On Tue, Feb 12, 2019 at 09:15:39AM -0500, Jens John wrote:
> On Tue, 12 Feb 2019, at 12:02, Leonid Isaev via arch-general wrote:
> > I am sorry to ask this so late in the discussion, but why Arch default of
> > the
> > "other" module was insecure (and hence why
e'd gladly do it
> again in the future. A strong reaction is not only warranted, but necessary.
>
I am sorry to ask this so late in the discussion, but why Arch default of the
"other" module was insecure (and hence why the change)? Is there something
wrong with pam_unix?
Thanks,
--
Leonid Isaev
empts? It seems
> that ARCH does not run [r]syslogd.
If you want authpriv messages, then run "journalctl SYSLOG_FACILITY=10". See
https://en.wikipedia.org/wiki/Syslog#Facility for mapping between numerical and
mnemonic facility IDs. Oh, and do install syslog-ng :)
Cheers,
--
Leonid Isaev
dev/shm by default?
Half of the RAM size by default, as for any tmpfs...
Cheers,
--
Leonid Isaev
On Sun, Sep 09, 2018 at 06:13:24PM -0400, Eli Schwartz via arch-general wrote:
> On 9/9/18 4:00 PM, Leonid Isaev via arch-general wrote:
> > FWIW, I actually agree with #59733: CONFIG_AUDIT=n was blocking AppArmor
> > adoption... Perhaps relevant:
> > https://lists.debian.org
x27;ll let you know asap.
Thanks and pls take your time. I have a VM that runs linux-hardened and is used
to study malicious pdf files. I can test rulesets there...
Cheers,
L.
--
Leonid Isaev
a question: why was AUDIT enabled in the first place? I thought it
was cosidered useless?
Cheers,
L.
--
Leonid Isaev
On Mon, Aug 27, 2018 at 12:51:13PM -0400, Eli Schwartz via arch-general wrote:
> On 8/27/18 8:45 AM, Leonid Isaev via arch-general wrote:
> > Hi,
> >
> > While going over .service files on my system, I noticed that quite a
> > few of them, not belonging
On Mon, Aug 27, 2018 at 04:04:14PM +0200, Ralf Mardorf wrote:
> On Mon, 27 Aug 2018 07:38:12 -0600, Leonid Isaev via arch-general wrote:
> >On Mon, Aug 27, 2018 at 03:02:38PM +0200, Ralf Mardorf wrote:
> >> Eli, wouldn't it be easier for you to ignore people who a
here this would end up.
Cheers,
--
Leonid Isaev
-nfsd? I thought
that setting DD=no is kind of a hack needed only for special services (e.g.
called from fstab via x-systemd.requires=). Or am I missing something?
Thanks,
L.
--
Leonid Isaev
use you mention a
pkg in the cache...
Anyway, a brief google search reveals that this particular trojan turned up
in many distros, so it is most likely a false positive.
Cheers,
--
Leonid Isaev
gt; - b43-fwcutter - Is this still required for more recent broadcom cards?
What about logrotate? AFAIU, there are no loggers in [core]...
Thanks,
--
Leonid Isaev
e times in the past I would have 120 files
> in a project and had no problems at all opening the project either across the
> LAN or remotes via the internet on my office server. So this seems like it is
> some protection designed to prevent hackers from hammering your server with
> ssh requests -- but it seems like it is having the side effect of preventing
> me from loading projects with more than say 20 files via sftp.
>
> --
> David C. Rankin, J.D.,P.E.
--
Leonid Isaev
On Fri, Jun 01, 2018 at 08:48:03AM +0200, Maykel Franco via arch-general wrote:
> 2018-05-31 12:01 GMT+02:00 Leonid Isaev via arch-general
> :
> > On Thu, May 31, 2018 at 10:44:25AM +0100, Ralph Corderoy wrote:
> >> Hi Maykel,
> >>
> >> > I need define
remains unchanged throughout the machine uptime?
