[gentoo-user] Firefox ESR no microphone input
Hi everyone, Lately I have a problem with www-client/firefox-115.12.0:esr where it does not pick up audio from my microphone. I'm on a musl system using alsa and apulse for firefox. Here is the emerge --info firefox: https://paste.gentoo.zip/naBQo92V The funny thing is that arecord works just fine and picks up my microphone and I remember firefox having no issues with it either. Can anyone push me in the right direction here? Thank you -- Efe
[gentoo-user] Clang update with musl
Hi everyone, I've been trying to update my clang but I keep getting linking errors. I'm on the default/linux/amd64/23.0/split-usr/musl profile. My system has been acting kind of weird ever since the profile updates 17 -> 23. Can anyone point me in the right direction here? emerge --info '=sys-devel/clang-17.0.6::gentoo': https://bin.disroot.org/?27973d77c13e8ffe#2xHi8eEnKv9g7FWtcB4v5mTWAarNXfsuy2QaV2qDKfcp emerge -pqv '=sys-devel/clang-17.0.6::gentoo': https://bin.disroot.org/?36922e347145d88e#J8bs9oYZWjR294rWMnCGGvZcpWTWThji2DGog2Q5EEYM last bit of the build.log (Can't post it all since it is 5.4M): https://bin.disroot.org/?e7c428e663f760b4#6mJbF2mhqGpMqHcc9QM9cXXYSp6KdqRx8qp9JmxN3RgB Thank you -- Efe
Re: [gentoo-user] Musl custom initramfs kernel panic
How could I go about finding which library it is? lddtree is only giving me libblkid and libmount, both of which are already inside the initramfs. I will try to learn about busybox. Thank you. On 2024-03-09 17:23, Alexandru N. Barloiu wrote: clearly mount is using a symbol not provided by one of those shared libraries, but no clue which it is. However you dont need dash and mount and umount. Reason its working for genkernel is because its using busybox instead of normal system mount/umount/dash. Might want to try that. Smaller too. On 3/9/2024 4:03 PM, efeizbudak wrote: Hi all, After updating my musl, my custom initramfs had stopped working. Can anyone give me a hand with this? I recompiled util-linux and updated the related files in my initramfs and also tried building it with static-libs but neither of these helped. On the other hand, the initramfs I built using genkernel works just fine. The init error: Error relocating /bin/mount: mnt_context_enable_noautofs: symbol not found Error relocating /bin/mount: mnt_context_enable_onlyonce: symbol not found Error relocating /bin/mount: mnt_context_enable_noautofs: symbol not found Error relocating /bin/mount: mnt_context_enable_onlyonce: symbol not found Error relocating /bin/mount: mnt_context_enable_noautofs: symbol not found Error relocating /bin/mount: mnt_context_enable_onlyonce: symbol not found /init: 6: cannot create /proc/sys/kernel/printk: Directory nonexistent Fatal error during RNG initialisation Cannot initialize crypto RNG backend. Device /dev/sda3 is not a valid LUKS device. /init: 8: cannot create /proc/sys/kernel/printk: Directory nonexistent Error relocating /bin/mount: mnt_context_enable_noautofs: symbol not found Error relocating /bin/mount: mnt_context_enable_onlyonce: symbol not found umount: /dev: not mounted. umount: /proc: not mounted. umount: /sys: not mounted. switch_root: failed to mount moving /mnt/root to /: Invalid argument switch_root: failed. Sorry. Kernel panic - not syncing: Attempted to kill init! exitcode=0x0100 Kernel Offset: 0x900 from 0x8100 (relocation range: 0x8000-0xbfff) ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode+0x0100 ]--- my init file in my initramfs: #!/bin/dash mount -t devtmpfs none /dev mount -t proc none /proc mount -t sysfs none /sys echo 0 > /proc/sys/kernel/printk cryptsetup luksOpen --allow-discards /dev/sda3 root echo 1 > /proc/sys/kernel/printk mount -o ro /dev/mapper/root /mnt/root umount /dev /proc /sys exec switch_root /mnt/root /sbin/init my initramfs files: . ├── bin │ ├── dash │ ├── mount │ └── umount ├── dev │ ├── console │ ├── null │ ├── sda3 │ └── tty ├── etc ├── init ├── lib │ ├── ld-musl-x86_64.so.1 │ ├── libblkid.so.1 │ ├── libcap.so.2 │ ├── libdevmapper.so.1.02 │ ├── libmount.so.1 │ ├── libudev.so.1 │ └── libuuid.so.1 ├── lib64 ├── mnt │ └── root ├── proc ├── root ├── run ├── sbin │ ├── cryptsetup │ └── switch_root ├── sys ├── trq.map ├── usr │ ├── bin │ └── lib │ ├── libblkid.so.1 │ ├── libc.so │ ├── libcap.so.2 │ ├── libcryptsetup.so.12 │ ├── libgcrypt.so.20 │ ├── libgpg-error.so.0 │ ├── libjson-c.so.5 │ ├── libmount.so.1 │ ├── libpopt.so.0 │ └── libuuid.so.1 └── var ├── log └── run how I update my initramfs: lddtree.py --copy-to-tree /usr/src/initramfs /bin/mount /sbin/cryptsetup /bin/dash /sbin/switch_root /bin/umount cd /usr/src/initramfs find . -print0 | cpio --null --create --verbose --format=newc > /boot/custom-initramfs.img
[gentoo-user] Musl custom initramfs kernel panic
Hi all, After updating my musl, my custom initramfs had stopped working. Can anyone give me a hand with this? I recompiled util-linux and updated the related files in my initramfs and also tried building it with static-libs but neither of these helped. On the other hand, the initramfs I built using genkernel works just fine. The init error: Error relocating /bin/mount: mnt_context_enable_noautofs: symbol not found Error relocating /bin/mount: mnt_context_enable_onlyonce: symbol not found Error relocating /bin/mount: mnt_context_enable_noautofs: symbol not found Error relocating /bin/mount: mnt_context_enable_onlyonce: symbol not found Error relocating /bin/mount: mnt_context_enable_noautofs: symbol not found Error relocating /bin/mount: mnt_context_enable_onlyonce: symbol not found /init: 6: cannot create /proc/sys/kernel/printk: Directory nonexistent Fatal error during RNG initialisation Cannot initialize crypto RNG backend. Device /dev/sda3 is not a valid LUKS device. /init: 8: cannot create /proc/sys/kernel/printk: Directory nonexistent Error relocating /bin/mount: mnt_context_enable_noautofs: symbol not found Error relocating /bin/mount: mnt_context_enable_onlyonce: symbol not found umount: /dev: not mounted. umount: /proc: not mounted. umount: /sys: not mounted. switch_root: failed to mount moving /mnt/root to /: Invalid argument switch_root: failed. Sorry. Kernel panic - not syncing: Attempted to kill init! exitcode=0x0100 Kernel Offset: 0x900 from 0x8100 (relocation range: 0x8000-0xbfff) ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode+0x0100 ]--- my init file in my initramfs: #!/bin/dash mount -t devtmpfs none /dev mount -t proc none /proc mount -t sysfs none /sys echo 0 > /proc/sys/kernel/printk cryptsetup luksOpen --allow-discards /dev/sda3 root echo 1 > /proc/sys/kernel/printk mount -o ro /dev/mapper/root /mnt/root umount /dev /proc /sys exec switch_root /mnt/root /sbin/init my initramfs files: . ├── bin │ ├── dash │ ├── mount │ └── umount ├── dev │ ├── console │ ├── null │ ├── sda3 │ └── tty ├── etc ├── init ├── lib │ ├── ld-musl-x86_64.so.1 │ ├── libblkid.so.1 │ ├── libcap.so.2 │ ├── libdevmapper.so.1.02 │ ├── libmount.so.1 │ ├── libudev.so.1 │ └── libuuid.so.1 ├── lib64 ├── mnt │ └── root ├── proc ├── root ├── run ├── sbin │ ├── cryptsetup │ └── switch_root ├── sys ├── trq.map ├── usr │ ├── bin │ └── lib │ ├── libblkid.so.1 │ ├── libc.so │ ├── libcap.so.2 │ ├── libcryptsetup.so.12 │ ├── libgcrypt.so.20 │ ├── libgpg-error.so.0 │ ├── libjson-c.so.5 │ ├── libmount.so.1 │ ├── libpopt.so.0 │ └── libuuid.so.1 └── var ├── log └── run how I update my initramfs: lddtree.py --copy-to-tree /usr/src/initramfs /bin/mount /sbin/cryptsetup /bin/dash /sbin/switch_root /bin/umount cd /usr/src/initramfs find . -print0 | cpio --null --create --verbose --format=newc > /boot/custom-initramfs.img
[gentoo-user] Encrypted swap with keyfile
Hi everyone, So I've been trying to get my encrypted swap working but didn't have a lot of success so far. I have /dev/sda2 as the swap partition and /dev/sda3 as the root partition. I did encrypt the swap partition with a keyfile and the unlock works fine but the problem is that my initramfs asks to decrypt the swap partition before the root partition and since the keyfile is stored in the root partition it still asks me for a password. I use genkernel to make my initramfs and I am passing the crypt_swap, crypt_swap_keydev and crypt_swap_key options but I'm guessing that since /dev/sda2 comes before /dev/sda3, the initramfs tries to decrypt that one first. How can I go around this? Is my only option to try and reorder these partitions? Thank you!
[gentoo-user] Can't compile nyxt with sbcl on musl
Hi all, So recently I've switched to musl and I've been trying to install this package nyxt (it's a browser upon webkit-gtk in ::guru) and it needs to be compiled with sbcl but for some reason I keep getting the error: Unable to load any of the alternatives: ("libwebkit2gtk-4.1.so" "libwebkit2gtk-4.0.so" "libwebkit2gtk-4.0.so.37") despite net-libs/webkit-gtk-2.40.2-r410:4.1/0 being installed and I can see that $ equery b libwebkit2gtk-4.1.so * Searching for libwebkit2gtk-4.1.so ... net-libs/webkit-gtk-2.40.2-r410 (/usr/lib/libwebkit2gtk-4.1.so -> libwebkit2gtk-4.1.so.0) During the installation of sbcl, the upstream provided binary didn't work with musl but I've changed the ebuild a little bit to first compile using clisp instead of that binary. But now sbcl does not see that I have this .so file when I try to compile nyxt. What to do? Thank you!
