-private@wordpress.service: Main
> process exited, code=exited, status=1/FAILURE
> Jan 17 16:24:20 frqrec systemd[1]: Failed to start uWSGI service unit.
> Jan 17 16:24:20 frqrec systemd[1]: uwsgi-private@wordpress.service: Unit
> entered failed state.
> Jan 17 16:24:20 frqrec systemd[1]: uwsgi-private@wordpress.service:
> Failed with result 'exit-code'.
>
> Reverting back to uwsgi 2.0.14-1 fixes the problem (after restarting the
> socket, that activates the webapp).
>
> As a sidenote: I'm using the hardening and socket activation options as
> explained here, which shouldn't have much of an effect on the uwsgi
> itself though):
> https://wiki.archlinux.org/index.php/UWSGI#Socket_activation
> https://wiki.archlinux.org/index.php/UWSGI#Hardening_uWSGI
>
> Has anyone had the same issue?
> I can't seem to find out, what has changed between revision 1 and 5 or
> if it needs another rebuild.
>
> Best,
> David
>
>
> --
> https://sleepmap.de



-- 
damjan

Re: [arch-general] [arch-dev-public] Preparing OpenVPN 2.4.x - possible incompatible changes

[Damjan Georgievski via arch-general]

>> I do not oppose using whatever upstream is deploying, if it's
>> rationale. I just think that we could create a system user for
>> openvpn, even if most users will deploy it using root.
>
> We need root privileges at initialization phase, no? Privileges are dropped
> to nobody/nobody when initialization sequence completed.
>
> If we can make things work with non-root system user... Let me know how to do
> that. :D

You can have systemd-networkd create the tun (or tap) interface and
change its ownership to a specific user,
that way openvpn doesn't need privileges for that.

That's my setup with a bridged tap interface
https://gist.github.com/gdamjan/6b988389afe36e4bb769

for tap interfaces, networkd can also do the ip setup, for tun
interfaces, openvpn would need to use ... sudo?


-- 
damjan

Re: [arch-general] howto remove old package version

[Damjan Georgievski via arch-general]

> pacman -Syu
> :: Starting full system upgrade...
>
> warning: mesa: local (13.0.0rc2-2) is newer than extra (12.0.3-3.1)
> warning: mesa-libgl: local (13.0.0rc2-2) is newer than extra (12.0.3-3.1)
>
> how do i remove old version and install new with pacman,
> have tried pacman -R but had dependency problems.

you should've mentioned that this is ArchLinux Arm

and yes, they reverted those packages (at leat on armv6 for
raspberrypi) I dunno why, don't even care



-- 
damjan

Re: [arch-general] Cannot no longer resolve local hostname with the new nsswitch.conf

[Damjan Georgievski via arch-general]

On 8 November 2016 at 18:43, Patrick Burroughs (Celti) via
arch-general <arch-general@archlinux.org> wrote:
> On Tue, 8 Nov 2016 18:01:32 +0100
> Damjan Georgievski via arch-general <arch-general@archlinux.org> wrote:
>
>> > $ getent -s resolve hosts $(hostname)
>>
>> this should fail since you don't have the resolved service running.
>
> nss-resolve will chainload nss-dns when systemd-resolved is not running
> (see `man 8 nss-resolve`).

ah right, that fallback should be removed *in the future* and I was
under the impression it already happened

https://github.com/systemd/systemd/commit/344874fcd0a3fc1f9bc6cdf34ecaf537c10a3ad3




-- 
damjan

Re: [arch-general] Cannot no longer resolve local hostname with the new nsswitch.conf

[Damjan Georgievski via arch-general]

> $ getent -s resolve hosts $(hostname)

this should fail since you don't have the resolved service running.

but, when using `hosts: files mymachines resolve [!UNAVAIL=return] dns
myhostname` standard resolving should then go to the dns source, and
then to the myhostname source.

what does
getent -s dns hosts $(hostname)
getent -s myhostname hosts $(hostname)
return ?

also are you up-to-date with systemd 232?

-- 
damjan

Re: [arch-general] Cannot no longer resolve local hostname with the new nsswitch.conf

[Damjan Georgievski via arch-general]

On 8 November 2016 at 13:37, Chi-Hsuan Yen via arch-general
 wrote:
> Hi Arch enthuasiasts,
>
> With testing/filesystem 2016.11-2, I can no longer use my local hostname to
> acess services on the local machine. For example:
>
> $ hostname
> PC12574
>
> $ ping PC12574
> ping: PC12574: Name or service not known
>
> Seems changes in nsswitch.conf [1] does the effect. If I change the hosts:
> line in nsswitch.conf back to the old configuration "files resolve
> mymachines myhostname", or remove the [!UNAVAIL=return] part from this
> line, ping works fine:

do you have systemd-resolved running?
what does `getent -s resolve hosts ` return?