--
Leonid Isaev
ec source /etc/environment after every
> reboot?
>
> Thanks in advanced.
/etc/environment is for PAM not shell, so it only allows ip=xxx.yyy.zzz.aaa .
Also, /etc/profile is for LOGIN shells, meaning that from scripts or when doing
scp(1) it won't be read. What exactly are you trying to achieve?
Cheers,
--
Leonid Isaev
we start seeing
updtreams provide these hashes. Currently, AFAIK the only "upstream" doing that
is Gentoo in their Manifests.
Cheers,
--
Leonid Isaev
psha3.html
> I've also seen suggestions that the Keccak team push Kangaroo Twelve
> these days over SHA-3 due to SHA-3's comparative slowness.
Of course, none of this is relevant for the present thread...
Cheers,
--
Leonid Isaev
most as good these days as crc32... It is ok if the sources are
gpg-signed, but not on its own.
Cheers,
--
Leonid Isaev
ink it's needed. GPG is not complicated at all. The difficulty that
prevents its widespread use lies with maintaining the key, and with that no
guide can help...
> I wish you all good luck, dont hesitate to contact me further if you
> have any great ideas regarding GPG etc.
Thanks,
L.
--
Leonid Isaev
these days is like having no hashes at all or using the source
filename as a hash...
And there should be no migration -- when a new version of a package is released
or a rebuild happens, just update the *sums array.
Cheers,
--
Leonid Isaev
r does HTTPS
for instance. At least, with sha-2 hashes, point #3 of your previous email
makes sense.
Thanks,
--
Leonid Isaev
the patchset[2] for makepkg (available in git
> master and awaiting the 5.1 release) which allows verifying git(1)
> signed commits/tags.
Thanks for your work! I didn't know about those links, will check them out.
But ok, I see your point...
Thanks,
L.
--
Leonid Isaev
On Tue, May 08, 2018 at 08:08:31PM -0600, Leonid Isaev wrote:
> [extra]
> ...
This list should also include "python-retrying". I should have grepped more
carefully, sigh...
--
Leonid Isaev
On Tue, May 08, 2018 at 08:08:31PM -0600, Leonid Isaev wrote:
> [0] https://lists.archlinux.org/pipermail/arch-general/2016-December/042
Oops, this link should have been
https://lists.archlinux.org/pipermail/arch-general/2016-December/042700.html
--
Leonid Isaev
16-December/042
--
Leonid Isaev
imply toprc flag
> that allows choosing between old and new top interfaces?
It should also be mentioned that ~/.toprc is the most hideous config file on my
system :) And FWIW, I don't think that upstream wanted to provoke any learning
-- they just made a change for the sake of it (probably following GNOME 3.x :).
Cheers,
--
Leonid Isaev
On Tue, Mar 27, 2018 at 08:39:30PM +0100, morganamilo via arch-general wrote:
>
>
> On 27/03/18 20:34, Leonid Isaev via arch-general wrote:
> > On Tue, Mar 27, 2018 at 08:27:16PM +0530, Sudarshan Kakoty via arch-general
> > wrote:
> > > Hello...
> > >
&
a" repo, whereas "ninja"
> is in "community" repo. The interesting fact is that - is an implicit
> dependency to "meson". So why that is (ninja) in the community repo?
A more important question is why meson and ninja are not in [core] and base
group given that they are build-dependencies of systemd?
Cheers,
L.
--
Leonid Isaev
e.
man-db.service is triggered by man-db.timer which should be enabled on your
system by default...
Cheers,
--
Leonid Isaev
of a chicken-and-egg problem, and I
> don't really consider this a viable generic solution...
Can't this be done from any distro using Arch rootfs?
Cheers,
--
Leonid Isaev
On Mon, Mar 12, 2018 at 11:17:21PM +, Carsten Mattner wrote:
> On 3/12/18, Leonid Isaev via arch-general wrote:
> > What's wrong with btrfs? Yeah, I know it is not marked "stable", but this
> > is just a label. And people shying away from it doesn't help in
It's all some compromise that you might or might not accept.
