Re: [DNG] devuanfwojg73k6r.onion and pkgmaster.devuan.org are they and have they ever been the same?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 2018-02-15 19:21, Fungal-net wrote: > AIt seems as obvious now that when amprolla3 tries to merge > from debian.onion debian has some amprolla like merging system of > its subrepositories (not all in a single server). Some of them may > be timing out, and amprolla3 is not forwarding those errors as > partial hits. For any packages that aren't devuan specific, amprolla3 just makes a HTTP 302 redirect to the corresponding debian server. It doesn't try to access the file from the debian server at any point, the client, in this case apt, has to follow the redirect and make a new request to the debian server. If apt reacts differently when a request fails after a redirect, which I don't know if it does, that would be a bug in apt. Of course, amprolla has to merge the package lists, but the package list is always the same no matter how you access it, and it is a normal file on the server that's not newly generated for each request. It also doesn't matter where it gets debians package lists from, since they should be the same everywhere. And of course, any file located directly on pkgmaster is the same no matter if you access it over http, https or the .onion address. > BUsing tor://pkgmaster. ...amprolla3 is hitting the > deb.debian.org (or some other clearnet address) and it never runs > into timing out issues, so tor://pkgmaster is always in tact and > consistent. It seems as in the past 2 weeks someone must have > realized what is going on and went in and adjusted the timeout > threshold, which explains the current consistent results. Or else, > there is a limit to how much I can speculate, but something seems > to have gotten fixed. I've used tor and the onion address for a long time now, and I haven't had any issues so far. But debian offers different mirrors for http, https and tor, so there is always a slight chance that only a few of their mirrors run temporarily into issues, which could cause only one way of accessing it to temporarly cause problems. > CThe political/security issue is that we (users) have been in > the blind. 1 When someone chose to shift the onion repository > address to pkgmaster (a beta system) someone should have made an > adequate announcement and such was never made, not in the webpage > not in the "officially official forum" that no developer has ever > visited. I did notice that change too, it was a long time ago, but even though it would have been nice to know in advance, it did not make any notable difference for devuan jessie, and devuan ascii wasn't even in beta at that time. If anything, I'm glad they made the change, because even though there have been minor issues with very few ascii packages, not using pkgmaster would have caused even more problems, some problems had to be expected from something not released yet, and these problems have been widely known, were easy to fix, and had to be expected. I guess someone should make a small notice on the web page that the .onion address goes to pkgmaster and not to auto.mirror, but it'll probably soon no longer matter anyway, since amprolla3 probably replaces amprolla anyway, or are there plans to keep both running? > 2If the admin of the pkgmaster.devuan.org can distinguish > whether a connection is using onion or clearnet (apart from tor, > they are not the same you know, you can use tor to access any > clearnet address that has not blacklisted all exit nodes, but you > can not use http/https to reach an onion address) either the server > on the onion address is a different server (as allowed to conclude > by differential parallel results) or it is forwarding those > connections to "other" servers. That ability to distinguish the > two and act based on that distinction is problematic! No, from everything I have seen so far, the onion address and pkgmaster are definitely the same server*. And it's absolutely necessary to make the http redirects to the http debian repo, the https redirects to the https debian repos, and the .onion redirects to debians .onion repos. You see, the different ways to connect to the repos cover different threat models. One may want to use http if he intends to use one of a pool of mirrors, and there is noone causing trouble (like ISPs inserting ADs for example). One may want to use HTTPS if there is someone causing trouble. One may want to use tor if he either wants a direct connection to the server, since they don't trust all their Certificate Authorities etc., or if they need to stay anonymous. Most .onion sites don't provide SSL certificates, since the connections are already end to end encrypted anyway, so they use http instead of https. But if we were to unconditionally make the redirects to debian servers to their http mirrors, a bad exit node could cause problems and, for example, delay new packages and updates. Similarly, redirecting https to http wouldn't work, since bad ISPs could cause problems again.