-- 
damjan

[arch-general] new /etc/nsswitch.conf

[Damjan Georgievski via arch-general]

there's a new /etc/nsswitch.conf file in filesystem-2016.11

Maybe someone would care to explain the changes? maybe even a news post?

https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/filesystem=f1cd9f7fb4cdf7617a1b875e14be212733f9c67a


-- 
damjan

Re: [arch-general] how to restore root and boot directory

[Damjan Georgievski via arch-general]

> Hi everyone
> while reinstalling arch on raspberry pi memory stick i had the two
> partitions mounted on mount points called root and boot  in my home dir
> on my laptop,
> i intended to delete everything in root and boot in my home directory
> but lost my mind and rm -rf /boot/* and /root/* instead,
> is there a easy way to restore files to boot and do i just fix the root
> user directory with useradd ?
> shadrock


/root really shouldn't have anything of importance, unless you left it
there - in which case, you can't recover it

/boot has the kernel, the initramfs - which can be recreated if you
reinstall the "linux" package

and probably some bootloader files that you can also reinstall
depending on the boot loader:
- grub-install
- extlinux
- bootctl

-- 
damjan

Re: [arch-general] efivars mounted read-write, but "operation not permitted, "

[Damjan Georgievski via arch-general]

On 3 August 2016 at 22:03, Zachary Kline  wrote:
> Hi All,
>
> This is admittedly more about Linux in general than Arch specifically, but 
> I’m wondering if anybody has insight into why I can’t delete EFI variables, 
> when efivarfs is mounted read-write. For anybody interested, I am wanting to 
> remove the default boot entry created by systemd-boot, but receive an 
> “Operation not permitted,” message when trying to do so, even as root.


try efibootmgr


-- 
damjan

[arch-general] texinfo, a dependency for libidn and libtasn1

[Damjan Georgievski via arch-general]

Do libidn and libtasn1 really require texinfo?

makes texinfo uninstallable, but I don't need docs on this system.

Does any of the "requiires" of texinfo[1] actualy require it?
shouldn't it be an opt-depend?

[1]
https://www.archlinux.org/packages/core/x86_64/texinfo/

-- 
damjan

Re: [arch-general] Announcing pacpak

[Damjan Georgievski via arch-general]

On 10 July 2016 at 11:05, pelzflorian (Florian Pelz)
 wrote:
> Hello,
>
> A specter is haunting the GNU/Linux ecosystem: the specter of per-user
> containerization. Software like Flatpak and Snappy promise fully
> sandboxed GNU/Linux application bundles (instead of merely launching an
> application with fewer privileges but without hiding the operating
> system, like Bubblewrap or Firejail do). Bundles ship with the version
> of their dependencies which they need.

Ubuntu is doing something similar it seems
https://bregmatter.wordpress.com/2016/07/04/x11-applications-and-unity-8/

This is for their non-deb (deb-less?) distro version, they install
debs in containers,
each getting their own XMir server. Good for non-trustworthy or exposed apps.



-- 
damjan

Re: [arch-general] time setting problem after installing.

[Damjan Georgievski via arch-general]

On 3 July 2016 at 22:27, matthew dyer via arch-general
 wrote:
> Hi all,
>
> I just installed arch into a vertual machine dfor now as I do not have a
> bare boons system to install to at the moment.  Any way  I have a problem
> whare  my system thinks I am in lundon uk and not in the us.  I have tried
> running NTPD-QG but I am told that the command not found.  I want the clock
> to show the correct local time and not have it showing  4 hours ahead of it
> self.  Any ideas on how to fix this.  I want to show it in .profile, but it
> just creates a new file instead of using the exhisting file.  How can I
> change my time to the corect local time?  Thanks.

I didn't understand half of what you said, but:

a) to set the system wide timezone  use the command:
timedatectl set-timezone Europe/London

b) to enable a ntp client you can use systemd-timedate, enable it with:
timedatectl set-ntp yes


-- 
damjan

Re: [arch-general] Kernel version in hooks

[Damjan Georgievski]

On 17 May 2016 at 14:50, Damjan Georgievski <gdam...@gmail.com> wrote:
> Can I somehow get the kernel version from a hook invoked on the kernel
> package update?

so I ended up with this (for now):
https://gist.github.com/gdamjan/dd94057318f9c68327066068cacf99bc

The reason was, I needed to run mkinitcpio by hand for linux-armv7
since the package itself doesn't do it
(they expect that the kernel has everything to boot, which is not true
since I boot my BeagleBoard over NFS).

the second problem is that the `mkinitcpio -p preset` didn't work
either since the kver function in mkinitcpio can't find the version
out of the zImage file.

this current setup doesn't support more kernels though - I'd have to
find the KERNEL_NAME for that.

ps.
not specifing "NeedsTargets" in the hook makes the "read TARGET"
block. I guess stdin should be /dev/null in that case.


-- 
damjan

Re: [arch-general] Kernel version in hooks

[Damjan Georgievski]

>>> Can I somehow get the kernel version from a hook invoked on the kernel
>>> package update?
>>
>> by version I mean the "4.5.4-1-ARCH" kernel version, not the "4.5.4-1"
>> package version
>
>
> How do you detect the kernel package upgrade? If you use the path to its
> modules, you can add "NeedsTargets" to the hook and extract the version from
> the module path just like the dkms hook does it.

the package name, ie.
Type = Package
Target = linux

are you saying to use Type = File and Target = usr/lib/modules/* ?

that'll have some unwanted targets  though (the extramodules on for ex.)


-- 
damjan

Re: [arch-general] Kernel version in hooks

[Damjan Georgievski]

On 17 May 2016 at 14:50, Damjan Georgievski <gdam...@gmail.com> wrote:
> Can I somehow get the kernel version from a hook invoked on the kernel
> package update?

by version I mean the "4.5.4-1-ARCH" kernel version, not the "4.5.4-1"
package version


-- 
damjan

[arch-general] Kernel version in hooks

[Damjan Georgievski]

Can I somehow get the kernel version from a hook invoked on the kernel
package update?