What's wrong with btrfs? Yeah, I know it is not marked "stable", but this is
just a label. And people shying away from it doesn't help in advancing its
stability either.
Cheers,
--
Leonid Isaev
n another Arch laptop I have (with
> those same services running). My ls -la results in /run seem to turn up the
> same thing, nor are there any differences in shadow/gshadow/passwd etc.
Do these seem similar?
https://github.com/systemd/systemd/issues/6632
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888976
Cheers,
--
Leonid Isaev
LABEL ^Vintage SUSE 11.2 Rt
What are those ctrl-* characters (like ^Q)?
Cheers,
--
Leonid Isaev
(in fact, you don't even need root inside the
container). And keep it clean. At least this has worked for me for years.
Also, with newer -ARCH kernels, you can do non-privileged containers, so
makechrootpkg should run as a ordinary user to begin with...
Cheers,
--
Leonid Isaev
scussions about defaults are silly, as long as things are
configurable at run-time, so I don't understand why that bugreport was accepted
at all...
Cheers,
--
Leonid Isaev
t specify a syslog implementation... Journald is simply one of them.
If you wonder about facility and/or priority, then yeah, it is not indicated,
but I guess it is daemon/info.
Cheers,
--
Leonid Isaev
On Fri, Dec 01, 2017 at 11:10:51PM +, Tom M. wrote:
> ahoy there!
>
> is there some cleaver way of making pacman log to journalctl? or plans
> to implement such a feature?
Uncomment UseSyslog in pacman.conf...
--
Leonid Isaev
>
> Who say something from unattended? I want not only set 20 times the same
> command. That's all.
And writing a bash script that ssh's in and does everything is sooo difficult?
If you can't do it, don't update machines automatically.
--
Leonid Isaev
On Wed, Sep 06, 2017 at 11:27:13AM +0200, Giovanni Santini via arch-general
wrote:
> Il 06/09/2017 01:09, Leonid Isaev via arch-general ha scritto:
> >
> > What does it mean a valid DHCP setup? By reconnection you mean that your
> > client
> > re-request a lease from
ese are mostly default settings. Maybe you need to add "nomtu" in case your
ISP does something idiotic with this setting (mine does :)). Oh, and hardcode
the DNS settings in /etc/resolv.conf, so a broken dhcp server has no control
over them.
HTH,
--
Leonid Isaev
on [default=1] pam_lastlog.so nowtmp silent
session optional pam_lastlog.so silent noupdate showfailed
--
Cheers,
--
Leonid Isaev
on pts/0
> Last failed login: Tue Aug 29 17:47:31 EDT 2017 from 116.31.116.18 on
> ssh:notty
> There were 37 failed login attempts since the last successful login.
>
> How can I get Arch to do that same info? I've searched the wiki and forums,
> but not found anything.
man 8 pam_lastlog
Cheers,
--
Leonid Isaev
idn't work.
It should work. I have a similar line with caps:none in xinitrc and it works.
Perhaps smth from your desktop undoes your setting?
Cheers,
--
Leonid Isaev
rk around which is to add timeout=90
> >>
> >
> > Where to add this?
> >
>
> To the kernel parameters, with luks.options= key.
Yes, see "man systemd-cryptsetup-generator" and "man cryptsetup" for details.
Cheers,
--
Leonid Isaev
ample, with systemd 233, epiphany freezes when
started inside a container and systemd "is looping too fast" (and no, I'm not
reporting it upstream), but works if I manually kill systemd --user instance.
If you are not using Xorg, "pkill -9 systemd" in .bash_profile saves lots of
hair-pulling :)
Cheers,
--
Leonid Isaev
g", thereby ensuring that
> > libx264/x264 depend on *your* package!
>
> Is the idea that I create a machine local repo that has highest prio
> and overrides arch extra/testing? Otherwise, I don't know how to unbreak
> the cycle while only building a custom ffmpeg.
I don't understand... testing/libx264 contains /usr/include/x264.h and doesn't
depend on ffmpeg, no?
Cheers,
--
Leonid Isaev
ompanies have ToS because they want to cover their back legally, but Arch is
different in this regard...
Cheers,
--
Leonid Isaev
f avoiding security through obscurity:
don't rely on a web service not advertising your usernames, if this is an
issue, make each username a random string (which defeats the attack [1]).
> [1]
> http://archive.wired.com/politics/security/commentary/securitymatters/2007/12/securitymatters_1213
Cheers,
--
Leonid Isaev
ial each
> available number, so it doesn't matter to give away the numbers,
> right? ;)
Oh, please. Not the usual NSA crap again.
Cheers,
--
Leonid Isaev
y if it is systemd-based. Systemd may not run smth if it detect a
container virtualization.
Cheers,
--
Leonid Isaev
t
arch/ and foo/ to respective /boot's (if desired of course, as you don't need
to have /boot mounted). This way you get the menu that you mentioned first.
You no longer need data in /dev/sdb1 and can free the partition.
HTH,
--
Leonid Isaev
On Sun, Feb 12, 2017 at 06:43:22PM +0100, Tobias Markus wrote:
> I would be glad if Arch Linux's official kernel could support SELinux
> again this way!
AFAIR, coreutils and many other things need to be rebuilt to support selinux.
--
Leonid Isaev
ts what
> chromium can do to the file system(even better with --private); the browser
> cannot tamper with .profile/.bash_profile or .ssh.
See, this is the problem: Why would a browser need these files? File access
should only be possible with user interaction (via a file-open dialog).
Cheers,
--
Leonid Isaev
On Thu, Feb 02, 2017 at 09:30:58PM +0100, Bennett Piater wrote:
> On 02/02/2017 07:28 PM, Leonid Isaev wrote:
> > I already described an approach when one always runs browsers, pdf readers,
> > etc, inside an lxc container, as an unprivileged user. That container
> > reside
, instead of
wasting time on exploring the zoo of sandboxing apps... There is nothing wrong
with -ARCH kernel.
Cheers,
--
Leonid Isaev
On Thu, Feb 02, 2017 at 03:24:11AM +0100, sivmu wrote:
> Am 01.02.2017 um 21:16 schrieb Leonid Isaev:
> >
> > But you see, sandboxing apps is by itself is a misleading security feature.
> > Why do I need to sandbox my browser if it is written properly and allows me
> >
voices/people
> without providing real prove for your arguments.
So, why don't you just build your own kernel? It takes only 20 mins...
Cheers,
--
Leonid Isaev
ange of uid/gid pairs. That's exactly how this works on
> Android for both apps and isolatedProcess services (they each get a
> unique uid/gid pair assigned), although they also layer SELinux and
> mount namespaces on top.
Cool :) thx for the explanation...
Cheers,
L.
--
Leonid Isaev
an unprivileged user inside that
container for browsing / viewing of untrusted pdfs, etc?
But I still believe that the idea of sandboxing a web browser is idiotic...
Cheers,
--
Leonid Isaev
d it, so
> why can ALSA see my headset?
ALSA "sees" audio devices as reported by the kernel. If the kernel / udev
registers your bluetooth headset as an audio device, you should be able to
control it through ALSA. This is similar to USB network adapters, for example.
