2013-11-01 06:56:05 mornings 2013-11-01 06:57:23 fabian_a: you can use (cd as equivalent to pushd 2013-11-01 06:57:28 and ) as popd 2013-11-01 06:57:45 (cd $dir; do_stuff) 2013-11-01 06:57:59 it will execute an subshell though 2013-11-01 06:58:09 so dont use it in inner loops 2013-11-01 07:00:18 anybody running out of storage? =) http://www.servershop24.de/en/storage/ibm/storage-system/ibm-totalstorage-ds8300-storage-system---expansion-unit-100-8-tb-2423-932---2423-92e/a-110502/ 2013-11-01 07:17:22 heh 2013-11-01 07:17:26 its only 100TB... 2013-11-01 07:17:47 fabled, with current apk-tools git: https://dpaste.de/6vZx 2013-11-01 07:18:17 i think you can reproduce with: apk fetch --stdout -U --repositories-file /dev/null --repository http://nl.alpinelinux.org/alpine/v2.6/main samba-dev 2013-11-01 07:18:49 ah 2013-11-01 07:18:56 i know what goes wrong 2013-11-01 07:18:58 non-root 2013-11-01 07:19:09 will not have permissions to write the apk index with -U 2013-11-01 07:29:08 ok. thanks. 2013-11-01 07:29:15 will try to look at it shortly 2013-11-01 07:31:56 I thought I install alpine 2.6.4 but when I do cat /etc/alpine-release it is 2.6.6, does that mean I'm on 2.6.6 and not 2.6.4? 2013-11-01 07:34:40 I cannot do - apk fetch -R task@testing 2013-11-01 07:35:20 hope its not a bug ? 2013-11-01 07:37:39 Frosh: correct, it grabs the updated packages from network 2013-11-01 07:39:17 so I'm gonna have the same issues as when I originally installed it, the pausing xen 2013-11-01 07:42:14 Frosh, /etc/alpine-release is updated by setup-bootable; apk version -I dumps the versions of the package indexes 2013-11-01 08:37:23 Frosh: not if the problem is tied to the kernel 2013-11-01 08:37:50 ..and you have root (/) on tmpfs 2013-11-01 08:42:59 ok 2013-11-01 08:43:02 here comes samba4 2013-11-01 08:43:50 fabled: i think the oversized samba is fixed in samba4 2013-11-01 08:47:10 is the samba4 apkbuild that is 2013-11-01 08:48:44 ok 2013-11-01 08:48:47 great 2013-11-01 08:54:12 algitbot: hi 2013-11-01 09:03:28 hmm... now there would be 'tdb-1.2.12.apk' instead of tdb-3.6.15-r0.apk 2013-11-01 09:04:10 I guess its not an issue when trying to upgrade ? 2013-11-01 09:04:39 I guess it is, but who knows 2013-11-01 09:04:45 apk is much smarter than pacman 2013-11-01 09:08:59 it is an issue actually.. :-/ 2013-11-01 09:09:18 ncopa: do we have something like epoch? 2013-11-01 09:09:21 i believe you can upgrade with: apk upgrade -U -a 2013-11-01 09:09:36 I think it would solve problems like this 2013-11-01 09:09:40 barthalion: not really, but is has been mentioned 2013-11-01 09:09:52 i believe epoch creates new problems too 2013-11-01 09:10:04 yeah, you can't get rid of them easily 2013-11-01 09:10:19 but it's the price you pay for changing version scheme 2013-11-01 09:10:30 yup 2013-11-01 09:17:16 I recall something being discussed in ML last year title "Questions about apk CMD -U" 2013-11-01 09:18:31 also no clear solution for 3rd party pkgs naming rule 2013-11-01 09:22:57 hmm... smatter .... apk fetch coffee in a cup 2013-11-01 09:23:10 apk fetch coffee but don't spill 2013-11-01 10:37:14 need help, there is no file-change notification app in main yet 2013-11-01 10:37:39 which would be best fam, inotify-tools, monit ? 2013-11-01 10:38:08 for fam - fileschanged (front-end) 2013-11-01 10:38:26 there are couple of perl based also 2013-11-01 10:39:28 I like monit - has lots of features 2013-11-01 10:50:29 I would do some more tests on inotify-tools and monit, would be nice to have them in main 2013-11-01 10:52:45 and there is 'gamin' 2013-11-01 12:16:34 just like to state so 2.6.4 has the progress bar during installation 2013-11-01 12:57:51 clandmeter, you around ? 2013-11-01 12:58:02 i am 2013-11-01 12:59:01 was testing monit, would just some minor changes to get it going 2013-11-01 12:59:25 1. include monitrc 2013-11-01 12:59:41 2. minor change in monitrc 2013-11-01 13:00:03 comment line-> allow @monit 2013-11-01 13:00:14 comment line-> allow @users readonly 2013-11-01 13:01:45 commenting these lines coz its not build with PAM 2013-11-01 13:02:32 hmm 2013-11-01 13:02:49 file to /usr/local/etc/monitrc 2013-11-01 13:04:32 did some test as given in README(quick start) - seems to work 2013-11-01 13:04:42 can it moved to main pls ? 2013-11-01 13:05:02 I would test inotify-tool next :) 2013-11-01 13:05:06 not sure we want to move stuff to main now 2013-11-01 13:05:13 ok 2013-11-01 13:05:24 ncopa: main closed for this? 2013-11-01 13:06:47 ok i see the issue with monitrc 2013-11-01 13:06:56 any option like monit / inotify-tools available in main ? 2013-11-01 13:07:27 i dont use it, so i dont know. 2013-11-01 13:07:38 clandmeter: its ok to move it to main, if it is good 2013-11-01 13:07:53 ok 2013-11-01 13:07:58 what is worse is change behaviour (like i did with pushing samba4...) 2013-11-01 13:08:15 but we do exceptions 2013-11-01 13:08:31 would report for inotify-tools in an hour or so 2013-11-01 13:08:36 super! 2013-11-01 13:08:45 :) 2013-11-01 13:08:45 i will try fix nfs 2013-11-01 13:08:54 it looks completely broke 2013-11-01 13:09:23 i only use samba atm, hope you didnt break that one :) 2013-11-01 13:11:21 i might have... 2013-11-01 13:11:32 do you think you could test samba in a lab or so? 2013-11-01 13:11:48 i dont have windows clients... :-/ 2013-11-01 13:11:49 i use it on my home server 2013-11-01 13:12:12 i verified that /etc/init.d/samba starts 2013-11-01 13:12:16 config is backwards compat? 2013-11-01 13:12:24 i would believe so 2013-11-01 13:12:39 if you run a DC you might need to do some migration 2013-11-01 13:12:50 or more, if you run DC with ADS 2013-11-01 13:12:53 can i pin 2.7 and test it? 2013-11-01 13:13:00 nah its a home nas 2013-11-01 13:13:11 i think you can pin it yes 2013-11-01 13:13:25 it was a late change, but i think it was worth it 2013-11-01 13:13:35 size is reduced dramatically 2013-11-01 13:14:06 hehe... algitbot has a thing for drama... 2013-11-01 13:15:11 nah it has some dep conflics 2013-11-01 13:15:20 i can just upgrade it and blame you 2013-11-01 13:16:01 :-S 2013-11-01 13:16:21 well we do RC isos for a reason ;) 2013-11-01 13:16:47 apk upgrade -U ? 2013-11-01 13:17:22 here she goes 2013-11-01 13:22:47 ncopa: why do i have to run apk cache sync after update? 2013-11-01 13:23:37 dunno. fabled: ^^^ 2013-11-01 13:25:02 seems like samba is running ok 2013-11-01 13:25:26 ncopa: i need python for samba? 2013-11-01 13:26:28 i think not? 2013-11-01 13:26:35 apk info -r python 2013-11-01 13:31:12 http://sprunge.us/XiNG 2013-11-01 13:31:27 busybox has 'inotifyd' 2013-11-01 13:31:28 talloc 2013-11-01 13:31:37 any guide? 2013-11-01 13:32:14 clandmeter: apk info -R talloc samba-libs samba-dc-libs 2013-11-01 13:32:42 http://sprunge.us/giCN 2013-11-01 13:36:23 so:libpython2.7.so.1.0 2013-11-01 13:36:37 we should find what files pulls it in 2013-11-01 13:36:50 and see if package could be splitted 2013-11-01 13:38:13 vkrishn: you want monit in main? 2013-11-01 13:38:57 yes 2013-11-01 13:39:54 inotify-tool also 2013-11-01 13:46:30 would it be better with separate inotify-tool-libs 2013-11-01 13:46:30 libinotifytools.so 2013-11-01 14:47:22 ncopa, monit set for v2.8 ? 2013-11-01 14:49:01 yeah i moved target for things i didnt think i would reach 2013-11-01 14:49:42 ok 2013-11-01 14:49:51 but seems like its fixed 2013-11-01 14:49:55 inotify-tools ? 2013-11-01 14:51:13 vkrishn: did you test it? 2013-11-01 14:51:43 for monit - basic test as given in README file 2013-11-01 14:51:54 ok 2013-11-01 14:52:06 if you say it works i'll move it 2013-11-01 14:52:06 for inotify-tools - simple directory monitory 2013-11-01 14:55:18 can these 2 in testing be updated - testing/sphinx, testing/fossil - they got several updated 2013-11-01 14:57:24 sphinx has a non-fun dep - snowball 2013-11-01 14:57:26 for monitrc comment pls -> allow @users readonly 2013-11-01 14:57:33 important!! 2013-11-01 14:57:49 i'll leave spinx to maintainer, fcolista 2013-11-01 14:57:54 monit is not build with PAM so needs to comment these lines 2013-11-01 14:57:58 ok 2013-11-01 15:00:20 like this: http://sprunge.us/aLbX 2013-11-01 15:00:53 yes, ok now 2013-11-01 15:12:47 vkrishn, ncopa, just compiling sphinx 2.1.2 2013-11-01 15:13:28 ACTION think that he should find time to setup an upstream monitor for packages that he maintains 2013-11-01 15:13:49 thanks 2013-11-01 15:20:08 fcolista, just reading sphinx news, their plan to little overhaul+deprecating things, if by just increasing version num it compiles than ok, else take a decision for wating for 2.2x 2013-11-01 15:20:45 http://sphinxsearch.com/blog/2013/09/11/deprecations-and-changes-in-the-2-2-series/ 2013-11-01 15:21:34 I mean if too much a work between v2.0.6 and v2.1.2 2013-11-01 15:21:35 vkrishn, yes. 2013-11-01 15:21:51 But it compiles without problem 2013-11-01 15:22:00 ok :) 2013-11-01 15:22:08 thanks 2013-11-01 15:22:39 so, i'm going to upgrade the version and tha 2013-11-01 15:22:45 sorry 2013-11-01 15:22:53 so, i'm going to upgrade the version 2013-11-01 15:23:03 now i'm compiling the x86_64 2013-11-01 15:23:19 would be nice if someone had time to test it 2013-11-01 15:23:47 or gives some feedback if it's ok 2013-11-01 15:23:49 I would, but somewhere before v2.8 2013-11-01 15:24:14 but no promise, would try next week 2013-11-01 15:24:29 np 2013-11-01 15:24:37 it has been there since long time :) 2013-11-01 15:24:50 x86_64 compiled 2013-11-01 15:25:26 I am thinking sphinx or xapian for v2.8 2013-11-01 15:25:48 vkrishn, xapian is also in testing 2013-11-01 15:26:08 ;) 2013-11-01 15:26:31 probably you asked for those packages 2013-11-01 15:26:32 :) 2013-11-01 15:26:38 :) yes 2013-11-01 15:26:43 ah, ok :) 2013-11-01 15:27:53 just not decided which one to request for main yet :) 2013-11-01 15:28:06 I kinda like both 2013-11-01 15:29:22 gotta go, thanks again 2013-11-01 15:29:33 np 2013-11-01 15:29:37 ...too late :) 2013-11-01 16:05:04 samba4 does require python :-( 2013-11-01 16:05:21 we *might* be able to make libsmbclient not require it... 2013-11-01 16:05:25 but i am in doubt... 2013-11-01 16:09:12 ncopa: so that new for samba4? 2013-11-01 22:29:44 n8@all 2013-11-02 14:46:31 hi 2013-11-02 14:46:33 hi 2013-11-02 18:14:23 hi 2013-11-02 18:20:31 hi 2013-11-02 19:50:25 I've built a package for inetutils-syslogd to provide logging to multiple files - is there a correct way to disable busybox's syslog ? (I was thinking rename it's init script to /etc/init.d/syslog.disable & CHMOD 0644) - or just overwrite it with the new one ? 2013-11-02 19:59:39 BitL0G1c: cant you just stop it? 2013-11-02 20:02:58 wouldn't the busybox syslog start on every boot if it's init file is not changed? 2013-11-02 20:06:33 BitL0G1c: check rc-update 2013-11-02 20:07:30 rc-update del service 2013-11-02 20:07:56 ok got it 2013-11-02 20:08:42 man 2013-11-02 20:08:46 all this hostapd stuff is so alien 2013-11-02 20:09:21 yes - I'm used to debian 2013-11-02 20:11:22 incorrect password 2013-11-02 20:11:25 pff no it's not 2013-11-02 20:24:18 AHA 2013-11-02 20:24:21 getting somewhere 2013-11-02 20:24:29 I had something enabled that the iphone doesn't support 2013-11-02 21:07:21 hi 2013-11-02 21:07:29 apk add flashcache-grsec ERROR: unsatisfiable constraints: linux-grsec-3.10.17-r2: breaks: flashcache-grsec-3.10.17-r2[linux-grsec=3.10.17-r1] 2013-11-02 21:07:31 whats wrong? 2013-11-02 21:31:22 algitbot: build flashcache-grsec 2013-11-02 21:49:24 shafire: lol 2013-11-02 21:53:57 whats up? :) 2013-11-02 21:55:20 clandmeter: I can't see something wrong in APKBUILD 2013-11-02 21:55:57 probably nothings is 2013-11-02 21:56:17 can you check pkgrel for both kernel and module? 2013-11-02 21:56:20 is it the same? 2013-11-02 21:56:52 flashcache-grsec-3.10.17-r2[linux-grsec=3.10.17-r1] 2013-11-02 21:56:57 they dont seem to match 2013-11-02 22:00:16 "ifconfig wlan0 192.168.42.1" 2013-11-02 22:00:24 anyone know the correct place for that so it's applied at boot? 2013-11-02 22:00:47 you can add it to regular networking 2013-11-02 22:01:11 clandmeter: it is linux-grsec=3.10.17-r2 2013-11-02 22:01:14 iface wlan0 inet static 2013-11-02 22:01:14 address 192.168.42.1 2013-11-02 22:01:17 I am using 2.7.0-rc2 2013-11-02 22:01:33 it doesn't work though, I have to type in the ifconfig line (unless that's not the correct way) 2013-11-02 22:02:50 Mp5shooter: http://wiki.alpinelinux.org/wiki/Configure_Networking 2013-11-02 22:05:00 clandmeter: but the apkbuild shows r2 too 2013-11-02 22:05:06 so the package is maybe "old"? 2013-11-02 22:05:12 so I thought, I could rebuild it :) 2013-11-02 22:22:32 flashcache-grsec-3.10.17-r2 depends on: linux-grsec=3.10.17-r1 2013-11-02 22:22:37 flashcache-grsec-3.10.17-r2 has auto-install rule: linux-grsec=3.10.17-r1 flashcache 2013-11-02 22:22:58 apk info -a linux-grsec linux-grsec-3.10.17-r2 2013-11-02 22:37:18 algitbot: build master 2013-11-02 22:37:20 :S 2013-11-02 22:51:45 I think I found the problem 2013-11-02 22:51:51 http://git.alpinelinux.org/cgit/aports/commit/?id=6576b32017d8217e69383c1a48ad27e354675635 2013-11-02 22:51:58 http://git.alpinelinux.org/cgit/aports/commit/?id=7a36401bf2a1148cbd3dcc4c59a08d42060ac887 2013-11-02 22:52:11 -_mypkgrel=1 downgraded to 0 2013-11-02 22:52:34 but -_kpkgrel=1 changed to 2 2013-11-02 22:53:31 Could someone bump it to 3? :) 2013-11-02 22:54:59 or rebuild the packages and upload them? 2013-11-02 22:55:05 algitbot: upload flashcache-grsec 2013-11-02 23:42:00 What happened to libquadmath? :-( 2013-11-02 23:45:56 It was present not too long ago (it is in 2.6 packages), but it looks like the package is gone.. I don't see any relevant commits since then. 2013-11-03 00:47:35 hey guys 2013-11-03 00:47:48 when using xfs as the rootfs on 2.6 and later it turns you there is still this dependency bug 2013-11-03 00:47:59 xfs depends on libcrc32c.ko which itself depends on crc32c.ko 2013-11-03 00:48:12 but the dependency of libcrc32c.ko on crc32c.ko isn't listed in modules.dep 2013-11-03 00:48:28 and so the module isn't included in the initramfs and the whole thing fails 2013-11-03 02:07:35 If I've sent a git commit which needed amending - should I subsequently be using 'git rebase' to combine the amending commit with the original ? 2013-11-03 13:29:46 hi 2013-11-03 13:30:10 someone here? 2013-11-03 13:34:47 \o 2013-11-03 13:35:15 barthalion: :) Could you fix the flashcache-grsec issue, please? :-) 2013-11-03 13:35:51 The _mypkgrel=1 changed to 0 instead of 2 2013-11-03 13:39:46 so it should be 2 now? 2013-11-03 13:40:05 (not my area of interests here, so better sure than sorry) 2013-11-03 13:43:04 thanks 2013-11-03 14:23:14 The revision number is a automatic process? 2013-11-03 14:30:23 ah, it's 4 because of pkgrel=$(($_kpkgrel + $_mypkgrel)) 2013-11-03 14:30:28 4 = 2 + 2 2013-11-03 14:30:33 I unterstand... 2013-11-03 14:30:36 understand* 2013-11-03 14:55:56 Mh, how can I install a linux-grsec module on tmpfs? 2013-11-03 16:49:30 hi 2013-11-03 16:49:37 can I install qemu kvm without the graphic stuff? 2013-11-03 17:11:00 naturally. 2013-11-03 17:16:50 What I meant is that when I install qemu there is so much graphic stuff installed, which I do not need 2013-11-03 17:16:52 http://git.alpinelinux.org/cgit/aports/tree/main/qemu/APKBUILD 2013-11-03 17:17:04 maybe because of "--enable-gtk \" 2013-11-03 17:30:15 oh, i wasnt talking to you 2013-11-03 17:32:02 bad :( 2013-11-03 17:32:19 kaniini: do you have experience with tmpfs installations? 2013-11-03 17:32:27 no 2013-11-03 17:32:29 or should I better ask tomorrow? 2013-11-03 17:32:30 ok 2013-11-03 18:59:56 xen hvm mode is turbofucked by gcc 4.8.2 2013-11-03 19:00:37 that means? 2013-11-03 19:00:38 hm, there is still something wrong with the alpine-conf repo 2013-11-03 19:01:05 can't push the tags to my mirror-repo 2013-11-03 19:01:13 shafire: i just crashed 2013-11-03 19:01:19 shafire: a node 2013-11-03 19:01:27 lol 2013-11-03 19:01:28 shafire: and hvm does not work, due to gcc 4.8.2 at all 2013-11-03 19:01:45 shafire: reverting hvmloader to gcc 4.8.1 allows some things to boot, but then freebsd crashes the hypervisor somehow 2013-11-03 19:03:23 "git push --tags" fails with: 2013-11-03 19:03:32 ! [remote rejected] v2.0_al�pha6 -> v2.0_al�pha6 (pre-receive hook declined) 2013-11-03 19:03:33 ! [remote rejected] v2.14.0 -> v2.14.0 (pre-receive hook declined) 2013-11-03 19:04:27 funny bot... *g* 2013-11-03 19:04:30 push 2013-11-03 19:04:33 tags 2013-11-03 19:04:37 ah! 2013-11-03 19:04:38 tags 2013-11-03 19:04:45 :-) 2013-11-03 19:05:10 anyway, problem still exists: 2013-11-03 19:13:29 ah, got it 2013-11-03 19:13:50 there was something broken with my repo 2013-11-03 19:14:06 setup new one and mirroring works as expected again 2013-11-04 06:29:37 hmmph 2013-11-04 06:29:47 i think GCC 4.8.2 really messed up Xen 2013-11-04 06:34:08 morning 2013-11-04 06:34:33 at least HVM is messed up 2013-11-04 06:35:00 bisecting from current down to xen 4.3.0-r5... -r5 was the last working build 2013-11-04 06:35:19 -r5 was built with GCC 4.8.1 2013-11-04 06:35:37 -r6 had no functional change from -r5 except to fix a build failure on 4.8.2 2013-11-04 06:37:02 so, i am suspect regarding it for that reason 2013-11-04 06:37:25 and, as a result, it may be a good idea to back out 4.8.2 2013-11-04 06:37:38 because if it messed up xen, it may have messed up other packages too 2013-11-04 06:38:27 all signs point at it being gcc 4.8.2 because, if i rebuild hvmloader using gcc-4.8.1, and install it on the node, i am able to start an hvm container 2013-11-04 06:39:02 however... some OSes (freebsd 9.2) seem to crash the hypervisor with a triple-fault (!) 2013-11-04 06:39:32 so i suspect there may be invalid opcodes in the hypervisor too 2013-11-04 06:44:42 kaniini: it did, I can't build nodejs 2013-11-04 06:45:17 compilation segfaults on v8, it wasn't the case before 2013-11-04 06:45:33 okay. 2013-11-04 06:45:40 then, i think we should revert 4.8.2 2013-11-04 07:03:26 morning 2013-11-04 07:14:12 barthalion: it looks like it is mksnapshot that segfaults. i bet it is due to JIT and missing paxmarking 2013-11-04 07:16:20 kaniini: do you have link to the freebsd issues? 2013-11-04 07:16:40 do you have a reliable way to reproduce it? 2013-11-04 07:16:54 ncopa: yes 2013-11-04 07:16:59 ncopa: 1. get e3 2013-11-04 07:17:04 ncopa: 2. install xen 2013-11-04 07:17:38 e3 = http://www.e3expo.com/ ? 2013-11-04 07:17:40 ncopa: 3. install /usr/lib/xen/boot/hvmloader compiled with gcc-4.8.1 2013-11-04 07:17:49 ncopa: e3 as in intel xeon e3 2013-11-04 07:17:57 ncopa: although i am sure an e5 or any other cpu will do 2013-11-04 07:17:59 lol 2013-11-04 07:18:25 ncopa: 4. boot freebsd installer 2013-11-04 07:18:35 ncopa: 5. watch your box die as freebsd probes i/o ports 2013-11-04 07:19:12 ncopa: 6. reset box using ipmi and then rm /usr/lib/xen/boot/hvmloader to ensure it doesn't happen by accident 2013-11-04 07:19:48 ncopa: without gcc-4.8.1 hvmloader, it will not even boot an hvm container, it just keeps triple-faulting inside the HVM domU (resulting in a reboot loop) 2013-11-04 07:20:20 ncopa: with it, it does it inside the hypervisor itself, i suspect in the x86emul code 2013-11-04 07:20:26 does it require e3? 2013-11-04 07:20:36 ncopa: well, i reproduced it on an e3 2013-11-04 07:21:09 ncopa: it will probably work on any reasonably new intel cpu 2013-11-04 07:21:20 ok 2013-11-04 07:21:21 ncopa: this was ivy bridge 2013-11-04 07:21:42 do you have any links? 2013-11-04 07:21:47 so like a core i5 or i7 will probably do the job 2013-11-04 07:22:14 ncopa: i don't have any links as i stumbled on it about 30 minutes before having to get out the door yesterday 2013-11-04 07:22:18 ok 2013-11-04 07:22:28 we did have an issue with the pax patch 2013-11-04 07:23:00 which i believe depends on gcc version to trigger it 2013-11-04 07:23:08 as pipacs could not 2013-11-04 07:23:32 http://git.alpinelinux.org/cgit/aports/tree/main/linux-grsec/0001-pax-x86_64-fix-copy_user_generic.patch 2013-11-04 07:24:06 it turned out to be a 'bug' in pax patch 2013-11-04 07:25:01 kaniini, gcc-4.8.1 has known bugs to miscompile kernel that are fixed in 4.8.2; 4.8.2 has also lot of other stuff i'd prefer to have 2013-11-04 07:25:10 instead of going "backwards" i'd like to see xen fixed 2013-11-04 07:25:37 fabled: sure 2013-11-04 07:25:55 royger: you here? 2013-11-04 07:26:04 fabled: i bet you, it's something like this 2013-11-04 07:27:13 kaniini: yes :) 2013-11-04 07:27:55 royger: we're seeing a regression with xen between gcc 4.8.1 and 4.8.2 2013-11-04 07:28:15 royger: as in, gcc-4.8.1 compiled xen works fine, and 4.8.2 does not 2013-11-04 07:28:39 kaniini: the problem is in hvmloader I guess? 2013-11-04 07:28:50 royger: i took xen 4.3.0-r8 and built it with gcc-4.8.1 on a slightly behind system, and it works fine 2013-11-04 07:29:35 royger: i copied hvmloader, from that build onto edge (gcc-4.8.2) xen-4.3.0-r8, and it works fine, but then freebsd crashes the hypervisor or dom0 2013-11-04 07:30:20 royger: i suspect there is problems in hvmloader as well as other places as a result (possibly seabios) 2013-11-04 07:30:25 mmm, so even when using hvmloader compiled from 4.8.1 Xen build with 4.8.2 still crashes? 2013-11-04 07:30:49 royger: yes, it starts up and gets into freebsd, and then crashes after probing for the parallel port 2013-11-04 07:30:55 royger: i *think* this is when it probes xenbus 2013-11-04 07:30:58 royger: on 9.2 2013-11-04 07:31:01 I guess so, crashing the Dom0/Xen should never be possible from a guest 2013-11-04 07:31:25 smells security issue... 2013-11-04 07:31:57 kaniini: 9.2 doesn't make use of many PV interfaces, the issues might even be with vt-x 2013-11-04 07:32:01 royger: unfortunately i am not keen on crashing any boxes right now to debug this :/ 2013-11-04 07:32:18 i am presently mitigating an ongoing 15gbps udp flood in a location 2013-11-04 07:32:24 that is enough downtime-related drama for me atm ;P 2013-11-04 07:32:25 this only happen on e3 chips, or you have not tried anywhere else? 2013-11-04 07:32:34 it is confirmed reproduceable on e3-1270v2 2013-11-04 07:32:39 and e3-1240v2 2013-11-04 07:33:29 do you have a serial console attached to see the Dom0/Xen panic? 2013-11-04 07:33:38 or there's no panic at all? 2013-11-04 07:39:16 kaniini: also, this only happen with FreeBSD guests, or any HVM guest in general? 2013-11-04 07:40:05 royger: i've only seen it on freebsd 9.2 2013-11-04 07:40:24 royger: at least the alpine 2.6.5 livecd we supply seemed to boot up fine 2013-11-04 07:41:11 kaniini: you are booting the alpine livecd as an HVM guest right? 