-- 
damjan

Re: [arch-general] Adding new disks > 2T to system that boots with grub, can GPT be used for new disks?

[Damjan Georgievski]

>   I'm confused by the partitioning wiki
> (https://wiki.archlinux.org/index.php/Partitioning). It says:
>
> If using GRUB legacy as the bootloader, one must use MBR
>
>   What about adding disks to this system? Must they be partitioned MBR or can 
> I
> use GPT on the additional disks. (I haven't used GPT before, so this has me
> stumped).
>
>   Current setup is Arch booting from grub (grub2) on 1T raid1 mdadm array. I
> have a pair of 3T drives I want to add to the system. (as a 3T raid1 mdadm 
> array).
>
>   I want to use the entire disk in a single partition which is why I want to
> partition the disks GPT (leaving 100M unpartitioned at the end).
>
>   Can I use GPT on the new disks, or am I stuck with MBR?

since you're not booting of the new disks, it doesn't matter.

and that "Grub Legacy" is grub 0.9x not grub2. grub2 can boot of GPT
easily (it just needs a 2mb legacy boot partition).


-- 
damjan

Re: [arch-general] most efficient way to get linux kernel statistics

[Damjan Georgievski]

>>> The free command gets its information from /proc/meminfo.
>>> Performance-wise, it doesn't really matter if a few additional lines
>>> need to be parsed.
>>
>> Hello,
>> Thank you Florian. Actually, I already knew it's the same, I just
>> thought that he could use the free command instead of parsing it
>> himself. You're right. Performance-wise, it's pretty much the same.
>>
>
> Sorry, I didn't express myself properly. I didn't mean to criticize
> free. What I meant to say was that the time it takes to parse
> /proc/meminfo or free is negligible. It doesn't need to be any more
> efficient. free parses /proc/meminfo. libgtop parses /proc/meminfo.
> Querying the information probably takes much more time than parsing it.
>
> Your suggestion to use free may indeed be useful if the original poster
> wants parsing to be slightly simpler and does not mind the additional
> dependency. My impression was that they considered parsing to be too
> inefficient.

there's also `sysinfo(2)`

-- 
damjan

Re: [arch-general] libvirt and VirtualBox

[Damjan Georgievski]

since the update of libvirt to 1.3.2, it seems the sd_notify support
is broken, and the daemon is killed.

is the daemon even running for you?

On 3 March 2016 at 14:37, Jukka Salmi  wrote:
> Hello
>
> On an up-to-date Arch x86-64 system, I fail to manage VirtualBox VMs
> with libvirt virsh:
>
> $ virsh -c vbox:///session
> error: failed to connect to the hypervisor
> error: internal error: unable to initialize VirtualBox driver API
>
> Is this supposed to work out of the box?
>
> Both VirtualBox (5.0.14-1) and libvirt (1.3.2-1) are installed from the
> community repository, and VirtualBox support seems to be compiled in:
>
> $ virsh -V
> Virsh command line tool of libvirt 1.3.2
> [...]
> Compiled with support for:
>  Hypervisors: QEMU/KVM LXC UML OpenVZ VMware PHYP VirtualBox ESX Test
> [...]
>
> Furthermore, both VirtualBox alone (i.e. when managed by VBoxManage or
> similar) and libvirt when used to manage QEMU/KVM sessions work fine.
>
> Any hints about what I'm missing?
>
>
> TIA & cheers,
>
> Jukka
>
> --
> This email fills a much-needed gap in the archives.



-- 
damjan

Re: [arch-general] Alternative init system proposal

[Damjan Georgievski]

On 9 February 2016 at 17:34, Guus Snijders  wrote:
> Op 9 feb. 2016 17:27 schreef "Michał Zegan" :
>>
>
>> A note about using shell scripts in systemd:
>> Who said you can't? and I don't talk about systemd's init.d
>> compatibility that is disabled in arch. Although you have to write
>> unit files, you can start scripts, so you do not really lose
>> flexibility. Also systemd's isolation capabilities are superior, there
>> are some things you currently cannot do from scripts, like
>> PrivateTmp=yes and stuff.
>
> Isolation is AFAIK based on cgroups, not the easiest subject, but certainly
> not impossible to implement.

not impossible, if you reimplement systemd :)

> PrivateTmp: Does that more then setting $TEMP to a custom value?
>
> I'm just being curious here.

yes, it creates a filesystem/mount namespace for the process(es) and mount's a
/tmp/systemd-private-/ directory as /tmp. from the point of view
of the process it will never see
anything else from the outer /tmp

-- 
damjan

Re: [arch-general] Why does a regular user have access to /dev/uinput (and why only temporary)

[Damjan Georgievski]

>> $ getfacl /dev/uinput
>> getfacl: Removing leading '/' from absolute path names
>> # file: dev/uinput
>> # owner: root
>> # group: root
>> user::rw-
>> user:manuel:rw-#effective:---
>> group::---
>> mask::---
>> other::---
>>
>> So somehow the permission is still there, but no longer effective???
>>
>> If I switch VT once (and probably switching the active session this way)
>> I have permission again and now my user keeps it.
>>
>> What is causing this ugly behaviour? Why does a user have to have uinput
>> permissions at all? The (possible security) problem with this is, that
>> the driver (may be a simulated keyboard driver) keeps active even if the
>> session changes. So a software, launched in one session, affects another
>> session.


device nodes tagged with 'uaccess' by udev are given to the current
seat user by logind.
see what has TAG+="uaccess" in /usr/lib/udev/rules.d/

-- 
damjan

Re: [arch-general] systemd user accounts are created in a inconsistent way

[Damjan Georgievski]

On 2 February 2016 at 21:28, Daniel Milewski  wrote:
> Most systemd user accounts are present in the /etc/passwd file provided
> by the filesystem package. This is not the case for only two of them,
> namely systemd-journal-upload and systemd-journal-remote, which are set
> up by systemd-sysusers, executed when the systemd package is installed.
>
> Is there a reason for that? Wouldn't it be better to include all
> systemd users in /etc/passwd, or let systemd-sysusers handle account
> creation?

it's better to let `systemd-sysusers` create all users, /etc/passwd
should probably not be included in any package
since it changes in the lifetime of the distro and updates are hard to merge.