Re: [gentoo-user] Confusion about gpg-preset-passphrase
On 23/03/03 07:36AM, efeizbudak wrote: > Hi all, > > So I'm trying to use gpg-preset-passphrase but for some reason I keep > having to enter the passphrase all the same. I run > > /usr/libexec/gpg-preset-passphrase --preset $KEYGRIP > > and then paste the passphrase (I've also tried this with the keygrip for > the [E] subkey as opposed to the [SC]). But then when I try to decrypt > a file encrypted for this key I still face pinentry. I also tried > running the decryption command with the > > --pinentry loopback --batch > > which just fails with > > gpg: Sorry, we are in batchmode - can't get input > > And I already have in my gpg-agent.conf the following: > > allow-preset-passphrase > max-cache-ttl 2147483647 > > Am I misunderstanding something here? Can someone please point me in the > right direction? > > Thank you! > To anyone who sees this, it was caused by my stupidity to use a very illegal password. Please do not bother. -- All the best, Efe The funny quote of this email is trivial and left as an exercise. signature.asc Description: PGP signature
[gentoo-user] Confusion about gpg-preset-passphrase
Hi all, So I'm trying to use gpg-preset-passphrase but for some reason I keep having to enter the passphrase all the same. I run /usr/libexec/gpg-preset-passphrase --preset $KEYGRIP and then paste the passphrase (I've also tried this with the keygrip for the [E] subkey as opposed to the [SC]). But then when I try to decrypt a file encrypted for this key I still face pinentry. I also tried running the decryption command with the --pinentry loopback --batch which just fails with gpg: Sorry, we are in batchmode - can't get input And I already have in my gpg-agent.conf the following: allow-preset-passphrase max-cache-ttl 2147483647 Am I misunderstanding something here? Can someone please point me in the right direction? Thank you! -- All the best, Efe The funny quote of this email is trivial and left as an exercise. signature.asc Description: PGP signature
Re: [gentoo-user] What do you think about pam-gnupg?
Matt: > I don't have any thoughts on the pam module, but I make use of some > scripts that rely on pass as well. For my use case I just raised the > TTL setting of gpg-agent to match an eight hour work day or eight hour > evening period and ran with it. Feels fairly natural to "log in" to > the agent once a day at the first use. Doesn't this sort of defeat the purpose of using pass? I mean if it's always decryptable then is it really useful to have it encrypted in the first place (assuming you have full disk encryption set up)? I may be missing something crucial here so please let me know. Grant: > Can you re-architect this as a (pseudo) daemon so that you unlock it > once (or at least a LOT less often) and it stores the necessary > information in memory for subsequent re-use? This seems like the lesser of all evils to me. As I understand, you're suggesting that I lend the email password to the daemon at start and only have that password stored in memory instead of my actual gpg password, is that correct? > Could you re-configure things so that (a copy of) the requisite password > is accessible via a different set of GPG credentials specific to the > process that you're running? Then you could probably have just that set > of GPG credentials unprotected so that the script could use them as it > is today. Again, I may be missing something here, but does having your GPG credentials unprotected offer any real protection? > If neither of these options were possible I'd look into something like a > TPM and / or Yubikey wherein I could offload some of the GPG to it so > that the decryption key is physically tied to the source computer /and/ > *where* *it* *can't* *be* *copied*. I guess this is where I'll eventually be heading towards. By the way, thanks to both of you for your thoughts! -- All the best, Efe The funny quote of this email is trivial and left as an exercise. signature.asc Description: PGP signature
[gentoo-user] What do you think about pam-gnupg?
Hi all, I let mutt-wizard set a cron job which takes my password out of pass, logs into the email server and fetches my mail every 5 minutes. With this I have to unlock my key as frequently as the amount in gpg-agent.conf's default-cache-ttl setting. pam-gnupg has been suggested as a remedy to this problem but the disclaimer on its page about dangerous bugs make me hesitant to use it. What do you think about the security of it? It's only 500 SLOC but I don't trust myself with reviewing the security of it. -- All the best, Efe The funny quote of this email is trivial and left as an exercise. signature.asc Description: PGP signature
[gentoo-user] libnotify without x11-misc/notification-daemon when using fnott?
Hi all, I'm using this notification daemon called fnott. Basically my goal is to get rid of x11-misc/notification-daemon. I need libnotify which pulls virtual/notification-daemon-0 which pulls x11-misc/notification-daemon since fnott isn't listed in the DEPENDS. How can I just get rid of x11-misc/notification-daemon? Thank you -- All the best, Efe The funny quote of this email is trivial and left as an exercise. signature.asc Description: PGP signature