2013-11-04 07:41:33 royger: yes 2013-11-04 07:42:16 kaniini: let me try to get 4.8.2 on my test box and reproduce it, although I haven't got an e3 2013-11-04 07:43:45 royger: i am sure a core i7 will be good enough 2013-11-04 07:43:50 the only thing that comes to mind is the new PCID support in FreeBSD, but that has not been backported to 9.2 if I'm not mistaken 2013-11-04 07:43:55 royger: the key thing is probably sandy bridge or newer 2013-11-04 07:46:02 kaniini: no luck, my CPUs are Xeon W3550 2013-11-04 07:46:10 it may work 2013-11-04 07:46:16 it is certainly worth trying 2013-11-04 07:46:18 ;P 2013-11-04 07:46:26 well, let me try it 2013-11-04 07:46:46 if we have to, i could probably get you access to an e3-1240v2 2013-11-04 07:46:59 i *think* i have one sitting idle in london 2013-11-04 07:48:02 though, i suspect that hvmloader crashes before POST even begins 2013-11-04 07:49:28 kaniini: but then it should also crash on the alpine livecd test, hvmloader should be exactly the same for both FreeBSD and the alpine live cd 2013-11-04 07:49:36 royger: oh, it only does that 2013-11-04 07:49:46 royger: when i use hvmloader from 4.8.1 on 4.8.2 hypervisor 2013-11-04 07:50:06 royger: with 4.8.2 hvmloader + 4.8.2 hypervisor, it appears to triple-fault before it starts BIOS 2013-11-04 07:50:29 royger: because it goes immediately to --psr- state with 0.000001 seconds cputime 2013-11-04 07:50:53 royger: actually, i could give you access to a 4.8.2 hvmloader + 4.8.2 hypervisor, since that seems pretty safe 2013-11-04 07:51:40 kaniini: so the Dom0/Xen crash only happens when using xen compiled on 4.8.2 with hvmloader compiled on 4.8.1 2013-11-04 07:51:54 yes 2013-11-04 07:52:01 otherwise it fails earlier 2013-11-04 07:52:09 no OS boot, just a reboot loop 2013-11-04 07:53:44 if you want access to a 4.8.2 hvmloader + 4.8.2 hypervisor, i could do that right now. :P 2013-11-04 07:56:29 kaniini: this combination only fails to boot FreeBSD 9.2 guests, or fails to boot any guest? 2013-11-04 07:56:53 royger: 4.8.2 fails to boot even into SeaBIOS 2013-11-04 07:57:18 royger: it is pretty much instant failure 2013-11-04 07:57:29 kaniini: OK, I'm actually wondering if this shoud be posted to xen-devel or to security 2013-11-04 07:57:38 royger: well 2013-11-04 07:57:57 royger: i am not sure 2013-11-04 07:58:22 royger: all i know is 4.8.1 hvmloader + 4.8.1 hv == fine 2013-11-04 07:58:35 royger: and, 4.8.1 hvmloader + 4.8.2 hv == total failure 2013-11-04 07:58:51 royger: and 4.8.2 hvmloader + 4.8.2 hv == domain failure 2013-11-04 07:59:17 royger: but, it is possible that this means that PV guests could crash the HV too. so perhaps it should be sent to security 2013-11-04 07:59:55 kaniini: when everything is compiled with 4.8.2, PV guests work OK? 2013-11-04 08:00:11 royger: so far it seems to be just HVM yeah 2013-11-04 08:00:27 royger: i am running xen in a kvm guest here, with pv guests 2013-11-04 08:00:30 seems ok 2013-11-04 08:01:09 oooh! 2013-11-04 08:01:15 kvm does nested vmx right ? 2013-11-04 08:01:28 kaniini: you don't need nested vmx is you only do PV 2013-11-04 08:01:37 yeah, but that is a way you could debug 2013-11-04 08:01:50 is what i am thinking 2013-11-04 08:02:27 i dont know what the status with nested vmx is 2013-11-04 08:03:04 https://www.kernel.org/doc/Documentation/virtual/kvm/nested-vmx.txt 2013-11-04 08:03:04 the guy that did the amd kvm port told me it was working great 2013-11-04 08:04:14 The nested VMX feature is disabled by default. It can be enabled by giving 2013-11-04 08:04:14 the "nested=1" option to the kvm-intel module. 2013-11-04 08:04:23 i will try that 2013-11-04 08:04:54 kaniini: let me speak with the security Xen guys and I will get back to you regarding on which list to post it 2013-11-04 08:15:08 hi 2013-11-04 08:19:07 How is the xen and gcc 4.8.2 problem? 2013-11-04 08:19:51 ncopa is going to try to reproduce it in a kvm 2013-11-04 08:19:56 with nested vmx 2013-11-04 08:22:02 i should be able to see the vmx in /proc/cpuinfo flags? 2013-11-04 08:22:27 yes 2013-11-04 08:22:49 https://dpaste.de/Xv0T 2013-11-04 08:22:52 i cannot :-( 2013-11-04 08:23:04 host or kvm guest? 2013-11-04 08:23:13 kvm guest 2013-11-04 08:23:16 if it's the kvm guest, start it with "-cpu host" 2013-11-04 08:23:16 on the host i can 2013-11-04 08:23:30 ncopa: -cpu host 2013-11-04 08:23:52 libvirt.. 2013-11-04 08:24:24 same in the xml file 2013-11-04 08:24:50 qemu-system-x86_64 --kvm-enable -cpu host -cdrom path.iso -boot d 2013-11-04 08:32:06 does not boot 2013-11-04 08:32:46 i get: ..MP-BIOS bug: 8254 timer not connected to IO-APIC 2013-11-04 08:33:27 noapic does not work either :-/ 2013-11-04 08:34:32 with the flag -cpu host? 2013-11-04 08:34:42 yup 2013-11-04 08:35:18 without the flag, it works? 2013-11-04 08:35:19 -cpu qemu64,+vmx (add just the vmx feature to a named CPU type) 2013-11-04 08:35:29 ok 2013-11-04 08:36:32 that results in Xen BUG at domain_build.c:1138 2013-11-04 08:36:58 xen apparently dont like beeing in a nested vmx 2013-11-04 08:37:44 i will try boot normal kernel 2013-11-04 08:40:57 nope 2013-11-04 08:41:09 does not show up with -cpu host 2013-11-04 08:41:20 nor with -cup qemu64,+vmx 2013-11-04 08:41:31 the normal kernel? 2013-11-04 08:41:37 and i did load the host kvm-intel with nested=1 2013-11-04 08:41:39 yes 2013-11-04 08:42:14 xen hypervisor crashes with -cpu host or -cpu qemu64,+vmx 2013-11-04 08:42:43 maybe nested vmx does not work with kernel 3.10 2013-11-04 08:44:23 so, sorry, i was not able to reproduce issue in virtual env :-( 2013-11-04 08:47:00 ncopa: I'm currently updating my debian version to get gcc 4.8.2 and then I will try it 2013-11-04 08:47:36 very nice, thanks 2013-11-04 08:48:20 might be we can work around it with gcc optimizer flags 2013-11-04 09:02:39 kaniini, ncopa: I've tried the Xen kernel (-unstable) compiled with gcc 4.8.2-1 (debian) and it seems to work fine 2013-11-04 09:03:08 I'm going to try with the alpine one directly 2013-11-04 09:03:24 maybe my CPU doesn't show this broken behaviour 2013-11-04 09:04:19 royger: would you like access to a machine showing the problem reliably ? 2013-11-04 09:04:20 i think you can try the alpine-xen-2.7.0_rc2 iso 2013-11-04 09:07:36 ncopa: OK, let me try that, but using the xen.gz from the alpine 4.3.0 package still works fine on my system 2013-11-04 09:09:24 ncopa: do we have any image that I can dd into a usb stick? 2013-11-04 09:26:58 royger: not really. only iso 2013-11-04 09:28:07 royger: do you want me to make one for you? 2013-11-04 09:28:37 i wonder if you could try build with CFLAGS="-Os" on debian 2013-11-04 09:29:14 ncopa: are we building Xen with "-Os" on Alpine? 2013-11-04 09:29:24 i believe we do 2013-11-04 09:29:37 oh.. no 2013-11-04 09:29:41 we dont 2013-11-04 09:29:47 ncopa: I think we disable all user cflags before the compile, so it should be the default (O1) 2013-11-04 09:29:47 unset CFLAGS 2013-11-04 09:29:47 unset LDFLAGS 2013-11-04 09:29:51 yes 2013-11-04 09:29:55 we do that 2013-11-04 09:31:06 does it build with -Werror on debian? 2013-11-04 09:32:11 ncopa: mmm, I guess so, but debian uses much older compilers, which are not as noisy as the ones in alpine 2013-11-04 09:32:47 i was thinking with gcc-4.8.2 2013-11-04 09:33:05 kaniini, ncopa: I've tried the Xen kernel (-unstable) compiled with gcc 4.8.2-1 (debian) and it seems to work fine 2013-11-04 09:33:44 again 2013-11-04 09:33:51 would you like access to a broken system ? 2013-11-04 09:33:53 lol 2013-11-04 09:34:18 I have also a e3-1265lv2 :) 2013-11-04 09:34:31 oh 2013-11-04 09:34:33 but can't test before evening 2013-11-04 09:34:39 then upgrade to edge 2013-11-04 09:34:46 :P 2013-11-04 09:34:52 ncopa: I've only build the Xen kernel, which is not noisy, we disable Werror for stubdoms I think 2013-11-04 09:34:59 I am using the 2.7_rc2 on it at moment 2013-11-04 09:35:06 kaniini: let me try to reproduce it on my system 2013-11-04 09:35:41 yes, it would be nice to be able to reproduce it on a second system 2013-11-04 09:43:03 well, i think shafire can probably reproduce it 2013-11-04 09:43:34 Linux lhr1 3.10.17-1-grsec #2-Alpine SMP Wed Oct 23 09:10:27 UTC 2013 x86_64 Linux 2013-11-04 09:43:46 lhr1:~# apk info xen 2013-11-04 09:43:48 xen-4.3.0-r6 description: 2013-11-04 09:43:50 Xen hypervisor 2013-11-04 09:43:53 for reference 2013-11-04 09:43:55 :) 2013-11-04 09:43:57 night 2013-11-04 09:44:13 where you from, kaniini? 2013-11-04 09:44:19 US 2013-11-04 09:44:29 ah okay, good night 2013-11-04 09:46:08 my system is Linux alpine-46 3.10.17-2-grsec #3-Alpine SMP Thu Oct 31 11:47:11 UTC 2013 x86_64 Linux 2013-11-04 09:46:40 apk info xen xen-4.3.0-r8 description: Xen hypervisor 2013-11-04 09:48:22 shafire: can you create a freebsd guest using hvmloader? 2013-11-04 09:49:23 I will do it (in some hours) 2013-11-04 10:20:29 ncopa: do you know if kaniini tried something diferent than a grsec kernel? 2013-11-04 10:21:56 royger: i dont know 2013-11-04 10:29:36 ncopa: well, I've been able to reproduce it, and I see continous messages: (XEN) i8254.c:493:d3 PIT: read A1:A0=3! 2013-11-04 11:38:59 ncopa: do we have iso images with the vanilla kernel? 2013-11-04 11:57:27 royger: no iso with vanilla kernel 2013-11-04 11:57:51 i could make one for you if you need 2013-11-04 11:59:46 ncopa: I'm already half way to that :) I have the feeling the new grsec kernel is not playing that well with Xen 2013-11-04 12:07:02 i have an vanilla iso 2013-11-04 12:07:49 if you can upload the kernel and initrd that would save me some time 2013-11-04 12:09:11 http://bld1.alpinelinux.org/iso/alpine-vanilla-131104-x86_64.iso 2013-11-04 12:09:13 oh ok 2013-11-04 12:09:15 sure 2013-11-04 12:09:22 ncopa: np, iso is fine :) 2013-11-04 12:09:35 i can upload the /boot/ dir if you want too 2013-11-04 12:10:07 no need, download will finish in less than 1min, I plan to replace the grsec kernel and initramfs from the vanilla ones and see what happens 2013-11-04 12:10:16 yeah 2013-11-04 12:10:19 good idea 2013-11-04 12:10:46 did you find out if it is hypervisor or dom0 kernel that explodes? 2013-11-04 12:12:42 ncopa: mine doesn't explode, just keeps trying to boot a domain that crashes (the domain, not Dom0 or hypervisor) 2013-11-04 12:17:18 hm 2013-11-04 12:17:21 ok thats good 2013-11-04 12:21:26 ncopa: the same happens with a vanilla kernel, seems like i8254 is broken inside of the hypervisor, or maybe something else is broken and that's just a consequence 2013-11-04 12:21:48 i8254 emulation for guests I meant 2013-11-04 12:35:35 thats interesting 2013-11-04 12:35:38 http://imgur.com/VSVNzVU 2013-11-04 12:35:51 that happened when i tried -cpu host 2013-11-04 13:05:02 ncopa: that's kind of strange, in your case the "native" i8254 was not working as expected, and in my case the emulated i8254 failed... 2013-11-04 13:05:25 im my case i tried to run xen from within a qemu/kvm guest 2013-11-04 13:05:34 so i'm not that surprised 2013-11-04 13:05:38 ncopa: let's wait for kaniini to come back, I would like him to send the report to security@ and let the security team decide what to do 2013-11-04 13:05:45 yes, I guess they are completely unrelated 2013-11-04 13:05:50 could be 2013-11-04 13:23:21 Anybody else than me noticed that color output on 'git diff' (using git-1.8.4.2-r0 which I think is the latest) looks strange. 2013-11-04 13:24:41 Hmm... Need to logoff for a while 2013-11-04 15:01:59 ncopa: how is the 2.7 roadmap? 2013-11-04 15:02:51 http://bugs.alpinelinux.org/versions/63 2013-11-04 15:03:07 oh yeah 2013-11-04 15:03:13 1 month delay maybe 2013-11-04 15:03:40 either that or i move all the remaining issues to v2.8 2013-11-04 15:03:42 :) 2013-11-04 15:04:06 #2168 should we do that for 2.8/3.0? 2013-11-04 15:04:13 everything new :) 2013-11-04 15:04:39 oh 2013-11-04 15:04:49 thats a good ticket... 2013-11-04 15:05:06 yeah, lets move it to 2.8 2013-11-04 15:05:09 i want ship now 2013-11-04 15:05:32 so, we can concentrate on musl...:) 2013-11-04 15:05:45 ncopa: Fedora 19 uses gcc 4.8.2 and doesn't seem to have any issues with Xen 2013-11-04 15:06:10 royger: thats interesting 2013-11-04 15:06:42 so its either a patch they use that fixes gcc or it is a patch we use that breaks it 2013-11-04 15:08:36 ncopa: or it's not realted to gcc at all :) fedora 20 uses Xen 4.3 and gcc 4.8.2, and there doesn't seem to be a problem with that 2013-11-04 15:10:00 the gcc 4.8.2 commit: http://pkgs.fedoraproject.org/cgit/gcc.git/commit/?id=5652b86227ce12e0436197eff351a8c9a4f99327 2013-11-04 15:11:00 new OPT_FLAGS, no patches changes 2013-11-04 15:14:29 royger: as i understood kaniini he built same xen with different gcc 2013-11-04 15:18:32 ncopa: even the one on edge is currently broken 2013-11-04 15:20:42 and we do v2.7 tomorrow :-/ 2013-11-04 15:20:59 would be nice to know what/why its broke 2013-11-04 15:59:50 you upgraded the linux-grsec to .18, but the packages are still .17. Is there a delay or do you upload them later? 2013-11-04 16:00:31 builders are busy 2013-11-04 16:00:38 i was hoping to do rc3 today :-( 2013-11-04 16:00:52 but they are still building :-( 2013-11-04 16:01:41 busy since 2h? 2013-11-04 16:02:00 they ba built last 1 hour yes 2013-11-04 16:02:11 and are still not done 2013-11-04 16:02:20 i think fabled is using cpu for something 2013-11-04 16:21:56 to call my mind: do you want to convert the apkbuild to lua scripts? 2013-11-04 16:28:54 lets do that for musl? 2013-11-04 16:29:45 do we want? 2013-11-04 16:30:11 it was in talk 2013-11-04 16:30:20 the main advantage of APKBUILD, besides its simplicity, is ease of converting from Arch 2013-11-04 17:06:58 ok see you bye! 2013-11-04 17:11:56 clandmeter, r u around? 2013-11-04 18:12:48 fcolista: i am now 2013-11-04 18:14:02 hi clandmeter 2013-11-04 18:14:16 just wondering if you have any advice for a good vdr 2013-11-04 18:14:17 i mean 2013-11-04 18:14:32 i need a webinterface where i can set-up a scheduled recording 2013-11-04 18:14:42 i can use tvheadend 2013-11-04 18:14:56 just looking for something more user-friendly 2013-11-04 18:15:02 if you know one 2013-11-04 18:15:06 more? 2013-11-04 18:15:14 yep 2013-11-04 18:15:21 it's not for me 2013-11-04 18:15:29 you can use vdr, but if thats *more* user fiendly 2013-11-04 18:15:34 umh 2013-11-04 18:15:45 vdr web interface sucks quite :) 2013-11-04 18:15:49 which os? 2013-11-04 18:15:52 alpine 2013-11-04 18:15:55 :) 2013-11-04 18:16:14 i think tvh is the easiest 2013-11-04 18:16:24 whats wrong withs its interface? 2013-11-04 18:16:32 recordings are difficult to setup? 2013-11-04 18:16:41 yes 2013-11-04 18:16:42 brb 2013-11-04 18:18:58 k 2013-11-04 18:26:59 fcolista: whats wrong wit tvhs recording? 2013-11-04 18:27:17 and what are you using as client? 2013-11-04 18:28:07 No client, jsut web interface 2013-11-04 18:28:10 *just 2013-11-04 18:28:25 so its just for recording? 2013-11-04 18:28:27 the user don't find it easier enough 2013-11-04 18:28:28 yes 2013-11-04 18:28:39 tell them to buy an STB 2013-11-04 18:28:43 and by happy 2013-11-04 18:28:44 :-) 2013-11-04 18:28:46 be 2013-11-04 18:28:50 :) 2013-11-04 18:28:58 there are windows solutions 2013-11-04 18:29:08 maybe he fancies those? 2013-11-04 18:29:45 really? 2013-11-04 18:30:03 I didn't ought for a win client... 2013-11-04 18:30:10 but can be a solution 2013-11-04 18:30:56 fcolista: http://www.team-mediaportal.com/ 2013-11-04 18:31:38 ... 2013-11-04 18:31:46 umh 2013-11-04 18:31:53 k 2013-11-04 18:32:22 fcolista: there are other solutions 2013-11-04 18:32:30 but these are the only ones i tried 2013-11-04 18:32:33 i tought you were referring to a win client for rvheadend 2013-11-04 18:32:51 oh 2013-11-04 18:32:57 you can use xbmc to add recordings 2013-11-04 18:33:02 hi 2013-11-04 18:33:03 and it runs on windows 2013-11-04 18:33:27 hi 2013-11-04 18:33:35 royger: do i still need to write security@ or can you handle it since you reproduced it 2013-11-04 18:33:39 hi kaniini 2013-11-04 18:34:12 fcolista: tvh also has an ios app 2013-11-04 18:34:22 and there is a android app which can add recrodings 2013-11-04 18:34:29 https://github.com/polini/TvheadendMobileUI 2013-11-04 18:34:31 yes 2013-11-04 18:34:37 no 2013-11-04 18:34:39 that's what i was wondering 2013-11-04 18:34:40 antoher one 2013-11-04 18:34:46 tvhguide 2013-11-04 18:35:06 https://play.google.com/store/apps/details?id=org.tvheadend.tvhguide&hl=en 2013-11-04 18:35:10 ah, Android 2013-11-04 18:35:12 better 2013-11-04 18:35:33 k 2013-11-04 18:35:43 you've been very helpful 2013-11-04 18:38:00 youre welcome 2013-11-04 18:38:34 thx c u 2moro 2013-11-04 18:38:35 gotta go 2013-11-04 18:38:37 bye 2013-11-04 18:44:28 kaniini: I would prefer if you can handle it, I have too much stuff on my plate right now, and I also have a talk by the end of the week :( 2013-11-04 18:44:44 what would you like me to send then? 2013-11-04 18:47:34 kaniini: I've been able to reproduce the problem with the packages in edge right now, HVM guests crashes and message is: (XEN) i8254.c:493:d930 PIT: read A1:A0=3! is that the same for you? 2013-11-04 18:48:02 kaniini: but I'm not that sure if it's related to gcc, Fedora uses gcc 4.8.2 and Xen 4.3 with no problems 2013-11-04 18:48:14 Yes 2013-11-04 18:48:29 also, I've tried with the vanilla kernel, still the same :( 2013-11-04 18:49:00 hmm 2013-11-04 18:49:06 I would just send it to security@ to be on the safe side, if they don't see a potential security issue the thread can be moved to xen-devel 2013-11-04 18:50:11 royger: security@xenproject.org ? 2013-11-04 18:52:01 kaniini: yes 2013-11-04 18:55:00 kaniini: are you awake? 2013-11-04 18:55:20 :o 2013-11-04 18:56:46 royger: did you reproduce the crash with FreeBSD 9.2 + hvmloader from Xen 4.3.0-r5? 2013-11-04 18:56:55 royger: i can send you the hvmloader from 4.3.0-r5 2013-11-04 18:57:17 kaniini: OK, send me the loader and I will try to repo it 2013-11-04 18:58:09 royger: http://turtle.dereferenced.org/~kaniini/hvmloader-4.3.0-r5 2013-11-04 19:02:31 kaniini: this is the same Xen version compiled with a different gcc? 2013-11-04 19:03:13 this is from -r5. it is functionally equivilant to the newer hvmloaders 2013-11-04 19:06:20 kaniini: works fine here with this hvmloader 2013-11-04 19:06:45 kaniini: no crash, freebsd loads OK, so the problem seems to be specifically with hvmloader 2013-11-04 19:06:51 did we change the iasl compiler version? 2013-11-04 19:08:18 hmm! 2013-11-04 19:08:46 which package is it in 2013-11-04 19:09:04 kaniini: good question, because I cannot find it 2013-11-04 19:09:23 acpica 2013-11-04 19:09:54 no 2013-11-04 19:09:58 has not changed since june 2013-11-04 19:13:54 I'm out of clues then on what could make hvmloader change so much 2013-11-04 19:14:16 file has gone from 500K to 700K which is also not normal 2013-11-04 19:18:30 royger: binutils ? 2013-11-04 19:23:14 ! 2013-11-04 19:23:24 royger: hvmloader appears to contain iPXE 2013-11-04 19:23:38 i wonder if it is the -r6 commit 2013-11-04 19:24:25 http://git.alpinelinux.org/cgit/aports/tree/main/xen/0001-ipxe-dont-clobber-ebp.patch 2013-11-04 19:38:48 kaniini: not sure, you can always try to disable it and see... 2013-11-04 19:41:14 would cause build failure 2013-11-04 19:41:21 or, do you mean iPXE 2013-11-04 19:44:09 kaniini: fedore seems to use a much less intrusive patch in order to build ipxe: http://pkgs.fedoraproject.org/cgit/ipxe.git/tree/ipxe-asm.patch 2013-11-04 19:44:35 maybe trying to replace ours with this... but I'm not even sure if they use the same ipxe as the one in Xen 2013-11-04 19:45:00 okay. 2013-11-04 19:45:04 will try it. 2013-11-04 19:45:57 kaniini: I will catch with you tomorrow then :) 2013-11-04 22:18:07 any new news about arm? 2013-11-04 22:22:02 n8 2013-11-04 22:27:11 good night 2013-11-05 00:22:51 fabled: Could you perchance see if the erlang package in testing builds on arm? 2013-11-05 00:23:07 I would but I just shipped off my raspi to my new apartment :( 2013-11-05 05:11:42 Moinmoin 2013-11-05 07:32:45 Anybody knows if there is a updated version of AlpineLinux image for RaspberryPI that you can 'ssh' to? (fabled?) 2013-11-05 07:33:13 The overlay I can create myself. 2013-11-05 07:34:00 But even if I setup openssh, I cant seem to ssh to it because it just forces me to change/update password, and then kicks me out of the ssh session 2013-11-05 07:36:32 mhavela, http://dev.alpinelinux.org/~tteras/rpi-with-networking.tar 2013-11-05 07:36:43 Wonderful - Thanks! 2013-11-05 07:39:10 kaniini: that clobber ebp thingy might be the issue yes 2013-11-05 07:41:14 it seems that the compile error was introduced with gcc-4.8.2 2013-11-05 07:47:27 there's gcc pr ? 2013-11-05 07:56:43 kaniini: any news? 2013-11-05 07:57:29 not yet 2013-11-05 07:59:03 kaniini: do you ever sleep? 2013-11-05 07:59:30 *g* 2013-11-05 08:07:04 fabled: i think that gcc wrongly used the ebp internally and assumed that it was not clobbered. they made gcc error out when ebp is clobbered from gcc-4.8.2 2013-11-05 08:07:22 there are some gcc pr in here: http://lists.ipxe.org/pipermail/ipxe-devel/2013-March/002256.html 2013-11-05 08:09:51 royger: are you sure that xen can be built with gcc-4.8.2 withotu any patches? 2013-11-05 08:11:40 fabled could you please do code review of the 2 patches i did to make xen build with gcc-4.8.2: http://sprunge.us/jFaA and http://sprunge.us/dBLc 2013-11-05 08:11:50 so i didnt do anything stupid.. 2013-11-05 08:12:53 oh 2013-11-05 08:13:01 i think the patch *does* something stupid... 2013-11-05 08:13:41 ncopa: Fedora doesn't seem to use any build fixes: http://pkgs.fedoraproject.org/cgit/xen.git/tree/ but they build seabios, ipxe and qemu separately 2013-11-05 08:14:12 ah 2013-11-05 08:14:27 they use system seabios, ipxe and qemu instead of bundled 2013-11-05 08:14:38 that i want to do too 2013-11-05 08:14:58 ncopa: they iPXE fix is somewhat diferent, but that might be due to using different versions 2013-11-05 08:15:05 yes 2013-11-05 08:15:06 likely 2013-11-05 08:15:29 the way i had to patxh xen was ugly ugly 2013-11-05 08:15:45 the patches look ok 2013-11-05 08:16:25 ncopa: they only have this patch: http://pkgs.fedoraproject.org/cgit/ipxe.git/tree/ipxe-asm.patch (which I think is the same as your #2 patch, but they don't seem to need patch #1) 2013-11-05 08:16:25 i think we can try build ipxe separately and make xen use system ipxe 2013-11-05 08:17:12 ncopa: can someone try to disable ipxe and see if that solves the problem with hvmloader? that at least will help us identify where the problem is 2013-11-05 08:17:36 royger: is that something that is done buildtime? 2013-11-05 08:18:36 ncopa: I'm now wondering about it, and not sure if it's possible to actually disable it (you should be able to do so from a makefile, but not sure if hvmloader is going to build without ipxe) 2013-11-05 08:19:12 i think we can try to build the ipxe separately 2013-11-05 08:20:59 ncopa: this way we could use a newer version (which probably doesn't have problems with gcc 4.8.2?) 2013-11-05 08:21:33 yes, thats the idea 2013-11-05 08:22:20 that might also explain why it works on fedora 2013-11-05 08:23:54 hm... ipxe does not do releases... 2013-11-05 08:23:56 ugh... 2013-11-05 08:25:21 ncopa: by doing a quick look at the hvmloader makefile it looks like we can disable ipxe in hvmloader by disabling rombios support (--disable-rombios), it might be worth a try 2013-11-05 08:25:44 yeah 2013-11-05 08:25:45 ok 2013-11-05 08:25:47 i'll do that 2013-11-05 08:33:04 royger could you please test this: http://dev.alpinelinux.org/~ncopa/hvmloader-disable-rombios 2013-11-05 08:33:44 ncopa: it will have to wait a moment, my test boxes are busy compiling a kernel right now :( 2013-11-05 08:34:04 ok, anyone else had a system where it could be reproduced? 2013-11-05 08:34:27 if I'm not mistaken, anyone running Xen packages from edge should be able to trigger it 2013-11-05 08:34:49 ...and run on real hw 2013-11-05 08:52:53 ncopa: still the same problem 2013-11-05 08:52:59 hm 2013-11-05 08:53:00 ok 2013-11-05 08:53:05 so its not ipxe 2013-11-05 08:53:34 and no other distro is able to reproduce it? 2013-11-05 08:55:57 ncopa: not that I know of :( 2013-11-05 13:05:21 hm setup-bootable needs fix 2013-11-05 13:05:34 alpine-xen usb image does not boot 2013-11-05 13:05:44 likely not the others either 2013-11-05 13:43:54 any news regarding dev-packages? 2013-11-05 13:44:07 ACTION still needs to investigate why quasselcore crashes... 