-- 
damjan

Re: [arch-general] btrfs/snapper hook for pacman 5.0?

[Damjan Georgievski]

> https://github.com/andrewgregory/pachooks

do hook files need to end in .hook ?
I couldn't find it mentioned in man alpm-hooks or pacman

-- 
damjan

Re: [arch-general] btrfs/snapper hook for pacman 5.0?

[Damjan Georgievski]

On 2 February 2016 at 10:40, Damjan Georgievski <gdam...@gmail.com> wrote:
>> https://github.com/andrewgregory/pachooks
>
> do hook files need to end in .hook ?
> I couldn't find it mentioned in man alpm-hooks or pacman

Also,  `Exec =` requires a full path to the executable



-- 
damjan

Re: [arch-general] Chromium Favorites Bar Partially Inoperative

[Damjan Georgievski]

> I just installed Chromium, v. 48.0.2564.97, two days ago.  I imported
> my bookmarks from Firefox and enabled the bookmarks bar.  I added a few
> new bookmarks to the bar, but not in my existing folders.
>
> Today, I tried to drag-and-drop the bookmarks into the folders on my
> bookmarks bar, but nothing happened - the bookmarks just remained on
> the bar.  In addition, it seems impossible to move anything on the bar,
> i.e., adjusting the order of folders or bookmarks.  Everything just stays
> where it was originally placed.
>
> For those who don't use Chromium, this is not normal behavior - one should
> be able to drag-and-drop into folders, subfolders, and slide things
> around at will.
>
> In fact, even in the bookmark manager it is not possible to drag-and-drop;
> the only way I've found to move a bookmark into a folder is to copy and
> paste it there, then delete the original.
>
> I've tried disabling my two extensions without luck, and I see no
> recent activity on the boards or on Chromium's bug tracker.
>
> Anyone else seeing this?  Any suggestions?

huh.
possibly unreleated but I just experienced that drag from dolphin
to a html5 drop-zone doesn't work either.
it even doesn't work from a directory view in chromium itself to a
html5 page in chromium.

OTOH,
firefox directory view -> chromium page
and
chromium directory view -> firefox page
both work fine.

some people on the forums noticed something similar too
https://bbs.archlinux.org/viewtopic.php?id=207338

-- 
damjan

Re: [arch-general] systemd user unit files from custom directory

[Damjan Georgievski]

On 30 January 2016 at 12:48, Andre "Osku" Schmidt
 wrote:
> hello,
>
> thought i'd ask here first, in case it's a distro problem.
>
> was wondering if we can use systemd to start and stop a daemon for
> testing purposes during development. meaning, i would like to not have
> to "install" my daemon nor its systemd service file, and instead run
> all from the working directory.
>
> from systemd.unit man page i got the impression that this example would work:
>
> ❱ tree $PWD
> /data/projects/hmm
> └── systemd
> └── user
> └── foobar.service
>
> ❱ cat systemd/user/foobar.service
> [Unit]
> Description=Foo Bar
> [Service]
> ExecStart=/usr/bin/sleep 42
>
> ❱ XDG_CONFIG_HOME=$PWD systemctl --user start foobar
> Failed to start foobar.service: Unit foobar.service failed to load: No
> such file or directory.
>
> am i doing it wrong, or?

the daemon reads and starts the service not systemctl.
in recent versions of systemd you can symlink the service file from
ouside ~/.config/systemd/ too

ps.
what exactly are you testing? there's also systemd-run


-- 
damjan

Re: [arch-general] FireFox 44 turning the bookmark toolbar+ extensions area + current tab into light gray (like selected) [gist image]

[Damjan Georgievski]

> Just updated Arch, and got FF 44, but there's a new color behavior on
> the bookmark toolbar, the extensions area, and current tab.
>
> It looks like if everything was somehow selected, light grayed.  This
> is new, but I don't know if it's the new 44+ expected behavior, or
> something that got broken, and perhaps there's a way to work it
> around.
>
> The gist linked image provides a snapshot of the new weird behavior:
>
> https://gist.github.com/je-vv/7a00601e9217cd9d3447

you don't seem to be using the default look-and-feel of Firefox so
it's hard to say what you
expect to be right and how your expectation doesn't meet reality.

-- 
damjan

Re: [arch-general] systemctl --user problems

[Damjan Georgievski]

> 3. and also I've found that XDG_RUNTIME_DIR and XDG_SESSION_ID are not
> set (neither before or after restarting user@) as should be the case
> from [1] and [2].

are you using a proper login manager, do you have pam_systemd in your
pam configs?