Re: [DNG] OT: most processors are insecure (was Re: Nvidia Drivers)
On Wed, 16 Aug 2017 at 20:00:19 +1000 Erik Christiansenwrote: > On 16.08.17 11:24, Alessandro Selli wrote: >> Intel Active Management Technology (AMT) is hardware and firmware >> technology for remote out-of-band management of personal >> computers > > Didn't know about that stuff. OK, if firmware undermines iptables, then > it'll need either a surreptitious in-band internet channel to phone > home, or some other back-channel provided by the ISP, I figure. > > If we interpose e.g. an ARM firewall, then it's harder to hide such > stuff on a small RISC chip. A Beaglebone comes to mind. > >> In fact I thing the list of Intel primary customers omits a list of >> several government agencies... > > Well, if they're a concern, then it's time to move the relevant host to > the other side of an airgap. For my money, they're like anyone on > unemployment benefits - contributing to consumption in a western world > which has ample production. There are some good (at least as far as the first one is concerned) news: https://hackaday.com/2018/02/03/sifive-introduces-risc-v-linux-capable-multicore-processor/ «SiFive Introduces RISC-V Linux-Capable Multicore Processor» "Slowly but surely, RISC-V, the Open Source architecture for everything from microcontrollers to server CPUs is making inroads in the community. Now SiFive, the major company behind putting RISC-V chips into actual silicon, is releasing a chip that’s even more powerful. At FOSDEM this weekend, SiFive announced the release of a Linux-capable Single Board Computer built around the RISC-V ISA. It’s called the HiFive Unleashed, and it’s the first piece of silicon capable or running Linux on a RISC-V core." https://techcrunch.com/2018/02/05/former-intel-president-launches-new-chip-company-with-backing-from-carlyle-group/ «Former Intel president launches new chip company with backing from Carlyle Group» "Ampere, a new chip company run by former Intel president Renee James, came out of stealth today with a brand-new highly efficient Arm-based server chip targeted at hyperscale data centers. The company’s first chip is a custom core Armv8-A 64-bit server operating at up to 3.3 GHz with 1TB of memory at a power envelope of 125 watts." Alessandro ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] devuanfwojg73k6r.onion and pkgmaster.devuan.org are they and have they ever been the same?
On 02/15/2018 02:21 PM, Fungal-net wrote: > > PS To those asking MORE technical evidence, go to the officially official > devuan forum and you will find all the specifics. Ask fsmithred to point it > to you as he was the only one that took attention and tried some things out > to figure it out for himself. Unfortunately by the time he did the problem > was cured. When half the dependencies were missing for installing eudev and > openrc in ascii he couldn't tell why it was happening. > If you're talking about what I think you're talking about, I knew exactly what the problems were. When new openrc packages were being tested, openrc got into the repo before some of its depencies did. Installing it with some packages from repo and some packages provided by Svante outside the repo was tricky and unintuitive for anyone familiar with using apt. I posted about that here: https://dev1galaxy.org/viewtopic.php?pid=4443#p4443 The main eudev issue I ran into was when upgrading to a lower version (epoch) number. Again, a know issue. https://dev1galaxy.org/viewtopic.php?id=1766 You are correct in stating that I tested the onion address (two or three weeks ago, I think) and it gave the same results as pkgmaster. If you're thinking of some other discussion, please point me to it. fsmithred ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] devuanfwojg73k6r.onion and pkgmaster.devuan.org are they and have they ever been the same?