2013-11-05 13:49:45 just had some drama here. an UPS died 2013-11-05 13:50:10 took down most of the switches, the PBX and stuff 2013-11-05 14:31:28 ncopa: pbx? 2013-11-05 14:32:20 telephones 2013-11-05 14:32:29 telephone system died 2013-11-05 14:32:42 and ppl were running around in panic :) 2013-11-05 14:44:16 i wonder if it's an alpine-based pbx ;-) 2013-11-05 14:49:28 nope 2013-11-05 14:49:30 siemens 2013-11-05 14:49:40 the alpine boxes are in other room, other ups 2013-11-05 14:49:46 so they were all up 2013-11-05 14:50:00 ah ok 2013-11-05 15:34:28 did firefox sync make it into 2.7? 2013-11-05 15:35:08 Mp5shooter: didnt have time sorry :-( 2013-11-05 15:35:18 algitbot: build master 2013-11-05 15:37:00 for you xen users, where is a normal location to store guest images? 2013-11-05 16:51:45 ncopa: lvm? 2013-11-05 19:07:15 hi 2013-11-05 19:07:21 is there a new arm image? 2013-11-05 19:17:05 shafire: i dont think so 2013-11-05 19:27:22 shafire, not really. concentrating on release first. will refresh things after that. 2013-11-05 19:27:36 Ok 2013-11-05 19:27:53 After the 2.7 release, we will concentrate on musl? 2013-11-05 21:15:20 shafire: yes. we have x86 and amd64 builds running musl. 2013-11-05 21:15:38 ACTION is happy. 2013-11-05 23:59:38 aww 2013-11-06 05:33:04 Moinmoin 2013-11-06 06:03:54 morning 2013-11-06 07:11:57 morning 2013-11-06 07:21:18 hi 2013-11-06 07:21:53 any news regarding dev-packages? 2013-11-06 07:21:53 ACTION still needs to investigate why quasselcore crashes... 2013-11-06 07:22:08 -de packages? 2013-11-06 07:22:10 dev* 2013-11-06 07:29:32 the pausing still happens under pygrub, but I decided to stay with it. 2013-11-06 07:48:40 ncopa: yes 2013-11-06 07:49:20 if i remember right, kaniini was planing to add such a feature to abuild 2013-11-06 07:49:44 so abuild should be able to generate *-dev packages too 2013-11-06 07:49:55 you can build with debug symbols yourself: DEBUGE=1 abuild -r 2013-11-06 07:49:55 problem in my case is, 2013-11-06 07:50:07 yes, thats was i tried 2013-11-06 07:50:14 but the problem is in another component 2013-11-06 07:50:27 so you'll have to build that too with symbols 2013-11-06 07:50:40 i have no idea which one 2013-11-06 07:50:51 what file was it? 2013-11-06 07:51:06 ? 2013-11-06 07:53:37 my plan is to split out debug symbols. 2013-11-06 07:53:43 but, it won't be until 3.0 2013-11-06 07:53:51 or 2.8 if we do a 2.8 2013-11-06 08:11:39 kaniini: i think i have a bug/issue filed for it 2013-11-06 08:11:42 -dbg packages 2013-11-06 08:12:14 algitbot: build master 2013-11-06 08:13:58 waf 2013-11-06 08:14:05 once in a while waf deadlocks 2013-11-06 08:14:10 algitbot: build master 2013-11-06 08:23:10 ncopa: Do you have the source for algitbot online somewhere? 2013-11-06 08:24:11 Xena: i dont think so 2013-11-06 08:24:37 not sure i want publish it either, its a bit ugly :-S 2013-11-06 08:25:08 i do have the buildmsg sources available though 2013-11-06 08:25:28 ah 2013-11-06 08:25:44 the code that does the communication between git hook and build servers 2013-11-06 08:26:07 http://git.alpinelinux.org/cgit/autobuilder 2013-11-06 08:26:21 but zeromq has some issues 2013-11-06 08:26:48 I'll probably end up making my own bot for it 2013-11-06 08:27:06 irc bot? 2013-11-06 08:27:35 i think this is kinda nice: https://github.com/JakobOvrum/LuaIRC 2013-11-06 08:28:19 A plugin for an existing bot actually but yeh 2013-11-06 08:34:53 hi 2013-11-06 08:35:21 kaniini: ok, so i have to figure out which package is the next one in the "quassel-crash-queue" 2013-11-06 08:35:28 rebuild it with DEBUG=1 2013-11-06 08:35:34 and see what happens... 2013-11-06 09:43:04 kaniini: you around? 2013-11-06 10:11:24 royger: i have set up an old dell server here for xen 2013-11-06 10:11:42 i have tried to create an alpine hvm guest 2013-11-06 10:11:46 and it fails to start 2013-11-06 10:11:53 i wonder how to fish out error messages? 2013-11-06 10:11:58 I guess you also see the i8* crap, right? 2013-11-06 10:12:09 we should compile a hypervisor with debug=y 2013-11-06 10:12:21 that might give some more useful messages 2013-11-06 10:13:02 my hvm-alpine.cfg: http://sprunge.us/VjKN 2013-11-06 10:13:31 where can i see any output at all? 2013-11-06 10:14:21 you could try vncviewer , but I don't think you will be able to attach 2013-11-06 10:14:30 maybe try xl create -p 2013-11-06 10:14:34 vncviewer 2013-11-06 10:14:39 xl unpause 2013-11-06 10:15:51 royger: that helped yes, thanks! 2013-11-06 10:16:14 um 2013-11-06 10:16:16 do you get any output? 2013-11-06 10:16:31 well, atleast i could connect with vnc while it was paused 2013-11-06 10:16:43 but as soon it got unpaused vnc got disconnected 2013-11-06 10:17:12 if you compile an hypervisor with debug=y you can also see the bios output on the Dom0 console, but I don't think it ever gets much further in the bios 2013-11-06 10:17:54 in fact is probably seabios itself that's crashin the domain because the acpi tables are completely messed, but that's just a suposition 2013-11-06 10:18:26 the /var/log/xen/hvm-alpine.log: http://sprunge.us/LQPW 2013-11-06 10:18:32 so yes i think it crashes in bios 2013-11-06 10:18:42 and keeps rebooing 2013-11-06 10:19:10 yes, it's completely messed 2013-11-06 10:19:29 do you see anything in the qemu logs? 2013-11-06 10:19:40 qemu: terminating on signal 1 from pid 21253 2013-11-06 10:19:43 thats all 2013-11-06 10:19:56 that's probably libxl killing qemu when the domain crashes 2013-11-06 10:20:03 ok 2013-11-06 10:20:13 so to summarize 2013-11-06 10:20:20 what do we know, and what do we dont know 2013-11-06 10:20:24 what we know: pv works 2013-11-06 10:20:30 hvm works not 2013-11-06 10:20:42 hvm works not with alpine gcc-4.8.2 2013-11-06 10:21:02 hvm works when compiled with alpine gcc-4.8.1? 2013-11-06 10:21:28 ncopa: I wouldn't make the assumption that gcc is the culprit, have you backed out the gcc changes only and tried to recompiled it? 2013-11-06 10:21:39 problem it is not in ipxe, (or it would have worked wiht --disable-rombios) 2013-11-06 10:21:51 no i havent tried that 2013-11-06 10:22:22 i dont think gcc itself is the problem, but i suspect it is triggering it 2013-11-06 10:22:26 there's also binutils which was updated, it would be interestign the bisect the whole aports tree, but that's quite difficult IMHO 2013-11-06 10:23:28 git log gcc binutils xen 2013-11-06 10:23:53 commit b4df015acb8a0abfa7e6e3ed3e84f3042ff6d09f 2013-11-06 10:23:53 Author: William Pitcock 2013-11-06 10:23:53 Date: Sun Sep 29 01:48:41 2013 +0000 2013-11-06 10:23:53 main/xen: add general robustness patch for qemu's vnc 2013-11-06 10:24:00 i assume it worked there 2013-11-06 10:24:17 then came 3 gcc commits 2013-11-06 10:24:59 and then binutils 2013-11-06 10:25:07 i dont think binutils change is related 2013-11-06 10:25:18 then comes my build fix for gcc-4.8.2 2013-11-06 10:25:35 fabled reviewed the patches and they should be ok 2013-11-06 10:25:55 and we tried rebuild without ipxe, and that also had issue 2013-11-06 10:26:02 so its not ipxe? 2013-11-06 10:26:13 i'm gonna look what fedora does with seabios 2013-11-06 10:26:47 i think gentoo also downloads seabios sources from some other location rather than let xen buildsystem download it 2013-11-06 10:30:01 could you revert the gcc changes (so back to 4.8.1), and try to recompile Xen? 2013-11-06 10:33:17 ok 2013-11-06 10:34:02 rebuilding gcc then 2013-11-06 10:41:41 xen4.3.1 is out? 2013-11-06 10:42:33 yes, I've completely forgot about it, maybe it would be best to just try to update it 2013-11-06 10:44:01 looks like there are a bunch of hvm fixes in there 2013-11-06 10:44:52 this is specially intersting: http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=5f2875739beef3a75c7a7e8579b6cbcb464e61b3 2013-11-06 10:45:32 yeah 2013-11-06 10:45:37 i was looking at that 2013-11-06 11:04:49 royger: i pushed rc5 with xen-4.3.1 2013-11-06 11:06:25 ncopa: did you manage to test the new Xen package? 2013-11-06 11:07:00 nope 2013-11-06 11:07:09 it just built and i pushed 2013-11-06 11:07:16 will test after lunch 2013-11-06 11:37:51 ncopa: great, updating to 4.3.1 solves the problem, at least on my end :) 2013-11-06 12:00:06 wow 2013-11-06 12:00:09 wonderful! 2013-11-06 12:01:47 ncopa: now we have to see if kaniini is able to reproduce his crash which looked like a posible security issue 2013-11-06 12:03:05 i will upgrade my test box 2013-11-06 12:11:50 ha 2013-11-06 12:11:55 yes now, it boots 2013-11-06 12:13:01 i think i will just tag 2.7.0 release 2013-11-06 12:16:46 :D 2013-11-06 12:16:56 mh, so, what was the problem? 2013-11-06 12:19:29 seabios build with newer gcc has a size bigger than 128K I guess 2013-11-06 12:22:33 ncopa: btw, are you using grsec or vanilla kernel? 2013-11-06 12:22:36 rsec 2013-11-06 12:22:42 grsec* 2013-11-06 12:22:50 great, because I've only tested with vanilla 2013-11-06 12:23:02 ncopa: did you ask anybody else to verify samba? 2013-11-06 12:23:13 nope 2013-11-06 12:23:19 hmm i had some issues 2013-11-06 12:23:19 but i tested if it start 2013-11-06 12:23:26 oh.. ok? 2013-11-06 12:24:04 locks sometimes, so i switched to ip based shares 2013-11-06 12:24:13 seems to somewhat run better 2013-11-06 12:24:50 but if nobody complains, just go for it. 2013-11-06 12:41:39 a question regarding lxc containers: 2013-11-06 12:42:13 is it possible to build packages for lets say 2.6 on an lxc-container, which is running on an edge-system? 2013-11-06 12:42:41 or must the container use the same system as host? 2013-11-06 12:42:52 so edge-container -> edge-host 2013-11-06 12:42:58 it is possible, no the container dont need be same as host 2013-11-06 12:42:59 2.6-container -> 2.6-host 2013-11-06 12:43:28 i have 64bit edge host 2013-11-06 12:43:36 i have 32 bit edge container for dev 2013-11-06 12:43:43 i also have 32bit 2.6 container 2013-11-06 12:43:54 cool 2013-11-06 12:43:56 i have debian container 2013-11-06 12:43:59 how'd you setup those? 2013-11-06 12:44:15 especially 32bit on 64bit-host 2013-11-06 12:45:42 lxc-create -t alpine -n container1 -- --release v2.6 --arch x86 2013-11-06 12:46:02 if you omit --release v2.6 it will use same release as host 2013-11-06 12:46:20 if you omit --arch it will use same arch as host 2013-11-06 12:53:31 ah nice 2013-11-06 12:58:10 ugh 2013-11-06 12:58:50 we will get upgrade issues i think 2013-11-06 12:58:54 with setup-bootable 2013-11-06 13:01:22 ok 2013-11-06 13:01:37 seems like we need to move /syslinux.cfg on usb to /boot/syslinux 2013-11-06 13:02:30 is that a file or directory? 2013-11-06 13:04:18 file iirc 2013-11-06 13:04:23 i mean it will be /boot/syslinux/syslinux.cfg? 2013-11-06 13:04:39 I think so 2013-11-06 13:08:07 yes 2013-11-06 13:08:20 it will be /boot/syslinux/syslinux.cfg 2013-11-06 13:08:45 i think we should try some older alpine, v2.4 or so 2013-11-06 13:08:59 and just move syslinux.cfg file to that dir and see what happens 2013-11-06 13:09:02 i think it should work 2013-11-06 13:09:13 i will have to fix setup-bootable script though 2013-11-06 14:41:36 hm 2013-11-06 14:41:51 upgrading syslinux.cfg will be tricky... 2013-11-06 14:44:06 why? I can't find the reason for moving syslinux.cfg to /boot/ 2013-11-06 14:44:19 it will not boot otherwise 2013-11-06 14:44:27 if syslinux-5 or newer is used 2013-11-06 14:44:28 because of a syslinux upgrade? 2013-11-06 14:44:31 yes 2013-11-06 14:44:39 but if boot usb was made with older syslinux 2013-11-06 14:44:54 then it will work with /syslinux.cfg 2013-11-06 14:46:18 the problem is that all the *.c32 files needs to be in same dir as syslinux.cfg 2013-11-06 14:46:36 andi dont want a bunch of *.c32 files at root level of usb 2013-11-06 14:46:53 ok 2013-11-06 14:46:57 so we need to move syslinux.cfg 2013-11-06 14:47:17 also 2013-11-06 14:47:29 since new iso will have /boot/syslinux/syslinux.cfg 2013-11-06 14:47:34 it will be extracted 2013-11-06 14:48:07 and if both /syslinux.cfg and /boot/syslinux/syslinux.cfg exists, the latter wil get preference 2013-11-06 14:48:18 so user modificatiosn in syslinux.cfg is ignored... 2013-11-06 14:48:34 then setup-bootable need to move the file 2013-11-06 14:48:42 exactly 2013-11-06 14:48:56 but in theory, it does not need to move it unless syslinux is executed 2013-11-06 14:49:11 oh 2013-11-06 14:49:17 it does need to move anyways 2013-11-06 14:50:02 atleast if iso image used is v2.7 or newer 2013-11-06 14:50:19 i think moving it will work on older iso too 2013-11-06 14:50:43 so if you create boot usb from old .iso using new setup-bootable, it should work anyways 2013-11-06 14:51:41 Ok 2013-11-06 16:02:24 ncopa: any issue if I backport http://git.alpinelinux.org/cgit/aports/commit/?id=4c3974c5dcde7f045cf39e1c0e555db58834466b to alpine 2.{4,5,6} ? 2013-11-06 16:02:42 ACTION is hoping to have it on an alpine version that supports postgres 9.1 2013-11-06 16:02:49 so my real goal is alpine 2.4 2013-11-06 21:41:53 algitbot: build 2.6-stable 2013-11-06 21:42:16 algibot: build 2013-11-06 21:50:09 build-2-5: retry 2013-11-06 21:50:51 build-2-5: retry 2013-11-06 21:53:19 files from v2.5.4-192-g3580bf9 uploaded 2013-11-06 23:34:50 jbilyk: can you close #1589 if not needed? 2013-11-07 00:06:59 clandmeter: I think we can close it, yes 2013-11-07 07:01:51 algitbot: build 2.6-stable 2013-11-07 07:41:08 hahaha https://plus.google.com/+MikeHearn/posts/LW1DXJ2BK8k 2013-11-07 08:54:42 hi 2013-11-07 09:19:28 kaniini: you around? 2013-11-07 09:20:50 royger: i will push out xen 4.3.1 to a node at some point today. so far, it looks good in our lab environment. 2013-11-07 09:22:39 kaniini: you were not able to reproduce your Xen/Dom0 crash anymore? 2013-11-07 09:24:17 not in the lab 2013-11-07 10:15:34 fabled: the progress bar does not show up when bootin iso anymore? 2013-11-07 10:15:39 feature or bug? 2013-11-07 10:18:17 i know why.... 2013-11-07 10:18:23 commit 517378721855280d2e23d25d7529e6b9cbae9136 2013-11-07 10:18:24 Author: Timo Teräs 2013-11-07 10:18:24 Date: Fri Oct 11 14:52:34 2013 +0300 2013-11-07 10:18:24 print: use stdout instead of stderr for logging and progress 2013-11-07 10:18:24 2013-11-07 10:18:25 stdout is the proper place for it. this also fixes the progress 2013-11-07 10:18:27 bar in musl, which seems to not support using line buffering for 2013-11-07 10:18:31 stderr. 2013-11-07 10:19:23 it also broke gapk ... 2013-11-07 10:31:33 fabled: I'll revert that in aports. we can deal with musl later 2013-11-07 10:59:35 ncopa, i'd rather you fix gapk and boot 2013-11-07 11:01:22 i need to go back to drawing then... 2013-11-07 11:01:23 because 2013-11-07 11:01:40 as it works now, the apk add from init will redirect stdout to /dev/null 2013-11-07 11:02:00 so if packages has echo blabla in post-install, they dont show 2013-11-07 11:02:28 gapk is no hurry though 2013-11-07 11:02:33 also 2013-11-07 11:03:00 i have a more important issue with syslinux and upgrades 2013-11-07 11:03:59 i dont feel for delay release another week 2013-11-07 11:08:06 ok 2013-11-07 11:08:17 we need to all --disable-script-output or similar then 2013-11-07 11:17:53 fabled: is there a way i can trigger a arm pkg build? 2013-11-07 11:18:04 no 2013-11-07 11:18:27 i've been waiting for ncopa to fix abuild / builder scripts so that they allow some packages to fail 2013-11-07 11:18:38 when it's done i'll make it similar to other builders 2013-11-07 11:19:02 got it. 2013-11-07 11:19:04 thx 2013-11-07 11:19:10 i could trigger it once though 2013-11-07 11:21:05 nice, let me check if it didnt fail before. 2013-11-07 11:42:17 do you guys mind to wait with arm til v2.7 is out? 2013-11-07 11:43:18 fabled: ok, so you think we ship v2.7 with apk progressbar to stdout rather than stderr? 2013-11-07 11:43:44 i'd rather have it output to stdout 2013-11-07 11:44:57 even if it delays v2.7 even more? 2013-11-07 11:47:11 yes 2013-11-07 11:47:17 well - if it's one day, then yes 2013-11-07 11:47:28 ugh.. ok 2013-11-07 11:49:34 also alpine-iso Makefile uses the output of apk 2013-11-07 11:49:54 will have to verify the change does not break anything there too 2013-11-07 11:49:59 in fact 2013-11-07 11:50:08 i think it will make error reporting better 2013-11-07 11:50:26 as we can grab stdout instead of stderr 2013-11-07 11:50:43 and let errors show on console 2013-11-07 13:31:58 ncopa: would it be good idea to use external "progress indicator" ? 2013-11-07 13:34:56 external progress indicator? 2013-11-07 13:36:03 vramsteg from http://tasktools.org/ 2013-11-07 13:36:32 is the progressbar for installing fix? 2013-11-07 13:36:35 compiles to ~28k libc, but should be smaller on alpine 2013-11-07 13:46:31 vkrishn: i suppose it coudl work with --progress-fd 2013-11-07 13:49:01 reason is I was toying the idea of simple console/form based graphical package manager that uses external tools 2013-11-07 13:49:22 but need to be light and simple 2013-11-07 13:49:50 that led to vramsteg being one :) 2013-11-07 13:53:52 ugh 2013-11-07 13:53:59 i think i messed up the rc6 release 2013-11-07 13:54:00 :-( 2013-11-07 13:54:23 too many things in my head at the same time makes me forget important things :-( 2013-11-07 13:55:53 algitbot: build master 2013-11-07 14:30:42 hm 2013-11-07 14:31:05 i think we should move the iso building scripts to aports git repo 2013-11-07 16:39:19 is rc6 save? 2013-11-07 16:50:45 how can i run uname -a in /etc/motd? 2013-11-07 16:51:00 backticks ? 2013-11-07 16:51:28 shafire: i'd just do whatever you wanted in /etc/profile though 2013-11-07 16:51:36 or a local.d script 2013-11-07 16:51:49 I want to change the welcome message 2013-11-07 16:51:55 to last login and uname -a 2013-11-07 16:55:10 lbu revert file not found: /media/usb/ 2013-11-07 16:55:14 does not function :P 2013-11-07 16:57:59 I tried backticks and $(), but it won't function :( 2013-11-07 16:58:07 maybe I need a shebang... 2013-11-07 17:07:37 It won't work :( 2013-11-08 09:05:59 hi 2013-11-08 09:32:10 shafire: motd is a txt file, not a script. 2013-11-08 09:34:06 clandmeter: yeah, I deactivted it now... 2013-11-08 09:34:11 deactivated* 2013-11-08 09:34:22 you can do what you want in antoher way 2013-11-08 09:34:55 How? I looked a bit around, but could not find a (good) solution... 2013-11-08 09:35:08 soemthing like bashrc 2013-11-08 09:35:37 im not sure what we support with bb 2013-11-08 09:37:49 Ok 2013-11-08 09:39:36 shafire: echo "echo hello $USER" > ~/.profile 2013-11-08 09:39:49 :) thanks 2013-11-08 09:40:17 dont add crazy things after you logout 2013-11-08 09:41:06 profile can also global set in etc 2013-11-08 09:42:41 crazy things like?:) 2013-11-08 09:43:11 crazy things like breaking your login 2013-11-08 09:43:29 not sure how you want to control it without shell :D 2013-11-08 09:44:41 :-) 2013-11-08 10:24:36 someone should help "IT Offshore" how to write apkbuilds :-/ 2013-11-08 10:24:49 maybe we need update our documentation? 2013-11-08 14:06:25 i'm gonna do v2.7.0 now 2013-11-08 14:09:16 algitbot: build master 2013-11-08 14:10:06 jippi 2013-11-08 15:02:58 ncopa: you mean, it's 2.7 time 2013-11-08 15:04:48 yup 2013-11-08 15:04:52 i'm writin release notes 2013-11-08 15:05:09 great! 2013-11-08 15:07:39 php 5.5 2013-11-08 15:07:43 qem 1.6 2013-11-08 15:07:45 qemu 2013-11-08 15:07:47 xen 4.3 2013-11-08 15:07:57 postresql 9.3 2013-11-08 15:08:07 samba 4.1 2013-11-08 15:12:02 ncopa: there's a pretty important security issue with Xen and HVM domains, could you apply this patch to 4.3/4.2: http://lists.xenproject.org/archives/html/xen-devel/2013-11/msg01120.html 2013-11-08 15:16:14 ok, i filed a bug for it on bugs.a.o 2013-11-08 15:17:19 ok, what other things are worth mention in the release notes? 2013-11-08 15:31:30 does this look good? http://alpinelinux.org/release-2.7.0 2013-11-08 15:41:06 What about inform distrowatch ? 2013-11-08 15:50:08 i did 2013-11-08 15:54:59 well done :) 2013-11-08 16:01:08 fcolista: it's now in the release checklist :) 2013-11-08 16:01:33 i'm gonna start with the "celebrate" part :) 2013-11-08 16:02:34 well, close to 5PM your time, right? 2013-11-08 16:33:43 :) 2013-11-08 16:33:57 musl is coming :) :) :) 2013-11-08 16:38:26 ouch http://www.openssh.com/txt/gcmrekey.adv 2013-11-08 16:39:20 @all: congrats to the release :-) 2013-11-08 16:39:34 grimeton: nice that openssh 6.4 made the cut for alpine 2.7 2013-11-08 16:46:11 :) 2013-11-08 16:48:40 grimeton: do you know if sshd we've got for previous versions is vulnerable? 2013-11-08 16:49:09 jbilyk: i can't test that for sure, only check the version number 2013-11-08 16:49:52 the good thing is that it only works POST auth 2013-11-08 18:10:23 hey 2013-11-08 18:10:34 I upgraded to 2.7 using setup-bootable 2013-11-08 18:10:44 It said: Warning: moving syslinux.cfg to boot/syslinux/syslinux.cfg 2013-11-08 18:11:09 What's with ldlinux.c32 and ldlinux.sys in root? 2013-11-08 18:11:21 You might need run: syslinux /dev/usbdisk 2013-11-08 18:11:28 should I run that too? 2013-11-08 18:22:10 Ok I restarted and it worked 2013-11-08 18:22:17 But whats with the two ld* files? 2013-11-08 18:38:45 Could MIRRORS.txt.old be deleted? 2013-11-08 18:45:58 al.org/home still show 2.6.6 as latest edition 2013-11-08 18:48:13 shafire: probably MIRRORS.txt.old could be deleted - can't remember why the job still generates that 2013-11-08 18:48:24 shafire: blame jbilyk for that one :D 2013-11-08 18:48:38 .latest.x86.txt and .latest.x86_64.txt is old 2013-11-08 18:53:29 jbilyk: blame! :) 2013-11-08 18:53:55 hey jbilyk, could you remove that? :) 2013-11-08 18:56:27 shafire: i think drupal in www.a.o uses that 2013-11-08 18:56:32 the .latest files that is 2013-11-08 21:02:41 ncopa: I think that article about test before sending patches is enough 2013-11-08 21:15:33 ncopa: shouldn't we backport new openssh to supported releases? 2013-11-08 21:56:50 hi 2013-11-08 21:56:57 in lxc, I can only use alpine, or? 2013-11-08 21:57:14 or can I install debian for example? 2013-11-08 22:20:34 mh, as per wiki, it should work... 2013-11-09 03:25:49 ncopa: lua-posix-5.1.22-r0 in alpine 2.5 seems to have a bug in posix.readlink 2013-11-09 03:26:08 it only returns the first 14 characters when I use it from within acf-awall 2013-11-09 03:26:31 ACTION hasn't tested in other alpine versions yet 2013-11-09 03:31:53 seems to work fine on alpine 2.7 2013-11-09 04:05:36 when I do cat /etc/alpine-release, is 2.7.0_rc6 the latest? 2013-11-09 04:05:56 this did fix the windows hvm constant reboot 2013-11-09 04:06:26 still pygrub is pause for no other reason 2013-11-09 04:10:23 thank you to all 2013-11-09 04:36:58 i love you xen, thanks kaniini and royger 2013-11-09 04:39:58 ok 2013-11-09 04:41:38 It's awesome, running 3 os, and all of them run well, about to put in another one... 2013-11-09 04:42:44 Prolly put it on one of the later i7 at work and do some printer paper monitoring hopefully windows server 2012 will run and be perfect 2013-11-09 10:02:08 4.3.1 verified to be working 2013-11-09 10:26:51 hi 2013-11-09 16:53:01 please git pull git://git.alpinelinux.org/fab/aports 2013-11-09 16:53:20 More updates and license stuff done 2013-11-09 16:53:23 thanks 2013-11-09 17:04:36 fabian_a: ? 2013-11-09 17:12:29 shafire: yepp 2013-11-09 18:35:40 I don't know, what I should use :D 2013-11-09 18:35:46 lxc, qemu-kvm, xen 2013-11-09 19:15:48 Does alpine has AUFS support? 