-- 
damjan

Re: [arch-general] Unknown Trust and Corrupted Package

[Damjan Georgievski]

>> I'm receiving message about unknown trust while trying to install the confuse
>> package.
>>
>
> Looks like people tend to forget about updating pacman keyring.
>
> pacman-key --refresh-keys

is'n this done automatically? should it?



-- 
damjan

Re: [arch-general] Unknown Trust and Corrupted Package

[Damjan Georgievski]

> Looks like people tend to forget about updating pacman keyring.
>
> pacman-key --refresh-keys

huh, now what?

# pacman-key --refresh-keys
gpg: refreshing 85 keys from hkp://keys.gnupg.net
gpg: keyserver refresh failed: Permission denied
==> ERROR: A specified local key could not be updated from a keyserver.



-- 
damjan

Re: [arch-general] Firefox without signature checking

[Damjan Georgievski]

>> This sounds like something for the AUR. I do not agree with this move from
>> Mozilla and it would be interesting to see the interest in such a package.
>>
>
>  Agree - AUR.
>
>  Arch should follow upstream - if there is a spin off alternative with this
> disenagaged (HigherFox or whatever) ... we can certainly choose a different
> package - but Arch should stick with the upstream version.
>
>  Aside:
>   I don't use firefox - but curious - how would one test developer versions
> of extensions then? Or is this no longer possible in firefox?

There will be support for that of course
https://developer.mozilla.org/en-US/Add-ons/Distribution


-- 
damjan

[arch-general] virt-manager empty package?

[Damjan Georgievski]

Does anyone know why virt-manager is an empty package?
The package depends on virt-install which contains the virt-manager
program, and just adds its dependencies.

Is this intentional? The PKGBUILD suggests it tries to do something.


-- 
damjan

Re: [arch-general] Rerun bootloader from initramfs

[Damjan Georgievski]

On 20 November 2015 at 17:04, Mauro Santos  wrote:
> On 20-11-2015 17:19, Joan Aymà wrote:
>> Why should not be easier to boot following Disk_Encryption on the wiki[1]?
>>
>> Regards.
>>
>> [1]https://wiki.archlinux.org/index.php/Disk_encryption
>
> Because I'm talking about this [1] and not software based encryption.
>
> [1] https://en.wikipedia.org/wiki/Hardware-based_full_disk_encryption

I'd sincerely advice against using these 'hardware' disk encryptions.
what happens when your motherboard is at fault, and you need the data
on the disk *now* and it wont work in a USB enclosure?

anyway, maybe you could use kexec in your PBA and run the installed
linux kernel with that.


-- 
damjan

Re: [arch-general] Problems with movie playback (HTML5)

[Damjan Georgievski]

> Yes, I saw this with mpv on the command line under X. A restart of the WM
> and X
> did not solve the problem for me. As with the others I had to reboot my
> machine.
>
> Would be really nice to know what's the root cause.


systemctl --user restart pulseaudio


-- 
damjan

[arch-general] Policy about packages and file capabilities

[Damjan Georgievski]

What's the policy about capabilities for executables in Arch packages?

I'm asking since in my setup I'm running wpa_supplicant as the
'nobody' user, but I let it keep the NET_ADMIN and NET_RAW
capabilities (excerpt from the .service file):

User=nobody
SupplementaryGroups=rfkill
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW


The executable needs to have those capabilities on the executable in
order to keep them when switching to user `nobody`, so I set them
with:

setcap 'cap_net_raw=ep cap_net_admin=ep' /usr/bin/wpa_supplicant


I'd suggest (and send a patch) to add these capabilities in the next
update to the package
if that's acceptable.


PS.
wpa_supplicant is still not updated from version 2.3 which doesn't
work with the wifi interface in the 4addr mode, bridged and with the
-b option of wpa_supplicant.
2.4 and 2.5 work in that scenario. so I hope an update is due.


-- 
damjan

Re: [arch-general] Policy about packages and file capabilities

[Damjan Georgievski]

>> What's the policy about capabilities for executables in Arch packages?
>
> I _guess_ that capabilities are used to avoid SUID binaries when this is
> secure.

well, also, unless you set capabilities on the executable a process
can't have capabilities when a non-root process execs the executable
-- that is until the ambient capabilities are supported in the kernel
and systemd
https://lwn.net/Articles/651052/ (afaik in 4.3)

>> I'm asking since in my setup I'm running wpa_supplicant as the
>> 'nobody' user, but I let it keep the NET_ADMIN and NET_RAW
>> capabilities (excerpt from the .service file):
>
> Read the caveat here: https://w1.fi/cgit/hostap/plain/wpa_supplicant/README .
> Basically, you'll need a special user/group for executing
> /usr/bin/wpa_supplicant.

right, I  think that too would need to be done in a proper package.
I'd rather make it 750, and root/wpa_supplicant

> In general, why is this necessary? What kind of attack (besides DoS) is
> possible against wpa_supplicant?

there have been buffer overflows etc. in wpa supplicant, not good for
a root process.
https://www.google.com/search?q=wpa_supplicant+CVE=utf-8=utf-8

-- 
damjan

Re: [arch-general] systemd-networkd and netctl with multiple interfaces

[Damjan Georgievski]

ip route get 8.8.8.8
ip route get 7.7.7.7

will show the routes for those ip addresses. you can check several to
see where they go (in case the 2 default routes have the same metric)