Cheers,
--
Leonid Isaev
rm? If you already have any modern linux machine,
you can simply install an Archlinux container and compile whatever you want :)
--
Leonid Isaev
[1] https://www.microsoft.com/en-us/download/details.aspx?id=11533
Cheers,
--
Leonid Isaev
On Thu, Dec 22, 2016 at 05:52:10PM +, arnaud gaboury wrote:
> On Thu, Dec 22, 2016, 6:16 PM Leonid Isaev
> wrote:
>
> > On Thu, Dec 22, 2016 at 09:16:29AM +, arnaud gaboury via arch-general
> > wrote:
> > > % systemctl --version
> > > syst
-
>
> Thank you for any hint, link to documentation about this new way to show
> UID/GID of a container.
You are using user namespaces, yes?
--
Leonid Isaev
On Sun, Dec 18, 2016 at 09:40:29PM +0100, Maarten de Vries wrote:
> On 18 December 2016 at 21:32, Leonid Isaev
> wrote:
>
> > On Sun, Dec 18, 2016 at 02:25:00PM -0600, David C. Rankin wrote:
> > > I know this is small-potatoes stuff, but I just wonder if in these
> &
ser?
> At least in the cases where you know up-front that existing functionality will
> be disabled by the upgrade. (which was apparent from the comment)
Hmm, what about reading /var/log/pacman.log?
Cheers,
--
Leonid Isaev
On Fri, Dec 09, 2016 at 03:15:34PM +0100, Bruno Pagani wrote:
> Le 08/12/2016 à 01:57, Leonid Isaev a écrit :
>
> > On Thu, Dec 08, 2016 at 10:34:59AM +1000, Allan McRae wrote:
> >> On 08/12/16 08:51, sivmu wrote:
> >>> Am 07.12.2016 um 10:49 schrieb Allan McRa
pe, resolved and timesyncd are not enabled in systemd 232-6. You or some
program on your system did something...
Cheers,
L.
--
Leonid Isaev
manually verify the sig on
SHA512SUMS and then paste the sha512sum into PKGBUILD. But this is because I'm
paranoid... I guess one can simply do makepkg -g, hmm.
Hence the question, why have this flag at all? And should it be possible to
specify an external (signed) hash-file in PKGBUILD?
Thx,
L.
--
Leonid Isaev
;t suggest keeping a broken
> system because... why again? So you can learn nothing?
I think you misunderstood Allan. What he says is that by default makepkg
provides only a protection against broken http links at best. If a maintainer
wants security, he must take care of it explicitly. I don't see why this is a
bad idea...
Cheers,
L.
--
Leonid Isaev
h a console font: it is improperly displayed
with your graphics card. You can try changing it though, as an alternative to
cusomising grub.cfg
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
On Mon, Nov 28, 2016 at 11:04:53AM +0100, Hauke Fath wrote:
> On Sun, 27 Nov 2016 19:16:56 -0700, Leonid Isaev wrote:
> > But out of curiosity, why is it difficult to change user IDs on all files? I
> > assume that you control the storage? Isn't it just a chown -R away? For
raphics driver
(automatically, early in ramdisk via MODULES= in mkinitcpio.conf, etc.)? Try
booting with nomodeset at the kernel cmdline to disable KMS and see if your
fonts get back to normal...
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
On Sun, Nov 27, 2016 at 10:32:38PM -0500, Eli Schwartz via arch-general wrote:
> On 11/27/2016 10:03 PM, Leonid Isaev wrote:
> >> Well, packages can have files that need to have a specific system
> >> user ownership. That is why the UID/GID database exists, right?
> >&
On Sun, Nov 27, 2016 at 09:50:22PM -0500, Eli Schwartz via arch-general wrote:
> On 11/27/2016 09:16 PM, Leonid Isaev wrote:
> > There is no such think as "arch expects". It is a default setting in
> > /etc/login.defs that is being used by systemd because it is likely t
gs might solve the issue.
> >
> > Oops, I was confusing keyboard with fonts. Not xorg.conf, but much likely
> > the display manager configuration provides to chose a font.
> >
> > >
> > > Or tty?
> > >
> sorry i mean the login at the con
change user IDs on all files? I
assume that you control the storage? Isn't it just a chown -R away? For
example, for our NIS passwd/shadow map we use 6-digit IDs...