2013-11-09 19:58:56 ACTION is a fan of lxc 2013-11-09 20:03:57 fabian_a: yeah 2013-11-09 20:03:59 I found docker 2013-11-09 20:04:01 really cool 2013-11-09 20:04:15 looking forward to get docker on alpine :) 2013-11-10 14:26:12 hi 2013-11-10 14:42:21 hey guys 2013-11-10 15:07:46 hi 2013-11-10 15:09:08 does anybody know where the udhcpc command comes from? 2013-11-10 15:09:18 actually it is called like this: 2013-11-10 15:09:21 from busybox 2013-11-10 15:09:26 udhcpc -R -n -p /var/run/udhcpc.eth0.pid -i eth0 2013-11-10 15:09:34 but there is no option to set hostname 2013-11-10 15:10:51 i'm trying to figure out, why my lxc container did not use its hostname during dhcp'ing it's ip 2013-11-10 15:11:38 barthalion: thx but i meant not the command itself, i meant how it is used during boot up the system 2013-11-10 15:13:28 I thought that hostname is getting set elsewhere 2013-11-10 15:13:43 (and magically used by udhcpc) 2013-11-10 15:13:53 i thought that too... but it isn't 2013-11-10 15:13:58 I tried lxc yesterday, installed debian, but I can not get "java -version" run in a lxc container... 2013-11-10 15:14:05 or there is some config option wrong/missing... 2013-11-10 15:14:22 "java can not allocate enough memory" 2013-11-10 15:14:31 shafire: missing options on cmd line 2013-11-10 15:14:40 java -Xmx256m -version 2013-11-10 15:14:48 I tried that too with 1g 2013-11-10 15:15:02 java -Xms1g -Xmx1g -version 2013-11-10 15:15:11 strange... 2013-11-10 15:15:19 seems the whole system has not enough mem 2013-11-10 15:15:45 wait, I could get a log from yesterday... 2013-11-10 15:16:42 13GB memory was free on the host 2013-11-10 15:18:25 Can't find the log... 2013-11-10 15:18:36 Which template do you use? alpine? or debian? 2013-11-10 15:18:39 or another one? 2013-11-10 15:21:16 alpine 2013-11-10 15:21:22 barthalion: ah, got it! 2013-11-10 15:21:45 just the following line was missing on container's /etc/network/interfaces: 2013-11-10 15:21:49 hostname 2013-11-10 15:21:51 :-) 2013-11-10 15:23:59 I have another question :S 2013-11-10 15:24:33 I want to try to start fedora with the alpine kernel 2013-11-10 15:24:42 qemu-system-x86_64 --name test --enable-kvm -m 512 -hda test.img -boot c -vnc :1 -runas nobody -kernel /media/usb/boot/grsec -initrd /media/usb/boot/grsec.gz -append ??? 2013-11-10 15:24:54 What do I need to type for -append in? 2013-11-10 15:24:59 StarWarsFan: that's what I meant when I said about "elsewhere" :p 2013-11-10 15:25:13 right :-) 2013-11-10 15:25:18 miss venezuela won miss universe WOOO 2013-11-10 15:25:21 shafire: I don't think it's the best idea 2013-11-10 15:25:33 shafire: I mean, using Alpine kernel on other distro 2013-11-10 15:25:48 mh 2013-11-10 15:26:05 shafire: anyway, append should set root= and modules to be loaded from initramfs 2013-11-10 15:26:23 I don't remember the name of this variable, you can easily check it on Alpine 2013-11-10 15:26:34 the modloop stuff? 2013-11-10 15:27:19 http://wiki.alpinelinux.org/wiki/Create_Alpine_Linux_PV_DomU 2013-11-10 15:32:03 I am too silly for that :( 2013-11-10 15:32:40 here is the lxc and java memory issue: http://pastie.org/private/kdm4yrsjrst9vgfrqqiga 2013-11-10 15:35:50 i'm using openjdk6 on lxc containers... 2013-11-10 15:37:17 yeah, there is no openjdk7 at moment on alpine 2013-11-10 15:38:27 StarWarsFan: could you show me please your lxc-checkconfig? 2013-11-10 15:39:24 http://sprunge.us/KVVg 2013-11-10 15:39:31 brb, coffee is ready... ;-) 2013-11-10 15:40:19 Ok, looks like mine 2013-11-10 15:41:01 Could you install a debian lxc container and test, if oracle jvm is runable? :):):) 2013-11-10 15:41:18 oracle jvm: wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" "http://download.oracle.com/otn-pub/java/jdk/7u45-b18/jdk-7u45-linux-x64.tar.gz" 2013-11-10 16:29:44 barthalion: qemu-system-x86_64 --name test --enable-kvm -m 512 -hda test.img -boot c -vnc :1 -runas nobody -kernel /media/usb/boot/grsec -initrd /media/usb/boot/grsec.gz -append "alpine_dev=UUID=0cddf882-97f5-47d4-aac7-fc7b30fe2dc7 modules=loop,squashfs,sd-mod,usb-storage modloop=/boot/grsec.modloop.squashfs 2013-11-10 16:29:52 is there something wrong? 2013-11-10 16:30:04 I tried also root instead alpine_dev 2013-11-10 16:30:35 My problem is, do I need the append parameters for the guest (fedora) or the host (alpine)? 2013-11-10 16:52:56 shafire: sry, not possible because this machine is real "thin" 2013-11-10 16:53:08 ok 2013-11-10 16:53:30 did you try openjdk? 2013-11-10 16:53:41 no 2013-11-10 16:53:51 so might be worth a try... 2013-11-10 16:54:03 ok 2013-11-10 18:53:34 StarWarsFan: I think, the same 2013-11-10 18:53:35 root@guest2:~# java -version Error occurred during initialization of VM Could not reserve enough space for code cache 2013-11-10 18:54:07 just a second... 2013-11-10 18:54:37 so here's my output 2013-11-10 18:54:39 root@builder06:~ java -version 2013-11-10 18:54:39 Error occurred during initialization of VM 2013-11-10 18:54:39 Could not reserve enough space for object heap 2013-11-10 18:54:39 root@builder06:~ java -Xmx512m -version 2013-11-10 18:54:39 java version "1.6.0_27" 2013-11-10 18:54:40 OpenJDK Runtime Environment (IcedTea6 1.12.6) (Alpine 6.27.1.12.6-r0) 2013-11-10 18:54:42 OpenJDK 64-Bit Server VM (build 20.0-b12, mixed mode) 2013-11-10 18:54:45 root@builder06:~ 2013-11-10 18:55:07 root@guest2:~# java -Xmx512m -version Error occurred during initialization of VM Could not reserve enough space for code cache root@guest2:~# java -Xmx1g -version Error occurred during initialization of VM Could not reserve enough space for code cache root@guest2:~# 2013-11-10 18:55:52 root@builder06:~ head -n2 /proc/meminfo 2013-11-10 18:55:52 MemTotal: 1017268 kB 2013-11-10 18:55:52 MemFree: 16132 kB 2013-11-10 18:56:13 # head -n2 /proc/meminfo MemTotal: 16068252 kB MemFree: 12765208 kB 2013-11-10 18:56:36 seems to be enough :-/ 2013-11-10 18:56:56 ah wait 2013-11-10 19:00:28 Ok 2013-11-10 19:00:50 StarWarsFan: Do you have a tip or I think, it's because of the debian template... 2013-11-10 19:01:01 might be... 2013-11-10 19:01:04 guest1:~# java -Xmx512m -version java version "1.6.0_27" OpenJDK Runtime Environment (IcedTea6 1.12.6) (Alpine 6.27.1.12.6-r0) OpenJDK 64-Bit Server VM (build 20.0-b12, mixed mode) 2013-11-10 19:01:25 root@guest2:~# java -Xmx512m -version Error occurred during initialization of VM Could not reserve enough space for code cache 2013-11-10 19:04:30 strange 2013-11-10 19:04:57 how's you create the container? 2013-11-10 19:05:03 how'd you create the container? 2013-11-10 19:05:14 http://wiki.alpinelinux.org/wiki/LXC 2013-11-10 19:05:18 like there 2013-11-10 19:05:28 guest1 is alpine, guest2 is debian 2013-11-10 19:05:55 i know this page but i want to know your exact cmd line 2013-11-10 19:06:26 SUITE=wheezy lxc-create -n guest3 -f /etc/lxc/lxc.conf -t debian 2013-11-10 19:06:52 ok 2013-11-10 19:33:28 StarWarsFan: have you tried anything? :S :) 2013-11-10 19:33:59 unfortunately not, as i said is my test system too thin :-/ 2013-11-10 19:35:48 Ok 2013-11-10 19:35:50 no problem 2013-11-10 19:36:08 next is qemu/kvm 2013-11-10 20:01:48 open questions for tomorrow: 2013-11-10 20:01:49 - delete mirrors.old from mirrors - do I need ldlinux.c32 and ldlinux.sys in /media/usb? - alpinelinux.org shows wrong latest release 2013-11-10 20:21:55 n8@all 2013-11-10 22:12:09 n8 2013-11-11 05:42:41 Moinmoin 2013-11-11 06:50:39 is there any way to install apk files not yet in the repositories ? (Something like Debian's dpkg) 2013-11-11 06:51:18 BitL0G1c, "apk add foo.apk" 2013-11-11 06:54:12 ok great 2013-11-11 07:37:37 royger: Xen 4.3.1 confirmed fix, thanks again 2013-11-11 07:38:24 kaniini: so you no longer see the Dom0/Xen crash? 2013-11-11 07:41:55 kaniini: it would be good to send a reply to the security team then 2013-11-11 07:42:17 yes, i will do it as soon as i can 2013-11-11 07:42:20 kaniini: and thank ncopa, he was the one to realize we were using 4.3.0 instead of 4.3.1 :) 2013-11-11 07:44:36 morning 2013-11-11 07:58:30 ncopa: can I ask questions about 'sfic' ? 2013-11-11 08:00:21 some sfic tests: https://dpaste.de/5pgF 2013-11-11 08:01:47 is error "Could not stat /tmp/*" ok ? 2013-11-11 08:31:07 good morning 2013-11-11 08:31:09 15:01 open questions for tomorrow: 15:01 - delete mirrors.old from mirrors - do I need ldlinux.c32 and ldlinux.sys in /media/usb? - alpinelinux.org shows wrong latest release 2013-11-11 08:31:38 and cat /etc/alpine-release shows 2.7rc6 2013-11-11 08:52:02 bah 2013-11-11 08:52:07 yeah 2013-11-11 08:53:29 i messed up the 2.7.0 release 2013-11-11 09:01:56 I think there needs to be minimum of 3 rc releases spanned over 45 days before final, meaning 1st rc should be scheduled 45 days prior to deadline, giving time to test... etc 2013-11-11 09:03:46 further rc's if needed should give a week atleast to community for testing 2013-11-11 09:05:02 thus each rc's after 3rd means 1 week delay 2013-11-11 09:06:15 the next release will need that 2013-11-11 09:06:21 some major changes... 2013-11-11 09:06:32 yeah 2013-11-11 09:06:35 the problem is 2013-11-11 09:06:41 people normally dont care 2013-11-11 09:06:49 til the day before the release 2013-11-11 09:06:54 "oh... i want this in..." 2013-11-11 09:07:20 also, very few are interested in doing the acutal test 2013-11-11 09:07:25 the devs want workn on the next big thing 2013-11-11 09:07:53 the last week before v2.7, peoeple were talking about arm... 2013-11-11 09:08:02 after 2nd rc - strict freeze can be enforced 2013-11-11 09:10:20 ncopa: you moved syslinux.cfg, but what's up with the two files (ldlinux.c32 and ldlinux.sys) in /media/usb? Can I delete them? 2013-11-11 09:10:23 yes trying to keep things focused during peak release duration is indeed important 2013-11-11 09:10:55 shafire: I believe you can delete them if you re-run syslinux 2013-11-11 09:11:12 but i'd recommend you test. i cannot guarantee you anything 2013-11-11 09:11:28 Ok 2013-11-11 09:11:43 I think if iirc syslinux has option to place these files in subdirectories 2013-11-11 09:12:22 vkrishn: that is the challenge, how do you make volunteers work on bugfix instead of the next hot feature? 2013-11-11 09:12:51 create a qa team :) 2013-11-11 09:13:23 any volunteers for a qa team lead? ;) 2013-11-11 09:13:28 one method is declining any such changes to be accepted 2013-11-11 09:13:54 atleast during freeze period 2013-11-11 09:14:04 i think 45 days is way too much 2013-11-11 09:14:07 at tops 3 months 2013-11-11 09:14:10 3 weeks 2013-11-11 09:14:13 or 1 month 2013-11-11 09:14:26 yes, period can be adjusted 2013-11-11 09:14:39 by seeing past releases 2013-11-11 09:14:45 pattern 2013-11-11 09:14:56 what i do now to help focus on the release, is what openbsd does 2013-11-11 09:15:04 we do the release candidates in edge repo 2013-11-11 09:15:09 and branch at release 2013-11-11 09:15:14 linus does the same with linux 2013-11-11 09:16:08 also, the kernel makes new dot releases every week almost 2013-11-11 09:16:13 or every second release 2013-11-11 09:16:20 every second week 2013-11-11 09:16:24 (i need coffe....) 2013-11-11 09:18:17 I'll get mine 2013-11-11 09:27:38 what I noticed is sudden surge of bug/error reports on Monday's, meaning testing being done on weekends, quite understandable from volunteer's point of view 2013-11-11 09:59:04 whats the last update about musl, fabled? 2013-11-11 10:00:42 shafire, not much - i rebuilt edge on armhf last week sometime, but other than that, we've been doing 2.7 release 2013-11-11 10:00:50 and i have few non-alpine things going as well 2013-11-11 10:00:59 ok 2013-11-11 10:01:18 i think the plan is to update builder scripts to handle non-building packages better 2013-11-11 10:01:32 and then try to have all three musl builders follow edge 2013-11-11 10:01:49 ncopa, you are going to take the build scripts next, right? 2013-11-11 10:01:56 ... i'm off for lunch 2013-11-11 11:10:17 ncopa: what did you mean by 2013-11-11 11:10:19 [09:53:29] i messed up the 2.7.0 release 2013-11-11 11:10:22 ? 2013-11-11 12:01:50 i forgot commit the release before i did the tag 2013-11-11 12:01:53 http://git.alpinelinux.org/cgit/aports/?h=2.7-stable 2013-11-11 12:02:04 its just cosmetic 2013-11-11 12:02:23 if you boot the iso it will say 2.7.0_rc6 2013-11-11 12:02:30 when apk upgrade it will say 2.7.0 2013-11-11 12:12:44 ah ok 2013-11-11 12:19:31 ncopa: sfic issue "Could not stat /tmp/*" ? 2013-11-11 12:19:47 is this a bug ? 2013-11-11 12:48:13 dunno 2013-11-11 21:46:38 hi 2013-11-11 21:46:49 I need a musl iso image now for x86_64 :) 2013-11-11 21:47:01 any pre alpha do not use in production version 2013-11-11 22:12:52 you can just use a normal alpine iso 2013-11-11 22:12:53 to install it 2013-11-11 22:18:39 First, I need to out, how to upgrade syslinux without breaking anything :) 2013-11-11 22:18:44 to find out* 2013-11-11 22:43:02 cool 2013-11-11 22:43:05 everything okay 2013-11-11 22:43:23 syslinux -d boot/syslinux /dev/sdd1 2013-11-11 23:12:11 kaniini: change to edge-musl and re-install all packages? 2013-11-11 23:18:06 yeah it should work 2013-11-11 23:52:35 gn8 2013-11-12 06:50:00 moin 2013-11-12 08:20:16 kaniini: wget: short write 2013-11-12 08:20:26 ERROR: http://blablah/main: UNTRUSTED signature 2013-11-12 08:20:42 WARNING: Ignoring APKINDEX.blag.tar.gz: No such file or directory 2013-11-12 08:39:08 ? 2013-11-12 08:44:51 barthalion: you need the apk keys 2013-11-12 08:45:16 you need the pub key for the repo 2013-11-12 08:46:22 I guessed it, I still don't know how to import it 2013-11-12 08:46:30 I'm not really into keys in apk 2013-11-12 08:46:35 you copy it to /etc/apk/keys 2013-11-12 08:46:51 hm, will take a look in a moment 2013-11-12 08:55:01 ncopa: where are public keys stored? 2013-11-12 08:56:39 that is specified when you create it 2013-11-12 08:56:46 normally it is ~/.abuild iirc 2013-11-12 09:01:51 well, I mean, where I can import the one used for x86 edge-musl 2013-11-12 09:13:53 I wonder how it compiled on x86, but not on x86_64 2013-11-12 09:18:18 barthalion, do not ignore update_config_sub error 2013-11-12 09:18:24 if it returns error, you need to delete the whole line 2013-11-12 09:18:31 it means that it's no longer needed 2013-11-12 09:24:06 and that's exactly what it prints, whenever it will be needed again, I won't need to add it 2013-11-12 09:24:44 but sure, will remove it 2013-11-12 09:24:56 first I need to revert some changes 2013-11-12 09:57:51 brb 2013-11-12 15:45:46 files from v2.5.4-193-g1aeea59 uploaded 2013-11-12 15:47:50 files from v2.5.4-193-g1aeea59 uploaded 2013-11-12 16:59:23 files from v2.4.11-115-g507c3bb uploaded 2013-11-12 22:14:51 N8@all 2013-11-13 04:32:24 Hi, I think there's an issue with the perl-db package. It appears to be built against db 5.3.21 but alpine is shipping db 5.3.28, which causes db to refuse to work due to a mismatch between the header file used to compile perl-db and the library version. 'db' package was built on the 29th of October, whereas perl-db was built on the 22nd of October. 2013-11-13 04:34:50 I think the package just needs rebuilding, I don't see any specific versions named in the APKBUILD. 2013-11-13 04:51:08 kaniini: ^ mind bumping the release number and rebuilding perl-db? 2013-11-13 04:51:41 hl: yeah 2013-11-13 04:51:44 gimme a sec 2013-11-13 04:51:47 kaniini: thanks. 2013-11-13 04:52:17 pulling aports now. 2013-11-13 04:54:12 hl: 0.54 is out, going to run a testbuild of it 2013-11-13 04:54:39 what nutter decided point releases should change ABI anyway... 2013-11-13 04:55:00 I have vague recollections of libdb compatibility nightmares back in the early days of subversion... 2013-11-13 04:55:26 yes, someone should fork freebsd's libdb and make it generic 2013-11-13 04:55:30 it is API-compatible 2013-11-13 04:59:08 How per se would you make it generic? 2013-11-13 05:46:51 Morning 2013-11-13 05:50:51 are there any OpenVZ templates for Alpine ? 2013-11-13 08:39:03 hi 2013-11-13 08:43:37 how are you guys 2013-11-13 08:45:51 hi 2013-11-13 08:45:57 well, fine, thx :-) 2013-11-13 08:46:57 :-) 2013-11-13 12:18:42 anyone had success in booting alpine with EFI ? 2013-11-13 12:20:22 i dont know but it has not been possible since i added syslinux-6 2013-11-13 12:20:27 a week or two ago 2013-11-13 12:20:34 yep 2013-11-13 12:20:44 i'm interested in MacOSX boot with alpine 2013-11-13 13:02:12 syslinux 6 upgrade worked 2013-11-13 13:02:27 I used the "-d boot/syslinux" parameter 2013-11-13 13:28:26 I'm install alpine on mac hardware 2013-11-13 14:36:59 Frosh: what kind of Mac ? 2013-11-13 14:48:57 old 2013-11-13 14:52:49 so no efi support 2013-11-13 14:59:18 files from v2.5.4-201-ge75248f uploaded 2013-11-13 15:01:56 files from v2.4.11-119-g85193a7 uploaded 2013-11-13 15:02:25 files from v2.5.4-201-ge75248f uploaded 2013-11-13 15:16:09 mac3,1, or 2,1 2013-11-13 15:16:42 I believe all mac have EFI 2013-11-13 15:17:34 Alpine was the only thing that boot, debian, ubuntu didn't 2013-11-13 15:25:30 really 2013-11-13 15:25:43 how did you do it? 2013-11-13 15:25:49 witih syslinux? 2013-11-13 15:27:44 ncopa: why are you surprise? 2013-11-13 15:28:28 ncopa: I just follow the installation instruction :D 2013-11-13 15:29:19 sounds like it boots bios style then 2013-11-13 15:32:19 Is there a way to setup networking without running setup-alpine? 2013-11-13 15:34:03 Frosh: setup-interfaces 2013-11-13 15:34:09 is it what you want? 2013-11-13 15:34:30 not sure what you mean by bios, http://pastebin.com/FzqKmTav not sure if you can discern what mac it is 2013-11-13 15:34:35 alacerda: I think so 2013-11-13 15:39:56 Frosh, i think you're not using EFI 2013-11-13 15:40:11 Bios -> MBR 2013-11-13 15:40:15 EFI -> GPT 2013-11-13 15:42:12 ncopa: where does setup-alpine is ? 2013-11-13 15:42:18 in what package i mean 2013-11-13 15:43:10 fcolista: so some MAC have Bios? I didn't know MAC had bios 2013-11-13 15:44:01 is not "Bios" like PC, is the way your mac is booting, evidently 2013-11-13 15:44:10 mbr partitioning 2013-11-13 15:44:18 this is what ncopa was referring to 2013-11-13 15:44:23 most likely then 2013-11-13 16:21:37 files from v2.5.4-205-gf866213 uploaded 2013-11-13 22:21:04 n8@all 2013-11-14 09:53:15 files from v2.5.4-206-gfacd113 uploaded 2013-11-14 09:54:28 files from v2.5.4-206-gfacd113 uploaded 2013-11-14 10:52:10 files from v2.4.11-122-gbe7dcf7 uploaded 2013-11-14 11:05:18 files from v2.4.11-123-g1458363 uploaded 2013-11-15 06:40:18 (449/620) Installing tdb-libs (1.2.12-r0) 2013-11-15 06:40:18 ERROR: tdb-libs-1.2.12-r0: trying to overwrite usr/lib/libtdb.so.1 owned by tdb-3.6.19-r0. 2013-11-15 06:40:28 (407/620) Installing gnome-bluetooth-libs (3.10.0-r0) 2013-11-15 06:40:29 ERROR: gnome-bluetooth-libs-3.10.0-r0: trying to overwrite usr/share/icons/hicolor/32x32/status/bluetooth-active.png owned by gnome-bluetooth-2.32.0-r4. 2013-11-15 06:40:29 ERROR: gnome-bluetooth-libs-3.10.0-r0: trying to overwrite usr/share/icons/hicolor/32x32/status/bluetooth-disabled.png owned by gnome-bluetooth-2.32.0-r4. 2013-11-15 06:40:30 ,,, 2013-11-15 06:53:23 maybe we should port over piuparts from debian 2013-11-15 06:53:28 to automatically QA upgrades 2013-11-15 07:02:49 hm.. 2013-11-15 07:03:14 those goes much eaiser unnoticed for me now... 2013-11-15 07:03:24 earlier apk exited with error 2013-11-15 07:11:26 build64-2-4: retry 2013-11-15 07:39:27 there is one things more, vlc has a plugin with underliking 2013-11-15 07:39:41 libvdpau or so 2013-11-15 07:40:08 /usr/lib/vlc/vlc-cache-gen: symbol 'XFree': can't resolve symbol 2013-11-15 10:00:52 files from v2.4.11-123-g1458363 uploaded 2013-11-15 10:30:28 any utils available, similar to "parallel" ? 2013-11-15 10:34:39 http://www.gnu.org/software/parallel/ 2013-11-15 10:35:54 distributed shell? 2013-11-15 10:38:35 can work on same machine 2013-11-15 11:10:57 ncopa: I was testing mqtt based app mosquitto.org, seems nice 2013-11-15 11:11:35 can it be used somewhere in alpine infra ? maybe replace the zeromq setup 2013-11-15 11:13:05 files from v2.5.4-208-g97e3e4a uploaded 2013-11-15 11:13:32 files from v2.5.4-208-g97e3e4a uploaded 2013-11-15 11:33:19 parallel cited in - http://media.amazonwebservices.com/AWS_Amazon_EMR_Best_Practices.pdf 2013-11-15 11:52:14 interesting 2013-11-15 11:52:24 its pubsub only? 2013-11-15 11:52:38 yes 2013-11-15 11:53:05 but looks neat, common server(broker) 2013-11-15 11:53:25 so one can pub or sub ;) 2013-11-15 11:53:42 yeah 2013-11-15 11:54:08 broker - fundamentals were kinda scrapped from zmq 2013-11-15 11:55:55 it has got passwd feature, so I has thinking a central al - mqtt server with passwd for each developers who can pub/sub 2013-11-15 11:56:36 or different nodes 2013-11-15 11:57:49 i also use request/reply 2013-11-15 11:57:57 in addition to pub/sub 2013-11-15 11:58:24 but i suppose thats due to the nature of zmq 2013-11-15 11:58:47 mqtt looks really nice 2013-11-15 11:59:17 and we can use the borker 2013-11-15 11:59:20 broker 2013-11-15 11:59:30 = save me for writing a server :) 2013-11-15 11:59:56 thats definitively worth look up yes 2013-11-15 11:59:58 zmq specializes in spandexing ;) various kinds of sockets 2013-11-15 12:00:23 nanomsg is a step in right direction 2013-11-15 12:00:39 but has lots more than we need (=bloat) 2013-11-15 12:00:57 yes, kinda its learning from its predecessor 2013-11-15 12:00:57 i asked to modularize it but the devs didnt think it was worth it (yet) 2013-11-15 12:01:16 what we need is baiscally pub/sub and thats it.. 2013-11-15 12:01:39 so mosquitto is basicly what we need 2013-11-15 12:02:47 only issue is that the broker needs to be running/reliable 2013-11-15 12:03:48 we have that issue regardless 2013-11-15 12:04:06 when we used irc, we had issues with freenode 2013-11-15 12:04:46 when we use zeromq, we have bigger issues because its not autorecovering if the broker disappears and comes back 2013-11-15 12:05:18 that's when I think xsub/xpub can be used 2013-11-15 12:05:48 I was thinking some vservers sandbox's for dev 2013-11-15 12:06:00 developers 2013-11-15 12:06:11 The javascript/websockets client is available as: ... 2013-11-15 12:06:20 js files 2013-11-15 12:06:54 which means it should be fairly simple to build web interface to it 2013-11-15 12:07:26 websockets change many things how we view pages 2013-11-15 12:07:47 live active apps 2013-11-15 12:08:40 but um... 2013-11-15 12:08:45 even browser features are being implemented that shut this active as you change to different tab 2013-11-15 12:09:00 or window 2013-11-15 12:09:08 that way bandwidth is saved 2013-11-15 12:09:27 i was thinking we might want more features than pub/sub eventually 2013-11-15 12:09:42 I think is less that 5yrs we might just be sitting with browsers ;) 2013-11-15 12:09:49 was thining of multiple build servers for same arch 2013-11-15 12:09:51 as frontend 2013-11-15 12:10:16 a smart build-controller sends jobs that can be paralleized to different build servers 2013-11-15 12:10:28 zeromq will stay for that matter 2013-11-15 12:10:37 its broker agnostic 2013-11-15 12:10:38 or nanomsg 2013-11-15 12:10:59 but for the current need, mosquitto seems ideal 2013-11-15 12:11:20 these vserver sandboxes - can be communicated via password protected mqtt 2013-11-15 12:11:47 that way developers like running limited hardware can invoke to build 2013-11-15 12:12:04 when thinks go well pass that ABUILD to mainline 2013-11-15 12:12:46 when things* 2013-11-15 12:13:12 staging build servers... 