On Thu, Feb 15, 2018 at 02:21:39PM -0500, Fungal-net wrote: > If we are talking about the technical problem (which did exist) let's talk > about the technical problem. > If we are talking of the political/security problem let's talk about that. > But don't try to make soup out of what we are talking about, and it is to > your interest to try to understand criticism, despite of the form it is > coming from. > > Today, and after a lengthy discussion on the onion repository malfunction, > based on the "new" evidence Katolaz has provided us, there is a speculation > of the source of the technical problem. Again and again and in several > machines and users the problem appeared as "pieces" of the repository been > missing. Stuff that was in there the day before would be missing but the > rest would be there from both devuan and debian, and there would be no > "error" in updating repositories. Which pieces of the repositories were missing exactly? Why are you so reluctant to provide evidence to substantiate your claims? > > AIt seems as obvious now that when amprolla3 tries to merge from > debian.onion debian has some amprolla like merging system of its > subrepositories (not all in a single server). Some of them may be timing > out, and amprolla3 is not forwarding those errors as partial hits. Nothing like this happens, at all. Please read the code at: https://git.devuan.org/devuan-infrastructure/amprolla3 > > BUsing tor://pkgmaster. ...amprolla3 is hitting the deb.debian.org > (or some other clearnet address) and it never runs into timing out issues, so > tor://pkgmaster is always in tact and consistent. It seems as in the past 2 > weeks someone must have realized what is going on and went in and adjusted > the timeout threshold, which explains the current consistent results. Or > else, there is a limit to how much I can speculate, but something seems to > have gotten fixed. > Nothing like this happened, at all. We have not "fixed" anything, since there has been no evidence of inconsistencies signalled by any of the hundreds of Devuan users who access the repos via tor. Please go through the commits in the repo above since October (those are publicly available, checksummed and verifyable), and you will realise that they are mostly about minor fixes that have nothing to do with "missing pieces of repos" when accessing the servers via tor. > CThe political/security issue is that we (users) have been in the blind. >1 When someone chose to shift the onion repository address to pkgmaster > (a beta system) someone should have made an adequate announcement and such > was never made, not in the webpage not in the "officially official forum" > that no developer has ever visited. This might have been the only mistake on our side, but was done in good faith. Could you please point to the specific breakage that this has caused to you (something that you still refuse to do)? >2If the admin of the pkgmaster.devuan.org can distinguish whether a > connection is using onion or clearnet (apart from tor, they are not the same > you know, you can use tor to access any clearnet address that has not > blacklisted all exit nodes, but you can not use http/https to reach an onion > address) either the server on the onion address is a different server (as > allowed to conclude by differential parallel results) or it is forwarding > those connections to "other" servers. That ability to distinguish the two > and act based on that distinction is problematic! You won't believe it, but it's much simpler than that: your http client sets the "Host: " header to the FQDN of the server you are contacting. This is how 99% of the web is working nowadays. There is no magic involved, only standard HTTP protocol: when you use a onion address, the server you contact is requested to serve the content associated to that onion address. The server reads that header, and serves you the corresponding content. Please refer to RFC 2616: https://tools.ietf.org/html/rfc2616 Amprolla works using HTTP rewrites, we have never concealed that. If you don't like this, you should not use Devuan repos. >3If a tor connection is made through the tor network and out in the > clear, and back into tor again (as described by Katolaz) then according to > torproject the identity of the user can be revealed. They don't know how it > happens, they can't yet explain it, but they have warned and reported this > for a long time. People abused the abilities of tor and it creates > vulnerabilities that can't be controlled. Imagine a server running tor and > feeding an IP to another machine and that other machine is running tor a > second time. The identity can be revealed, and I don't need to explain to > whom or why. > In order to remain "concealed", your connection should be made to the onion address, not directly to pkgmaster.devuan.org. If you do so, your requests
Re: [DNG] devuanfwojg73k6r.onion and pkgmaster.devuan.org are they and have they ever been the same?
If we are talking about the technical problem (which did exist) let's talk about the technical problem. If we are talking of the political/security problem let's talk about that. But don't try to make soup out of what we are talking about, and it is to your interest to try to understand criticism, despite of the form it is coming from. Today, and after a lengthy discussion on the onion repository malfunction, based on the "new" evidence Katolaz has provided us, there is a speculation of the source of the technical problem. Again and again and in several machines and users the problem appeared as "pieces" of the repository been missing. Stuff that was in there the day before would be missing but the rest would be there from both devuan and debian, and there would be no "error" in updating repositories. AIt seems as obvious now that when amprolla3 tries to merge from debian.onion debian has some amprolla like merging system of its subrepositories (not all in a single server). Some of them may be timing out, and amprolla3 is not forwarding those errors as partial hits. BUsing tor://pkgmaster. ...amprolla3 is hitting the deb.debian.org (or some other clearnet address) and it never runs into timing out issues, so tor://pkgmaster is always in tact and consistent. It seems as in the past 2 weeks someone must have realized what is going on and went in and adjusted the timeout threshold, which explains the current consistent results. Or else, there is a limit to how much I can speculate, but something seems to have gotten fixed. CThe political/security issue is that we (users) have been in the blind. 