On 11 November 2015 at 14:38, Andrew Von Stein <16vo...@gmail.com> wrote:
> Expanding on the ip route command, you can you see what interface is used
> to reach the Internet by looking at the default route. The entry that has
> the destination as 0.0.0.0 and the subnet mask as 0.0.0.0 is the default
> route. If your LAN is shown above your wifi interface I'm going to assume
> that the default route is set to the LAN, but this leaves you with
> definitive proof that it's working how you want it. Also, you'll want to
> type "ip route -n" so you don't resolve hostnames.
>
> Also, if your wireless and LAN networks use a different gateway, you can
> run a traceroute to an outside address to see what path the packets are
> taking. Since it only shows the next hop IP address it doesn't work if your
> networks use the same IP addressing scheme.
>
> Regards,
> Andrew
>
> On Wed, Nov 11, 2015, 5:22 AM Bennett Piater  wrote:
>
>> > I don't use netctl, but you can usually see what default route it uses
>> with
>> >
>> >   ip route
>>
>> Thanks for that, I didn't know that command.
>> The LAN is shown above WIFI, which (I assume) means that it takes
>> precedence.
>>
>> >
>> > I have made the experience that newly configured interfaces "steal" the
>> > default route (although this can usually be configured - again, I don't
>> > use netctl).
>> >
>> > I can imagine the default route passing through the WiFi interface in
>> > your scenario.
>>
>> If I plug in LAN while having an active WIFI connection, it seems to
>> steal the route. I checked it by monitoring steam download speeds.
>>
>> Thanks!
>>
>> Cheers,
>> Bennett
>>
>> --
>> GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808
>>
>>



-- 
damjan

Re: [arch-general] how to remove template service from systemd

[Damjan Georgievski]

if it's a failed service, you might need systemctl reset-failed

On 7 October 2015 at 13:43, Łukasz Michalski  wrote:

>
>>> ● vboxvmservice@A.service - VBox Virtual Machine A Service
>>> Loaded: loaded (/etc/systemd/system/vboxvmservice@.service; enabled;
>>> vendor preset: disabled)
>>> Active: failed (Result: exit-code) since Thu 2015-10-01 12:02:49
>>> CEST; 4
>>> days ago
>>>   Main PID: 15101 (code=exited, status=0/SUCCESS)
>>>
>>> How to mak systemd forget about this service? I checked
>>> /etc/systemd/system/multi-user.target.wants/ and there is no link for my
>>> service.
>>>
>>
>> If you change, add or remove service files:
>> $ systemctl daemon-reload
>>
>> And you may need to stop the service as Florian wrote.
>>
>>
> systemctl disable is not making this service disabled. The first call to
> "systemctl disable vboxvmservice@A" removed a link from
> /etc/systemd/system/multi-user.target.wants/ correctly.
>
> daemon-reload does not help.
>
> I suspect that reboot will get rid of it but on server I would not like to
> reboot just because systemctl shows failure of non existent service.
>
> Regards,
> Łukasz
>



-- 
damjan

[arch-general] race condition when upgrading the new ncurses package

[Damjan Georgievski]

( 2/70) upgrading ncurses
[##] 100%
( 3/70) upgrading readline
[##] 100%
/usr/bin/bash: error while loading shared libraries: libncursesw.so.5:
cannot open shared object file: No such file or directory
error: command failed to execute correctly
( 4/70) upgrading bash


-- 
damjan

[arch-general] systemd-networkd 226 in virtual machines

[Damjan Georgievski]

in 226, systemd-networkd now supports predictable interface names
for virtio devices.[1]

For people running Arch in KVM with virtio-net (as I do), that means
the network interface name will change from eth0 to - in my case -
ens5.

That, for me also meant no ip address after reboot. Make sure to set
[Match]Name=en* or some such before rebooting.


[1]
https://github.com/systemd/systemd/blob/23d08d1b2bfd7f4b3c0a9408c9ccd65c3fb80fc2/NEWS#L45

-- 
damjan

Re: [arch-general] Process 13696 (systemctl) of user 0 dumped core ??

[Damjan Georgievski]

 Mon 2015-08-24 15:32:05 CDT   13580 0 0   7 * /usr/bin/systemctl
 Mon 2015-08-24 15:53:37 CDT   13696 0 0   7 * /usr/bin/systemctl


   I haven't seen or noticed this happening before, but obviously the first
 core dump was back in April related to cups. The question is What should I
 check? and Does any of this look related to BIOS settings and the new disk
 controller? (that looks more doubtful after looking over all the
 information)

   Anybody have experience with this type thing?


are you running everything Arch up-to-date vanilla or do you have some
custom stuff?
if you're vanilla, run memtest on the machine.


-- 
damjan

Re: [arch-general] Process 13696 (systemctl) of user 0 dumped core ??

[Damjan Georgievski]

On 25 August 2015 at 01:17, Damjan Georgievski gdam...@gmail.com wrote:
 Mon 2015-08-24 15:32:05 CDT   13580 0 0   7 * /usr/bin/systemctl
 Mon 2015-08-24 15:53:37 CDT   13696 0 0   7 * /usr/bin/systemctl


   I haven't seen or noticed this happening before, but obviously the first
 core dump was back in April related to cups. The question is What should I
 check? and Does any of this look related to BIOS settings and the new disk
 controller? (that looks more doubtful after looking over all the
 information)

   Anybody have experience with this type thing?


 are you running everything Arch up-to-date vanilla or do you have some
 custom stuff?
 if you're vanilla, run memtest on the machine.

also, make sure to:
update the bios
and
do you have the inte-ucode installed and configured (this is very
important for certain cpus)?
https://wiki.archlinux.org/index.php/Microcode

-- 
damjan

Re: [arch-general] NetworkManager warn logs, Is it something to be concerned?

[Damjan Georgievski]

On 23 July 2015 at 05:33, piruthiviraj natarajan piruthivi...@gmail.com wrote:
 On Wed, Jul 22, 2015 at 4:00 PM, Christian Demsar vixsom...@vczf.io wrote:

 There might be a negligible decrease in speed since 220 bytes less are
 being transmitted per frame, but I don't think it's a breaking issue.
 Problems arise when the MTU is set higher than all parts of the network
 can handle, which is why the standard seems to be 1500 (although I've
 seen some openvpn configuration files restricting the MTU to 1400 for
 reducing packet loss -- I've never tested to see if it works or not).

 I'm not sure why your NIC is broadcasting an MTU of 0. Someone more
 experienced with the (Arch) Linux network stack should be able to help
 here


 Thanks christian.
 I disabled ipv6.
 It stopped  spitting out anymore errors for now.
 Still can't understand what could have induced this.
 But I do get errors in thermald in addition.
 Created an Issue at thermald upstream github.

 my journalctl -r

 https://dl.dropboxusercontent.com/u/106654446/journalctl.txt

probably fixed in this commit
http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/src/devices/nm-device.c?id=c44069c10a4a9c696910baf0dbbefc41528f6dbe

-- 
damjan

Re: [arch-general] Additional mouse (Lenovo N700) gesture binding

[Damjan Georgievski]

On 6 August 2015 at 03:42, Oon-Ee Ng ngoonee.t...@gmail.com wrote:
 Anyone have any idea on this? Been months and I've looked into it on
 and off, but always been frustrated =(

 On Thu, May 14, 2015 at 5:53 PM, Oon-Ee Ng ngoonee.t...@gmail.com wrote:
 On Wed, Apr 22, 2015 at 10:34 AM, Oon-Ee Ng ngoonee.t...@gmail.com wrote:q
 snip
 Firstly, regarding the gestures, here's what I obtain from xinput
 test. I've also listed which keys these correspond to.

https://wiki.archlinux.org/index.php/Map_scancodes_to_keycodes
use the hwdb (udev) way. you can set a scancode to reserved to ignore it



 Left swipe:-
 key press   22  Backspace
 key press   133Super_L (left Windows key)
 key press   37  Control_L
 key release 22  Backspace
 key release 133Super_L (left Windows key)
 key release 37  Control_L

 Right swipe:-
 key press   54  c
 key press   133Super_L (left Windows key)
 key release 54  c
 key release 133Super_L (left Windows key)


-- 
damjan

[arch-general] Signing kernel modules

[Damjan Georgievski]

Since some time ago, the Linux kernel has had support for
cryptographically signed
modules, i.e. the kernel can be configured to only load properly signed modules.

https://www.kernel.org/doc/Documentation/module-signing.txt


I wouldn't go to lengths explaining the benefits of it, I was just
wondering if Arch has the
infrastructure to sign the modules - since developers already sign the
kernel package itself [*],
and in that sense we (the users) already trust them to that level.

I'm not suggesting that CONFIG_MODULE_SIG_FORCE is enabled by default
- that would break 3rd party modules, but people could optionally use
the enforcemodulesig=1 kernel command line option if they want to.


Thoughts?


[*]
though packages are gpg signed, and modules use x.509




-- 
damjan

Re: [arch-general] systemd new dependencies impede using OpenRC

[Damjan Georgievski]

 Arch has always been a simple distribution in terms of the developer
 perspective, not the user one. Using systemd made it simpler than ever
 in that regard because much more work is taken care of by both the
 systemd developers and all of the projects shipping unit files.

I find systemd easier from an user perspective too. Or ok, let say, a
sys-admin one.
And I'm talking from my 14 years profesional Linux experience. Wow,
has it been so long.
18 years since I first installed Linux (Slackware 3, Debian 2.2,
RedHat, Mandrake, Slackware, Arch
- now using Arch for my laptop/desktop, Debian and Ubuntu on servers,
sometimes Centos/RHEL).


And I can hardly wait for distros to standardize on networkd too. Finally some
long needed standardization in the basic setup of a Linux system.



-- 
damjan

Re: [arch-general] error: unknown encoding UTF8: using iso88591 as fallback

[Damjan Georgievski]

 I suspect an inconsistency with the file system.

that doesn't make no sense. Unix filesystems don't care about encodings at all.
ever


-- 
damjan

Re: [arch-general] error: unknown encoding UTF8: using iso88591 as fallback

[Damjan Georgievski]

On 30 May 2015 at 13:03, Ralf Mardorf ralf.mard...@rocketmail.com wrote:
 On Sat, 30 May 2015 10:16:59 +, AC wrote:
On 29/05/15 at 02:35pm, Ralf Mardorf wrote:
LANG=en_US.utf8
LANG=en_US.UTF-8

 $ grep en /etc/locale.gen | grep -v # ; grep de /etc/locale.gen | grep -v 
 #
 en_GB.UTF-8 UTF-8
 en_GB ISO-8859-1
 en_US.UTF-8 UTF-8
 en_US ISO-8859-1
 de_DE.UTF-8 UTF-8
 de_DE ISO-8859-1
 de_DE@euro ISO-8859-15

 I don't understand why utf8 is generated on my machine.

I already explained that, glibc *internally* normalizes the charset
part of the locale name.
(because in the past people would inconsitently use iso88591
iso-8859-1 iso_8859_1 and other combinations thereof)


ALWAYS use .UTF-8 when setting up the locale.