2013-11-15 12:13:22 I sometimes see a package and even can build ABUILD, but deter due to limitation 2013-11-15 12:13:24 yes 2013-11-15 12:13:59 yeah, something even more limited than actual vservers would be great 2013-11-15 12:14:21 I think a web interface can also be build 2013-11-15 12:14:23 I usually don't build pkgs before push because I'm on battery 2013-11-15 12:14:48 makes sense 2013-11-15 12:14:56 people want contribute 2013-11-15 12:14:59 yeah, I realized when I asked for linux RT 2013-11-15 12:15:24 but might not want setup/run own compile env 2013-11-15 12:15:50 vkrishn: hrm, I've it somewhere 2013-11-15 12:15:53 he.. 2013-11-15 12:15:54 its lengthy to keep up with edge in rolling release 2013-11-15 12:16:02 and even send it to review to ncopa, but I think he missed it somehow 2013-11-15 12:16:07 aw... 2013-11-15 12:16:10 very likely 2013-11-15 12:16:15 :) 2013-11-15 12:16:29 i have more work than i can handle atm.. 2013-11-15 12:16:31 ok 2013-11-15 12:16:44 i will think more of a 'community' build server 2013-11-15 12:16:58 :) 2013-11-15 12:17:09 i still think we need some kind of 'trusted' community memebers 2013-11-15 12:17:10 ncopa: https://paste.xinu.at/RQc/ 2013-11-15 12:17:19 so its not open for *everyone* 2013-11-15 12:17:33 rt kernel? 2013-11-15 12:17:38 vservers access can be limited to ip's 2013-11-15 12:17:39 :-( 2013-11-15 12:17:45 ncopa: yeah, it built fine back then I sent it to you 2013-11-15 12:17:51 even connection to/from it 2013-11-15 12:17:54 kernel maintenence is *much* work 2013-11-15 12:18:06 i want get rid of vserver kernel due to that 2013-11-15 12:18:11 ouch 2013-11-15 12:18:18 well, I will add it to unmaintained then 2013-11-15 12:18:24 yeah.. 2013-11-15 12:18:45 problem is kernel security vulns 2013-11-15 12:19:08 that's reason I suggested vservers and not lxc 2013-11-15 12:20:00 work = numbers_of_vulns ^ number_of_kernel_flavors 2013-11-15 12:20:28 no 2013-11-15 12:20:37 but 2013-11-15 12:20:45 work = numbers_of_vulns ^ (number_of_kernel_flavors * stable_alpine_branches) 2013-11-15 12:20:54 if there's only one viln only 1 work? 2013-11-15 12:20:57 :p 2013-11-15 12:21:04 s/kernel_flavors/packages/ 2013-11-15 12:21:12 yea 2013-11-15 12:21:43 its number_of_vulns * number_of_kernel_packages * number_of_stable_versions 2013-11-15 12:21:59 number of stable versions is 4 2013-11-15 12:22:19 so 1 vuln is normally 4 packages 2013-11-15 12:22:36 with vserver each vulns = 8 packages 2013-11-15 12:22:52 if we akk linux-rt 2013-11-15 12:22:54 add* 2013-11-15 12:23:06 1 vuln -> 12 packages 2013-11-15 12:24:15 this week i looked at 3 vulns 2013-11-15 12:24:28 if we had linux-rt now 2013-11-15 12:24:39 i would have to fix 36 packages... 2013-11-15 12:25:32 so problem is not creating the package 2013-11-15 12:25:36 problem i maintenence 2013-11-15 12:26:23 wait, why 1 kernel = 4 packages? external modules? 2013-11-15 12:26:48 yeah add * number of 3rd party mods... 2013-11-15 12:26:52 i forgot that... 2013-11-15 12:27:15 i will not support 3rdparty mods for anythin except -grsec kernel 2013-11-15 12:27:28 i dropped 3rd party mods for vserver already 2013-11-15 12:28:05 barthalion: i maintain stable branches 2013-11-15 12:28:24 we have 4 stable branches, currently v2.4 -> v2.7 2013-11-15 12:28:42 ah, that's why 2013-11-15 12:30:15 so there could possible be 'community' branches 2013-11-15 12:31:16 but not fully screened by ncopa 2013-11-15 12:31:44 not sure if we have enough contributors to make sth like that 2013-11-15 12:32:45 what i am thinking is 2013-11-15 12:32:59 have a hanful trusted users or devs 2013-11-15 12:33:10 that can push to the stage build server 2013-11-15 12:33:14 or test/build server 2013-11-15 12:33:54 once it passes the test buildserver, we could have soemthing that automatically adds an 'Acked-by: testbuildserver' in the git commit 2013-11-15 12:34:33 and it forwards it to the mailing list or some other place 2013-11-15 12:35:06 then its visible that the contribution passes basic quality check (it builds atleast) 2013-11-15 12:35:30 yes such sandbox can even be used to run tests 2013-11-15 12:36:03 we could have sandbox for stable branches 2013-11-15 12:36:35 so devs (and/or trusted users) can test build fixes for stable branches without needing set up N different branches 2013-11-15 12:37:57 we oculd have staging build servers so devs must push to there, and if it passes staging build server it will push to official aports repo 2013-11-15 12:38:00 but i dont really like that 2013-11-15 12:38:08 as it slows down things 2013-11-15 12:38:24 can be useful when someone requests some pkgs and we don't know if it can actually build without and patches 2013-11-15 12:38:29 specially for bix packages (like openjdk, gcc, xulrunner, qt, webkit) 2013-11-15 12:38:35 any* 2013-11-15 12:38:52 yeah 2013-11-15 12:39:14 or for radically changes versions 2013-11-15 12:43:00 files from v2.4.11-125-g0238d08 uploaded 2013-11-15 12:43:09 files from v2.4.11-125-g0238d08 uploaded 2013-11-15 14:28:20 mosquito has cert + ssl/tls features 2013-11-15 14:30:07 ncopa: I think I have formulated most tools and basic arch design for sandbox environment. Some tools I have already put as feature request in bugs.a.o 2013-11-15 14:30:35 I can publish the design when sandbox environment approval gets finalized by you 2013-11-15 15:39:24 BitL0G1c: your sent patches are finally getting my attention. sorry for letting you wait so long 2013-11-15 15:39:28 andthanks for your patience 2013-11-15 17:08:31 ncopa: Python 2.7.6 was released recently, I'm making a patch to update the apkbuild. What tests should I run on it before I email off the patch? 2013-11-15 17:12:42 So far it builds and installs properly 2013-11-15 17:13:05 I'll see if python ships a test suite 2013-11-15 17:16:04 ah 2013-11-15 17:16:07 python -m test.regrtest 2013-11-15 17:22:09 test_io 2013-11-15 17:22:10 [1] 1630 segmentation fault python -m test.regrtest 2013-11-15 17:22:23 [5732080.148690] traps: python[1630] general protection ip:7f9cbe02c7f5 sp:7fff6876b000 error:0 in libuClibc-0.9.33.2.so[7f9cbdfd8000+75000] 2013-11-15 17:22:34 Checking to see if this error happens in 2.7.5 2013-11-15 17:24:41 It fails in 2.7.5 too 2013-11-15 17:24:43 test_io 2013-11-15 17:24:45 [1] 24735 segmentation fault python -m test.regrtest 2013-11-15 17:24:59 [821486.309789] traps: python[24735] general protection ip:781b8f0867f5 sp:7accd6a1c300 error:0 in libuClibc-0.9.33.2.so[781b8f032000+75000] 2013-11-15 17:25:01 [821486.309809] grsec: Segmentation fault occurred at (nil) in /usr/bin/python2.7[python:24735] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/zsh[zsh:13518] uid/euid:1000/1000 gid/egid:1000/1000 2013-11-15 17:25:03 [821486.309821] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/bin/python2.7[python:24735] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/zsh[zsh:13518] uid/euid:1000/1000 gid/egid:1000/1000 2013-11-15 17:25:09 Both tests done on edge 2013-11-15 17:36:15 Testing the same thing on Debian 6 2013-11-15 17:36:15 7* 2013-11-15 17:41:02 Yup, uclibc bug. 2013-11-15 17:41:17 :( 2013-11-15 18:25:54 has anyone used 2.7.0 to install to LVM on LUKS ? I rebuilt the initramfs but on booting get "can't access tty: job control turned off" - for mkinitramfs to run I had to create a symlink /lib/modules/3.10.19-0-grsec ----> /lib/modules/3.10.18-1-grsec (the live session uses the .18-1 kernel) 2013-11-15 18:26:36 or maybe this doesn't affect anything & I've missed a configuration 2013-11-15 18:51:15 /join #nmap 2013-11-15 23:08:09 fabled: My pi has been out of sync for about two weeks now. How boned am I? 2013-11-16 01:15:11 qemu is apparently dead for me, again. Aborts with -enable-kvm. :-( 2013-11-17 10:28:42 hi 2013-11-18 09:30:10 does anyone know whats up with the berk db stuff? 2013-11-18 09:32:19 ncopa: what's up? 2013-11-18 09:32:32 5288fb00 hdb_back_initialize: BDB library version mismatch: expected Berkeley DB 5.3.21: (May 11, 2012), got Berkeley DB 5.3.28: (September 9, 2013) 2013-11-18 09:32:42 i saw someone talk about it earlier 2013-11-18 09:33:19 i think the abi changed or something 2013-11-18 09:33:41 library missmatch on a partially updated system? 2013-11-18 09:34:25 well i wonder if someone knows what the problem is 2013-11-18 09:34:49 i believe we need rebuild everything linked to db 2013-11-18 09:35:20 quite possibly, if the ABI changed 2013-11-18 09:35:22 because the lib checks version number in headers 2013-11-18 09:35:29 or something like that 2013-11-18 09:36:10 so my question is if someone has details and could file a bug on bugs.a.o 2013-11-18 12:24:07 ncopa: there is no tipc(protocol) related tools 2013-11-18 12:24:43 but we have the kernel space? 2013-11-18 12:24:54 create package request for tipcutils 2013-11-18 12:24:56 yes 2013-11-18 12:25:10 ok, and there is netsend 2013-11-18 12:25:15 with link to http://tipc.sourceforge.net/tipc_linux.shtml 2013-11-18 12:25:29 netsend ? 2013-11-18 12:25:38 yeah.. 2013-11-18 12:25:47 ok 2013-11-18 12:26:08 vkrishn: i think we dont bother fix #2279 for v2.6 2013-11-18 12:26:19 or do you want it fixed for v2.6 too? 2013-11-18 12:26:27 i think its fixed in v2.7 2013-11-18 12:27:29 its not a security or a bug so 2.7 is ok 2013-11-18 12:27:37 good 2013-11-18 12:27:39 thanks 2013-11-18 12:32:41 it would be nice if some of the utils in http://kitenet.net/~joey/code/moreutils made to busybox 2013-11-18 12:35:11 looks nice indeed 2013-11-18 12:37:15 do they have a irc channel ? 2013-11-18 12:37:21 yup 2013-11-18 12:37:24 #busybox 2013-11-18 12:37:28 thanks 2013-11-18 12:37:35 and a mailing list 2013-11-18 12:38:04 nah, I already on lots of ML, mailbox getting full ;) 2013-11-18 12:38:25 i have full understanding :) 2013-11-18 12:39:24 ncopa: I have seen some patches to submitted to bb team 2013-11-18 12:39:29 are you on dev team ? 2013-11-18 12:39:56 you submitted* 2013-11-18 12:43:28 i have sent some patches for busybox yes 2013-11-18 12:43:34 royger: on one node running 4.3.1-r0 2013-11-18 12:43:37 royger: i am getting this: 2013-11-18 12:43:39 (null) 99 0 8 --p--d 48.8 2013-11-18 12:43:42 (null) 100 0 8 --p--d 239.8 2013-11-18 12:43:44 (null) 101 0 8 --p--d 36.7 2013-11-18 12:43:45 on xl list 2013-11-18 12:43:49 what do you think it might be 2013-11-18 12:44:06 it's like the hypervisor isn't cleaning up domains 2013-11-18 12:44:12 but xenstore is cleaned of them 2013-11-18 12:47:37 brb 2013-11-18 12:54:40 kaniini: mmm, it might be that some other domain still has mapped grant-refs from this now gone domains? 2013-11-18 12:56:41 kaniini: could you switch the Dom0 console to the hypervisor ('CTRL-a' three times) and then push g in order to dump grant table usage? 2013-11-18 13:03:14 this is on ssh 2013-11-18 13:05:01 royger: http://paste2.org/COadgY9n 2013-11-18 13:10:28 kaniini: not really helpful, the list is truncated 2013-11-18 13:10:41 yeah 2013-11-18 13:10:42 kaniini: don't you have something like conserver in order to attach to remote server serial line? 2013-11-18 13:10:56 royger: no 2013-11-18 13:11:06 well 2013-11-18 13:11:08 i have ipmi 2013-11-18 13:11:13 kaniini: so you have no way to attach to a remote server serial port? 2013-11-18 13:11:13 maybe i can do serial redirection with it 2013-11-18 13:11:19 i've never tried 2013-11-18 13:12:17 kaniini: maybe if you had the serial line attached you could have seen some messages that could lead to why this domains are not freed 2013-11-18 13:12:28 s/freed/destroyed 2013-11-18 13:13:07 no serial line attached 2013-11-18 13:13:25 does xen have any way to expand the dmesg size? 2013-11-18 13:18:33 kaniini: probably, but I'm not able to find any command line option to enlarge it: http://xenbits.xen.org/docs/unstable/misc/xen-command-line.html maybe conring_size? 2013-11-18 13:18:34 i think i have something 2013-11-18 13:18:52 although I think this is not related 2013-11-18 13:19:45 cool 2013-11-18 13:19:48 i got something 2013-11-18 13:19:52 ACTION pets ipmitool 2013-11-18 13:25:38 royger: how can i get xen to attach to ttyS1 at runtime 2013-11-18 13:27:13 kaniini: http://wiki.xen.org/wiki/Xen_Serial_Console 2013-11-18 13:27:41 well 2013-11-18 13:27:48 that's not helpful i don't think 2013-11-18 13:27:53 cause it requires a reboot of the machine 2013-11-18 13:28:05 kaniini: you cannot change the console after boot AFAIK 2013-11-18 13:29:55 oh well 2013-11-18 13:35:11 I've seen the (null) part when my hvm were rebooting constantly 2013-11-18 14:28:45 lyska: ^^^ 2013-11-18 14:28:51 :D 2013-11-18 14:29:18 always a good feeling to see something you fixed go out to give other people less pain 2013-11-18 14:29:59 now, if you could just test the package, that the builder didnt do someting stupid to it 2013-11-18 14:30:04 and let me know 2013-11-18 14:30:08 then i'll move it to main 2013-11-18 14:30:11 just apk grab it? 2013-11-18 14:30:15 yeah 2013-11-18 14:30:24 what server it built on? 2013-11-18 14:30:39 i think its on the nl.alpinelinux.org repo 2013-11-18 14:31:02 i built on both build-edge-x86 and build-edge-x86_64 2013-11-18 14:33:12 hmm 2013-11-18 14:33:19 the only problem now is that it has a dep in testing 2013-11-18 14:33:21 py-pip 2013-11-18 14:36:24 well 2013-11-18 14:36:37 if py-virtualenv works 2013-11-18 14:36:43 then it means that py-pip works 2013-11-18 14:36:49 ERROR: unsatisfiable constraints: 2013-11-18 14:36:50 and py-pip can also be moved to main... 2013-11-18 14:36:51 py-virtualenv (missing): 2013-11-18 14:36:53 required by: world[py-virtualenv] 2013-11-18 14:37:09 # cat /etc/apk/repositories 2013-11-18 14:37:10 http://nl.alpinelinux.org/alpine/edge/main 2013-11-18 14:37:12 #http://nl.alpinelinux.org/alpine/edge/testing 2013-11-18 14:37:16 fresh chroot 2013-11-18 14:37:26 uncomment the last line in /etc/apk/repositories 2013-11-18 14:37:46 and apk add -U py-virtualenv 2013-11-18 14:38:03 oic 2013-11-18 14:38:20 # pip 2013-11-18 14:38:23 Traceback (most recent call last): 2013-11-18 14:38:24 File "/usr/bin/pip", line 5, in 2013-11-18 14:38:26 from pkg_resources import load_entry_point 2013-11-18 14:38:28 ImportError: No module named pkg_resources 2013-11-18 14:38:48 apk list: https://gist.github.com/lyska/3f4dd78e9ac272076bd0 2013-11-18 14:39:38 hm, I guess we don't have setuptools in repos 2013-11-18 14:39:53 or we have 2013-11-18 14:39:58 py-setuptools? 2013-11-18 14:40:02 lyska: install py-setuptools 2013-11-18 14:40:16 just did 2013-11-18 14:40:17 is py-setuptools a dep of pip? 2013-11-18 14:40:21 No 2013-11-18 14:40:23 It should be 2013-11-18 14:40:26 ncopa: should be apparently 2013-11-18 14:40:45 those things are why we want put things in testing first 2013-11-18 14:40:56 so distribute was missing some time ago 2013-11-18 14:41:16 ncopa: lol 2013-11-18 14:41:22 but it has been merged or something like that 2013-11-18 15:10:37 ncopa: Is there a way to bake an autoconfigure script into an alpine iso like redhat's kickstart? 2013-11-18 15:11:27 hm 2013-11-18 15:11:41 i havent really used kickstart 2013-11-18 15:11:55 but you can embed an apkovl in the iso 2013-11-18 15:12:01 lemme get you one of my kickstart foles 2013-11-18 15:12:31 there are some support for running setup-alpine with an 'answers' file 2013-11-18 15:12:38 i havent really used it myself 2013-11-18 15:12:43 i just took some patches for it 2013-11-18 15:13:04 https://gist.github.com/lyska/c4c898b5208eb20d1ce6 2013-11-18 15:14:11 ok 2013-11-18 15:14:14 well 2013-11-18 15:14:15 hm 2013-11-18 15:14:37 i think you could somethign similar, except the disk layout part 2013-11-18 15:14:40 basically 2013-11-18 15:14:44 Maybe something that could take something like that in and spit out an apkovl? 2013-11-18 15:15:15 you could create an apkovl 2013-11-18 15:15:47 and then include that apkovl in an iso 2013-11-18 15:15:55 then when you boot the iso 2013-11-18 15:16:06 you could just run setup-disk 2013-11-18 15:16:24 that will only work with the default disk layout though... 2013-11-18 15:16:36 Hmm 2013-11-18 15:16:55 Would it be a project worth working on for Alpine? 2013-11-18 15:17:00 yeah 2013-11-18 15:17:04 Cool 2013-11-18 15:17:10 I'll get working on it later 2013-11-18 15:17:13 but 2013-11-18 15:17:15 um 2013-11-18 15:17:34 Hmm 2013-11-18 15:17:35 there is a guy who is working on new config framework 2013-11-18 15:17:41 to replace acf 2013-11-18 15:18:05 i was thinking of rewriting the installer to use that as backend 2013-11-18 15:18:09 but i have not decided 2013-11-18 15:18:15 oh 2013-11-18 15:18:16 its a bit big and require http server 2013-11-18 15:18:22 hmm 2013-11-18 15:18:35 i kinda like the simplicity of the current shell scripts 2013-11-18 15:18:48 but i miss some features 2013-11-18 15:18:50 what would be nice though is to have something you pass in as extra packages ot install 2013-11-18 15:18:53 to* 2013-11-18 15:19:05 At the least run a script in the chroot at install completion 2013-11-18 15:19:48 redhat has kickstart, debian has some kind of answers file 2013-11-18 15:20:00 i like the idea of answer file 2013-11-18 15:20:02 boot grsec extrapacks=webserver.base,ircd.base 2013-11-18 15:20:18 thats what the apkovl file does 2013-11-18 15:20:21 ah 2013-11-18 15:21:04 hm 2013-11-18 15:21:08 I do like the shell scripts 2013-11-18 15:21:14 It feels like old arch done right 2013-11-18 15:21:28 apkovl only will not be enough for kickstart-like installs 2013-11-18 15:21:49 you could likely beat it to work 2013-11-18 15:21:59 but it would install all youpackages into tmpfs at boot 2013-11-18 15:22:03 and then install it on disk again 2013-11-18 15:22:05 yeah 2013-11-18 15:22:22 I was thinking it would just be extra arguments to the main package install 2013-11-18 15:23:09 where are the install scripts on git.al.org? 2013-11-18 15:23:34 http://git.alpinelinux.org/cgit/alpine-conf 2013-11-18 15:23:42 looks lke there is support for answers files 2013-11-18 15:24:00 setup-alpine -f myanswers.cfg 2013-11-18 15:24:13 Hmm 2013-11-18 15:24:26 bah 2013-11-18 15:24:31 From there can I take that answers file and do a completely automated install? 2013-11-18 15:24:32 its pretty broke.. 2013-11-18 15:24:38 oh :( 2013-11-18 15:24:44 nooo 2013-11-18 15:24:49 but it looks like that was the idea 2013-11-18 15:25:01 setup-alpine -f myanswers.txt 2013-11-18 15:25:06 at the highest level 2013-11-18 15:25:10 touches the system files in /etc 2013-11-18 15:25:22 so it basically does not work unless you are root 2013-11-18 15:25:22 I'd like to be able to eventually do something like 2013-11-18 15:25:42 $ alpine-deploy 2013-11-18 15:25:56 and have it start that off and later email or something to me the IP address 2013-11-18 15:26:09 maybe with package groups too 2013-11-18 15:26:11 that it will get from dhcp? 2013-11-18 15:26:14 ya 2013-11-18 15:26:36 pretty much automated server setup 2013-11-18 15:26:44 yeah 2013-11-18 15:26:47 or it could spit out an iso for physical servers 2013-11-18 15:26:48 that woudl be nice 2013-11-18 15:29:50 i actually think that i originally was thinking of setup-alpine --root /path/to/root 2013-11-18 15:30:13 btw 2013-11-18 15:30:16 speaking of xen 2013-11-18 15:30:52 it would be nice to get some help with #2356 2013-11-18 15:31:06 I was just using Xen as an example to overview on how something like that could work with something like Xen to auto-deploy 2013-11-18 15:31:19 I don't know enough to be any use there :( 2013-11-18 15:31:43 and #2355 2013-11-18 15:32:24 and #2252 2013-11-18 15:32:43 either way, I'd like to help how I can 2013-11-18 15:32:47 i would love to see those fixed 2013-11-18 15:33:05 ha 2013-11-18 15:33:06 I don't know enough about Xen internals yet :( 2013-11-18 15:33:18 i got an init.d script there... cool! 2013-11-18 15:34:06 um its /bin/bash, needs to be openrc runscript 2013-11-18 15:36:28 oh, one thing more i want fix soonish is the libreswan script 2013-11-18 15:38:54 lyska: how do you deploy domu? 2013-11-18 15:41:03 ncopa: I don't yet. that would be part of it 2013-11-18 15:41:41 sweet! https://github.com/libreswan/libreswan/blob/master/initsystems/openrc/ipsec.init.in 2013-11-18 15:42:43 ncopa: you get my idea though, probably something like appliancekit 2013-11-18 15:43:04 https://github.com/libreswan/libreswan/blob/master/packaging/utils/lswan_detect.sh#L144 2013-11-18 15:43:11 they are 'detecting' alpine 2013-11-18 15:43:48 there is hope for libreswan 2013-11-18 15:47:43 fun fact: ansible detects that is running on Alpine, but upstream doesn't want to merge apk support 2013-11-18 15:56:21 ncopa: Alpine and its devs are great. Thanks much 2013-11-18 15:57:41 thanks :) 2013-11-18 15:58:51 Your only problem is the glibc incompatibility :( 2013-11-18 15:59:00 If that was fixed, it would be my dekstop 2013-11-18 15:59:02 desktop* 2013-11-18 15:59:08 (I want steam games) 2013-11-18 15:59:23 you can run other distro in chroot for that 2013-11-18 15:59:38 I'd need the gfx drivers 2013-11-18 15:59:53 maybe better dot he other way around 2013-11-18 16:00:01 run alpine in an lxc 2013-11-18 16:00:03 or so 2013-11-18 16:00:08 yeah 2013-11-18 16:00:16 I run alpine on my servers though 2013-11-18 16:00:27 Full headless operation is good 2013-11-18 16:00:44 ok gotta go 2013-11-18 16:00:44 with my pi I did the alpine install headless lol 2013-11-18 16:01:11 it woudl be great if anyone could test libreswan (openswan replacement) 2013-11-18 16:01:55 Mp5shooter: ↑ 2013-11-18 16:02:41 i would love to backport it to v2.7 2013-11-18 16:20:15 ncopa: strongswan cannot replace openswan ? 2013-11-18 16:20:35 atleast till libreswan gets tested 2013-11-18 16:22:00 lyska: it is possible to draw a rough sketch of that answer file setup, I mean how it would work, and publish it somewhere ? 2013-11-18 16:22:26 vkrishn: Yeah I could 2013-11-18 16:22:50 be happy to really, just at work now :( 2013-11-18 16:22:57 anyone here good with celery? 2013-11-18 16:24:47 I was thinking of such setup but was wanting something in it new from alpine point, though some process from deb can be taken 2013-11-18 16:25:26 My thought was to take the best of debian and redhat and make it better 2013-11-18 16:26:15 :) would be great 2013-11-18 16:26:35 I'd just mainly need the time to lol 2013-11-18 16:26:51 but if I get the documentation up it could be better 2013-11-18 16:27:14 then people can ~~tell me what I did wrong~~ improve it 2013-11-18 16:28:25 I did have some new idea when toying with upgrade of knoppix 2013-11-18 16:28:36 may be add to your sketch 2013-11-18 16:28:48 RHEL's kickstart was my inspiration 2013-11-18 16:29:58 gotto get those docs, kinda stopped using fedora/rh since 2006 2013-11-18 18:21:15 ncopa: i have a solution for #2356 2013-11-18 18:21:33 ncopa: i'll push it in a bit. 2013-11-18 21:54:26 o 2013-11-18 21:54:40 brtln: was libreswan fixed 2013-11-19 06:56:45 morning 2013-11-19 06:56:53 Mp5shooter: yes, i believe libreswan is fixed 2013-11-19 08:32:39 Moinmoin 2013-11-19 13:27:09 hi 2013-11-19 13:27:12 how are you guys? 2013-11-19 13:27:15 anything new? 2013-11-19 14:31:42 sure, getti'n one day older since yesterday... ;-) 2013-11-19 15:11:34 StarWarsFan: :p 2013-11-19 15:11:58 ROFL: https://plus.google.com/+notepad-plus-plus/posts/bE9hJ6FYZT5 2013-11-19 15:12:13 When a developer is fixing a bug... 2013-11-19 15:18:37 lol 2013-11-19 15:20:16 but he survived 2013-11-19 15:20:19 :-) 2013-11-19 15:22:26 ok ncopa i'll try it out after I get back from work in like 8 hours 2013-11-19 15:22:27 :) 2013-11-19 15:22:36 you need a minor patch 2013-11-19 15:23:06 http://sprunge.us/bOaV 2013-11-19 15:24:12 oh ok 2013-11-19 15:35:11 does that package have the patch ncopa 2013-11-19 15:42:05 Can I download a specific grsec apk for a specific kernel version? 2013-11-19 15:42:18 Mp5shooter: now it has 2013-11-19 15:42:26 ok 2013-11-19 15:42:41 shafire: not really, we delete old apk versions in repos 2013-11-19 15:44:04 Ok 2013-11-19 16:49:08 bye:) 2013-11-20 07:35:03 fabled: why does it continue instead of just exit with error? https://dpaste.de/qYd9 2013-11-20 07:37:29 it was due to something else that we wanted non-terminal errors. though, we should probably make it exit with error code after doing all the things. 