1 When someone chose to shift the onion repository address to pkgmaster (a beta system) someone should have made an adequate announcement and such was never made, not in the webpage not in the "officially official forum" that no developer has ever visited. 2If the admin of the pkgmaster.devuan.org can distinguish whether a connection is using onion or clearnet (apart from tor, they are not the same you know, you can use tor to access any clearnet address that has not blacklisted all exit nodes, but you can not use http/https to reach an onion address) either the server on the onion address is a different server (as allowed to conclude by differential parallel results) or it is forwarding those connections to "other" servers. That ability to distinguish the two and act based on that distinction is problematic! 3If a tor connection is made through the tor network and out in the clear, and back into tor again (as described by Katolaz) then according to torproject the identity of the user can be revealed. They don't know how it happens, they can't yet explain it, but they have warned and reported this for a long time. People abused the abilities of tor and it creates vulnerabilities that can't be controlled. Imagine a server running tor and feeding an IP to another machine and that other machine is running tor a second time. The identity can be revealed, and I don't need to explain to whom or why. So, thank you, I (we) have been convinced here that "unfortunately" we have been right all along, we did our best to report and alert of the problem, partially the problem seems to have been silently fixed, but "admins" chose to try to shove things under the carpet and maintain a code of silence about it till things become explosive. Because when someone is telling you, hey buddy you have a problem. Hey buddy, this is the problem you have, and the only response is "there is no problem, you are crazy", then morally one is obliged to make noise and alert victims of the problem denied by authority! Good bye, and try to be more social when you receive constructive criticism. Something that seems to have been long gone in linux environment. PS To those asking MORE technical evidence, go to the officially official devuan forum and you will find all the specifics. Ask fsmithred to point it to you as he was the only one that took attention and tried some things out to figure it out for himself. Unfortunately by the time he did the problem was cured. When half the dependencies were missing for installing eudev and openrc in ascii he couldn't tell why it was happening. PS2 alessandro ... I am surprised with this attitude you got so far (linux.com) ... but talking with that tone should be reserved for up close conversations you spineless piece of shit hiding behind a terminal. I'll see you at some conference and we can continue. Original Message On February 15, 2018 9:49 AM, KatolaZwrote: >On Wed, Feb 14, 2018 at 08:21:03PM -0500, Fungal-net wrote: >>Your response is every proof I needed that there is something fishy going on. >> It may be legal to be deceiving people but the question is whether it is >>ethical and whether once you discover a rat are you responsible to
Re: [DNG] ASCII Beta: too much love? :P
On Wed, Feb 14, 2018 at 07:54:35PM +, KatolaZ wrote: > Dear Dev1rs, > > we know that many of us are experiencing enormous ETAs on downloading > ASCII Beta images from http://files.devuan.org > Dear Dev1rs, just an update on the status of Devuan ISO mirrors: [FULL] [DE] https://ftp.fau.de/devuan-cd/ [FULL] [NL] https://ftp.nluug.nl/pub/os/Linux/distr/devuan/ [FULL] [NL] https://devuan.contrast.network/ [FULL] [FR] https://devuan.unetresgrossebite.com/ [FULL] [DE] http://neo900.files.dev-1.org/files.devuan.org/ [PART] [DE] https://mirror.leaseweb.com/devuan/ (no minimal, no virtual) [PART] [LU] https://devuan.c3l.lu/ (no minimal, no virtual) [PART] [DE] https://mirror.alpix.eu/devuan/ (no minimal, no virtual) [PART] [NL] https://devuan.smallinnovations.nl/ (no minimal, no virtual) [PART] [US] https://mirror.belltower.us/devuan/ (no installer, no minimal, no virtual) [PART] [IT] https://devuan.4isp.it/ (no installer, no minimal, no virtual) [PART] [NL] https://sledjhamr.org/devuan-cd/ (no minimal, no virtual) [PART] [DK] https://mirrors.dotsrc.org/devuan-cd/ (no minimal, no virtual) [PART] [RU] http://mirror.tochlab.net/pub/devuan/ (no install, no minimal, no virtual) [PART] [DE] http://devuan.bio.lmu.de/ (no minimal, no virtual) [PART] [US] http://devuan.mirror.k0nsl.org/ (no install, no minimal, no virtual) [PART] [SK] http://tux.rainside.sk/devuan/ (no minimal, no virtual) HTH KatolaZ -- [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ] signature.asc Description: Digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Xfce 4.12 broken with Zaphod heads mode
On Wed, 14 Feb 2018 11:27:00 -0600 Nate Bargmannwrote: > It's likely that I don't know (or forgot) all of > the mechanisms involved with apps displaying on a given > screen/desktop. Hallo Nate, I've no idea about any Zaphod other than B., but the display is usually set by the $DISPLAY variable, (e.g. DISPLAY=:0.0). With an X11 xinerama setup (one desktop over two displays), the alternative would most likely be ":0.1". Libre Grüße, Florian pgpZDJHGmx_eY.pgp Description: OpenPGP digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] devuanfwojg73k6r.onion and pkgmaster.devuan.org are they and have they ever been the same?