Can you please also run the command

LANG=en_US.UTF-8 locale

also

if LC_ALL=en_US.UTF-8 claws-mail still complains the problem is in
the application and you should ask upstream.


btw, is there any real issue or just the annoying logs?


-- 
damjan

Re: [arch-general] error: unknown encoding UTF8: using iso88591 as fallback

[Damjan Georgievski]

On 29 May 2015 at 14:19, Ralf Mardorf ralf.mard...@rocketmail.com wrote:
 Hi,

 for some time past I get

   error: unknown encoding UTF8: using iso88591 as fallback

 when running GTK2 and GTK3 apps, Pluma, Claws Mail, Evolution. Other
 apps, perhaps Qt apps, might be affected too.

 There are no issues when using those apps, the terminal just shows
 these messages.

What's the output of just locale, as the user you have the problem as

-- 
damjan

Re: [arch-general] error: unknown encoding UTF8: using iso88591 as fallback

[Damjan Georgievski]

   error: unknown encoding UTF8: using iso88591 as fallback

What's the output of just locale, as the user you have the problem as

 [rocketmouse@archlinux ~]$ locale
 LANG=en_US.utf8
 LC_CTYPE=en_US.utf8
 LC_NUMERIC=en_US.utf8
 LC_TIME=en_US.utf8
 LC_COLLATE=en_US.utf8
 LC_MONETARY=en_US.utf8
 LC_MESSAGES=en_US.utf8
 LC_PAPER=en_US.utf8
 LC_NAME=en_US.utf8
 LC_ADDRESS=en_US.utf8
 LC_TELEPHONE=en_US.utf8
 LC_MEASUREMENT=en_US.utf8
 LC_IDENTIFICATION=en_US.utf8
 LC_ALL=
 [rocketmouse@archlinux ~]$

so, your locale is set somewhere else, probablly .profile .bashrc or .xprofile.

it seems for these apps it MUST be en_US.UTF-8 - that's the canonical
name of the encoding UTF-8 (with the dash).

-- 
damjan

Re: [arch-general] error: unknown encoding UTF8: using iso88591 as fallback

[Damjan Georgievski]

On 29 May 2015 at 15:02, Rodrigo Rivas rodrigorivasco...@gmail.com wrote:
 On Fri, May 29, 2015 at 2:38 PM, Damjan Georgievski gdam...@gmail.com wrote:
   error: unknown encoding UTF8: using iso88591 as fallback
 ...
 it seems for these apps it MUST be en_US.UTF-8 - that's the canonical
 name of the encoding UTF-8 (with the dash).

 I don't think it is locale related, I've used both en_US.utf8 and
 en_US.UTF-8 in the past without issues.

that's half true.
glibc normalizes the name of the locale (to lowercase no dashes or
underscores - it's a historical thing) so glibc doesn't care.

the problem is that some toolkits/apps would extract the charset part
of the locale name directly, and not going through the
locale functions for that purpose. that has happened in the past, and
I wouldn't be supprised if there are toolkits/apps that still do that.


 And encoding names are used in many other places.

 My guess is that you have somewhere a XML file with a wrong declaration

I haven't seen this, but it's possible. good thing to check.

 ?xml version=1.0 encoding=UTF8?

 where the proper declaration would be:

 ?xml version=1.0 encoding=UTF-8?

 There are some configuration files both in /etc and $HOME that are
 read upon initialization of Gtk and Qt (see /etc/fonts/*), so I'd
 check those first:

 $ grep -ir 'encoding=utf8' /etc
 $ grep -ir 'encoding=utf8' ~/.config



-- 
damjan

Re: [arch-general] error: unknown encoding UTF8: using iso88591 as fallback

[Damjan Georgievski]

 [rocketmouse@archlinux ~]$ claws-mail

try
[rocketmouse@archlinux ~]$ LANG=en_US.UTF-8 claws-mail



-- 
damjan

Re: [arch-general] arch linux install iso problem

[Damjan Georgievski]

 :: Triggering uevents . . .
 ... blk_update request: I/O error, dev sr0, sector 1226572
 ... blk_update request: I/O error, dev sr0, sector 1226572
 ... Buffer I/O error on dev sr0, logical block 153344, async page read
 :: Mounting '/dev/disk/by-label/ARCH_201504' ^@ERROR: device did not show
 up after 30 seconds . . .

check the label of the iso, you can do it with file ...iso

although the I/O errors suggest the CD is unreadable.


-- 
damjan

Re: [arch-general] Cannot use monitor in 1920x1080 anymore

[Damjan Georgievski]

  Hmmm...  Martin, if you still have a Xorg.log it means you have a
  really old installation,

 That was true for versions under 1.16.0-3 as evidenced by the version
 comparison, but it is not true anymore, Xserver 1.17 dumps its logs to
 syslog. And syslog is trapped by journalctl.


 Err  No it does not this system is fully up to date  .

 I use startx  to start the graphical display  nothing in journalctlit is
 in /var/log/Xorg.0.log 

 Sorry to disapoint   and all that   ..

From what I've read, it's *only* GDM that hacks the X server to run
so that it redirects the logs to the journal.
Otherwise, it'll go to the /var/log/Xorg.0.log file as ever.

ps.
on my two - always up-to-date - Arch installations, using lightdm and
sddm X logs to /var/log/Xorg.0.log

-- 
damjan