2013-11-20 07:38:17 we pretty much know that things will end up in a broken state when deps are not installed 2013-11-20 07:38:22 why break it even more... 2013-11-20 07:44:24 bah, subversion http seems to have issues with ipv6 2013-11-20 07:44:35 :wq 2013-11-20 08:37:21 ncopa, midori does not build 2013-11-20 08:37:26 tnx 2013-11-20 08:41:57 huh... 2013-11-20 09:59:56 do you remember why we didn't push new prosody to repo? 2013-11-20 10:00:05 there was some reason, I'm too lazy to grep the logs 2013-11-20 10:03:10 dont remember 2013-11-20 10:03:12 probably some dep 2013-11-20 10:03:20 or maybe lua-5.2 2013-11-20 10:03:23 have no idea 2013-11-20 10:05:13 Arch's prosody 0.9 is built against 5.1 2013-11-20 10:08:38 I'll take a look later 2013-11-20 10:08:47 I plan to make a xmpp server 2013-11-20 10:15:22 seems that midori built too 2013-11-20 10:15:43 or not 2013-11-20 10:18:19 midori builds on x86 2013-11-20 10:18:21 not x86_64 2013-11-20 10:18:22 i'm on it 2013-11-20 10:18:48 problem is that it installs its libs in /usr/lib64 2013-11-20 11:15:51 ouch http://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html 2013-11-20 11:22:34 ha 2013-11-20 12:32:50 files from v2.5.4-209-g5acaa70 uploaded 2013-11-20 12:32:53 files from v2.5.4-209-g5acaa70 uploaded 2013-11-20 12:33:47 vblade has not be updated in 4yrs (has new release 21) 2013-11-20 12:38:10 files from v2.5.4-210-g4f28d4c uploaded 2013-11-20 12:38:25 files from v2.5.4-210-g4f28d4c uploaded 2013-11-20 12:42:05 files from v2.4.11-126-gb372621 uploaded 2013-11-20 12:42:46 files from v2.4.11-126-gb372621 uploaded 2013-11-20 12:49:54 any package similar to http://software.schmorp.de/pkg/gvpe.html ? 2013-11-20 13:17:13 i think i'll do v2.7.1 now 2013-11-20 14:37:54 why wasn't linux-virt-grsec bumped to 3.10.19? 2013-11-20 14:41:52 rnalrd: its your package ^^^ 2013-11-20 14:42:58 uggedal, sorry, i usually bump the version after linux-grsec, but this time I forgot to check 2013-11-20 14:43:19 i'm on it 2013-11-20 14:44:13 maybe ncopa, can you ping me when you are about to make a release with new kernel version? 2013-11-20 14:44:17 tnx 2013-11-20 14:44:37 sure 2013-11-20 14:45:43 since this package has same kernel patches as linux-grsec but only has different kernel config, we could build it from linux-grsec APKBUILD 2013-11-20 15:08:04 ncopa, i've some trouble with network in kvm guest. Lots of packet dropped (~10%). I'm using virtio driver, alpine 2.7 as host and guest. This behavior happens with high traffic. So, looking at kvm webpage i found this: http://www.linux-kvm.org/page/Virtio 2013-11-20 15:08:22 at the bottom, there's "How to use get high performance with Virtio" 2013-11-20 15:09:05 do you thing it would be a good idea to do an apk of dpdk.org/browse/virtio-net-pmd/refs/ ? 2013-11-20 15:09:14 yeah 2013-11-20 15:09:31 k 2013-11-20 15:09:40 i observed the same problem with hyper-v host 2013-11-20 15:10:29 but it was related to hv_netsvc modules 2013-11-20 15:10:39 which are quite poors 2013-11-20 21:41:24 someone get this to royger: http://paste2.org/UKVXCNFX 2013-11-20 21:41:31 it's persistant grants causing the problem 2013-11-20 21:41:37 n8 2013-11-20 23:45:01 how do I add GCC option -fPIE to APKBUILD ? I'm trying: 2013-11-20 23:45:06 build() { 2013-11-20 23:45:06 cd "$_builddir" 2013-11-20 23:45:06 CFLAGS="$CFLAGS -fPIE" 2013-11-20 23:45:06 ./configure \ 2013-11-20 23:45:07 --build=$CBUILD \ 2013-11-20 23:45:07 --host=$CHOST \ 2013-11-21 06:36:50 you probably should export it or pass to make 2013-11-21 07:08:18 ncopa, i think i've found the issue related to dropped packets 2013-11-21 07:08:19 http://www.novell.com/support/kb/doc.php?id=7007165 2013-11-21 07:08:29 seems that is by design 2013-11-21 07:08:50 counters has been changed 2013-11-21 07:09:12 i tried with tcpdump and packet are not dropped 2013-11-21 07:09:16 *packets 2013-11-21 07:17:18 morning 2013-11-21 07:17:30 ok, but performance is still low in virtual? 2013-11-21 07:17:43 my virtual machine has no heavy net load so i dont know 2013-11-21 07:17:56 BitL0G1c: why you need add -fPIE? 2013-11-21 07:18:22 our hardened gcc should add it by default 2013-11-21 07:19:04 ncopa, i'm going to check this with iperf. 2013-11-21 07:20:11 dropped packets is what took my attention 2013-11-21 07:20:37 ok 2013-11-21 07:20:50 i have had a look at mosquitto 2013-11-21 07:20:58 really nice 2013-11-21 07:21:07 internet of things? 2013-11-21 07:21:40 its a pub/sub messaging system 2013-11-21 07:22:18 apparently its used for anything from home automation to facebook messaging 2013-11-21 07:22:41 well, the protocol that is 2013-11-21 07:22:42 mqtt 2013-11-21 07:22:55 i saw it 2013-11-21 07:23:09 i am fairly sure this is what we want for build server infra 2013-11-21 07:23:18 way lighter than zeromq 2013-11-21 07:23:26 maybe the next generation of buildbot will be mqtt 2013-11-21 07:23:32 yup 2013-11-21 07:23:35 :) 2013-11-21 07:23:38 in fact 2013-11-21 07:23:44 just wondering about zmq in fact 2013-11-21 07:23:44 its very simple to set up 2013-11-21 07:24:00 just start the broker server 2013-11-21 07:24:03 lhttp://mosquitto.org/2011/07/lua-mqtt-client/ 2013-11-21 07:24:48 nice! 2013-11-21 07:25:08 on the builder: mosquitto_sub -t build/$gitbranch -h $server | while read line; do start_building; done 2013-11-21 07:25:17 and thats it basically 2013-11-21 07:25:18 well 2013-11-21 07:25:34 git hook needs to publish 2013-11-21 07:26:00 mosquitto -t build/$gitbranch -h $server -m 'build' 2013-11-21 07:26:09 and thats it 2013-11-21 07:26:19 wow 2013-11-21 07:26:48 if we want encrypt messages, then its just to enable crypto in the server 2013-11-21 07:27:07 it has support for acls, user/password etc too 2013-11-21 07:27:19 looks exactly what we need 2013-11-21 07:27:25 exactly 2013-11-21 07:27:34 it does what we need + more 2013-11-21 07:27:38 without coding 2013-11-21 07:27:56 there is even a javascript client so we could have a realtime webpage 2013-11-21 07:28:14 very very nice 2013-11-21 07:28:46 messages can be retained (eg build server can set "status" so when clients connect they et a list of al servers that is currently building) 2013-11-21 07:29:20 should be trivial to make a bridge to IRC too 2013-11-21 07:29:25 right 2013-11-21 07:29:34 basically, this does all we need 2013-11-21 07:29:44 and without coding 2013-11-21 07:29:51 yep 2013-11-21 07:30:03 and still beeing 20% size of current zeromq :) 2013-11-21 07:30:07 or so 2013-11-21 07:30:12 :) 2013-11-21 07:30:51 should be trivial to do twitter bridge too 2013-11-21 07:31:02 so we could get tweets when new packages are uploaded etc 2013-11-21 07:32:57 :) 2013-11-21 07:33:48 anyway, looks that 1 reach ~1GB with alpine as hyper-v guest 2013-11-21 07:33:59 with iperf as server 2013-11-21 07:34:07 [ ID] Interval Transfer Bandwidth 2013-11-21 07:34:07 [ 4] 0.0-10.0 sec 1.07 GBytes 914 Mbits/sec 2013-11-21 07:34:18 between host and guest? 2013-11-21 07:34:26 on the same machine? 2013-11-21 07:34:38 yes? 2013-11-21 07:34:46 with hyper-v i can check it 2013-11-21 07:34:49 *can't 2013-11-21 07:34:51 with kvm 2013-11-21 07:34:53 yes 2013-11-21 07:35:14 and if you bond 2 virtual nics? 2013-11-21 07:35:31 i haven't tried 2013-11-21 07:39:30 cool, you can enable mqtt messaegs on github... 2013-11-21 07:42:30 i see lots of usecases... 2013-11-21 07:42:43 :) 2013-11-21 07:42:50 once all files are uploaded to master mirror 2013-11-21 07:43:04 we could publish a message 2013-11-21 07:43:14 the mirrors could subscripe to those 2013-11-21 07:43:18 and start sync immediatly 2013-11-21 07:43:28 rather than using cron... 2013-11-21 07:44:07 same with the redmine thingy, that pulls git repo once in a while 2013-11-21 07:44:10 from cron 2013-11-21 07:44:24 we could have it resolve tickets instantly 2013-11-21 07:44:35 autoresolve from git commits... 2013-11-21 07:45:53 ncopa: re linux-virt-grsec 2013-11-21 07:46:10 yes? 2013-11-21 07:46:57 if we create it as subpkg of linux-grsec it means that it means that you will be the maintainer, since you cannot bump linux-grsec version, without generating a new config for linux-virt-grsec 2013-11-21 07:47:12 is that what you want? 2013-11-21 07:47:15 :) 2013-11-21 07:47:45 you always have to update the config? 2013-11-21 07:47:58 for every major version 2013-11-21 07:48:06 3.x.y 2013-11-21 07:48:08 yeah 2013-11-21 07:48:10 for x version, not y 2013-11-21 07:48:15 (usually) 2013-11-21 07:48:25 but one time happened also for y 2013-11-21 07:48:36 yeah i happens once in a while 2013-11-21 07:48:40 not too often 2013-11-21 07:48:44 right 2013-11-21 07:48:51 major releases yes 2013-11-21 07:48:55 it's your call 2013-11-21 07:49:19 another drawback is that rebuilding the main package will be dogslow 2013-11-21 07:49:25 y 2013-11-21 07:49:28 since it will build kernel twice 2013-11-21 07:49:28 double time 2013-11-21 07:49:38 almost, the virt kernel is much smaller 2013-11-21 07:49:41 between kvm host and guest: kvm alpine host (as client) --> kvm alpine guest (as server) = 4Gbits/sec. The other way round 5.06 Gbit/sec. 2013-11-21 07:50:01 fcolista: thats pretty good 2013-11-21 07:50:12 yes! 2013-11-21 07:50:19 I want to try with hyper-v 2013-11-21 07:50:29 iperf for windows? 2013-11-21 07:50:43 yes 2013-11-21 07:50:49 http://linhost.info/2010/02/iperf-on-windows/ 2013-11-21 07:51:02 thx 2013-11-21 07:51:33 rnalrd: if you are ok to continue maintain linux-virt-grsec, then i'd prefer that 2013-11-21 07:51:40 k 2013-11-21 07:51:56 maybe we change it in future 2013-11-21 07:52:00 but not today :) 2013-11-21 07:52:23 just ping me before a new Alpine release, so that we can make sure that linux-virt-grsec is aligned with linux-grsec 2013-11-21 07:52:36 i use to keep an eye on it, but you know... 2013-11-21 07:52:59 maybe with mosquitto this problem will be solved ;) 2013-11-21 08:31:51 ncopa - I'm trying to build GNUPG1 (I've built FWKNOP http://www.cipherdyne.org/fwknop/ successfully & it works - but GNUPG2 depends on pinentry & this currently means using a passwordlesss gpg key on the server & signature authentication on the client packet is not possible) - I've previously run gnupg1 without gpgme & it works fine with FWKNOP 2013-11-21 08:32:42 gnupg1 build fails with "Can't modify application's text section; use the GCC option -fPIE for position-independent executables. 2013-11-21 08:32:42 Makefile:619: recipe for target 'pubring.gpg' failed" 2013-11-21 08:33:25 that sounds like -fPIC is removed on compile or something 2013-11-21 08:35:16 & I see this at the very begining: 2013-11-21 08:35:21 >>> gnupg1: Analyzing dependencies... 2013-11-21 08:35:21 (1/4) Installing zlib-doc (1.2.8-r0) 2013-11-21 08:35:21 ERROR: zlib-doc-1.2.8-r0: No such file or directory 2013-11-21 08:35:21 ERROR: zlib-dev-1.2.8-r0: No such file or directory 2013-11-21 08:35:21 (2/4) Installing zlib-dev (1.2.8-r0) 2013-11-21 08:35:22 (3/4) Installing libsasl (2.1.26-r2) 2013-11-21 08:35:22 ERROR: libsasl-2.1.26-r2: No such file or directory 2013-11-21 08:35:23 (4/4) Installing libldap (2.4.37-r0) 2013-11-21 08:35:23 ERROR: libldap-2.4.37-r0: No such file or directory 2013-11-21 08:35:35 apk update 2013-11-21 08:37:08 I'm using edge main / testing as my repositories 2013-11-21 08:38:24 yes that helped 2013-11-21 08:41:19 fwknop looks actually interesting 2013-11-21 08:41:35 it works for many protos right? 2013-11-21 08:42:05 initial thought was 'how is this better than ssh with passwords disabled + ssh keys' 2013-11-21 08:42:29 but i do see the use in combination with other protos 2013-11-21 08:44:57 it's great 2013-11-21 08:45:47 my machine sends a signed encrypted packet to a random port 10,000 - 65000 & fwknop opens the SSH & MOSH ports for 30 seconds 2013-11-21 08:46:48 but really, how is that different than lets say disable ssh passwords and require ssh keys? 2013-11-21 08:47:13 it does hide the ssh server 2013-11-21 08:47:25 yeah, and you need to knock on the right port 2013-11-21 08:47:27 I have that too - fwknop just completely removes the listening ports 2013-11-21 08:47:35 with a correct sequence 2013-11-21 08:47:40 no 2013-11-21 08:47:42 iirc this is how it usually works 2013-11-21 08:48:07 I send a client packet to a random port 10-65,000 2013-11-21 08:48:08 maybe not exactly fwknop, but it's still the same family of software 2013-11-21 08:48:14 yes 2013-11-21 08:48:25 thats traditional port knocking yes 2013-11-21 08:48:33 it completely stealths the SSH port 2013-11-21 08:48:41 thats the vaule it adds 2013-11-21 08:49:00 so your boss dont know that you can ssh in :) 2013-11-21 08:49:52 with PAC Manager I can pre-pend the fwknop commands to SSH in 2013-11-21 08:51:02 for SFTP I use midnight commander to SSH in PAC (filezilla is too slow to login in time) 2013-11-21 08:52:06 fwknop binary is very small - 76k for the server component 2013-11-21 08:52:37 so I was going to build a version for gpg2 & another for gpg1 2013-11-21 08:53:50 what is the use of gpg1? 2013-11-21 08:53:56 i didnt really understand that 2013-11-21 08:54:27 BitL0G1c: coudl you please: apk add sprunge && sprunge < APKBUILD 2013-11-21 08:54:31 and paste the url here? 2013-11-21 08:54:43 gpg2 requires pinentry - this means using a key on the server with a password fails 2013-11-21 08:54:45 ok 2013-11-21 08:55:29 & using gnupg2 also means the client key signature does not authenticate 2013-11-21 08:56:37 http://sprunge.us/JGaS 2013-11-21 08:57:33 "SPA packets are passively sniffed from the wire via libpcap. " 2013-11-21 08:57:39 bah 2013-11-21 08:57:45 that means it will eat CPU 2013-11-21 08:57:46 lots of it 2013-11-21 08:58:14 not insane amounts. but yes, it means cpu 2013-11-21 08:58:31 depends how "smart" filters they install 2013-11-21 08:58:45 may be worth have a look at it 2013-11-21 08:58:50 but regardless - it's misusing the kernel apis 2013-11-21 08:59:00 traffic like that should go to predefined udp port 2013-11-21 08:59:23 it uses a lot less cpu than fail2ban 2013-11-21 08:59:31 doesnt sound too hard to to implement UDP 2013-11-21 08:59:43 yeah 2013-11-21 08:59:55 just listening on udp would be trivial 2013-11-21 09:00:08 i guess that's their way of "not needing the firewall rule to open the udp port" 2013-11-21 09:00:12 so it just magically works 2013-11-21 09:00:25 BitL0G1c: fail2ban just parses logs, so I don't think it's a good comparison 2013-11-21 09:00:43 BitL0G1c, depends on your traffic 2013-11-21 09:00:49 for 10mbps traffic it will not take cpu much 2013-11-21 09:01:01 for 1gbps link that is almost fully used, it will take _a lot_ 2013-11-21 09:01:08 if you have 5-6Gbit (kvm linux guest to host...:) 2013-11-21 09:01:27 the problem is that it will not scale 2013-11-21 09:02:01 it's possible to set it to listen silently on a single port 2013-11-21 09:02:08 udp or tcp 2013-11-21 09:02:08 with udp yes 2013-11-21 09:02:12 tcp no 2013-11-21 09:02:23 ah.. 2013-11-21 09:02:27 it already has that feature 2013-11-21 09:02:31 ? 2013-11-21 09:02:34 yes 2013-11-21 09:02:59 I just chose the option to using a random port in udp 10000 - 65000 2013-11-21 09:04:42 looking at top on a 256meg kvm vps - fail2ban is using 10% of the ram (same as PSAD) - fknop is using 2% 2013-11-21 09:05:28 fwknop is the first that i think is even useful :) 2013-11-21 09:05:36 with fwknop working & accepting a signed encrypted packet from a single ip address (included in the packet) - I don't really need fail2ban 2013-11-21 09:11:22 BitL0G1c: i meant the fwknop APKBUILD, not gnupg1 2013-11-21 09:11:49 yes 2013-11-21 09:12:28 http://sprunge.us/JGaS looks like gnupg1 2013-11-21 09:12:45 coupld you please sprunge me your fwknop APKBUILD? 2013-11-21 09:12:56 or i could start over from scratch too... 2013-11-21 09:12:58 oh ok sorry hold on 2013-11-21 09:13:15 http://pkgs.fedoraproject.org/cgit/fwknop.git/tree/ 2013-11-21 09:13:29 i have a script that converts .spec to APKBUILD 2013-11-21 09:14:35 http://sprunge.us/VGAO 2013-11-21 09:16:04 i was faster :) 2013-11-21 09:18:40 fwknop works fine - it's pinentry / gnupg which means a little less security for the client packet coming in 2013-11-21 09:18:55 *pinentry / gnupg2 2013-11-21 09:19:26 you cannot like, install a pubkey? 2013-11-21 09:20:00 I've exported the secret keys on the local machine & exported a signed public key 2013-11-21 09:20:38 but the exported secret keys have disabled functionality 2013-11-21 09:20:43 export-reset-subkey-passwd When using the --export-secret-subkeys command, this option resets the passphrases for all exported subkeys to empty. This is useful when the exported subkey is to be used on an unattended machine where a passphrase doesn't necessarily make sense. Defaults to no. 2013-11-21 09:21:18 ncopa: interesting, did you publish it? 2013-11-21 09:22:57 well, it just parses the .spec and calls newapkbuild 2013-11-21 09:23:11 so it does not handle depends or subpackages 2013-11-21 09:23:49 just set pkgdesc, license, source etc 2013-11-21 09:24:29 not yet published 2013-11-21 09:25:00 brtln: specs-to-apkbuild: http://sprunge.us/bEEJ 2013-11-21 09:25:11 still neat, thanks 2013-11-21 09:27:23 ~/abuild/specs-to-apkbuild fwknop 2013-11-21 09:27:27 actually worked :) 2013-11-21 09:31:06 should we split out the client or server package? 2013-11-21 09:31:17 so apk add fwknop-client 2013-11-21 09:31:24 yes I split them 2013-11-21 09:31:31 or apk add fwknop-server 2013-11-21 09:31:54 let me rephrase 2013-11-21 09:32:11 if you do: 'apk add fwknop' should you get the server or the client? 2013-11-21 09:32:12 I have 2 apkbuilds - one for the client & one for the server 2013-11-21 09:32:26 we should have only one APKBUILD 2013-11-21 09:32:29 but we split it 2013-11-21 09:32:38 with subpackages 2013-11-21 09:32:48 ok 2013-11-21 09:33:32 maybe it makes more sense to have fwknop-server package 2013-11-21 09:33:44 subpackage 2013-11-21 09:33:53 the client binary is 60k & server 76k 2013-11-21 09:34:26 the question is: should you get the server or the client when you do: apk add fwknop? 2013-11-21 09:35:13 apk add fwknop-server | fwknop-client 2013-11-21 09:35:23 I split them as they are split in debian 2013-11-21 09:35:29 and if you do apk add fwknop? 2013-11-21 09:35:35 both? 2013-11-21 09:35:38 or nothing? 2013-11-21 09:35:46 no - one or the other 2013-11-21 09:35:54 or both if you need both 2013-11-21 09:36:29 i think 'fwknop' should be the same as the client 2013-11-21 09:36:35 because thats the name of the client 2013-11-21 09:36:36 I build the server with --disable-client 2013-11-21 09:36:49 & the client with --disable-server 2013-11-21 09:37:11 i build both in same APKBUILD and split it 2013-11-21 09:37:16 in subpackages 2013-11-21 09:37:26 ok 2013-11-21 09:37:32 then we get fewer APKBUILDs 2013-11-21 09:37:37 easier to maintain 2013-11-21 09:38:05 http://sprunge.us/ONBR 2013-11-21 09:38:05 & no dependency to gpg 2013-11-21 09:40:01 maybe add --with-gpgme 2013-11-21 09:45:07 nftables will replace iptables or xtables ? 2013-11-21 09:47:33 is this useful http://wiki.qemu.org/Features-Done/VirtIORNG 2013-11-21 09:47:54 Beyond IPTables, it also replaces the ip6tables, arptables, and ebtables frameworks but nftables does offer a compatibility layer to iptables http://www.phoronix.com/scan.php?page=news_item&px=MTQ5MDU support. 2013-11-21 09:48:39 I was wanting to ask the compatibility part :) 2013-11-21 09:49:52 fcolista ^^^ VirtIORNG, since doing some tests 2013-11-21 09:51:07 vkrishn, thx. Anyway kvm host and guest works well. 2013-11-21 09:51:18 ok 2013-11-21 09:51:28 probably would be interesting to test a windows guest in kvm host 2013-11-21 09:51:38 would it be useful to package dpdk ? 2013-11-21 09:52:07 window - got no license copy :), willing to test if someone donates one 2013-11-21 09:53:38 fcolista, also have a look at https://github.com/01org/dpdk-ovs 2013-11-21 09:53:54 i was looking toit yesterday 2013-11-21 09:53:56 *to it 2013-11-21 09:53:59 :) 2013-11-21 09:54:04 the intel devel package 2013-11-21 09:54:47 yes and intel's 'soft switch' - ovs 2013-11-21 09:54:52 yes 2013-11-21 09:55:23 could also be useful from alpine infra point 2013-11-21 09:56:56 yes, an openswitch sofware opens a lot of interestin g scenarios 2013-11-21 10:01:02 i have been thinking setting up openvswitch beween the private nets on the build boxes 2013-11-21 10:01:12 but feel its kinda overkill for the task 2013-11-21 10:01:16 i know this is a linux channel but winamp is going out of business https://www.change.org/en-AU/petitions/aol-keep-winamp-alive-or-let-it-go-open-source 2013-11-21 10:02:02 it has done its job... 2013-11-21 10:02:12 yeah 2013-11-21 10:02:18 to me it's how it all started 2013-11-21 10:02:20 on windows nt 4 2013-11-21 10:02:24 mp3, vqf ... 2013-11-21 10:02:31 i used it as kid 2013-11-21 10:02:33 ncopa: is there a lighter alternative ? 2013-11-21 10:02:51 for just bind 2 private subnets? 2013-11-21 10:02:53 yes 2013-11-21 10:02:57 any tunnel software 2013-11-21 10:03:02 ipip tunnel 2013-11-21 10:03:06 gre 2013-11-21 10:03:15 what does this do http://software.schmorp.de/pkg/gvpe.html ? 2013-11-21 10:03:15 or similar 2013-11-21 10:03:22 and then just bridge 2013-11-21 10:03:27 vkrishn: what are you trying todo? 2013-11-21 10:04:28 what i like with openvswitch though, is that you can set up vlans and simulate vlan tagging virtually etc 2013-11-21 10:04:34 grimeton, something like linuxvirtualserver.org but using alpine 2013-11-21 10:05:10 vkrishn: i wonder if you hit limitations when it comes to the c lib 2013-11-21 10:05:29 what is it with vlans lately? everybody is talking about it like it's something totally new 2013-11-21 10:05:30 openvswitch acts like a real physical switch 2013-11-21 10:05:39 its not new 2013-11-21 10:06:08 i'm running setups in companies with dynamic vlan assignment ... 2013-11-21 10:06:33 for at least five years now ... 2013-11-21 10:07:01 same here 2013-11-21 10:07:31 grimeton, I was wanting build small edge servers like lamp / ruby... etc for dev work 2013-11-21 10:07:31 upgrading base desktop for testing becomes hectic 2013-11-21 10:07:49 vkrishn: run virtual machines and the setup you need inside 2013-11-21 10:08:04 i wouldn't even go with jails or containers 2013-11-21 10:09:32 so just build small ... small separate servers link them up, nfs... etc and do the dev 2013-11-21 10:09:32 that way I can also play around with newer desktops :)) 2013-11-21 10:09:32 kde / gnome / awesome 2013-11-21 10:09:44 its its only software dev for lamp, ruby etc, nothing that require special kernel features 2013-11-21 10:09:46 yeah 2013-11-21 10:09:55 then, I'd do it in a lxcontainer 2013-11-21 10:28:31 BitL0G1c: I added fwknop package to testing 2013-11-21 10:29:35 ok 2013-11-21 10:30:26 http://www.cipherdyne.org/fwknop/docs/fwknop-tutorial.html#fwknop-gpg 2013-11-21 10:30:47 It is also possible to create GnuPG keys on the server with no password and then set "GPG_ALLOW_NO_PW Y" in the access.conf file. 2013-11-21 10:31:04 "Using this feature and removing the passphrase from a GnuPG key pair is also useful in some environments where libgpgme is forced to use gpg-agent and/or pinentry to collect a passphrase." 2013-11-21 10:31:17 BitL0G1c: I believe that is what you want to do 2013-11-21 10:31:56 that is what I've done already 2013-11-21 10:32:15 but doing this also means the client signatures cannot be verified 2013-11-21 10:32:42 (as the passordless server key cannot sign the client key) 2013-11-21 10:33:38 you should not need the server key to verify a sig? 2013-11-21 10:33:47 & means disabling: 2013-11-21 10:33:49 GPG_REQUIRE_SIG: Y; 2013-11-21 10:33:49 GPG_IGNORE_SIG_VERIFY_ERROR: N; 2013-11-21 10:33:49 GPG_REMOTE_ID: 12341234; 2013-11-21 10:34:18 if the server does not sign the client public key the signature verification fails 2013-11-21 10:34:35 is it not possible to use like a 3rd party authority? 2013-11-21 10:34:42 a Certificate authority? 2013-11-21 10:34:55 and use the CA's pub key to verify it? 2013-11-21 10:35:56 looking on the fwknop mailing list they ust recommend using gpg1 until gpgme supports an automated environment with pinentry 2013-11-21 10:36:50 with gnupg1 passwords & signatures work without gpgme being required 2013-11-21 10:38:02 i just have a feeing that something is done wrong 2013-11-21 10:38:19 is it a limitation in gpgme? 2013-11-21 10:57:28 yes 2013-11-21 10:58:02 at the moment gpgme does not support automated passwords with pinentry 2013-11-21 10:58:32 & pinentry is a dependency for gnupg2 2013-11-21 10:59:45 gnupg1 is running make with -fPIE & still failing so it's something else stopping it 2013-11-21 11:00:28 the thing i think is wrong is "automated passwords" 2013-11-21 11:00:50 why not use PKI without passwords? 2013-11-21 11:01:37 if you need a password to verify a signature, then something must be done wrong... 2013-11-21 11:02:10 isnt there support for proper PKI with a Certificate authority? 2013-11-21 11:02:15 a CA 2013-11-21 11:02:33 only for gnupg 2013-11-21 11:17:48 gnupg1 build is failing right at the very end when it's running the checks 2013-11-21 11:17:52 ./gpg_dearmor > ./pubring.gpg < ./pubring.asc 2013-11-21 11:17:53 ./gpg_dearmor > ./secring.gpg < ./secring.asc 2013-11-21 11:18:29 on debian it builds without -fPIE 2013-11-21 11:37:53 made a new key with a password & signed the client key - now signature verification works - will add some notes to access.conf 2013-11-21 12:03:11 algitbot: build 2.7-stable 2013-11-21 12:10:48 algitbot: build 2.7-stable 2013-11-21 13:16:26 files from v2.4.11-127-g33a4631 uploaded 2013-11-21 13:16:26 files from v2.4.11-127-g33a4631 uploaded 2013-11-21 13:49:03 Looks that apache-mod-auth-ntlm-winbind won't install 2013-11-21 13:50:04 we need to add samba-winbind among dependencies 2013-11-21 15:28:07 i wonder if i should trigger a message for each commit 2013-11-21 15:28:11 or just each push 2013-11-21 15:28:22 i'm setting up mosquitto now 2013-11-21 15:29:50 i think just each push is enough 2013-11-21 15:29:58 with $oldhead $newhead 2013-11-21 16:31:43 ncopa: is there schema for the topic ? 2013-11-21 16:34:19 I mean topic for mqtt msgs 2013-11-21 16:35:45 eg mosquito_sub -t /alpine/2.7/x86/build 2013-11-21 16:35:55 or just mosquito_sub -t build ? 2013-11-21 17:55:13 royger 2013-11-21 17:55:20 royger: http://paste2.org/UKVXCNFX 2013-11-21 17:55:28 royger: it's persistant grants 2013-11-21 17:57:17 kaniini: vblade has version 21, is it stable to be upgraded ? 2013-11-21 17:58:23 vkrishn: sure 2013-11-21 17:58:28 thanks 2013-11-21 19:41:11 http://lists.alpinelinux.org/alpine-devel/ is down ?? 2013-11-22 07:11:28 mornings 2013-11-22 07:11:39 re schema for mqtt 2013-11-22 07:11:48 i was initially thinking alpine/... 2013-11-22 07:11:52 prefix for everything 2013-11-22 07:12:13 but since this is a alpinelinux.org, i think the alpine prefix is redundat 2013-11-22 07:12:36 so i was thinking git/repo/branch or similar 2013-11-22 07:13:00 for subscribing to git pushes 2013-11-22 07:13:30 and for build server status i was thinking something like build// 2013-11-22 07:18:21 you can already mqtt subscribe to git commits 2013-11-22 07:18:42 mosquitto_sub -h msg.alpinelinux.org -t 'git/aports/master' 2013-11-22 07:18:49 well 2013-11-22 07:18:51 git pushes 2013-11-22 07:19:09 i dont know if we should publish all the commits individually there too 2013-11-22 07:19:12 maybe later 2013-11-22 07:19:27 and maybe as 'git/aports/master/commit' 2013-11-22 07:19:57 when i think of it 2013-11-22 07:20:15 i think git push notifications should be retained 2013-11-22 07:20:38 because it will force rebuild on bootup 2013-11-22 07:35:12 i wonder if i should make it possible to subscribe to given packages 2013-11-22 07:35:31 so you for example could get notification when something was pushed to a specific package 2013-11-22 07:35:41 eg gen an email if linux-grsec package was changed 2013-11-22 07:35:43 get* 2013-11-22 09:01:55 sweet 2013-11-22 09:02:21 i created gretap tunnel between the bld1 and bld2 servers 2013-11-22 09:02:25 and added it to the bridge 2013-11-22 09:02:39 the private lxc network 2013-11-22 09:03:02 now i have one big private LAN 2013-11-22 09:03:21 the containers on bld1 can see the containers on bld1 over the private subnet 2013-11-22 09:09:19 fabled: ok if i restart the ttdev-edge-* boxes on bld2? 2013-11-22 09:09:31 ncopa, sure,np. 2013-11-22 09:27:57 fabled: can you try ssh to ttdev-edge-x86_64? 2013-11-22 09:28:02 i think it should work 2013-11-22 09:28:55 yes, it works 2013-11-22 09:29:00 thanks 2013-11-22 09:29:38 btw, i never got the bridge over bonding work 2013-11-22 09:29:51 i have removed one of the interfaces from the bond0 2013-11-22 09:30:05 dunno what goes wrong 2013-11-22 09:48:45 kaniini: ping 2013-11-22 09:49:05 royger: pong 2013-11-22 09:49:12 royger: did you get my debug-keys output 2013-11-22 09:49:22 royger: of a domU that didn't go away 2013-11-22 09:50:26 yes, could you provide me the info about DomU/Dom0 so I can try to reproduce it? 2013-11-22 09:51:17 3.10.10-0-grsec VM 2013-11-22 09:51:24 on 3.10.19-0-grsec dom0 2013-11-22 09:51:35 VM has 1GB ram 2013-11-22 09:51:37 so it's an alpine PV domu? 2013-11-22 09:51:49 and either clean or destroy causes it 2013-11-22 09:51:52 i forget which 2013-11-22 09:53:50 kaniini: on the Dom0, do you still have any netback/blkback thread related to that DomU? also, what kind of disks are you using? 2013-11-22 09:56:13 royger: i had to restart the dom0 because aacraid had a nice failure 2013-11-22 09:57:05 kaniini: did you have the storage for those VM on aacraid? 2013-11-22 09:57:25 kaniini: maybe thep roblem is that the underlying driver never returned those pages to blkback, so they were never unmapped 2013-11-22 09:58:22 royger: no 2013-11-22 09:58:32 royger: because, it happens also on a machine running software raid 2013-11-22 09:59:02 kaniini: what kind of storage are you using? 2013-11-22 09:59:09 royger: and it happens without any iopressure 2013-11-22 10:01:57 I usually destroy VMs, and I'm running 3.10, 3.11 or 3.12 and I've never seen it, so I guess there's something specific to your setup that makes this happen 2013-11-22 10:12:06 rnalrd: i pushed 3.10.20 grsec kernel 2013-11-22 10:12:17 k 2013-11-22 10:20:23 royger: maybe it's shutdown 2013-11-22 10:20:39 royger: i'll look into it more 2013-11-22 10:21:01 kaniini: so it's an HVM guest? 2013-11-22 10:21:10 royger: no PV 2013-11-22 10:21:16 royger: and it only does it 2013-11-22 10:21:19 royger: with v2 tables 2013-11-22 10:21:35 agr, sorry, I've read "stubdom" instead of "shutdown", too early... 2013-11-22 10:21:45 i hear that 2013-11-22 10:21:49 i am only awake right now 2013-11-22 10:21:55 because of that aacraid issue 2013-11-22 10:22:01 which may also be a xen bug 2013-11-22 10:22:16 because on a kvm machine with aacraid and cpu scaling 2013-11-22 10:22:21 the driver doesn't deadlock 2013-11-22 10:22:24 but it does on xen 2013-11-22 10:23:22 kaniini: so if you force the guest to use grant table v1, there are no left over grant refs? 2013-11-22 10:23:33 that's kind of weird... 2013-11-22 10:27:01 royger: how do i force the guest to use grant table v1? 2013-11-22 10:27:42 kaniini: from your previous message I get that you were forcing it to use v1? 11:21 <@kaniini> royger: and it only does it 11:21 <@kaniini> royger: with v2 tables 2013-11-22 10:28:05 royger: oh, no 2013-11-22 10:28:21 royger: what i mean is none of the '(null)' domains 2013-11-22 10:28:25 royger: are v1 tables 2013-11-22 10:31:23 kaniini: you could hack gnttab_request_version in the kernel to set gsv.version = 1; in the PV case I guess 2013-11-22 10:34:30 kaniini: see http://paste2.org/CNW1XnmG (completely untested) 2013-11-22 10:34:55 yeah 2013-11-22 10:35:02 that kinda sux 2013-11-22 10:35:32 yes, even more given the fact that none of the kernel users of grant table needs v2 2013-11-22 10:38:50 well i think it's persistant grants 2013-11-22 10:39:01 i assume that's grant table v2 2013-11-22 10:40:41 kaniini: no, persistent grants don't have anything to do with grant table v2 2013-11-22 10:42:17 hmm! 2013-11-22 10:42:24 well, i think it is that 2013-11-22 10:42:35 that makes more sense than grant table v2 right? 2013-11-22 10:44:19 kaniini: you could try to create a guest that uses Qdisk instead of blkback and see if the same problem still happens, if it does not, then it certainly would point to a problem in blkback 2013-11-22 10:44:44 royger: okay 2013-11-22 10:45:09 royger: how do i do that 2013-11-22 10:45:25 just set the DomU disks to use a raw file instead of a block device 2013-11-22 10:46:02 dd if=/current/block/dev of=domu.disk bs=1M 2013-11-22 10:47:07 ouch http://www.symantec.com/connect/blogs/all-your-tomcat-are-belong-bad-guys 2013-11-22 10:49:06 ok 2013-11-22 10:52:06 kaniini: also, if you want to disable persistent grants you can also use: echo 0 > /sys/module/xen_blkback/parameters/max_persistent_grants 2013-11-22 10:56:09 okay 2013-11-22 10:56:13 i'll evaluate that 2013-11-22 10:56:17 and get back to you 2013-11-22 11:37:39 files from v2.4.11-131-g1dae87e uploaded 2013-11-22 11:44:54 files from v2.4.11-131-g1dae87e uploaded 2013-11-22 12:22:18 having -t (topic) start with common root word means single sub connection 2013-11-22 12:36:27 grimeton: did you read that article? 2013-11-22 12:36:36 did you see the real problem? 2013-11-22 12:36:48 ncopa: yeah, it's pebcak 2013-11-22 12:36:59 more or less yes 2013-11-22 12:37:11 it uses stupid passwords 2013-11-22 12:37:59 2 things to do to solve the problem: 1) dont use stupid passwords. 2) do let the admin port be open to world 2013-11-22 12:38:17 the solution is not what the article states: install AV 2013-11-22 12:38:21 yeah and 2) is something that the distro can take care of by default :) 2013-11-22 12:38:33 yes 2013-11-22 12:39:05 symanted tries to scare people "oh we have not many AV installs on servers.. you need our products there too" 2013-11-22 12:39:18 the thing is, AV does not really solve any problem 2013-11-22 12:39:29 the* problem 2013-11-22 12:39:45 even with AV, but still having bad password and open admin port 2013-11-22 12:39:53 you can do lots of damage... 2013-11-22 12:40:22 yeah, the AV solution isn't why i posted the info here 2013-11-22 13:19:13 hmm... net problem since morning 2013-11-22 13:19:56 ncopa, single topic -t could be useful from websocket point, but otherwise its ok 2013-11-22 13:21:54 though I can think of interesting usage when a cluster publishes msgs under single rootword :) 2013-11-22 13:24:12 anybody had a look whey http://lists.alpinelinux.org/alpine-devel/date.html not getting updated 2013-11-22 13:25:10 oh 2013-11-22 13:25:13 thats true... 2013-11-22 14:28:45 is there some sort of APKBUILD styleguide? tabs vs spaces? 2013-11-22 14:29:24 uggedal, tabs 2013-11-22 14:32:00 tabs because they save space ;) 2013-11-22 14:33:08 thanks, did a retab and sent a patch 2013-11-22 14:34:03 and added 'au BufRead APKBUILD setl noexpandtab softtabstop=0 tabstop=4 shiftwidth=4 nosmarttab' to vimrc 2013-11-22 14:37:22 you mind if i merge the 2 commits into a single? 2013-11-22 14:37:27 with the first commit message 2013-11-22 14:39:01 ncopa: nope 2013-11-22 14:40:06 what is the process for a package transitioning from testing to main? 2013-11-22 14:44:54 uggedal: apk add it from the http repo, verify that the builder didnt make anythign stupid/unxepected 2013-11-22 14:45:03 and let me know its ok 2013-11-22 14:45:05 and i'll move it 2013-11-22 14:45:18 normally people ask for a package 2013-11-22 14:45:28 i create an apkbuild and push it to testing 2013-11-22 14:45:33 and ask them to test it 2013-11-22 14:45:46 if they say its ok i move it to main 2013-11-22 15:08:04 i need to go 2013-11-22 15:08:18 could somebody please respond to timo jacobs question about hosting a mirror 2013-11-22 15:08:27 we should add that to the FAQ 2013-11-22 15:08:41 have a nice weekend 2013-11-22 15:09:08 lists.alpinelinux.org seems out of date 2013-11-22 15:09:31 jb broke it 2013-11-24 17:18:07 what's the point of keeping old iso images in edge? 2013-11-24 17:18:13 ncopa ↑ 2013-11-24 17:44:35 barthalion, you around ? 2013-11-24 17:46:11 is there anything like testing/dvtm in mains? has this been tested ? 2013-11-24 17:46:46 vkrishn: there is screen and tmux 2013-11-24 17:47:00 and about dvtm… no, I haven't tested it on alpine 2013-11-24 17:48:05 both are session based and as dvtm author puts and more simpler and neater 2013-11-24 17:48:21 I use tmux 2013-11-24 17:49:04 and screen too :) 2013-11-24 17:49:22 I don't even remember when I pushed dvtm 2013-11-24 17:49:52 :) 2013-11-24 17:50:41 what I was trying to find was if I can start dvtm with a script resulting in multiple screen with various programs 2013-11-24 17:51:24 kinda preset 2013-11-24 17:51:53 I don't think so 2013-11-24 17:52:17 although I don't know what can be set in config.h 2013-11-24 17:56:53 nope not at install , but with a simple script that starts dvtm then makes a layout with different apps running on it 2013-11-24 18:05:48 doubt it 2013-11-24 18:35:33 thanks, gtg 2013-11-25 07:36:35 morning 2013-11-25 07:36:46 no point in keeping old iso images in edge 2013-11-25 07:37:05 i shuld clean it up 2013-11-25 07:50:24 ncopa: nfc module and nfc-tools are important from al point ? 2013-11-25 08:15:03 and there is also 'caif' modules , but may have lesser use 2013-11-25 08:28:49 #2437 2013-11-25 09:46:03 kaniini: http://marc.info/?l=xen-devel&m=138522339900931 I think he is using the same Dom0 kernel version and experiencing the same issues 2013-11-25 12:05:07 ncopa: ping 2013-11-25 12:05:23 Executing shared-mime-info-1.2-r0.trigger 2013-11-25 12:05:36 does that have to take so long? 2013-11-25 12:07:13 clandmeter: pong 2013-11-25 12:07:17 due to a stupid feature 2013-11-25 12:07:46 https://bugs.freedesktop.org/show_bug.cgi?id=70366 2013-11-25 12:08:19 they do an fdatasync() per file 2013-11-25 12:08:55 because obviously some distros go total colapse if icon cache gets corrupt 2013-11-25 12:09:29 is there no way to ignore it when we run from abuild? 2013-11-25 12:13:02 or maybe patch it ourselves like you have suggested. 2013-11-25 12:39:38 clandmeter: we could also just revert this: http://cgit.freedesktop.org/xdg/shared-mime-info/patch/?id=bc7658182f1922d49f33acf614f408a9d3f1f9f2 2013-11-25 12:40:01 or maybe trick configure that we dont have fdatasync 2013-11-25 12:40:14 ac_have_fdatasync=no ./configure ..... 2013-11-25 12:40:16 or similar 2013-11-25 13:05:46 royger: yes, i have 2 pages stuck too 2013-11-25 13:08:03 kaniini: this seems to be related to some missing net backports 2013-11-25 13:09:23 i assue you will be doing the needful and identifying them so i can backport? 2013-11-25 13:09:25 ;) 2013-11-25 13:13:02 kaniini: this mail contains all the info: http://marc.info/?l=linux-netdev&m=138382655029494 2013-11-25 13:17:52 ok i'll do the backport in a moment 2013-11-25 13:23:38 royger: 3.10.20 has the patch already applied 2013-11-25 13:26:08 kaniini: all of them? 2013-11-25 13:26:20 files from v2.4.11-132-g2fa3868 uploaded 2013-11-25 13:26:40 royger: yes, both patches. 2013-11-25 13:27:05 files from v2.4.11-132-g2fa3868 uploaded 2013-11-25 13:33:07 ncopa: something wrong with edge64? 2013-11-25 13:35:20 not that i know? 2013-11-25 13:35:21 how so? 2013-11-25 13:35:52 i just pushed something and it didnt start building? 2013-11-25 13:38:50 algitbot: build master 2013-11-25 13:39:29 kaniini: then I guess you will have to bring the conversation to xen-devel 2013-11-25 13:39:58 kaniini: did anything that we spoke about last Friday solve your problem? 2013-11-25 13:40:42 ncopa: i thought the new messaging framework would fix this? 2013-11-25 13:40:54 royger: i do not yet have any dom0 on 3.0.20 2013-11-25 13:41:01 zeromq have been dissapointing... 2013-11-25 13:41:03 royger: so i will check and see if it goes away 2013-11-25 13:41:16 oops, 3.10.20 2013-11-25 13:41:34 kaniini: so those problem were on 3.10.18 or lower? 2013-11-25 13:41:43 31.0.18 and 3.10.19 2013-11-25 13:41:46 3.10.18* 2013-11-25 13:44:00 is there a reason why curl isn't compiled with the path to the ca bundle from ca-certificates? 2013-11-25 13:54:16 ncopa, is it possible to see design overview of msg subsystem, as what happens after a git commit.. ? 2013-11-25 13:54:57 zmq has now a stable 4.x release :) 2013-11-25 13:55:40 ncopa: the testing/hub APKBUILD you pushed last week only seems to have been published to x86, not x86_64 (it's noarch) 2013-11-25 13:56:05 uggedal: the x86_64 build server was 'offline' 2013-11-25 13:56:30 the messaging stuff we have from git hook -> build server is fragile 2013-11-25 13:56:51 but i have waken it up so its building now 2013-11-25 14:06:07 ncopa: not your day today? :) 2013-11-25 14:06:51 its monday :-( 2013-11-25 14:26:30 ncopa: testing/hub works when installed from the mirrors and can be moved to main if you want 2013-11-25 14:37:34 uggedal: thanks! 2013-11-25 16:13:19 ncopa: I set up Alpine mirror on my server, should I create a bug report somewhere to get it added? 2013-11-25 17:37:22 anyone else just get an email from google? 2013-11-25 17:53:31 no 2013-11-25 18:17:45 got a recruitment email 2013-11-25 18:17:53 found me in the alpine developer group 2013-11-25 18:17:57 even though i'm not a developer lol 2013-11-25 18:24:29 now you are :-) 2013-11-25 18:26:21 there is no kamailio-pcre package anymore? 2013-11-25 23:41:30 Mp5shooter: I did too 2013-11-26 00:10:04 if dl-5 isn't reachable at the moment it's because there is some weird routing stuff going on 2013-11-26 00:10:13 i'm waiting for it to finish 2013-11-26 09:30:32 Mp5shooter: i got googles headhunters after me various times 2013-11-26 09:35:15 algitbot: build master 2013-11-26 11:17:17 Why we don't have kamailio-pcre package anymore? 2013-11-26 11:17:43 It is not needed? 2013-11-26 11:17:49 http://wiki.alpinelinux.org/wiki/Kamailio 2013-11-26 11:19:52 pcre module is in main package 2013-11-26 11:20:05 at least this is what APKBUILD says 2013-11-26 11:20:44 ncopa: would you accept a patch to add ca-certificates as a dep to curl? 2013-11-26 11:28:16 uggedal, i think that would be a good idea to have 2013-11-26 11:34:02 barthalion: thanks 2013-11-26 11:40:46 fabled: cool, patch sent 2013-11-26 11:41:23 uggedal, does it need additional options to use ca-certificates? or having it there at build time is enough? 2013-11-26 11:42:24 fabled: configure scripts detects it 2013-11-26 11:42:31 uggedal, perfect 2013-11-26 11:43:18 wich there were some runtime detection, but I coulden't find a way. seems it has to be compiled with the path to the ca bundle 2013-11-26 11:43:36 s/wich/wish 2013-11-26 11:45:39 without using `curl --cacert /etc/ssl/certs/ca-certificates.crt` manually that is 2013-11-26 12:06:30 curl can be used without ca-certificates for http/ftp etc 2013-11-26 12:06:40 which is why i didnt add it as a hard dep 2013-11-26 12:07:32 but i dont have that strong feelings about it 2013-11-26 13:40:28 files from v2.4.11-134-g7d23506 uploaded 2013-11-26 13:40:37 files from v2.4.11-134-g7d23506 uploaded 2013-11-26 13:43:18 files from v2.5.4-213-gba30e1e uploaded 2013-11-26 14:43:25 files from v2.5.4-214-gf39890c uploaded 2013-11-26 14:45:19 files from v2.5.4-214-gf39890c uploaded 2013-11-26 17:01:36 kaniini: http://alpinelinux.org/forum/installation/updateupgrade-26-27-dom0 2013-11-26 17:27:18 files from v2.4.11-135-gc63d8b6 uploaded 2013-11-26 17:28:31 files from v2.4.11-135-gc63d8b6 uploaded 2013-11-26 18:28:45 barthalion: he has to reboot into the xen 4.3 hypervisor 2013-11-27 10:15:51 I'm thinking of adding some subpackages to various packages for bash completion files included from upstream. Does this sound sane? If so, what would a good suffix be? git-bash/git-completion/git-bashcompletion? 2013-11-27 10:17:44 completion sounds fine 2013-11-27 10:17:52 iirc zsh can use bash-completion files too 2013-11-27 10:18:08 (well, at least fallback to them if no zsh specific completion is available) 2013-11-27 10:22:13 barthalion: yeah, but usually the completion files is installed to /usr/share/bash-completion 2013-11-27 10:24:30 uggedal: maybe git-bash-completion? 2013-11-27 10:24:56 looks better than git-bashcompletion 2013-11-27 10:25:01 what debian does about it? ship with the main pkg? 2013-11-27 10:25:18 how big are those files? 2013-11-27 10:26:03 if they are less than 4k its probably better to ship them with main package 2013-11-27 10:26:49 60.0K src/git-1.8.4.3/contrib/completion/git-completion.bash 2013-11-27 10:27:17 yeah better add subpkg 2013-11-27 10:27:34 other option is: git-completion-bash 2013-11-27 10:27:38 yeah, bash-completion looks better. POSIX does not allow `-` in function names, but seems ash accepts them 2013-11-27 10:28:01 you can override the func name in APKBUILD 2013-11-27 10:28:07 ncopa: cool 2013-11-27 10:28:23 subpackages="my-sub-package:myfunc" 2013-11-27 10:28:39 will look into updating and fixing testing/bash-completion as well 2013-11-27 10:28:55 thanks! 2013-11-27 10:29:01 i dont use bash much myself 2013-11-27 10:29:17 i think the completion too often gets in the way... 2013-11-27 10:29:24 i can't live without git autocompletion :/ 2013-11-27 10:29:30 :) 2013-11-27 10:29:56 for branches with git-checkout and files with changes with git-add etc 2013-11-27 10:30:25 tar -ztf file.apk 2013-11-27 10:30:53 completion does not know that .apk is actually a tar.gz 2013-11-27 10:31:13 and even if the file is there, it will not autocomplete it for me 2013-11-27 10:31:43 without the smart autocomplete it will complete the file for me 2013-11-27 10:32:03 same wiht mount -o loop file.iso 2013-11-27 10:32:17 bash thinks he is smarter than me and dont want complete the file.iso 2013-11-27 10:33:21 but feel free to send a patch 2013-11-27 10:33:28 i think its a good idea 2013-11-27 10:53:30 actually even gnu tar doesn't know that .apk is tar.gz 2013-11-27 10:53:35 at least I've had problems here 2013-11-27 10:53:45 really? 2013-11-27 10:55:37 or not 2013-11-27 10:55:47 well, it happened at least once 2013-11-27 10:55:57 I'm not curious enough 2013-11-27 11:01:07 hmpf 2013-11-27 11:01:33 i have a super simple daemon 2013-11-27 11:01:37 shell 2013-11-27 11:01:57 but when i kill the daemon it does not kill all the children 2013-11-27 11:01:58 hm 2013-11-27 11:02:42 mosquitto_sub .. | while read ...; do .. done 2013-11-27 11:02:46 thats the daemon 2013-11-27 11:03:04 but it does not kill the mosquitto_sub process when it dies.. 2013-11-27 11:03:18 i wonder if i should implement it in C... 2013-11-27 12:01:19 fabled: i have this script: http://sprunge.us/TgSj which i run with start-stop-daemon --background (ssd will fork it to background and redirect stdout/stderr and create pid for me) 2013-11-27 12:01:25 but when i terminate it 2013-11-27 12:01:39 the misquitto_sub process remains 2013-11-27 12:02:12 because start-stop-daemon --background detaches it 2013-11-27 12:02:33 hm 2013-11-27 12:03:07 that makes it a group leader and it no longer is child of the starting process 2013-11-27 12:03:49 i wonder how to properly kill it 2013-11-27 12:03:56 or if i should just implement it in C 2013-11-27 12:04:04 why do you start-stop-daemon it? 2013-11-27 12:04:25 because its convenient 2013-11-27 12:04:31 and i want pidfile 2013-11-27 12:04:36 and want it to daemonize 2013-11-27 12:04:39 properly 2013-11-27 12:04:39 how do you want stop it then? 2013-11-27 12:04:53 use start-stop-daemon and send kill signal? 2013-11-27 12:05:03 s-s-d creats a pid 2013-11-27 12:05:12 http://sprunge.us/hRAQ 2013-11-27 12:05:16 so use s-s-d --stop --kill 2013-11-27 12:05:40 maybe it sends term signal 2013-11-27 12:06:16 oh 2013-11-27 12:06:25 it's --signal kill 2013-11-27 12:06:27 i think 2013-11-27 12:06:37 no 2013-11-27 12:06:40 it's --signal SIGKILL 2013-11-27 12:06:44 or SIGTERM 2013-11-27 12:06:48 or whatever you want to send 2013-11-27 12:08:05 i dont know what start-stop-daemon --stop sends 2013-11-27 12:08:09 or what i need it to send 2013-11-27 12:08:20 it does kill the script 2013-11-27 12:08:28 oh 2013-11-27 12:08:29 just not the mosquitto_sub child 2013-11-27 12:08:55 otoh, i dont want it to kill a running aports-build 2013-11-27 12:09:09 ncopa, why not "mosquitto_sub .. > somefile.txt" 2013-11-27 12:09:15 and then process the file ? 2013-11-27 12:09:30 ...or maybe we want it to stop the current build... 2013-11-27 12:09:47 yeah, iu think we want stop the build if we stop the listener 2013-11-27 12:09:58 makes it convenient to abort a built 2013-11-27 12:10:26 vkrishn: who should i process the file? from cron job? 2013-11-27 12:10:51 monit or 2013-11-27 12:11:04 then i get same problem with monit? 2013-11-27 12:11:19 inotify 2013-11-27 12:11:47 that just ugly :) 2013-11-27 12:11:59 i'd like to either properly kill mosquitto_sub on shutdown 2013-11-27 12:12:03 or implement it in C 2013-11-27 12:12:13 shutdown of ? 2013-11-27 12:12:21 the autobuilding service 2013-11-27 12:12:38 its an /etc/init.d script that listens on git pushes 2013-11-27 12:12:51 when someone git push, i want get notification and start build 2013-11-27 12:12:57 thats what mosquitto_sub does 2013-11-27 12:13:26 then i just read from there, when there is something to read, we start biulding 2013-11-27 12:13:32 http://sprunge.us/TgSj 2013-11-27 12:24:54 some design overview pls ?? it can be an image or dia format or any 2013-11-27 12:26:37 /etc/init.d script that listens on git pushes - why is it needed ... I thought that's getting processed via mq_sub! 2013-11-27 12:28:13 that listens to mq_pub 2013-11-27 12:34:43 I think an interesting ML thread could be started on this... 2013-11-27 12:35:03 and http://lists.alpinelinux.org/alpine-devel/date.html is stil outdated 2013-11-27 12:38:05 barthalion, I was wondering if pkg parallel was suffixed with perl- ? 2013-11-27 12:38:28 everything in it seems to have perl script 2013-11-27 12:41:05 or prefixed ;) 2013-11-27 13:02:35 vkrishn: non-libs should not be prefixed afaik 2013-11-27 13:15:23 hmmm... ok 2013-11-27 13:17:14 vkrishn: as uggedal said 2013-11-27 13:21:06 ok, thanks for pkging, I wished something like this (or simpler) could be in busybox 2013-11-27 13:22:54 or can it be done already ... like exec() fork... ? 2013-11-27 16:04:57 whee! 2013-11-27 16:05:00 great success 2013-11-27 16:05:10 finally my mqtt listener c client works 2013-11-27 16:05:20 will try deply tm 2013-11-27 16:05:24 deploy* 2013-11-27 16:05:26 see u 2013-11-27 16:05:35 congrats :-) 2013-11-27 18:16:04 what is the package for git send-mail ? 2013-11-27 18:17:49 "Note: The git send-email command is provided by the git-perl package." 2013-11-27 18:17:58 sorry ¬¬" 2013-11-28 06:44:28 question: 2013-11-28 06:44:49 the checksums on the APKBUILD files, 2013-11-28 06:44:58 how they are computed? 2013-11-28 06:45:06 just with calls like 2013-11-28 06:45:21 md5sum ? 2013-11-28 07:01:15 morning 2013-11-28 07:01:33 StarWarsFan: yes, with calls like md5sum 2013-11-28 07:02:14 yeah, got it 2013-11-28 07:02:15 thx 2013-11-28 07:02:19 moin btw. :-) 2013-11-28 07:02:28 http://git.alpinelinux.org/cgit/abuild/tree/abuild.in#n1610 2013-11-28 07:32:26 hehe 2013-11-28 07:32:34 while searching for mqtt things 2013-11-28 07:32:38 guess who i find... 2013-11-28 07:32:52 http://fabian-affolter.ch/blog/mqtt-and-desktop-notifications/ 2013-11-28 07:54:56 ncopa: what happens when git commit is taking place and build servers are off, do the pick-up from previous state when restarted ? 2013-11-28 07:55:09 or has to be manually reset ? 2013-11-28 07:55:29 do they* 2013-11-28 08:01:37 do have look at #2443 2013-11-28 08:02:00 vkrishn: i think we will make the git push mqtt messages 'retained' 2013-11-28 08:02:18 which means, when build server subscribes to mqtt 2013-11-28 08:02:34 they will allways get an initial message of last git commit 2013-11-28 08:02:53 (beauty of mqtt...) 2013-11-28 08:03:17 so mosquitto_sub .. > tosomefile.txt is the way ? 2013-11-28 08:03:27 no :) 2013-11-28 08:03:31 last git commit ... not previous to it ! 2013-11-28 08:03:50 i ended up implement a C client 2013-11-28 08:04:23 hmm... I was thinking if all could be just done by using shell wraps and available utils/tools 2013-11-28 08:04:33 it *could* 2013-11-28 08:04:38 but i think it would be clumsy 2013-11-28 08:04:44 and there is a way... 2013-11-28 08:04:47 for example 2013-11-28 08:04:52 nope... it would be cluster ready 2013-11-28 08:04:57 the mosquitto_sub > file.txt 2013-11-28 08:05:03 and expandable... 2013-11-28 08:05:05 would introduce a problem 2013-11-28 08:05:11 nope 2013-11-28 08:05:21 you get admin work 2013-11-28 08:05:26 to a > file.txt but in a diffrent way 2013-11-28 08:05:26 you need logrotation 2013-11-28 08:05:45 nope, just some pre-templates 2013-11-28 08:05:51 and scripts 2013-11-28 08:05:57 the file.txt 2013-11-28 08:06:02 would grow 2013-11-28 08:06:06 unless its rotated 2013-11-28 08:06:20 yes, but file.txt is split similar to /proc or /sys 2013-11-28 08:06:35 it will grow but a cleanup is possible 2013-11-28 08:06:56 so we would need log rotation maintenance 2013-11-28 08:07:10 and logrotation means file must be closed 2013-11-28 08:07:19 and if you redirect using > 2013-11-28 08:07:25 it means you must kill the process 2013-11-28 08:07:28 restart it 2013-11-28 08:07:57 so we would end up with a cron job that restarted the listener once in a while for logrotation 2013-11-28 08:08:04 now 2013-11-28 08:08:15 we dont need the file at all 2013-11-28 08:08:21 we only need the notification 2013-11-28 08:08:38 so redirecting to a file would solve one problem but create another 2013-11-28 08:08:52 all can be set at a particular day/time 2013-11-28 08:08:58 sure.. 2013-11-28 08:09:11 but i think thats just to move the problem around 2013-11-28 08:09:39 you still need "subscribe" to file change (using inotify) 2013-11-28 08:10:21 all this problems and workarounds just because i am too lazy to kill mosquitto_sub from a script on exit... 2013-11-28 08:10:24 but this would be expandable on clusters 2013-11-28 08:10:45 you man you send mosquitto to file 2013-11-28 08:10:51 then the other clister servers mount nfs 2013-11-28 08:10:56 and failover and be redirected 2013-11-28 08:11:01 and inotify on the shared file.txt..? 2013-11-28 08:11:16 better to do it properly... 2013-11-28 08:11:17 not necessary, csync 2013-11-28 08:11:29 you just pushed in testing 2013-11-28 08:12:04 for a build cluster 2013-11-28 08:12:11 sometimes I think the whole can be done without any messaging 2013-11-28 08:12:21 it can, with cron 2013-11-28 08:12:42 but mqtt -t is neat 2013-11-28 08:12:58 i want push instead of poll 2013-11-28 08:13:18 but the issues with mosquitto_sub is already solved 2013-11-28 08:13:33 i have a client written in C 2013-11-28 08:13:34 so even if git commit takes place.... and build server stop.... a state is maintained and can be picked up 2013-11-28 08:13:36 ok 2013-11-28 08:13:38 :) 2013-11-28 08:13:58 re build server cluster 2013-11-28 08:14:01 not only by that build server... but by any standby 2013-11-28 08:14:14 then we need a build manager 2013-11-28 08:14:25 build server manager 2013-11-28 08:14:34 the build server manager gets the build request 2013-11-28 08:14:37 nope, just previous state 2013-11-28 08:14:47 it checks what build servers are free 2013-11-28 08:15:00 and sends the build job to an idle server 2013-11-28 08:15:08 or queue it til one is idle 2013-11-28 08:15:15 nope, scripts that understands primary and slave 2013-11-28 08:15:36 primary and slave does not scale 2013-11-28 08:15:38 hierarchy 2013-11-28 08:15:49 what if we have 5 build servers in the pool? 2013-11-28 08:15:56 slave here is not depandant but redundant 2013-11-28 08:16:16 you get a git push. 20 packages to be built 2013-11-28 08:16:24 should you have 4 idling slaves? 2013-11-28 08:16:36 adding new just expands the pool and re-negotiated 2013-11-28 08:16:54 1 master and 4 slaves? 2013-11-28 08:17:05 only one server can build at a time? 2013-11-28 08:17:28 would it be better to distribute the job over 5 servers? 2013-11-28 08:17:28 yes, that true, redundant only take over on failover 2013-11-28 08:17:42 possible if build-bots understand that 2013-11-28 08:17:55 if we have 5 buildservers we want reduce build time with 1/5 2013-11-28 08:18:04 possible 2013-11-28 08:18:12 if we have N build servers we want reduce build time 1/N 2013-11-28 08:18:32 you dont reduce build time with master/slave 2013-11-28 08:18:50 if we implement a build cluster, i want do it properly from beginning 2013-11-28 08:19:27 but it is relatively complex... 2013-11-28 08:19:41 deal with dependencies, races etc 2013-11-28 08:20:10 that is why a proper -t name hierarchy 2013-11-28 08:20:32 and > to file.text 2013-11-28 08:21:06 i dont understand what > file.txt is good for... 2013-11-28 08:21:38 to maintain states but the file.txt need not be single file 2013-11-28 08:21:57 mqtt can keep the state 2013-11-28 08:22:20 backlogs ? 2013-11-28 08:22:28 retained messages 2013-11-28 08:23:28 so if it publishes and sub is not active it can still get all missed ? 2013-11-28 08:23:53 mqtt can make sure you get all messages yes 2013-11-28 08:23:56 using qos 2013-11-28 08:24:00 we dont really need that 2013-11-28 08:24:12 missed ones too? 2013-11-28 08:24:26 we actually care more about 'when' than 'what' 2013-11-28 08:24:44 the message to build server is 'now its time to build' 2013-11-28 08:24:56 the build server wil git pull to get the 'what' to build 2013-11-28 08:25:23 hmmm..... 2013-11-28 08:25:55 so not yet there from cluster point of view 2013-11-28 08:26:05 correct 2013-11-28 08:26:18 but cluster is fairly complicated 2013-11-28 08:26:34 for now we keep it siple 2013-11-28 08:26:36 simple 2013-11-28 08:26:45 that is way the question... if build-bots understand 2013-11-28 08:27:07 :) 2013-11-28 08:27:10 no they dont userstand anything 2013-11-28 08:27:18 they just pull from git and build whatever is there 2013-11-28 08:28:24 the git push mqtt is just "hey someone pushed soemthing to git branch X" 2013-11-28 08:28:32 the build servers subscribes to different gi branches 2013-11-28 08:28:46 so 2.7 stable build servers (x86 and x86_64) 2013-11-28 08:29:01 they will not see when sometihng is pushed to git master 2013-11-28 08:29:16 they will just see when someething is pushed to 2.7-stable branch 2013-11-28 08:29:40 https://dpaste.de/ZZRq - created states something like /proc or /sys 2013-11-28 08:29:56 yup 2013-11-28 08:29:59 and then I could use incron or inotify-tools 2013-11-28 08:30:08 incron is neat 2013-11-28 08:32:56 i have some plans for mqtt websocket client 2013-11-28 08:33:17 :) ... 2013-11-28 08:33:17 so you can see the exact build state for each build server 2013-11-28 08:33:27 yes, was thinking too 2013-11-28 08:33:38 php or lua 2013-11-28 08:33:48 javascript 2013-11-28 08:34:11 so we get it realtime ;) 2013-11-28 08:34:23 would be nice 2013-11-28 08:34:30 but first i need the mqtt -> irc bridge 2013-11-28 08:34:47 :) 2013-11-28 08:56:31 ncopa: can there be funky images of server on mqtt webpage with flashing led when some happens ;) 2013-11-28 08:56:39 and scrolling text 2013-11-28 08:58:30 yup.. but it require a browser with support for the tag... 2013-11-28 08:58:36 ;)) 2013-11-28 09:04:52 let me check if possible via css2/3 2013-11-28 09:06:18 I think a small js that changes the image from on to off on event 2013-11-28 09:06:38 or class of 2013-11-28 09:07:08 with background image or color 2013-11-28 09:08:34 can the commit be tied to geoip/geolocation ? 2013-11-28 09:08:40 git commit 2013-11-28 09:09:12 and a woldmap... with blinking led when it happens :)) 2013-11-28 09:09:17 worldmap 2013-11-28 09:09:32 coool 2013-11-28 10:15:57 vkrishn: blink with css animation: .blink { animation: blink 1s steps(5, start) infinite; } @keyframes blink { to { visibility: hidden; } } 2013-11-28 10:18:30 algitbot: build 2.6-stable 2013-11-28 10:21:11 uggedal, yes :) 2013-11-28 10:23:31 but would try to avoid things that have not yet got w3c REC or fully standardized yet 2013-11-28 10:25:29 are there a check/verify/test step in abuild or do you just run tests in build()? 2013-11-28 10:26:09 uggedal: we dont have check/verify/test step implemented yet 2013-11-28 10:26:18 so tests are currently just run in build 2013-11-28 10:26:54 i wonder if we should have a buildcheck or someething like that 2013-11-28 10:27:01 ncopa: cool. making a go APKBUILD so that we can get docker.io on alpine 2013-11-28 10:33:07 didnt know about docker 2013-11-28 10:33:09 its based on lxc? 2013-11-28 10:39:59 ncopa: yes. its lxc plus a hierarchy of cow filesystems and some convencience functions for setting up networking etc 2013-11-28 10:40:50 the recent release got support for device-mapper for handling the filesystem overlays (previously only aufs3 patched kernels was supported) 2013-11-28 10:41:28 seems fairly cool 2013-11-28 10:41:45 ncopa: yes, thiking of running all my stuff in dockerized containers 2013-11-28 10:41:51 i think alpine has a clear benefit there 2013-11-28 10:41:53 one process per container 2013-11-28 10:42:01 as each container will be small 2013-11-28 10:42:35 ncopa: yes, but you start out with a base container (stripped down ubuntu for most public containers on index.docker.io) 2013-11-28 10:42:50 and then you use (or create your own) specialized containers 2013-11-28 10:43:24 so, you cold have base -> apache -> apache-php -> wordpress 2013-11-28 10:43:45 understand 2013-11-28 10:43:47 and each specialized container only stores the diff from its parent 2013-11-28 10:44:13 and you can upgrade the base container without touching the specialized containers 2013-11-28 10:46:02 i have a WiP repo for docker here: https://github.com/uggedal/alpine-docker 2013-11-28 10:46:37 we have gcc-go already 2013-11-28 10:48:19 ncopa: not sure if you can build docker with gcc-go 2013-11-28 10:48:42 i'm ok with the other implementation too 2013-11-28 10:49:01 i think i tried it some time ago 2013-11-28 10:49:16 but then there was some missing things in libc iirc 2013-11-28 10:49:23 ucontext or similar 2013-11-28 10:50:24 if aufs can be done on AL, would make things easier 2013-11-28 10:50:49 wasnt aufs accpted in mainline linux recently? 2013-11-28 10:51:22 not yet, but I think there is talk about kernel based unionfs 2013-11-28 10:52:17 vkrishn: don't need aufs anymore 2013-11-28 10:52:20 I use aufs extensively, even to layer git repos 2013-11-28 10:53:08 uggedal, in general, a layered fs for AL 2013-11-28 10:54:29 I even used it for creating base AL setup, squashfs'd it and layerd kickstart a chroot on ramfs 2013-11-28 10:54:51 now I can layer the base anywhere 2013-11-28 10:55:10 and the children with any subapps 2013-11-28 11:00:09 well , the downside, such environment is not recommended for abuild purposes 2013-11-28 11:00:16 but general apps 2013-11-28 11:13:55 anyone here using polycom phones? 2013-11-28 12:03:17 http://www.phoronix.com/scan.php?page=news_item&px=MTUyOTA 2013-11-28 12:03:27 i think we should enable that for alpine linux too 2013-11-28 12:03:40 -Werror=format-security 2013-11-28 12:13:46 clandmeter i've made some labs with polycom phones 2013-11-28 12:13:51 is it useful? 2013-11-28 12:14:22 all my polycoms just went offline 2013-11-28 12:16:24 using PoE ? Is it possible to be a network problem? 2013-11-28 12:16:32 went off or rebooted? 2013-11-28 12:18:22 it never happened to me... There is one polycom on my desk just in front of me this moment... ( working on lab ) 2013-11-28 12:19:36 no sure whats wrong with them. some cant get ip some just act very strange. 2013-11-28 12:22:09 ncopa: Werror sounds good! Since al is "A security-oriented" distro, it would be a good idea enable this on al 2013-11-28 12:22:37 exactly 2013-11-28 12:22:48 i will run it here for a while first 2013-11-28 12:24:19 ncopa, at best, it only makes some code to not compile 2013-11-28 12:24:26 yes, it's good idea for developers to use 2013-11-28 12:24:37 but not sure how much it would help to enable it 2013-11-28 12:25:01 it's just a warning/error 2013-11-28 12:25:21 what it will help is, if C code is ugly enough, we will not accept it 2013-11-28 12:26:04 chances are that it breaks existing packages 2013-11-28 12:26:10 yup 2013-11-28 12:26:28 so i think we should check how much it breaks first 2013-11-28 12:26:34 seems like ubuntu already uses it 2013-11-28 12:26:48 fedora will likely enable it 2013-11-28 12:27:08 it forces upstream to ship better code 2013-11-28 12:27:43 https://wiki.ubuntu.com/ToolChain/CompilerFlags 2013-11-28 12:30:22 https://fedoraproject.org/wiki/Changes/FormatSecurity 2013-11-28 12:42:54 can grsec/uclibc be the reason I'm getting errors like this when compiling go programs: https://gist.github.com/uggedal/7691234 2013-11-28 12:51:49 knida hard to read the output there due to the escaped \n 2013-11-28 12:52:38 go.o: relocation R_X86_64_32 against `main.func·001·f' can not be used when making a shared object; recompile with -fPIC 2013-11-28 12:52:45 sounds like textrels 2013-11-28 12:53:26 i think its due to our hardened toolchain 2013-11-28 12:53:47 try add -nopie as linker flag 2013-11-28 12:54:36 https://wiki.gentoo.org/wiki/Hardened/HOWTO_locate_and_fix_textrels 2013-11-28 12:55:36 if its grsec kernel, then you often will find kernel message with dmesg 2013-11-28 12:56:50 you can see how gentoo builds it 2013-11-28 12:56:58 ncopa: thanks. i'll try to patch the go builder to use -nopie 2013-11-28 12:57:03 gentoo-hardened should have same issue 2013-11-28 12:57:17 uggedal, or patch it to compile with -fPIC 2013-11-28 12:57:59 that'd be better 2013-11-28 15:58:34 ha! 2013-11-28 15:59:03 i can get desktop notifications for each package the build server builds 2013-11-28 16:15:19 haha ncopa cool :) 2013-11-28 21:18:09 Has anyone successfully built eglibc-2.18 with "--enable-nss-crypt"? 2013-11-28 21:30:12 n8@all 2013-11-29 12:03:50 i will switch to mqtt based for build-edge-x86 2013-11-29 12:39:41 algitbot: hi 2013-11-29 12:45:56 hi 2013-11-29 12:46:13 is it possible to pack the grsec-modules into the iso image too? 2013-11-29 12:50:35 clandmeter: what's about that cloud nick? 2013-11-29 13:07:29 cool 2013-11-29 13:07:34 it appears to work 2013-11-29 13:08:56 how is mqtt? 2013-11-29 13:10:10 its very nice 2013-11-29 13:20:20 is it possible to pack the grsec-modules into the iso image too? 2013-11-29 13:20:58 what grsec modules? 2013-11-29 13:21:09 all of them? 2013-11-29 13:27:47 flashcache at least:) 2013-11-29 13:31:20 because when there is a new alpine version and I missed it and you have updated the kernel in that time, I can not upgrade anymore, because the flashcache-gersec package is replaced by the new one 2013-11-29 13:38:19 hm 2013-11-29 13:38:22 understand 2013-11-29 13:38:31 maybe later 2013-11-29 13:40:57 shafire: could you please remind me in dec/jan about that 2013-11-29 13:41:06 or file a bug for it 2013-11-29 13:41:35 Ok 2013-11-29 13:42:27 ok 2013-11-29 13:42:47 now both edge-x86 and edge-x86_64 is using the new mqtt based infra 2013-11-29 13:43:50 fabled: now setting up a new build server should be a question of: apk add aports-build && /etc/init.d/aports-build start 2013-11-29 13:44:07 ncopa, very nice! 2013-11-29 13:44:23 we have an mqtt broker on msg.alpinelinux.org 2013-11-29 13:45:09 its possible to subscribe to build server status with: mosquitto_sub -h msg.alpinelinux.org -t build/$hostname 2013-11-29 13:45:42 it is also possible to subscribe to git commits with the topic = git/$repo/$branch 2013-11-29 13:46:18 and finally, its possible to send messages to this channel with: mosquitto_pub -t "irc/%alpine-devel" -m "$message" 2013-11-29 13:47:03 i intend to push mirror sync messages too 2013-11-29 13:47:18 maybe with "mirror/$alpinebranch" 2013-11-29 13:47:47 then the mirrors could subscribe to "mirror/#" 2013-11-29 13:48:23 and they could sync from mqtt notification rather than cron jo 2013-11-29 13:48:26 job* 2013-11-29 13:48:53 reminds me 2013-11-29 13:49:02 we should have a backup of the mirror 2013-11-29 13:49:05 the repo 2013-11-29 13:49:27 rotating backup for a few days 2013-11-29 13:49:51 in case mastermirror breaks and mirrors sync the breakage 2013-11-29 13:54:27 the builders should be a bit more silent on irc too now 2013-11-29 13:56:12 they msg only on commits and fails? 2013-11-29 13:56:20 yeah 2013-11-29 13:56:42 i am evaluating if i should change the commit to 'pushes' 2013-11-29 13:56:59 so it dont say 'user pushed to aports/master' 2013-11-29 13:57:05 with a link to the full push 2013-11-29 13:57:12 rather than posting each commit 2013-11-29 13:57:57 they message on uploads too :) 2013-11-29 13:58:26 i doner if I should push the uploads on different topic prefix 2013-11-29 13:58:45 so mirrors can subscribe to uploads only 2013-11-29 14:21:14 wee 2013-11-29 14:22:12 ncopa: so let me ask again – what's the procedure to add new mirror to official list? 2013-11-29 14:24:14 i dont think we have any official procedure for it yet 2013-11-29 14:24:23 so basically, its to set it up 2013-11-29 14:24:45 and either create a ticket on bugs.a.o or send an email to alpine-devel 2013-11-29 14:25:29 it only needs to be added to aports/main/alpine-mirrors/MIRRORS.txt i think 2013-11-29 14:25:40 we should convert that to yaml or json 2013-11-29 14:25:51 and have meta info there 2013-11-29 14:26:33 are there any standard for software mirror lists? 2013-11-29 15:10:16 I don't think so 2013-11-29 15:12:00 I think I will use yaml as source format: http://sprunge.us/FYXW 2013-11-29 15:20:09 define a format for bandwidth 2013-11-29 15:20:42 100Mbits, 1Gbits 2013-11-29 15:21:12 100Mbits/s 2013-11-29 15:21:17 is maybe better 2013-11-29 15:21:37 location should be iso 3166? 2013-11-29 15:22:57 with a space: 100 Mbit/s 2013-11-29 15:23:04 yeah 2013-11-29 15:23:11 and iso 3166 sounds good 2013-11-29 15:23:33 iso 3166-1 2013-11-29 15:24:31 yeah, just the country codes "-1" 2013-11-29 15:25:48 or maybe the timezone format 2013-11-29 15:26:18 Europe/Oslo 2013-11-29 15:26:54 iso 3166 has ugly format: http://www.iso.org/iso/home/standards/country_codes/country_names_and_code_elements_txt.htm 2013-11-29 15:27:14 names are in uppercase 2013-11-29 15:27:41 i kinda like the way mageia lists it: http://mirrors.mageia.org/ 2013-11-29 15:29:05 mh, thats not good, Europe/Berlin is far away from Esslingen :) 2013-11-29 15:29:16 if people think, it's the location 2013-11-29 15:40:18 ncopa: is 100 Mbits/s correct? 2013-11-29 15:40:46 Mbit !s!/s? 2013-11-29 15:41:19 dunno :) 2013-11-29 15:42:08 the first s is wrong :) 2013-11-29 15:42:11 Mbit/s is correct 2013-11-29 15:42:12 yes 2013-11-29 17:27:16 good night :)