On Wed, 14 Feb at 2018 20:21:03 -0500 Fungal-netwrote: > If you are officially representing Devuan and "a long email" described why > Devuan should not be trusted, I'd say it is your problem the inability to > read and understand the technical content. There was actually *no* technical content in your email. You provided no detail as to what command was run, the contents of apt config files, apt logs, error or progress messages from a run of apt-get, list of GPG keys loaded. Nothing at all. Back to school, fella: http://www.catb.org/esr/faqs/smart-questions.html ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ASCII Beta: too much love? :P
On Wed, 14 Feb 2018 19:54:35 + KatolaZwrote: > In the meanwhile, the best way to get ASCII beta images as soon as > possible is to back off for a few hours, let the (many) mirrors use > the availale bandwidth to sync as fast as they can, and then download > the images from one of the mirrors listed at http://www.devuan.org Need more mirrors? I'm currently mirroring the mageia distro, I might switch to devuan... Cheers, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL/ E-MAIL: posthams...@sublink.sublink.org / \ AND POSTINGS/ WWW: http://www.lesassaie.IT/ ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Devuan ASCII 2.0.0 Beta released
Hi, Fungal-net writes: > Please don''t let the Grouch break up your valentine party but would > anyone care to elaborate on the following scenario? > > We have Joe, Jill, Jack, and Mindy. > Joe is running Wheezy and converts to Ascii > Jill is running Devuan 1 Jessie and converts to ascii > Jack is running Stretch and converts to Ascii > and finally Mindy just installs Ascii-beta-2.0 > > Don't ask me, I have been running ascii for a quite a while now and my > experience with Jessie has been from first boot to the second. And I > have run OpenRC and eudev ever since they appeared in experimental. > > All four of the above have same packages installed in the versions > that they exist in those 4 situations. > > 1 Is the end product different? > 2 Should the end product be different. > 3 The packages that are available and keep upgrading in the debian > branch of merged, do they appear to all four of them as they do in > the debian repository? In other words If you add debian stretch > to the repositories the versions "in merged ascii" and in stretch > should be the same. right? Live at any given minute? That is > what amprolla3 is doing, right? Are they? > > Because as per a couple of hours ago it seems as I have been exposed > to this amprolla3 for 4-5 months now, without knowing, and although I > run about the same stuff on a test debian isntallations, pkgs there > rain down to the level of about 20-30/day, while ascii has been pretty > inactive in terms of upgrades. So what exactly is merged with devuan? IIUC, you say you are seeing 20-30 upgradable packages on a "test" Debian installation. If this is a Debian repositories only system, that number is way too high for either of Debian's Jessie and Stretch. There have been quite a number of security upgrades, 2-3 a day in the last week or so, but nothing near 20-30. Could it be that your Debian "test" system is set up to track Debian's *testing*, i.e. Buster as of writing, as opposed to *stable* (Stretch) or *oldstable* (Jessie)? # See https://www.debian.org/releases/ If that is the case, 20-30 upgradable packages a day seems reasonable and the reason you're not seeing that in Devuan is because ASCII is targetting Debian's Stretch, *not* Buster. Buster will be for Devuan's Beowulf and work on that is unlikely to begin before ASCII becomes the "stable" Devuan release. So if your Debian "test" system is tracking *testing* you're are, in effect, comparing apples and oranges ;-) Hope this helps, -- Olaf Meeuwissen, LPIC-2FSF Associate Member since 2004-01-27 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9 Support Free Softwarehttps://my.fsf.org/donate Join the Free Software Foundation https://my.fsf.org/join ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] MATE, lightdm, policykit-1 and elogind issues: Was: Re: IMPORTANT! How ...