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
which I use to decrypt the LUKS container and load a GRUB configfile
> located at /boot/grub/grub.cfg (generated by grub-mkconfig). This works fine.
Where is /boot physically located? Can grub2 boot from LV these days?
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7
to use
> an app; don 't contain, use something else.
>
Sometimes you don't have a choice. Any modern web browser comes to mind...
Cheers,
L.
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
so existing setups are not in danger...
L.
>
> --
> damjan
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
On Tue, Nov 01, 2016 at 03:59:28AM +0100, Lukas Rose wrote:
> > On 01 Nov 2016, at 00:35, Leonid Isaev
> > wrote:
> >
> > Well, my mentality is that authenticating plain-text data is usually not
> > necessary because a user can always inspect it
>
> You ju
On Mon, Oct 31, 2016 at 07:18:01PM -0400, Eli Schwartz via arch-general wrote:
> On 10/31/2016 05:50 PM, Leonid Isaev wrote:
> > As a side question... is there a significant difference in signing PKGBUILD
> > vs
> > the compiled package.
>
> Do you realize, when you a
,
what attack is possible when the PKGBUILD is not signed?
Also, isn't the use of dev signature to validate upstream sources is a logical
flaw? A dev might herself be mislead and build a trojaned source...
Thx,
L.
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A
On Tue, Oct 18, 2016 at 12:55:15AM -0500, David C. Rankin wrote:
> On 10/11/2016 01:24 AM, Leonid Isaev wrote:
> > FWIW, a quick test in a VM doesn't show this behavior. What happens if you
> > run
> > xscreensaver-command -lock from an xterm?
>
> I can lock and
this before? If so, any solutions, or did
> you narrow it down to one of (xterm, xscreensaver, DPMS)? Thanks for any
> suggestions.
FWIW, a quick test in a VM doesn't show this behavior. What happens if you run
xscreensaver-command -lock from an xterm?
L.
--
Leoni
gt;
> > PowerShell: ls -file | sort -pr length | select length, name -l 3
Since when ls(1) et al are a part of bash? Are you guys comparing apples with
oranges, i.e. bash + coreutils and powershell?
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
ing bootloader config is a bad idea. For example, in my
case, I use arch's syslinux to boot multiple distros (with custom
syslinux.cfg), which don't even have a bootloader package.
Thx,
L.
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
On Mon, Feb 22, 2016 at 06:48:17PM +, Jameson wrote:
> On Mon, Feb 22, 2016 at 1:43 PM Leonid Isaev
> wrote:
>
> > See this:
> >
> > http://marc.merlins.org/perso/btrfs/post_2014-05-04_Fixing-Btrfs-Filesystem-Full-Problems.html
> >
> > Basically,
ally, when your btrfs is full, just create a loopback device, add it to
the array, rebalance and then remove the device. This is what I had to do this
Sunday :)
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
uplicate a fair share of official repos...
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
... Cups
2.0+ is a real piece of crap. And yes, these org.xxx.xxx names _are_ stupid
especially for filenames. But after using modern Fedoras, I think that systemd
services are no longer supposed to be managed manually, but rather through some
frontend...
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
e. It is
things around it that create real problems...
HTH,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
ut /boot can not be snapshot with this, right?
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
thing wrong with it.
Exactly, I really don't understand this interest to UEFI (and don't mention
secureboot).
Also, how can you brick a machine by simply zeroing the harddrive?
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
ng yet.
What is the goal here?
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
e,compress=zlib,ssd,space_cache,autodefrag,subvolid=257,subvol=/_root)
^^^
Also, there is fstab in the initramfs:
$ lsinitcpio /boot/initramfs-linux.img | grep fstab
etc/fstab
Have you tried masking the systemd-remount-fs.service
't really care because I don't use any addons.)
Best,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
1 - 100 of 468 matches
Mail list logo