On Thu, Feb 15, 2018 at 09:22:52AM +0100, Svante Signell wrote: [cut] > > Installed: > policykit-1 0.105-18+devuan2.1 > consolekit 0.4.6-6 > lightdm 1.18.3-1 > mate-desktop-environment 1.16.0+1 > > Another issue about elogind, version numbers are wrong: > They should _not_ have any +devuanx.y added to it! Compare with eudev, which > is > now at version 3.2.2-11. > > And please remove the systemd backend, please! Yes svante, we will remove the -systemd backend asap, since it seems to be useless anyway. It's there only because it initially seemed that some login managers would need it, but in fact this is not the case. The -consolekit and -elogind ones are more than enough, and all the DMs and login managers available can work with one or the other (some with either of them). We just need to fix the deps to allow a clean upgrade to the new polkit-1 backends. That's clearly a problem. HND KatolaZ -- [ ~.,_ Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab ] [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ] signature.asc Description: Digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] MATE, lightdm, policykit-1 and elogind issues: Was: Re: IMPORTANT! How ...
On Wed, 2018-02-14 at 23:27 +0100, Svante Signell wrote: > On Wed, 2018-02-14 at 21:20 +0300, Hleb Valoshka wrote: > > On 2/14/18, Irrwahnwrote: > > > > > Fresh installations of Devuan ASCII 2.0.0 Beta should not be affected. > > > > Actually no, i've installed Ascii for testing purposes and systemd > > policykit backend was pulled. > > What is dragging in elogind? I did an apt-get upgrade from an earlier version > of > ASCII and still have not upgraded policykit-1 (current is 0.105-18+devuan2.1). > > However, that upgrade installed the following elogind packages: > elogind 234.4-1+devuan1.5 > libelogind0:amd64234.4-1+devuan1.5 > libpam-elogind:amd64 234.4-1+devuan1.5 Removing these packages does not solve the issue of upgrade of policykit-1. apt-get remove --purge elogind libpam-elogind libelogind0 apt-get dist-upgrade The following NEW packages will be installed: elogind libelogind0 libpam-elogind The following packages have been kept back: gir1.2-polkit-1.0 libpolkit-agent-1-0 policykit-1 I did not find any apt-command why elogind is installed, but aptitude says: aptitude why elogind i lightdmDepends libpam-systemd | consolekit p libpam-elogind Provides libpam-systemd p libpam-elogind Depends elogind (= 234.4-1+devuan1.5) I assume i stands for installed and p for proposed?? However, since lightdm Depends on libpam-systemd | consolekit and consolekit is installed elogind should _not_ be dragged in! Otherwis we have to change the order to consolekit | libpam-systemd for lightdm. Preferably not, that would require yet another package to fork from debian. Installed: policykit-1 0.105-18+devuan2.1 consolekit 0.4.6-6 lightdm 1.18.3-1 mate-desktop-environment 1.16.0+1 Another issue about elogind, version numbers are wrong: They should _not_ have any +devuanx.y added to it! Compare with eudev, which is now at version 3.2.2-11. And please remove the systemd backend, please! ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] IMPORTANT! How to fix degraded session management after Devuan ASCII upgrade.
Le 15/02/2018 à 08:08, J. Fahrner a écrit : Am 2018-02-14 23:51, schrieb Didier Kryn: The line is there in /etc/slim.conf And the file exists in several places: root@apcnb98:/home/kryn# locate desktop-slim-theme /etc/alternatives/desktop-slim-theme /usr/share/slim/themes/desktop-slim-theme /var/lib/dpkg/alternatives/desktop-slim-theme Ok, now try "update-alternatives --config desktop-slim-theme" and select the theme devuan-curve-darkpurpy. Seems it was already properly configured: Begining of dialog -- root@apcnb98:/home/kryn# update-alternatives --config desktop-slim-theme There are 2 choices for the alternative desktop-slim-theme (providing /usr/share/slim/themes/desktop-slim-theme). Selection Path Priority Status 0 /usr/share/slim/themes/devuan-curve-darkpurpy 15 auto mode 1 /usr/share/slim/themes/default 1 manual mode * 2 /usr/share/slim/themes/devuan-curve-darkpurpy 15 manual mode Press to keep the current choice[*], or type selection number:2 root@apcnb98:/home/kryn# - End of dialog - Still grey )-: Didier ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng