2015-03-01 07:19:31 dit its "edge" source of packages which will land in new alpinelinux release 2015-03-01 07:21:44 dit http://nl.alpinelinux.org/alpine/edge/releases/x86_64/ dont forget apk update && apk upgrade after installation, iso are from Dec. 2015-03-01 11:58:58 javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty -.- 2015-03-01 11:59:07 how can i get solved such stuff? 2015-03-01 12:05:37 i have install ca-certificates as well, nothing changes 2015-03-01 12:16:07 how can i import the system certs into the java store? 2015-03-01 12:18:43 bad decision to switch my minecraft containers to alpine linux -.- 2015-03-01 12:25:02 damn java shit 2015-03-01 12:36:40 can somebody tell me how i can generate the truststore for java apps on alpine? 2015-03-01 12:46:13 andyshinn: any idea how i can get this java crap running within the container? 2015-03-01 15:39:21 i have not yet played with Java in containers, do you have an example Java app and Dockerfile? 2015-03-01 16:03:39 andyshinn: https://github.com/dockhippie/minecraft-forge this won't work because the https://github.com/dockhippie/minecraft-forge/blob/master/Dockerfile#L19 command fails... lacking ssl cert validation i would say. 2015-03-01 16:06:45 https://gist.github.com/tboerger/15cf586eca5d7f4f26c0 the build log. 2015-03-01 16:11:00 and lpine linux is so good documented for ca-certificates integration into java -.- 2015-03-01 16:14:56 if the java integration is so poor i have to use something different for elasticsearch as well :( 2015-03-01 16:23:05 andyshinn: so if you got a solution i would be really happy :)+ 2015-03-01 16:23:39 i dunno but java stuff sounds contrarian to what i experienced in alpine so far 2015-03-01 16:23:58 i have no idea how their CA certificate store works, maybe compare to something else? 2015-03-01 16:26:39 Ubuntu has a http://packages.ubuntu.com/trusty/ca-certificates-java - maybe Alpine needs something similar 2015-03-01 16:28:20 i dont like java but for some things it's required 2015-03-01 16:32:33 and switching the distro at the bottom of the container just because java is used sucks :( 2015-03-01 16:49:01 I literally choose the software I use based on whether or not it's Java 2015-03-01 16:49:05 if it's Java, I don't use it, ever 2015-03-01 16:49:22 no software is so important to me that I must enslave myself to the awful JVM 2015-03-01 17:04:07 +flash 2015-03-01 17:06:43 flash is much easier to avoid 2015-03-01 17:06:54 it doesn't have that "enterprise appeal" 2015-03-01 20:09:23 ahills: but minecraft is only available as java :) 2015-03-01 20:11:28 and i don't know a real good non java alternative for elasticsearch as well... 2015-03-01 20:12:03 but anyway... the problem occours only on alpine... not on debian/ubuntu/opensuse :( 2015-03-01 20:26:53 mosez: I think "cp /etc/ssl/certs/java/cacerts /usr/lib/jvm/java-1.7-openjdk/jre/lib/security/" could help 2015-03-01 20:37:28 jomat: # ls /etc/ssl/certs/java 2015-03-01 20:37:29 ls: /etc/ssl/certs/java: No such file or directory 2015-03-01 20:37:42 jomat: if you can tell me where the java dir comes from? 2015-03-01 20:48:08 good question indeed... 2015-03-01 20:49:49 jomat: it exists on your system? is there an apk comand to show to which package this file/dir is related? 2015-03-01 20:51:55 apk info -W /etc/ssl/certs/java/cacerts should be interesting :) 2015-03-01 20:52:13 ERROR: /etc/ssl/certs/java/cacerts: Could not find owner package 2015-03-01 20:52:15 ;-) 2015-03-01 20:52:23 -.- 2015-03-01 20:56:50 https://gist.github.com/voxxit/6b4f0be3aa9ad6f49106 maybe something in that direction helps 2015-03-01 20:57:05 I had the same problem with elasticsearch… 2015-03-01 20:57:21 awesome :((( 2015-03-01 21:06:27 jomat: and you solved the problem? 2015-03-01 21:07:20 yeah, but i forgot how, and the last time I had to fix it after an upgrade, cp was enough 2015-03-01 21:08:13 but i think you have to import the needed certificates with keytool into the java keystore 2015-03-01 21:10:50 import all certs from /etc/ssl? :) 2015-03-01 21:11:08 the java process has to download from multiple different sites :( 2015-03-01 21:14:35 another possibility would be to copy this file from another distro… 2015-03-01 21:15:33 I usually don't use java, sorry I can't help better :-/ 2015-03-01 21:16:02 minecraft and elasticsearch are the only things where i touch java :( 2015-03-01 22:03:48 I think I found a bug in the openvpn package. http://wiki.alpinelinux.org/wiki/Setting_up_a_OpenVPN_server#Alternative_Certificate_Method says /usr/share/doc/openvpn should have easy-rsa in it and /usr/share/doc/openvpn doesn't exist 2015-03-01 22:05:09 I just tried to install openvpn-doc and it's not in that either 2015-03-01 22:14:11 ponyo, i think openvpn-doc just puts data in /usr/share/doc/openvpn/ 2015-03-01 22:14:27 ponyo, I'm confused as to why there aren't man pages 2015-03-01 22:14:35 in regards to easy-rsa 2015-03-01 22:14:50 openvpn changed were that is located and haven't updated the man page 2015-03-01 22:15:19 i submitted a ticket to fix it but they said I sent it to the wrong ticketing system sooo i got busy with work and haven't bothered since 2015-03-01 22:15:40 i just pulled easy-rsa from git 2015-03-01 22:15:44 hopefully this will work for me 2015-03-01 22:15:44 ponyo, easy-rsa is at https://github.com/OpenVPN/easy-rsa 2015-03-01 22:15:45 yah 2015-03-01 22:15:55 i'm worried about pkcs11-tool 2015-03-01 22:16:01 it seems that the vars file calls for it 2015-03-01 22:16:05 and i'm not seeing it in the system 2015-03-01 22:16:13 ponyo, it works but i wouldn't use it for anything more than a couple of people 2015-03-01 22:16:25 but that's just my opinion 2015-03-01 22:16:34 I've got a nice Mikrotik that makes it easy, i just need to generate the keys 2015-03-01 22:16:45 ahhh sweet 2015-03-01 22:16:47 what's that? 2015-03-01 22:16:53 www.routerboard.com 2015-03-01 22:17:02 http://www.routerboard.com 2015-03-01 22:17:13 oh i meant for key-management 2015-03-01 22:17:13 They are about the nicest routers, wiki, and switches for the price 2015-03-01 22:17:16 with easy-rsa 2015-03-01 22:17:33 the openvpn server probably does just fine under heavy loads 2015-03-01 22:17:44 oh I'm not sure what pkcs is, it's just called for in easy-rsa 2015-03-01 22:18:00 i'm assuming from looking at the man page in google it's for key signing 2015-03-01 22:18:30 it's mentioned in the man page 2015-03-01 22:18:54 i don't know what it exactly means or what it is for without reading more about it 2015-03-01 22:21:51 it seems easy-rsa is running without it 2015-03-01 22:23:07 maybe you can change it to use pkcs in the configs? 2015-03-02 05:09:30 hi folks 2015-03-02 05:09:46 how much size one must plan to become an official repository? 2015-03-02 08:59:33 morning 2015-03-02 09:01:41 hello 2015-03-02 09:28:58 morning 2015-03-02 09:29:01 how much size one must plan to become an official repository? 2015-03-02 09:33:26 official or not actually :D 2015-03-02 09:55:56 coredumb: a mirror? 2015-03-02 10:07:14 166.8G alpine/ 2015-03-02 10:07:56 coredumb: http://sprunge.us/FUWb 2015-03-02 10:30:17 dumbcore 2015-03-02 10:52:57 moinsen 2015-03-02 10:59:28 mrning 2015-03-02 12:13:51 ScrumpyJack, clandmeter thx :) 2015-03-02 15:59:37 alpine edge doesn't seem to support kvm on my i7 haswell e i5930K 2015-03-02 15:59:58 modprobe: can't load module kvm-intel (kernel/arch/x86/kvm/kvm-intel.ko): Not supported 2015-03-02 16:00:35 dit: did you enable it in the bios? 2015-03-02 16:00:50 yeah 2015-03-02 16:00:55 odds I might need to rebuild the kernel? 2015-03-02 16:01:16 i dont think so. or it must be a faulty config 2015-03-02 16:02:31 hmm 2015-03-02 16:02:38 any reason why running xen modules would keep me from loading kvm? 2015-03-02 16:03:20 i never used xen, so i wouldnt know. 2015-03-02 16:03:46 that proc was released end of last year, so it wouldn't shock me if a rebuild was needed 2015-03-02 16:04:14 dit: normally the xen modules don't block kvm unless a hvm domU is already running and using the hw instructions 2015-03-02 16:04:17 I haven't used xen until now, mostly just using it as a frontend for qemu, which I'm more experienced with, but less pleased wrt UII 2015-03-02 16:04:28 yeah, no hvm domUs running 2015-03-02 16:04:36 does it only happen if you have the xen kernel running really? 2015-03-02 16:04:45 and, oh 2015-03-02 16:04:49 the most basic thing 2015-03-02 16:04:54 in /proc/cpuinfo 2015-03-02 16:05:01 do you _see_ the virt flags? 2015-03-02 16:05:28 neg 2015-03-02 16:05:41 intel lists them 2015-03-02 16:05:42 http://ark.intel.com/products/82931/Intel-Core-i7-5930K-Processor-15M-Cache-up-to-3_70-GHz 2015-03-02 16:05:49 but they don't show in /proc/cpuinfo 2015-03-02 16:05:57 oki 2015-03-02 16:06:20 then its neither xen nor kvm having a problem 2015-03-02 16:06:22 so not sure what could account for the difference 2015-03-02 16:06:33 it's either just off in the bios or the bios is unhappy 2015-03-02 16:06:36 I guess I'll bring my domus down and check the bios again 2015-03-02 16:06:55 probably unhappy bios 2015-03-02 16:07:15 i hope it's just a forgotten setting so you don't get too much of the dependency hell 2015-03-02 16:07:45 alpine have a best practices doc for doing a kernel rebuild? 2015-03-02 16:12:02 you won't be able to use kvm if you are running as a Xen Dom0 2015-03-02 16:12:17 even if you haven't launched a single HVM or PV guest 2015-03-02 16:12:21 royger: ah, just incompatible tech stacks? 2015-03-02 16:12:52 kernel vm incompat with xen's hvm? 2015-03-02 16:12:57 dit: Xen is a kernel itself, that runs on bare metal, Dom0 is just another guest which has no access to the virt instructions at all 2015-03-02 16:13:14 oh, how naive of me 2015-03-02 16:13:21 anyways 2015-03-02 16:13:31 rebooting into a xenless instance did the trick 2015-03-02 16:13:32 if yo uwant to use KVM you need to boot without XEn 2015-03-02 16:13:35 yeah 2015-03-02 16:13:40 yes, it's the only way 2015-03-02 16:13:41 hrm 2015-03-02 16:13:53 Dom0 doesn't control the virt extensions, it's Xen that does all that 2015-03-02 16:14:15 gotcha, and the xen microkernel doesn't implement standard linux virt abstractions 2015-03-02 16:14:59 dit: well, the xen microkernel takes over the virt extensions, there's no way they can be shared between Xen and Dom0 2015-03-02 16:15:27 hmm 2015-03-02 16:16:07 can't he disable hvm support? 2015-03-02 16:16:33 (i mean via a xen.gz option) 2015-03-02 16:17:09 even if you disable HVM support the Xen kernel would never allow the Dom0 kernel to take over the virt stuff, it would be a security issue because then the Dom0 kernel would be running in a higher priviledge level than xen 2015-03-02 16:17:19 ah ok 2015-03-02 16:18:09 and also Linux Xen Dom0 is a modified kernel, that has almost no access to the real hardware, most of the stuff is done using hypercalls, like updating page tables and so one must be done using hypercalls 2015-03-02 16:19:53 ok then i was utterly wrong at start. i had been installing kvm and xen in parallel and used kvm only if xen packages were broken. :) 2015-03-02 16:20:00 so, i mixed it up in memoty 2015-03-02 16:20:02 royger: darkfader: thanks for the info 2015-03-02 16:20:21 assuming xen pv / hvm is analogously efficient to kvm? 2015-03-02 16:20:40 dit: HVM is usually faster on modern hardware 2015-03-02 16:21:15 than PV, I don't have figures against KVM 2015-03-02 16:22:00 KVM often looks faster but it's also more likely to do extremely aggresive disk caching 2015-03-02 16:22:39 if you write something to disk in a xen vm it tends to be actually written. 2015-03-02 16:23:03 haha 2015-03-02 16:23:05 idk, what kinds of performance are you looking for anyway 2015-03-02 16:23:16 xen disk io tops out around 1.5GB/s per vm 2015-03-02 16:23:23 kvm i didn't get over 1GB/s 2015-03-02 16:23:50 xen and ssd disk caches like flashcache is mere impossible 2015-03-02 16:24:39 why's that? 2015-03-02 16:24:44 oh and i'm yet to see anyone who does over 1GB/s in a freebsd vm 2015-03-02 16:24:54 dit: block alignment 2015-03-02 16:25:08 most caching things expect 4KB blocks only 2015-03-02 16:25:17 xen gives 512, 1024, 1536, ... 2015-03-02 16:27:30 good to know 2015-03-02 16:27:35 thanks 2015-03-02 16:40:20 darkfader: I've heard reports of FreeBSD disk being noticeable faster after r279325 2015-03-02 16:40:51 darkfader: but you will have to run HEAD 2015-03-02 16:41:57 darkfader: problem with FreeBSD is not so much about block alignement, but about the fact that FreeBSD blkfront doesn't have indirect descriptors, which means you can only have something like 1.4MB of data in-flight, which is really bad for SSD and fast devices 2015-03-02 16:42:32 darkfader: someone is currently looking at implementing those for FreeBSD blkfront 2015-03-02 16:50:51 i see a xen discussion i jump in 2015-03-02 16:51:14 is it possible in xen to use plain fs directory as root filesystem for VMs ? 2015-03-02 16:51:23 like 9p virtio with KVM 2015-03-02 17:05:23 coredumb: no, there's a GSoC project about it 2015-03-02 17:05:54 coredumb: http://wiki.xenproject.org/wiki/GSoC_2015#Enabling_the_9P_File_System_transport_as_a_paravirt_device 2015-03-02 17:06:31 royger: Ok 2015-03-02 17:19:02 royger: so that means there's no other equivalent way of doing so ? 2015-03-02 17:19:50 coredumb: I use NFS when I need to do something like this 2015-03-02 17:20:36 royger: to use as the guest root fs ? 2015-03-02 17:24:36 coredumb: never did that, but I'm quite sure linux supports using an NFS root 2015-03-02 17:24:51 coredumb: I only use NFS to move things around 2015-03-02 17:25:05 btw doing so with libvirt and KVM means running guest as root and not dropping guest capabilities 2015-03-02 17:25:25 alpine's /bin/bbsuid binary relies on CAP_DAC_OVERRIDE 2015-03-02 17:25:27 is there a general place to raise concerns about Alpine packages? or should i just be emailing the package maintainer? 2015-03-02 17:26:14 royger: yeah would definitely work 2015-03-02 17:26:54 but it's quite really good booting a guest off some overlayfs mount 2015-03-02 17:35:17 andyshinn: i guess aports mailing list ? 2015-03-02 17:36:01 ok, question #2, how to get on the mailing lists? i've tried registering multiple times and never get anything back :( 2015-03-02 17:36:59 andyshinn: i registered to all 4 this morning without a hitch 2015-03-02 17:37:13 yeah i know doesn't help :D 2015-03-02 17:37:43 hmm i wonder if http://wiki.alpinelinux.org/wiki/Alpine_Linux:Mailing_lists is out of date? 2015-03-02 17:38:16 is it just aports+subscribe@lists.alpinelinux.org? 2015-03-02 17:41:05 i'd edit it... but wiki registration also still broken :( 2015-03-02 18:02:20 andyshinn: http://alpinelinux.org/community/ 2015-03-02 18:02:26 correct ones there 2015-03-02 18:13:16 ah thanks, i did just get a Redmine email finally as well, delayed a couple hours, heh 2015-03-02 18:42:27 andyshinn: greylisting i guess ? 2015-03-02 23:47:31 hey all, I'm trying to get a docker container to build on my Alpine box 2015-03-02 23:47:35 but I'm getting 2015-03-02 23:48:08 a /bin/mount chmod error: copying it into irc, one sec 2015-03-02 23:48:29 INFO[0021] Error pulling image (latest) from ubuntu, ApplyLayer exit status 1 chmod /bin/mount: permission denied 2015-03-02 23:48:50 i looked around a bit but didn't seem to find answers but looking still 2015-03-02 23:53:30 you doing it as root? 2015-03-02 23:53:36 hmm 2015-03-02 23:59:28 running sudo docker build 2015-03-02 23:59:59 James_T, https://github.com/sameersbn/docker-nginx 2015-03-03 00:00:05 is the container I'm trying to build 2015-03-03 00:00:23 I'm going to change to a docker base and other tweaks 2015-03-03 00:00:35 I'm just trying to get an initial version working to quickly reference against 2015-03-03 00:15:09 interesting 2015-03-03 00:15:20 wonder if some grsec stuff is interfering 2015-03-03 00:26:11 James_T, possibly, initially i was thinking possibly TPE but I'm running on stock Alpine grsec which doesn't have that enabled 2015-03-03 00:26:34 James_T, so I'm not quite sure what it would be at moment, or best means of good debugging of the problem 2015-03-03 00:26:52 hmm 2015-03-03 00:36:44 James_T, tried pulling uggedal/alpine from docker 2015-03-03 00:37:06 and I got another chmod error for 'chmod /bin/bbsuid: permission denied " 2015-03-03 01:04:30 James_T, well as a temporary work around got docker working on my mac 2015-03-03 01:04:47 :D 2015-03-03 01:13:57 James_T, are you the one trying to get more development/compatibility of docker with Alpine 2015-03-03 01:14:04 nope 2015-03-03 01:14:05 I know someone was doing that a little while back 2015-03-03 04:53:11 systmkor: /bin/mount on alpine is a symlink to /bin/bbsuid which have --s--x--x rights 2015-03-03 04:53:28 so it relies on CAP_DAC_OVERRIDE as root 2015-03-03 04:54:06 would your docker thing drop capabilities before trying to access /bin/mount would give you the permission denier 2015-03-03 04:54:16 denied 2015-03-03 04:55:39 i don't know when docker drops them so i'm just guessing :) 2015-03-03 05:01:28 for the record i have this exact same issue booting an alpine KVM guest off a 9P virtio share with libvirt, as libvirt is is dropping capabilities before executing the qemu process 2015-03-03 05:07:35 Does alpine-linux have powerdns? 2015-03-03 05:23:59 James_T: apk search says no 2015-03-03 05:24:18 coolbeans 2015-03-03 05:24:31 master builds and i can backport the fixes to 3.4.3 2015-03-03 05:24:38 if anyone is interested 2015-03-03 05:27:09 James_T: send an APKBUILD to mailing list maybe? 2015-03-03 08:08:17 coredumb: i've seen the same issue with other synlinks to bbsuid 2015-03-03 08:08:29 when running inside and LXC container 2015-03-03 08:08:34 s/and/an 2015-03-03 08:10:48 ScrumpyJack: doesn't surprise me 2015-03-03 08:11:10 i'm a bit surprised of the choice of this right and the security implications behind it 2015-03-03 08:12:36 have to try if i can boot my guests by changing the rights on /bin/bbsuid 2015-03-03 08:13:24 cause right now i feel less secure running guests with root account and all CAPS on instead of just having read rights on /bin/bbsuid 2015-03-03 08:36:35 what does /bin/busybox mount do for you? 2015-03-03 08:43:27 ScrumpyJack: mounting / :D 2015-03-03 08:44:50 hmm 2015-03-03 08:45:00 why doesn't alpine track nginx mainline ;p 2015-03-03 08:45:30 tried edge ? 2015-03-03 08:45:42 mainline is not stable line ^^ 2015-03-03 08:46:49 ;) 2015-03-03 08:46:57 does edge have aports somewhere? 2015-03-03 08:47:15 dunno actually i'm using alpine for 2 days now 2015-03-03 08:47:18 :D 2015-03-03 08:47:20 :D 2015-03-03 08:47:34 i basically have no idea what i'm saying 2015-03-03 08:47:37 :D 2015-03-03 08:47:47 If I find something that isn't working on my gentoo musl... i steal the patches from alpine and get them upstreamed 2015-03-03 08:47:55 go me 2015-03-03 09:07:50 clandmeter: it seems you are the maintener of the redmine package. Did you had a look at http://bugs.alpinelinux.org/issues/3941 ? 2015-03-03 09:36:13 Jean-Scotch: redmine(read as ruby) is a bitch to maintain, but i can take a look at it when i have some free time. 2015-03-03 09:51:06 clandmeter: yep sad there's no other tool as good as redmine :( 2015-03-03 09:57:58 ok good may be subject to debate 2015-03-03 09:58:50 "good" as in free 2015-03-03 09:59:47 as in opensource 2015-03-03 09:59:55 as having good look 2015-03-03 09:59:59 good feature set 2015-03-03 10:00:02 etc 2015-03-03 10:01:04 there's not a lot of bugtrackers out there with a very good user/group right separation 2015-03-03 10:02:45 redmine is okay, updates are usually backend fixes 2015-03-03 10:02:57 gitlab has monthly feature releases 2015-03-03 10:03:03 is very nice 2015-03-03 10:03:53 still ruby though :P 2015-03-03 10:35:28 http://dev.alpinelinux.org/~clandmeter/rpcbind-0.2.3_rc2-r0.apk does'nt exists anymore and is not present in stable :( 2015-03-03 10:38:42 how do i get stuff into alpine ;p 2015-03-03 10:38:56 first thing, i need to install it in a vm i guess 2015-03-03 10:44:40 how do you get stuff ? 2015-03-03 11:43:13 James_T: http://wiki.alpinelinux.org/wiki/Developer_Documentation#Building_from_source_and_creating_packages 2015-03-03 11:55:33 :D 2015-03-03 12:45:12 ScrumpyJack: btw did you fix your LXC issue by changing bbsuid rights ? 2015-03-03 13:43:16 no, i just used /usr/bin/su instead 2015-03-03 13:43:43 ok 2015-03-03 14:37:07 are there alpine packages that'd work on ARM android? 2015-03-03 14:37:14 in a chroot 2015-03-03 16:16:35 good question, I want to try that now 2015-03-03 17:13:16 coredumb, cool but will have to take a deep dive of this later 2015-03-03 17:18:44 systmkor: will do some more testing myself, i'm kinda reluctant running my guests as root + not dropping caps 2015-03-03 17:19:56 well I forget who was getting lxc to run without privileges maybe they may have some suggestions idk 2015-03-03 17:20:00 coredumb, good luck :D 2015-03-03 17:21:10 changing bbsuid bin rights may help 2015-03-03 17:21:24 containers should not have root on the host 2015-03-03 17:21:32 they should always be using user namespaces 2015-03-03 17:22:23 indeed 2015-03-03 17:22:54 agreed 2015-03-03 17:23:27 well not like namespaces didn't have their own security issues 2015-03-03 17:23:46 this should be testable from within the container by probing whether setuid to random uids works 2015-03-03 17:23:48 some would say better than nothing ^^ 2015-03-03 17:23:56 yes, I would like to do a code audit of that part of the kernel 2015-03-03 17:23:59 with a user namespace only a small range of uids will actually work 2015-03-03 17:24:19 dalias: btw i was talking about KVM guests FWIW 2015-03-03 17:24:22 if you have container-based hosting where setuid to any uid works.... 2015-03-03 17:24:27 and dis is why we need an automated testing of packages for alpine :P 2015-03-03 17:24:27 dump your hosting provider :) 2015-03-03 17:24:35 coredumb, ah 2015-03-03 17:25:52 saw systmkor message this morning which looks like what i got trying to boot alpine KVM guest off a 9p virtio share 2015-03-03 17:28:18 al libvirt drops root as well as capabilities, alpine wasn't able to boot cause permission denied on bbsuid being --s--x--x 2015-03-03 17:28:28 needs CAP_DAC_OVERRIDE for root 2015-03-03 19:03:10 is dnscrypt-proxy still in testing? 2015-03-03 19:03:48 i can't seem to find it on http://forum.alpinelinux.org/packages/ 2015-03-03 19:04:27 yes in testing 2015-03-03 19:04:43 to use it what packages would i need? 2015-03-03 19:04:56 i saw another one somewhere dnscrypt-setup or something 2015-03-03 19:05:43 dnscrypt-setup is a script to help set it up with unbound as a caching dns server 2015-03-03 19:06:01 ah 2015-03-03 19:06:12 so i can then point all my clients to that 2015-03-03 19:06:22 and then get it to do a query elsewhere? 2015-03-03 19:07:10 unbound can listen on 127.0.0.1 (or an internal interfaces) - & unbound queries dnscrypt for anything it doesn't know 2015-03-03 19:08:53 i noticed my vpn provider does dns crypt which is neat https://vcp.ovpn.to/index.php?site=dnscrypt 2015-03-03 19:10:25 you could give eth0 a 2nd internal ip address (10.x.x.x or 192.168.x.x) - & choose that address for unbound when running /sbin/setup-dnscrypt 2015-03-03 19:11:06 yeah that's what i was thinking of doing 2015-03-03 19:11:20 dnscrypt-proxy will run on 127.0.0.2:40 by default - & unbound on port 53 of whatever ip you choose to run it on 2015-03-03 19:11:44 that way my dhcp server can tell all the clients what what dhcp server to use 2015-03-03 19:11:56 i don't really care for doing crypt on LAN 2015-03-03 19:12:07 and then it can forward it all out 2015-03-03 19:13:45 thanks BitL0G1c i have to get going 2015-03-03 19:17:20 ;-) np 2015-03-03 19:24:03 versteht jemand hier wieso kann hier nicht richtige symlink generiert werden: https://github.com/xenserver/xen-4.4/blob/master/scripts/git-checkout.sh , problem is hier zu sehen: http://sprunge.us/agML <- letzt teil ist das symlink, auch wenn ich es manuel machen ist es nicht richtig: http://sprunge.us/LQRL 2015-03-03 19:26:33 ups sorry :) 2015-03-03 19:26:53 wrong window 2015-03-03 22:01:12 Alpine becomes a strictly Deutsche spoken community :P 2015-03-03 22:19:40 dalias, what are you up to lately? 2015-03-03 22:33:05 verdammt noch mal 2015-03-03 23:00:06 lol 2015-03-03 23:01:12 Das symlink! 2015-03-03 23:01:27 Everything sounds different in german 2015-03-03 23:16:48 links are actually male :) 2015-03-03 23:53:57 darkfader, symbolic or hard? 2015-03-03 23:53:58 :P 2015-03-03 23:55:42 hard, just like my -d 2015-03-03 23:58:29 Diftraku, https://i.imgur.com/To7zda4.jpg 2015-03-04 10:32:09 clandmeter: the iso you made for zfs, seems to not contain zfs, its 3.1 main rather then testing 2015-03-04 10:52:30 kwork: can you modprobe spl? 2015-03-04 10:53:04 you should probably apk add zfs-utils or something similar 2015-03-04 11:26:45 the zfs-utils package is in testing rather then main as i understand 2015-03-04 11:28:14 all of it is in testing 2015-03-04 11:29:30 can i pull only zfs from testing or i should switch to testing ? 2015-03-04 11:31:31 repo pinning 2015-03-04 11:32:10 kwork: the only thing the iso does, is adding the modules to modloop. 2015-03-04 11:32:41 if y ou want to run from memory, currently its impossible to install modules after boot. 2015-03-04 11:37:20 oeh 2015-03-04 11:37:30 so i have always run from livecd if i want to use zfs ? 2015-03-04 11:50:24 clandmeter: http://dev.alpinelinux.org/~clandmeter/rpcbind-0.2.3_rc2-r0.apk has disapeared :( 2015-03-04 11:58:50 I see, Its in edge now, so I need to apk pinning rpcbind... 2015-03-04 13:01:51 kwork: no, if you have a harddisk install, you can install any module. 2015-03-04 13:02:15 but zfs is nice to run from tmpfs, so you can use your devices purely for zfs 2015-03-04 13:25:11 I now have a batch of AL physical machines running. On top of those, I can start AL KVMs from fake usbsticks (nbd), fake cdrom (nbd), hdd (nbd) and PXE. the 3 first types can properly shutdown. But the PXE one cannot shutdown. I think I need to reorder stop scripts to umount nfs the last... 2015-03-04 13:28:48 it does reboot (not shutdown!) if I manually kill mountinfo 2015-03-04 13:34:01 erratum: it shutdowns or reboots as asked if I manually kill mountinfo 2015-03-04 16:01:01 1/window 12 2015-03-04 17:46:21 Hi, searched, but couldn't find info, what the diff is between mini and vanilla 2015-03-04 17:57:35 mini is standard but with less packages built-in to the disk image 2015-03-04 17:57:55 vanilla is standard, except the kernel is not built with grsecurity 2015-03-04 18:00:53 ok, thx buckley310 2015-03-04 18:01:03 then I'll go for mini 2015-03-04 19:18:40 fabled, any chance of getting perf packaged on alpine? 2015-03-04 20:39:57 clandmeter its in a vm anyways, so one more or less device is no prob 2015-03-04 20:46:20 kaniini, or other admins just looking at the alpine-devel mailing list archive and looks like the most recent submission is spam 2015-03-04 20:46:28 read that as "clandmeter is in a vm" 2015-03-04 20:46:38 [alpine-devel] Ineffective medications are what slows down and sometimes even stops the healing process! New-Canadian-Meds (Wed Mar 04 2015 - 13:06:12 UTC) 2015-03-04 20:47:02 haha, spam targeted at americans too 2015-03-04 20:56:28 meds pls 2015-03-04 21:18:12 evening 2015-03-04 22:03:41 ScrumpyJack, afternoon 2015-03-05 05:03:06 morning folks 2015-03-05 05:06:51 mornin' 2015-03-05 06:14:07 mornin 2015-03-05 10:35:31 if I add a package from testing http://wiki.alpinelinux.org/wiki/Alpine_Linux_package_management#Add_a_Package 2015-03-05 10:35:58 like it says in there, what do I do to make sure I have the apks when I reboot 2015-03-05 10:36:14 I'm using a ram based install 2015-03-05 10:36:29 lbu commit does not seem sufficient 2015-03-05 10:36:50 can I copy them into 2015-03-05 10:38:04 media/USB/apks/arch? 2015-03-05 10:39:52 the packages I want after reboot are dnscrypt-proxy dnscrypt-proxy-setup and dnscrypt-proxy-doc 2015-03-05 10:43:23 perhaps copy unbound too for a caching dns server to use with dnscrypt 2015-03-05 10:43:30 maybe it's time to move them to main i guess 2015-03-05 10:43:40 hmm, my unbound doesn't work lately 2015-03-05 10:44:21 it complains about error: setsockopt(..., IP_MTU_DISCOVER, IP_PMTUDISC_OMIT...) failed, Invalid argument 2015-03-05 10:45:38 also is unbound what I want? 2015-03-05 10:45:48 depends on your setup 2015-03-05 10:45:49 what about nsd? 2015-03-05 10:46:17 I'll be using a local DNS server on my LAN (on this alpinelinux box) 2015-03-05 10:46:32 but unbound is quite excellent in routing different dns networks, like you can have your own vpn resolved with it, and eall that does not belong there goes to dnscrypt-proxy 2015-03-05 10:46:38 that will use dnscrypt when it needs to fetch an DNS in doesn't known about 2015-03-05 10:46:48 right 2015-03-05 10:46:49 exactly 2015-03-05 10:47:00 exactly what I want then 2015-03-05 10:47:38 you can even make tor hiddenservices resolve automatically to go via tor 2015-03-05 10:47:42 so if dnscypt is moving to main then I don't need to do anything 2015-03-05 10:47:48 neat 2015-03-05 10:48:10 unsure 2015-03-05 10:48:59 until then where do I copy the packages so when I reboot the router it can find them 2015-03-05 10:49:43 it needed libsodium, wget and sed 2015-03-05 10:52:23 libsodium is in testing too 2015-03-05 10:53:08 http://wiki.alpinelinux.org/wiki/Alpine_local_backup 2015-03-05 10:55:55 BitL0G1c: which bit am I looking at specifically? 2015-03-05 10:56:44 all of it I think to customise an lbu install 2015-03-05 10:57:18 oh so there isn't a special option for saving packages that are from testing then. 2015-03-05 10:58:51 doesn't seems to be - I always do a hard disk install even to a usb 2015-03-05 10:59:25 ah 2015-03-05 11:00:09 I guess I'll just save the three apks separately for the time being until I figure it out 2015-03-05 11:00:28 i can let you know the file locations 2015-03-05 11:01:25 http://hastebin.com/ajitisizom.pl 2015-03-05 11:02:01 grab gnu sed / wget too for dnscrypt-setup 2015-03-05 11:03:55 last line s/be /bin/sed 2015-03-05 11:04:23 http://hastebin.com/fuqufacada.avrasm 2015-03-05 11:04:57 ah that's one way of doing it I guesa 2015-03-05 11:35:44 c512: another option is to do a hard disk install but keep /var/log & /tmp in ram to reduce writes 2015-03-05 11:36:02 that's how i run from usb 2015-03-05 11:38:07 c512: I used these notes http://archlinuxarm.org/forum/viewtopic.php?f=55&t=1341 2015-03-05 11:38:23 makes updating easier 2015-03-05 14:30:08 for run-from-ram, you need to enable package cache to get packages installed on reboot if they are not included in the iso 2015-03-05 14:30:27 copying them to /media/USB/apks/arch isn't enough, since it doesn't update the index 2015-03-05 14:30:51 package cache is set up by setup-alpine (or a sub-script) 2015-03-05 14:31:23 maybe c512 will read the irc log and see this :( 2015-03-05 14:31:50 excellent ifno! thanks, i guess there's more people interested in this regularly. 2015-03-05 14:32:23 ACTION makes a bookmark for the next one who asks 2015-03-05 19:44:20 is there any implementation of the 'locale' command for alpine? 2015-03-05 19:44:46 (for scripts that need it. lack of it is breaking buildroot) 2015-03-05 20:01:19 we could borrow the one from freebsd 2015-03-05 20:01:35 i've tested it before and it works fine with musl 2015-03-05 20:03:33 does it report correct results? 2015-03-05 20:16:02 something else annoying -- tar on alpine gives errors for compressed archives without explicit -z, etc. rather than auto-detecting like it does on my own busybox builds 2015-03-05 20:16:07 so some options must be off 2015-03-05 20:18:42 ah this 2015-03-05 20:18:43 # CONFIG_FEATURE_TAR_AUTODETECT is not set 2015-03-05 20:19:20 heh i didnt know it can autodetect 2015-03-05 20:20:01 i hate trying to remember the right options for xz, lzma, bz2, etc. 2015-03-05 20:20:29 auto detection of formats can cause all sorts of brokenness so i can understand they turned it off 2015-03-05 20:21:01 well in the case of tar i think you can conclusively distinguish valid tar files and valid compressed files in all the supported formats 2015-03-05 20:21:06 it's not just heuristic 2015-03-05 21:05:09 hmm, alpine's ldconfig is exiting with nonzero status and breaking buildroot target-finalize 2015-03-05 21:13:25 dalias, does running valgrind with grsec/pax kernel cause inherent errors 2015-03-05 21:13:54 meaning like does pax do something with memory operation functions that valgrind considers to be incorrect but isn't 2015-03-05 21:17:34 dalias, I think it might? just wrote a contrived program that all it does is malloc 15 bytes then frees it and returns 0 and thats it 2015-03-05 21:17:40 and I still get memory free errors 2015-03-05 21:21:55 dalias, http://sprunge.us/GNUA 2015-03-05 21:22:12 dalias, I'm probably messing up but would like to know how to fix this 2015-03-05 21:24:01 reclaim_gaps 2015-03-05 21:24:22 there should be a valgrind exception for that 2015-03-05 21:24:59 it is a libc internal hack to free some memory around mmaped shared libraries and reuse it for malloc purposes 2015-03-05 21:26:42 the lost unfreed memory it reports is the initial_tls 2015-03-05 21:30:46 systmkor: is that a valgrind run with a trivial executable with one malloc/free? 2015-03-05 21:31:02 i think musl shouldnt calloc initial_tls in that case 2015-03-05 21:40:28 nsz, yah it's a trivial malloc & free one sec 2015-03-05 21:40:59 nsz, the dynamic linker uses calloc to maintain its own dso list, etc. 2015-03-05 21:41:03 nsz, http://sprunge.us/jfLL 2015-03-05 21:41:09 normally the first few calls will come from the reclaimed gaps 2015-03-05 21:41:14 source code, (i may have goofed, haven't really touched C code in a while) 2015-03-05 21:41:18 but valgrind suppressed that by replacing malloc, it seems 2015-03-05 21:54:57 ah m'kay 2015-03-05 21:55:13 so no simple runtime flag or option to make it work correctly with pax? 2015-03-05 21:55:21 I just need to test in vanilla kernel? 2015-03-05 22:01:54 systmkor: i dont think it has anything to do with pax 2015-03-05 22:02:03 oh okay 2015-03-05 22:02:33 just guessing, not sure what is affecting it 2015-03-05 22:03:15 musl calls free on memory that was never allocated, that's how it puts some mmaped memory into the malloc free list 2015-03-05 22:03:30 this dirty trick is only done in the dynamic linker 2015-03-05 22:03:46 valgrind cannot know about that so it reports invalid free 2015-03-05 22:04:41 or does pax prevent running this executable? 2015-03-05 22:14:48 nsz, I believe the executable runs 2015-03-05 22:22:19 i wonder how valgrind is injecting its malloc wrapping/replacement 2015-03-05 22:24:30 anyway systmkor the 'leak' you're seeing is allocation of an immutable object that can never be freed 2015-03-05 22:24:35 the dynamic linker will do a lot of that 2015-03-05 22:25:39 m'kay 2015-03-05 22:25:43 was thinking that might be it 2015-03-05 22:26:09 dalias, thanks for the info 2015-03-05 22:26:17 if there were other libs in use you'd see them all too 2015-03-05 22:26:25 valgrind needs an exclusions file for this 2015-03-05 22:31:28 ahh m'kay 2015-03-05 22:43:52 cool cool 2015-03-05 22:58:05 dalias, have you ever worked with aufs before? 2015-03-05 22:58:26 i have a crude libressl package and next phase is to compile a few other packages that depend on openssl 2015-03-05 22:58:46 it might just be quicker to go with an lxc container though 2015-03-06 00:42:05 anyone know which pkg has '/usr/include/unistd.h' ? 2015-03-06 00:43:29 musl-dev? 2015-03-06 00:43:37 libc-dev? 2015-03-06 00:44:28 is in musl-dev :) 2015-03-06 00:49:31 is there a trick to dealing with 'TEMP_FAILURE_RETRY' from unistd.h ? I keep getting: error: implicit declaration of function 'TEMP_FAILURE_RETRY' 2015-03-06 00:57:09 just remove it :) 2015-03-06 00:57:44 if an application really has a need for that macro, it should define its own version 2015-03-06 00:57:44 just remove the functions which use it ? 2015-03-06 00:57:52 but most likely it's cargo-culting 2015-03-06 00:59:07 the lowest-risk solution is to copy this into the source: 2015-03-06 00:59:09 https://sourceware.org/git/?p=glibc.git;a=blob;f=posix/unistd.h;h=80a5b86998b4cde7fbb39bcac7ee083b235f1837;hb=HEAD#l1101 2015-03-06 01:00:06 but you can generally just replace TEMP_FAILURE_RETRY(expr); with expr; 2015-03-06 01:00:41 btw the glibc macro actually has a bug. for functions that return a type wider than long, the result gets truncated 2015-03-06 01:01:57 this is a big help - thank you very much 2015-03-06 01:02:27 this whole thing is a load of cargo cult thinking 2015-03-06 01:54:15 dalias BitL0G1c I think I was just successful of building libressl 2015-03-06 01:54:26 then building openssh with libressl as its depenedency 2015-03-06 01:54:30 need to double check 2015-03-06 01:54:39 and connected so a ssh server with it 2015-03-06 01:55:49 cool 2015-03-06 01:55:57 it would be great if alpine could drop openssl :) 2015-03-06 01:56:52 dalias, well i ncoppa is concerned about either breaking things or other various b.s. reasons for hopping over 2015-03-06 01:57:05 I agree that we should build up a documented case for switching 2015-03-06 01:57:24 and makes some automated tests to verify that the switch maintains functionality 2015-03-06 01:59:02 well there is "functionality" it would not maintain 2015-03-06 01:59:11 functionality like support for export-grade ciphers 2015-03-06 01:59:21 :) 2015-03-06 01:59:43 :P 2015-03-06 01:59:50 well I meant functionality we care about 2015-03-06 01:59:57 within reason 2015-03-06 02:00:21 but yah there was just another ssl exploit a couple days or a week ago 2015-03-06 02:01:46 ACTION http://giphy.com/gifs/TWWdvdLfPwpFu/html5 2015-03-06 02:04:08 seriously, WHY is that code still even there? 2015-03-06 02:04:19 the code paths for ciphers that are broken should simply be removed 2015-03-06 02:04:23 all-minus-lines patch 2015-03-06 02:04:43 idk 2015-03-06 02:05:03 if my company makes a tons of money I would love to start and help fund a big audit for libressl 2015-03-06 02:05:22 since I think the developers would be really happy to have that kind of assistance 2015-03-06 02:05:43 isn't CII already doing that with openssl? 2015-03-06 02:05:50 idk 2015-03-06 02:06:04 any findings they end up with for openssl also apply to libressl (unless libressl has already removed the offending code) 2015-03-06 02:06:20 well libressl as far as I know right now 2015-03-06 02:06:23 is still pretty much 2015-03-06 02:06:26 gut code 2015-03-06 02:06:35 and patch needed actually reasonable code to keep 2015-03-06 02:07:08 I don't know if they are going to be a continous slight offshoot of openssl 2015-03-06 02:07:10 idk 2015-03-06 02:07:55 dalias, do you know what CII's audit track record is like? 2015-03-06 02:08:10 i haven't followed the details 2015-03-06 02:08:13 ah m'kay 2015-03-06 02:08:46 I need to find time to get back to formalizing the apk spec 2015-03-06 02:08:51 so I can implement it in go 2015-03-06 02:09:13 latter part is for teaching myself not so much for production use 2015-03-06 02:10:44 also would love to spend money and time assisting with MUSL 2015-03-06 02:12:33 dalias, other than ssh any other quick programs that don't require much setup I could test to see if they compile 2015-03-06 02:12:38 and function with libressl? 2015-03-06 02:13:03 we're using libressl in void. 2015-03-06 02:16:00 bougyman, in void? 2015-03-06 02:16:40 void linux 2015-03-06 02:16:59 packages build against libressl, not openssl 2015-03-06 02:17:02 ahhh cool cool 2015-03-06 02:17:42 i've not seen any problems related to it crop up, but i've only been in the void for a few months. 2015-03-06 02:18:29 bougyman, noted, thanks :D 2015-03-06 02:19:16 has anyone runitted alpine yet? 2015-03-06 02:19:56 I see a runit aport but not the supervision/start scripts for it 2015-03-06 02:22:16 bougyman, I don't think so 2015-03-06 02:22:23 bougyman, care to help out? 2015-03-06 02:22:23 :P 2015-03-06 02:23:08 systmkor: yeah I can do it. 2015-03-06 02:23:24 in return you'll help when I have questions getting ohai support for alpine :) 2015-03-06 02:23:38 i'm not familiar with ohai 2015-03-06 02:23:40 ohai is chef's "what operating system is this and how do I screw with it?" library 2015-03-06 02:23:45 I figured you weren't. 2015-03-06 02:23:55 ohhhhh 2015-03-06 02:23:58 chef is one of the 'infrastructure as code' frameworks. 2015-03-06 02:24:10 I want to turn alpine into my server distro (and void on my desktops) 2015-03-06 02:24:15 yah i'm not familiar with chef 2015-03-06 02:24:17 void is rolling, bleeding edge, hipster. 2015-03-06 02:24:22 but I would like more devops tools on Alpine 2015-03-06 02:24:25 doesn't belong on servers but I love it on my laptop. 2015-03-06 02:24:45 alpine is perfect for my servers cept we're all chef deployment here. 2015-03-06 02:25:01 we spent a week spiking on it (another devops guy and I) and kind of got a hitlist of what we need. 2015-03-06 02:25:06 I probably could start helping next week 2015-03-06 02:25:08 just haven't returned back to it yet, it's been busy. 2015-03-06 02:25:13 i have done s6 init scripts in execline, i guess that doesn't help you much with runit 2015-03-06 02:25:21 why not? 2015-03-06 02:25:23 tA2p0mM5M4HU, oh that wass you? 2015-03-06 02:25:24 nice 2015-03-06 02:25:30 if execline were installed they work fine. 2015-03-06 02:25:34 right 2015-03-06 02:25:39 I have execlineb ./run scripts in my runit stuff . 2015-03-06 02:25:44 and all the other s6 utilities needed 2015-03-06 02:25:51 kool. 2015-03-06 02:26:03 someone in #void showed me some stupidity of execlineb and I just went back to sane shell scripts :) 2015-03-06 02:26:17 s6 has some good stuff, I would totally love s6 as init, too. 2015-03-06 02:26:27 what was the stupidity? 2015-03-06 02:26:30 hell I'd be fine with svscan as pid1 2015-03-06 02:26:44 tA2p0mM5M4HU: i've slept since then. I'll ask again when chris2 wakes up 2015-03-06 02:26:50 thx! 2015-03-06 02:26:51 they're all .eu 2015-03-06 02:26:52 quite interested 2015-03-06 02:27:19 something about passing all those execs in argv and some way to screw stuff up. 2015-03-06 02:28:47 the nice thing about s6, daemontools, runit is that almost everything is compatible, drop-in, pick and choose. 2015-03-06 02:28:56 I think perpd, too. 2015-03-06 02:29:48 curl compiles with libressl and appears to properly get a page over https 2015-03-06 02:29:55 it does, here. 2015-03-06 02:30:33 bougyman, is there a good reason that runit is handles the system initialization and acts as the supervisor of processes 2015-03-06 02:30:46 systmkor: what do you mean? it doesn't do both. 2015-03-06 02:30:47 those always seemed as separate problems to me 2015-03-06 02:30:54 runit handles the init process. 2015-03-06 02:30:56 bougyman, I thought you just said it di 2015-03-06 02:31:10 runsvdir handles the supervision runsv processes. 2015-03-06 02:31:18 runsv processes supervise individual processes. 2015-03-06 02:31:41 http://www.voidlinux.eu/usage/runit/#example-process-tree 2015-03-06 02:31:46 that says it much clearer 2015-03-06 02:32:20 m'kay 2015-03-06 02:32:31 so it's more like supervisord ? 2015-03-06 02:32:43 just to make sure I'm not getting things messed up 2015-03-06 02:32:55 yeah, that's the other one I forgot about 2015-03-06 02:33:07 supervisord, runit, s6, perpd, and daemontools. 2015-03-06 02:33:10 m'kay cool yah I would really like having examples with runit or supervisor 2015-03-06 02:33:12 daemontools was the grandaddy. 2015-03-06 02:33:12 for various daemons 2015-03-06 02:33:20 runit is a child. 2015-03-06 02:33:25 as in? 2015-03-06 02:33:32 perpd and supervisord and s6 are grandchildren 2015-03-06 02:33:40 ahhhh 2015-03-06 02:33:40 I just mean that's the historical order. 2015-03-06 02:33:51 m'kay wasn't sure if you meant as a project 2015-03-06 02:33:55 nope. 2015-03-06 02:33:56 like only been around for 2 years 2015-03-06 02:33:58 or as in yah 2015-03-06 02:33:59 got it 2015-03-06 02:34:17 all separate, but they uphold some of the same standards to make the utilities compatible, for the most part. 2015-03-06 02:34:18 bougyman, so sure when would you like help with ohai? 2015-03-06 02:34:30 i'll try to work it into my schedule 2015-03-06 02:34:31 systmkor: let me clear it with my boss and I can probably devote a week to it. 2015-03-06 02:34:36 that would get a good chunk. 2015-03-06 02:34:49 m'kay yah I need to coordinate with my team members 2015-03-06 02:35:15 well it'll be more on my side (ruby code shelling out to parse output it never should) than yours. 2015-03-06 02:36:18 I've done a total of 3 ohai plugins thus far. so i'm totally (not) ready. 2015-03-06 02:36:31 bougyman, http://giphy.com/gifs/uB52LKqViQQOQ/html5 2015-03-06 02:36:51 totally 2015-03-06 02:36:58 hey having someone to help with testing 2015-03-06 02:37:01 and monkey work can 2015-03-06 02:37:05 speed things up a lot 2015-03-06 02:54:06 true that. 2015-03-06 03:12:26 so how to add vga mode at the booting? i was running alpine linux on qemu on my macbook air, the default resolution 1024x768 is not suit for the host, so i want to adjust it to 640x480 2015-03-06 03:13:23 yunfan, if I remember correctly the default is no longer a graphical screen with gtk 2015-03-06 03:13:31 it starts up a vnc server to connect to 2015-03-06 03:13:42 which I believe displays 2015-03-06 03:13:54 connect to that and I think that should give you video access 2015-03-06 03:14:01 systmkor: i downloaded the mini iso 2015-03-06 03:14:23 yunfan, oh sorry what system are you running qemu on? 2015-03-06 03:14:36 vnc looks not a straight way, but its a solution, will consider that 2015-03-06 03:14:44 systmkor: macos x 2015-03-06 03:14:56 oh okay then ignore what I said 2015-03-06 03:15:14 are you wanting to get X up and running or something else ? 2015-03-06 03:15:19 nope 2015-03-06 03:15:28 mac's gui is better i think 2015-03-06 03:15:35 k 2015-03-06 03:15:39 i just need alphine as my developing environment 2015-03-06 03:15:42 yah 2015-03-06 03:15:46 since i am a backend developer 2015-03-06 03:15:50 i dont need X 2015-03-06 03:15:52 so are you trying to get X up in the qemu 2015-03-06 03:15:55 ahh m'kay 2015-03-06 03:16:19 so you are just not getting any display or response with trying to load alpine-mini? 2015-03-06 03:17:05 i used to work just on server, but recently the network often down, so i think i could use qemu as the enviroment, all i need is a flashdisk when i go to other place 2015-03-06 03:17:15 systmkor: yes 2015-03-06 03:17:47 i have a mac laptop give me a second to try it out 2015-03-06 03:17:55 yunfan, what did you do to install qemu? 2015-03-06 03:17:57 systmkor: sorry, the answer is no 2015-03-06 03:17:58 brew install ? 2015-03-06 03:18:15 systmkor: my problem is the default resolution is too big for my mba's screen 2015-03-06 03:18:33 i cant see the bottom line of the guest os's 2015-03-06 03:18:44 so i want it to use a lower resolution 2015-03-06 03:18:45 oh 2015-03-06 03:19:05 hrm not sure off the top of my head 2015-03-06 03:19:07 lemme try out 2015-03-06 03:19:07 or maybe i could use qemu -nographic? 2015-03-06 03:19:12 oh yah 2015-03-06 03:19:13 do that 2015-03-06 03:19:14 waaaayy 2015-03-06 03:19:16 easier 2015-03-06 03:19:19 just connects to your shell 2015-03-06 03:19:24 ok, will try that now, 2015-03-06 03:19:27 '/terminal 2015-03-06 03:21:50 systmkor: it works by using -curses 2015-03-06 03:22:24 oh yah 2015-03-06 03:22:30 that's the one I was thinking of 2015-03-06 03:22:37 nice, good job 2015-03-06 03:22:49 thanks for the guiding 2015-03-06 03:23:06 no problem 2015-03-06 03:23:11 oh 2015-03-06 03:23:15 yes? 2015-03-06 03:23:48 after booting, when it came to login screen, it change to vga mode, and -curses cant support that 2015-03-06 03:24:57 hrmmm 2015-03-06 03:25:10 strange, i know i've done this before 2015-03-06 03:26:37 may -curses -nographic 2015-03-06 03:26:45 *maybe 2015-03-06 03:26:53 if not i'll try messing around with my lapopt 2015-03-06 03:26:55 *laptop 2015-03-06 03:45:27 bitl0g1c, any news on perf? 2015-03-06 03:59:50 also not work 2015-03-06 04:00:02 yunfan, okay lemme mess with on my laptop 2015-03-06 04:00:13 so did you use brew to install on os x? 2015-03-06 04:01:31 systmkor: i think its' the vga driver's problem. 2015-03-06 04:01:45 that's possible 2015-03-06 04:01:53 so i'm going to take that as a yes 2015-03-06 04:01:59 on how you installed qemu on your mac 2015-03-06 04:03:49 would anyone else be willing to pitch in for alpine to actually have an ssl certificate 2015-03-06 04:03:55 at least for the website? 2015-03-06 04:08:02 Let's Encrypt will be up in a few months anyway 2015-03-06 04:08:27 dalias, true however that I don't think has extra manual checking or w/e 2015-03-06 04:08:33 meaning it's definitely a great start 2015-03-06 04:08:34 ? 2015-03-06 04:08:48 dalias, let's encrypt is just an automated means for basic certs 2015-03-06 04:09:09 which some cert providers they take a bit more effort to verify human & such behind the cert 2015-03-06 04:09:20 also I don't know if it provides EV cert or w/e 2015-03-06 04:09:25 most take less effort unless you're paying for EV 2015-03-06 04:09:47 well that's what I was thinking 2015-03-06 04:09:48 my bad 2015-03-06 04:09:48 EV 2015-03-06 04:10:19 afaik EV is rather expensive and requires a lot of paperwork with the legal entity the cert is being issued for 2015-03-06 04:10:33 and probably only makes sense for financial institutions and the like 2015-03-06 04:10:56 EV only has any benefit at all if your users know they should be looking for an EV cert 2015-03-06 04:11:09 I would say it depends on the amount of trust needed or the amount of risk associated with the cert being incorrect 2015-03-06 04:11:12 because otherwise even if you have EV, someone can just get a forged non-EV cert and use that instead 2015-03-06 04:11:15 obut regardless 2015-03-06 04:11:26 that doesn't prevent other root CAs hijacking an EV cert 2015-03-06 04:11:53 and users who don't know they should only trust an EV cert will see a 'valid' cert 2015-03-06 04:13:04 well anyone who isn't actively checking would just see a 'valid' cert 2015-03-06 04:13:19 but that is somewhat out of the hands of alpine with respect to webbrowsing 2015-03-06 04:13:28 right. that's why EV is of questionable value imo 2015-03-06 04:13:38 m'kay reasonable 2015-03-06 04:14:01 the whole CA system is only as strong as its weakest link (weakest CA) 2015-03-06 04:14:15 so shopping for a CA with better practices does not protect your users 2015-03-06 04:14:46 well sorta 2015-03-06 04:15:12 purchasing a cert from the chinese post office vs digi cert 2015-03-06 04:15:17 there is some difference 2015-03-06 04:15:17 instead new techniques like certificate pinning and informing clients over alternate channels what certs to trust need to be developed 2015-03-06 04:15:33 dalias, well there is a somewhat existing solution 2015-03-06 04:15:38 again, only if the user clicks on it to inspect 2015-03-06 04:15:40 which is rare 2015-03-06 04:15:40 just no one that I know of has addopted it yet 2015-03-06 04:15:47 *nod* 2015-03-06 04:16:14 basically the solution is basically a more distributed model of certs 2015-03-06 04:16:23 dnssec would solve the problem but too many ppl oppose it for political reasons 2015-03-06 04:16:34 well dnssec solves a portion of the problem 2015-03-06 04:16:40 doesn't entirely solve the CA problem 2015-03-06 04:16:49 plus easier solution of doing distributed CA system 2015-03-06 04:16:55 e.g. 2015-03-06 04:17:23 i send out and request of is this a valid cert from all the CAs that are pre-defined or i consider i trust 2015-03-06 04:17:45 and from there you can choose the % of consensus needed to say yes that is good 2015-03-06 04:17:47 just do it like this 2015-03-06 04:18:17 require all certs to be signed by 2/3 of oceania, eurasia, and east asia (each with one CA :) 2015-03-06 04:18:31 nah that would be a beuracratic nightmare 2015-03-06 04:18:47 distributed model would work way easier and more effectively at least I would think so 2015-03-06 04:18:49 and since they all permanently hate/distrust each other they'll never sign forged certs to help each other's authorities intercept traffic :-p 2015-03-06 04:19:39 that feels like more of a bandaid 2015-03-06 04:19:41 it would help 2015-03-06 04:19:56 but then breaking into the CA of eurasia for china 2015-03-06 04:20:00 for example 2015-03-06 04:20:02 becomes paramount 2015-03-06 04:20:10 and you still have a rather brittle system 2015-03-06 04:20:15 distributed model would mean 2015-03-06 04:20:21 that breaking one CA is not effective 2015-03-06 04:20:28 if i'm checking against 2000 CAs 2015-03-06 04:21:13 which also you can have a more live feed of quantification value of a specific CA 2015-03-06 04:21:16 with a given breach 2015-03-06 04:27:05 yunfan, for me it seems that just doing a '-curses' does what you would expect 2015-03-06 04:27:14 no vga driver / sdl screen popping up 2015-03-06 04:27:31 oh nope nvm spoke too soon 2015-03-06 05:00:09 systmkor: you could try the latest mini iso 2015-03-06 05:00:15 and using -curses 2015-03-06 05:04:53 yunfan, yah I did and i get the problem you stated 2015-03-06 05:05:01 it looks like it is booting in curses 2015-03-06 05:05:12 then prints a 1024x768 graphics mode 2015-03-06 05:05:30 only thing I can guess at moment is figuring out a different boot: prompt command 2015-03-06 05:05:46 and try to prevent a graphics driver being loaded 2015-03-06 05:05:54 systmkor: yes 2015-03-06 05:05:56 won't be able to help much more tonight 2015-03-06 05:06:03 I'll keep looking tomorrow though 2015-03-06 05:06:16 systmkor: it might be the kernel bootup with a vga mode parameters which caused this 2015-03-06 05:06:36 but many distro let you enter the vga mode parameters before booting 2015-03-06 05:07:06 i would agree that seems like the next logical step to take 2015-03-06 05:07:15 all i can suggest before I look more into it tomorrow 2015-03-06 05:07:18 is open up the iso 2015-03-06 05:07:26 and check the boot paramaters in the iso 2015-03-06 05:07:32 for the isolinux boot config 2015-03-06 05:07:40 and if you find something that causes VGA 2015-03-06 05:07:44 remove it but keep everything else 2015-03-06 05:13:01 well , are there any tools to quickly pack/extract the iso? 2015-03-06 05:39:10 BitL0G1c: i added this to the bottom of unbound.conf 2015-03-06 05:39:15 do-not-query-localhost: no 2015-03-06 05:39:16 forward-zone: 2015-03-06 05:39:18 name: "." 2015-03-06 05:39:20 forward-addr: 127.0.0.2@53 2015-03-06 05:39:31 when i run the dnscrypt-setup however 2015-03-06 05:39:33 i see this error 2015-03-06 05:39:42 /etc/unbound/unbound.conf:594: error: syntax error 2015-03-06 05:39:43 read /etc/unbound/unbound.conf failed: 1 errors in configuration fil 2015-03-06 05:46:00 hmm i think i got it working 2015-03-06 05:49:11 rc-update add dns-proxy default 2015-03-06 05:49:12 i did 2015-03-06 05:49:18 err 2015-03-06 05:49:24 rc-update add dnscrypt-proxy default 2015-03-06 05:49:33 i wonder if it's okay to add unbound to the default run level? 2015-03-06 06:32:28 grr 2015-03-06 06:32:39 seems i can't just put the apks in /media/usb/apks/x86_64 2015-03-06 06:33:11 and for some reason when i try to lbu add the binary for dnscrypt it just doesn't add it when i commit 2015-03-06 06:34:16 even though i did this http://hastebin.com/oluwafoxov.avrasm 2015-03-06 06:39:13 http://hastebin.com/raw/ezoxufeqif should indicate that it is saved? 2015-03-06 06:39:46 although when i do lbu list 2015-03-06 06:39:51 i only see the files in /etc/ 2015-03-06 06:41:49 ah they show up under lbu add -v -l 2015-03-06 07:02:37 paper_face1, setup-apkcache 2015-03-06 07:02:48 yeah i did that 2015-03-06 07:03:02 gateway:/etc/router# ls /media/usb/cache/ 2015-03-06 07:03:03 APKINDEX.a424e5b4.tar.gz dnscrypt-proxy-setup-1.4.3-r0.8eaa8c15.apk 2015-03-06 07:03:05 APKINDEX.ab8acb95.tar.gz installed 2015-03-06 07:03:07 dnscrypt-proxy-1.4.3-r0.4761d27a.apk libsodium-1.0.1-r0.2c76cc5e.apk 2015-03-06 07:03:09 dnscrypt-proxy-doc-1.4.3-r0.3acfbcb9.ap 2015-03-06 07:03:11 they're now installed in there 2015-03-06 07:03:12 you are not supposed 'lbu add' anything 2015-03-06 07:03:13 but it still wont install them on boot 2015-03-06 07:03:20 yeah but these packages are from edge 2015-03-06 07:03:22 not in stable 2015-03-06 07:03:58 ie installed them like so: 2015-03-06 07:04:01 apk add dnscrypt-proxy --update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing 2015-03-06 07:04:03 did you use --allow-untrusted ? 2015-03-06 07:04:09 oh no. 2015-03-06 07:04:12 oh 2015-03-06 07:04:13 hmm 2015-03-06 07:04:28 dnscrypt is working great 2015-03-06 07:04:41 but it's rather irritating not being able to get it to start at boot (and be installed) 2015-03-06 07:04:48 there isn't much documentation on this 2015-03-06 07:05:03 it was BitL0G1c that gave me the idea of adding the files to the lbu cache 2015-03-06 07:05:13 it's not supposed to be done like that 2015-03-06 07:05:21 the packages should go to apk cache 2015-03-06 07:05:27 and they should be picked up at boot automatically 2015-03-06 07:05:29 yeah figured as much 2015-03-06 07:05:43 i better remove the stuff them from lbu 2015-03-06 07:05:47 i am seeing it in lbu add -rv 2015-03-06 07:05:58 yes 2015-03-06 07:06:04 err 2015-03-06 07:06:28 so is the package not installing on reboot, or what is the problem? 2015-03-06 07:06:37 yeah it's not installing on reboot 2015-03-06 07:07:07 and i tried to hack it in there the files for dnscrypt http://hastebin.com/raw/ezoxufeqif 2015-03-06 07:07:31 i should remove that stuff now 2015-03-06 07:07:35 because its showing up in lbu add -v -l 2015-03-06 07:07:47 but it isn't adding it to the apkprov 2015-03-06 07:08:02 neither method worked 2015-03-06 07:09:08 basically it should work as: 2015-03-06 07:09:12 1. setup-apkcache 2015-03-06 07:09:19 2. apk add 2015-03-06 07:09:29 3. configure stuff in /etc, do rc-update add for new services 2015-03-06 07:09:32 4. lbu commit 2015-03-06 07:09:35 yup 2015-03-06 07:09:41 and it usually does for most things 2015-03-06 07:09:51 except it seems these packages in testing don't get added on boot which is odd. 2015-03-06 07:09:56 (they're not in stable at all) 2015-03-06 07:09:59 mmm 2015-03-06 07:10:11 normally those done su that: 2015-03-06 07:10:21 1. you add to /etc/apk/repositories the new repos with a tag 2015-03-06 07:10:23 e.g. 2015-03-06 07:10:37 @edge http://dl-3.alpinelinux.org/alpine/edge/main 2015-03-06 07:10:40 @testing http://dl-3.alpinelinux.org/alpine/edge/testing 2015-03-06 07:10:48 2. add packages with "apk add pkg@testing" 2015-03-06 07:10:55 3. lbu commit 2015-03-06 07:11:03 ah 2015-03-06 07:11:08 maybe that's why 2015-03-06 07:11:12 apk add file.apk 2015-03-06 07:11:16 would work too over reboots 2015-03-06 07:11:22 yeah t hat should shouldn't it 2015-03-06 07:11:29 but doing "apk --repository foo --update-cache pkg" probably does not 2015-03-06 07:11:35 yep 2015-03-06 07:12:25 my /etc/apk/repositories 2015-03-06 07:12:27 is set to 2015-03-06 07:12:29 gateway:/media/usb/cache# cat /etc/apk/repositories 2015-03-06 07:12:30 /media/usb/apks 2015-03-06 07:12:33 http://repos.lax-noc.com/alpine/v3.1/main 2015-03-06 07:12:34 #http://repos.lax-noc.com/alpine/edge/main 2015-03-06 07:12:37 #http://repos.lax-noc.com/alpine/edge/testing 2015-03-06 07:12:52 so remove # and add a tag 2015-03-06 07:12:57 that should solve the problem 2015-03-06 07:13:07 yeah but wont that upgrade the other packages to what is in testing? 2015-03-06 07:13:15 leaving me with an unstable system 2015-03-06 07:13:21 no 2015-03-06 07:13:24 if you add a tag 2015-03-06 07:13:25 oh. 2015-03-06 07:13:26 @edge or @testing 2015-03-06 07:13:32 right. 2015-03-06 07:13:34 apk will not install anything from it 2015-03-06 07:13:40 unless you specify that tag in the apk add line 2015-03-06 07:13:47 ah 2015-03-06 07:13:47 and then it affects only that package, and it's dependencies 2015-03-06 07:14:05 i should probably remove dnscrypt so that i can add it using this tag method 2015-03-06 07:14:06 see http://wiki.alpinelinux.org/wiki/Alpine_Linux_package_management#Repository_pinning 2015-03-06 07:14:34 ah 2015-03-06 07:14:42 i saw pinning and thought of holding specific package like debian 2015-03-06 07:15:12 no. it's something much nicer :) 2015-03-06 07:15:38 brb 2015-03-06 07:18:48 i shall give this a try :) 2015-03-06 07:23:46 :( 2015-03-06 07:24:59 hmm let me try again 2015-03-06 07:25:35 morning 2015-03-06 07:27:41 yeah this is weird. 2015-03-06 07:27:45 its not installing them on boot 2015-03-06 07:28:09 i do see at the bottom of /etc/apk/world 2015-03-06 07:28:19 dnscrypt-proxy@testing 2015-03-06 07:28:20 dnscrypt-proxy-setup@testing 2015-03-06 07:28:22 dnscrypt-proxy-doc@testing 2015-03-06 08:00:04 morning ncopa. back from holiday? 2015-03-06 08:04:28 clandmeter: yup 2015-03-06 08:05:41 had a good holiday? 2015-03-06 08:06:47 hmm fabled http://bugs.alpinelinux.org/issues/3493 2015-03-06 08:07:00 someone else i think is having trouble installing a package from a pinned repo on boot 2015-03-06 08:07:00 clandmeter: i had. real vacation :) 2015-03-06 08:07:10 ncopa: :) 2015-03-06 08:07:17 i wish i had a vacation some time :( 2015-03-06 08:07:23 paper_face: are you running from tmpfs? 2015-03-06 08:07:35 yes it is ram disk install 2015-03-06 08:07:42 make sure you setup cache dir 2015-03-06 08:07:49 and apk cache sync first time 2015-03-06 08:07:51 yes 2015-03-06 08:07:56 and the files are in the cache directory 2015-03-06 08:08:05 and if i go apk add dnscrypt-proxy@testing 2015-03-06 08:08:07 it installs 2015-03-06 08:08:11 from the cache 2015-03-06 08:08:22 it just doesn't seem to on boot 2015-03-06 08:08:31 cache is the same and your ovl device? 2015-03-06 08:08:49 paper_face, no that's different issue. 2015-03-06 08:08:53 yes 2015-03-06 08:08:56 and/as 2015-03-06 08:08:58 it's in /media/usb/cache 2015-03-06 08:08:59 it's due to gcc dependencies requiring g++ upgrade too 2015-03-06 08:09:13 and my apkovl is in /media/usb/gateway.apkovl.tar.gz 2015-03-06 08:09:17 it's not really a bug, but apk might have given more info why gcc cannot be upgraded 2015-03-06 08:09:25 oh :P 2015-03-06 08:09:35 it was solved by pinning g++ also 2015-03-06 08:10:02 is it acceptable to have 2015-03-06 08:10:09 @testing mentioned on the package in /etc/apk/world 2015-03-06 08:10:11 eg like 2015-03-06 08:10:23 yes 2015-03-06 08:10:24 sed 2015-03-06 08:10:27 dnscrypt-proxy@testing 2015-03-06 08:10:29 apk does it automatically 2015-03-06 08:10:29 dnscrypt-proxy-setup@testing 2015-03-06 08:10:31 dnscrypt-proxy-doc@testing 2015-03-06 08:10:33 hmm. 2015-03-06 08:10:35 yes it does. 2015-03-06 08:10:36 but you need that @testing in apk repositories too 2015-03-06 08:10:41 it is 2015-03-06 08:11:12 # cat /etc/apk/repositories 2015-03-06 08:11:14 /media/usb/apks 2015-03-06 08:11:16 http://repos.lax-noc.com/alpine/v3.1/main 2015-03-06 08:11:18 @testing http://nl.alpinelinux.org/alpine/edge/testing 2015-03-06 08:11:27 that should work 2015-03-06 08:11:33 i've been using it here for a while 2015-03-06 08:11:44 ncopa: while you were away, i was able to get nfs working by updating rpcbind to a rc tag. looks like we have some happy campers now :) 2015-03-06 08:12:23 i saw that you bumped rpcbind 2015-03-06 08:12:26 very nice! 2015-03-06 08:12:54 the only thing missing now is inotify support 2015-03-06 08:13:48 wow, someone already did patches for htat 2015-03-06 08:13:52 http://www.spinics.net/lists/linux-nfs/msg48182.html 2015-03-06 08:20:05 BitL0G1c: what does your unbound.conf look like 2015-03-06 08:34:42 is the default runlevel the right runlevel for dnscrypt-proxy and unbound? 2015-03-06 08:38:29 yes 2015-03-06 08:39:39 hmm, im pulling my hair out over this 2015-03-06 08:39:55 nothing more i can think of trying to get dnscrypt to install on boot :( 2015-03-06 08:41:03 is dnscrypt in a good shape? 2015-03-06 08:41:09 yeah its working fine 2015-03-06 08:41:15 i think proper fix would be to backport it to v3.1 2015-03-06 08:41:25 :) 2015-03-06 08:41:51 though i would like to know why this isn't working 2015-03-06 08:42:02 and i have to manually install it from my cache after a reboot 2015-03-06 08:42:11 rather than have it automatically done like all the things in 3.1 2015-03-06 08:43:16 http://hastebin.com/ubijahirec.avrasm looks as it should 2015-03-06 08:43:32 basically it installs all my other packages but just not dnscrypt. 2015-03-06 08:43:50 hum 2015-03-06 08:44:11 i woudl have expeted /etc/apk/world to contain dnscrypt-proxy@testing 2015-03-06 08:44:18 yeah i tried that 2015-03-06 08:44:23 and when i do that it complains 2015-03-06 08:44:35 what is the error message you get then? 2015-03-06 08:45:38 okay i've removed everything now. 2015-03-06 08:47:09 and now they all have @testing next to them 2015-03-06 08:47:14 but i seem to remember when i rebooted 2015-03-06 08:47:17 it wasn't installed 2015-03-06 08:47:24 and then it complained about not being able to satisfy it. 2015-03-06 08:47:30 ill try again though 2015-03-06 08:47:32 maybe i noobed up. 2015-03-06 08:47:39 apk update && apk sync 2015-03-06 08:47:50 apk cache sync 2015-03-06 08:48:27 but if you can confirm that dnscrypt-proxy works and is in good shape, then can i atleast move it to main 2015-03-06 08:48:33 yeah 2015-03-06 08:48:52 brb 2015-03-06 08:53:53 :( no luck 2015-03-06 08:54:01 so. 2015-03-06 08:54:04 when i type apk info 2015-03-06 08:54:13 i dont see the packages installed (the files aren't there either) 2015-03-06 08:54:21 *nod* 2015-03-06 08:54:38 and if you do: apk upgrade? 2015-03-06 08:54:53 ACTION wraps paper_face up 2015-03-06 09:06:49 ncopa: to answer your question apk upgrade installs them 2015-03-06 09:06:52 http://hastebin.com/rotuguloja.avrasm 2015-03-06 09:06:57 that's fresh after boot 2015-03-06 09:07:19 (course as dnscrypt-proxy was not installed i had to start it and then restart unbound) 2015-03-06 09:07:30 because unbound started and dnscrypt wasn't installed yet. 2015-03-06 09:12:28 any ideas? 2015-03-06 09:13:03 hi @all 2015-03-06 09:13:17 did anyone working at raspberry pi2 ? 2015-03-06 09:14:31 as far as I know there is no running kernel atm? so, would be nice to build one. who would do it with me ;) 2015-03-06 09:23:47 hmm i guess i'll just have to do: 2015-03-06 09:23:50 apk upgrade 2015-03-06 09:23:52 service dnscrypt-proxy start 2015-03-06 09:23:54 service unbound restart 2015-03-06 09:24:02 after rebooting each time, until dnscrypt is in the main repositories 2015-03-06 09:24:32 maybe i found a bug 2015-03-06 09:28:13 yes, this smells like a bug 2015-03-06 09:28:31 what should i try next 2015-03-06 09:29:13 try get fabled to reproduce it in a vm 2015-03-06 09:43:59 paper_face: for unbound just add to the end if /etc/unbound/unbound.conf 2015-03-06 09:44:05 ##### Settings from /sbin/setup-dnscrypt ##### 2015-03-06 09:44:05 forward-zone: 2015-03-06 09:44:05 name: "." 2015-03-06 09:44:05 forward-addr: 127.0.0.2@40 2015-03-06 09:44:21 ah yeah i got it working 2015-03-06 09:44:24 (or just run /sbin/setup-dnscrypt) 2015-03-06 09:44:30 yeah i did. 2015-03-06 09:44:45 :) ok great 2015-03-06 09:44:46 its working great except for dnscrypt-proxy not installing from cache 2015-03-06 09:44:52 im fiddling around with it in a VM right now 2015-03-06 09:45:00 from scratch 2015-03-06 10:02:19 because i don't have a spare usb stick i created a vdi image 2015-03-06 10:02:24 and installed it to that 2015-03-06 10:02:56 the only thing i noticed is it mounts it to /media/UUID=A3C9-D1BC instead of /media/usb 2015-03-06 10:03:25 is that because of the syslinux warning in here http://wiki.alpinelinux.org/wiki/Create_a_Bootable_USB#Add_Alpine_Linux_to_the_USB_stick 2015-03-06 10:15:28 hmm i don't think i can change it to usbdisk if it's not a usbdisk can i 2015-03-06 10:16:08 http://wiki.alpinelinux.org/wiki/Create_a_Bootable_USB#Wrong_Device_Name 2015-03-06 10:36:58 no you cannot 2015-03-06 10:37:03 better use UUID=.... 2015-03-06 10:37:11 yeah i did 2015-03-06 10:37:14 that worked :) 2015-03-06 10:37:18 found out the hard way 2015-03-06 10:39:45 hmm i must have butchered something then because it is working in my VM 2015-03-06 10:49:05 Hello, I'm trying to install ownCloud. I'm configured nginx, but there is no /var/www/... dir. Am I supposed to create it manually? 2015-03-06 10:51:34 robin666: iirc yes, i remember having to do a few things to make nginx run 2015-03-06 10:57:57 darkfader: alright, i guess the directory itself doesn't matter? in the config file on the wiki it says "/var/www/vhosts/mysite.mydomain.com/www", but I can just use /var/www right? Or is this not recommended? 2015-03-06 10:59:39 should be fine 2015-03-06 11:00:28 i think /var/www/localhost/htdocs have been the default docroot for the other webservers 2015-03-06 11:10:24 ncopa: so i installed alpinelinux to a vm, and did setup-apkrepos, pinned a @testing repo ran setup-apkcache, installed dnscrypt-proxy and rebooted 2015-03-06 11:10:32 the package was installed in the VM 2015-03-06 11:10:59 on my gateway however, no such luck, i even cleared the cache 2015-03-06 11:11:01 ie 2015-03-06 11:11:04 apk cache clean 2015-03-06 11:11:06 apk cache download 2015-03-06 11:11:08 but that didn't fix it 2015-03-06 11:15:17 I get a 500 Internal server error in the browser now. This is the nginx error log entry: 2015/03/06 12:10:10 [error] 5701#0: *1 rewrite or internal redirection cycle while internally redirecting to "/index.html", client: 81.82.XXX.XXX, server: luna.hopper.pw, request: "GET / HTTP/1.1", host: "mysite.domain.com:4443" 2015-03-06 11:16:04 whoops, didn't do too good censoring myself there 2015-03-06 11:18:02 robin666: isnt there a wiki entry on how to setup owncloud on alpine? 2015-03-06 11:19:02 clandmeter: yes I'm using that as a guide, but I got stuck with nginx now 2015-03-06 11:21:32 i think the last time i tried, i used lighttpd. 2015-03-06 11:21:52 Aha got it working! Had a typo in the path to the htdocs 2015-03-06 11:30:04 ncopa, welcome back 2015-03-06 11:39:23 indeed welcome back 2015-03-06 11:39:48 also i use dnscrypt-proxy regularly, it's solid. if possible i would move it to main. 2015-03-06 11:50:23 ncopa: okay so i rolled back to a apkovl before i even mucked around with dnscrypt-proxy, unbound etc. Ran setup-apkrepos, pinned @testing, ran setup-apkcache, installed dnscrypt-proxy, lbu commit 2015-03-06 11:50:26 and still the same issue 2015-03-06 11:50:56 http://hastebin.com/ikajiworey.coffee these aren't being installed on boot 2015-03-06 11:51:08 and i have no idea why it worked in my VM 2015-03-06 11:51:36 i've compared all the files in /etc/apk and /media/usb/cache and they are identical 2015-03-06 12:06:35 ncopa: is there some way to add logging 2015-03-06 12:06:39 to the apk installation process 2015-03-06 12:07:35 seems to install all those things http://hastebin.com/ucitanezif.hs (except it just skips over the dnscrypt packages) 2015-03-06 12:10:46 dalias: thanks! 2015-03-06 12:11:42 paper_face: it sounds like it is not able to find the apk cache from initranfs for some reason 2015-03-06 12:11:49 yes 2015-03-06 12:16:25 :q 2015-03-06 12:17:19 paper_face, perhaps the mount point name is different during early bootstrap 2015-03-06 12:17:24 what's the mount point? 2015-03-06 12:17:34 and what's the kernel boot cmdline ? 2015-03-06 12:17:51 i've got the cache in /media/usb/cache 2015-03-06 12:17:59 basically etc/apk/cache symlink needs to be valid during early boot 2015-03-06 12:18:10 yeah 2015-03-06 12:18:20 what i did notice is in syslinux.cfg 2015-03-06 12:18:26 append initrd=/boot/initramfs-grsec alpine_dev=UUID=D38E-0C1D:vfat modules=loop,squashfs,sd-mod,usb-storage quiet 2015-03-06 12:18:30 it mentions the UUID 2015-03-06 12:18:38 the difference was with my VM 2015-03-06 12:18:43 was that was actually a disk device 2015-03-06 12:18:48 not usbdev 2015-03-06 12:18:50 that probably causes it 2015-03-06 12:18:57 what is the etc/apk/cache symlink like? 2015-03-06 12:19:17 which is probably lrwxrwxrwx 1 root root 16 Mar 6 11:39 cache -> /media/usb/cache 2015-03-06 12:19:25 where as on my vm 2015-03-06 12:19:27 it is 2015-03-06 12:19:33 and what's in /etc/fstab 2015-03-06 12:19:42 cache -> /media/UUID=A3C9-D1BC/cache 2015-03-06 12:20:03 gateway:/media/usb/boot/syslinux# cat /etc/fstab 2015-03-06 12:20:05 /dev/cdrom /media/cdrom iso9660 noauto,ro 0 0 2015-03-06 12:20:07 /dev/usbdisk /media/usb vfat noauto,ro 0 0 2015-03-06 12:20:10 exactly the same as the VM 2015-03-06 12:20:33 ln -sf /media/usb/cache /etc/apk 2015-03-06 12:20:37 try that ^^^ 2015-03-06 12:20:47 ncopa, it is like thatin the real hw 2015-03-06 12:20:55 the problem is that syslinux.cfg has alpine_dev=UUID=xxx 2015-03-06 12:21:04 but the symlink points to /media/usb/cache 2015-03-06 12:21:22 ah 2015-03-06 12:21:27 then the opposite then 2015-03-06 12:21:28 paper_face, vfat usb ? 2015-03-06 12:21:29 ncopa: that is what the symlink was though 2015-03-06 12:21:42 paper_face: try the opposite 2015-03-06 12:22:01 does it support symlink and UUID ? 2015-03-06 12:22:04 okay 2015-03-06 12:22:13 make /etc/apk/cache a symlink that points to /media/UUID=A3C9-D1BC/cache 2015-03-06 12:22:31 no, i think you have missunderstood me 2015-03-06 12:22:38 the one that is actually on the VM 2015-03-06 12:22:42 is not booting off a usb device 2015-03-06 12:22:43 ncopa, no, it should be /media/UUID=D38E-0C1D/cache 2015-03-06 12:22:50 that one works 2015-03-06 12:22:57 yeah :P what fabled said 2015-03-06 12:23:12 paper_face, or then change syslinux.cfg to alpine_dev=usbdisk:vfat 2015-03-06 12:23:28 i woudl like to get rid of alpine_dev boot opt 2015-03-06 12:23:38 me too 2015-03-06 12:23:59 mm okay 2015-03-06 12:24:17 and initramfs should probably pick $bootmedia/cache as cache regardless of what the symlink is in overlay 2015-03-06 12:24:26 because the mountpoint names can vary 2015-03-06 12:24:30 and yeah the symlink was correct. 2015-03-06 12:24:34 so it can only be syslinux.cfg 2015-03-06 12:24:53 ill change alpine_dev=UUID=D38E-0C1D:vfat to alpine_dev=usbdisk:vfat 2015-03-06 12:24:56 and see if it works 2015-03-06 12:25:11 paper_face, as long as you don't have multiple usb sticks, it should be ok 2015-03-06 12:25:18 nah there's only one 2015-03-06 12:25:35 i think we default to that UUID=xxx thing to support installs where there are multiple usb storage devices connected 2015-03-06 12:25:43 right 2015-03-06 12:26:05 which is interesting because that was created by setup-bootable 2015-03-06 12:26:09 try alpine_dev=sda1:vfat if it does not work, assuming sda1 is the AL disk 2015-03-06 12:27:22 ncopa, reminds me, why would the usb device end up as /media/usb after bootstrap and not remain as /media/UUID=xxxx ? 2015-03-06 12:28:25 here goes. 2015-03-06 12:28:45 probably due to that fstab entry 2015-03-06 12:29:37 paper_face, how did that /dev/usbdisk entry come to be in fstab? 2015-03-06 12:29:46 i think its there by default 2015-03-06 12:29:55 not on my laptop 2015-03-06 12:30:03 maybe i removed it 2015-03-06 12:31:00 tada! 2015-03-06 12:31:10 yes using usbdev fixed it 2015-03-06 12:31:52 nice 2015-03-06 12:32:03 the way i had initially created that usb stick was by booting the iso image in a VM 2015-03-06 12:32:40 and then using a usb device, and running setup-bootable on it 2015-03-06 12:32:55 that should be basically the same as a physical system with a CD in it 2015-03-06 12:32:59 making a usb stick though 2015-03-06 12:33:22 obviously the syslinux.cfg it generates has the UUID 2015-03-06 12:34:15 paper_face1: will you make a write-up of your setup? 2015-03-06 12:34:18 yes, and it should've worked 2015-03-06 12:34:30 tA2p0mM5M4HU: i have been thinking of doing that 2015-03-06 12:34:33 after bootup you should have the usb mounted as /media/UUID=xxx 2015-03-06 12:34:33 including a pppd article 2015-03-06 12:34:37 and the cache should use that 2015-03-06 12:34:49 please do so, maybe even on the al wiki? 2015-03-06 12:34:50 it's probably the fstab mountpoint entry that confused things 2015-03-06 12:34:58 /dev/usbdisk /media/usb vfat noauto,ro 0 0 2015-03-06 12:35:02 actually fstab always had that 2015-03-06 12:35:06 it never used the UUID 2015-03-06 12:35:09 yeah. i think removing that would've fixed it also 2015-03-06 12:35:10 even when i had the UUID in syslinux 2015-03-06 12:36:10 i've also been using LABEL=foo feature 2015-03-06 12:36:34 but it's rather awkward that the bootmedia needs tobe defined on the cmdline 2015-03-06 12:36:41 so like ncopa, i want to get rid of that 2015-03-06 12:36:41 yeah 2015-03-06 12:36:49 we should have a way to detect the boot media without cmdline parameters 2015-03-06 12:39:32 anyway thanks all 2015-03-06 12:39:37 i might head to bed (gotta get up early) 2015-03-06 12:40:25 i think i might make an article on the wiki /HomeRouter 2015-03-06 12:40:29 or something like that at some point 2015-03-06 12:41:02 which includes various sections from PPP, to setting up basic iptables, to dnscrypt, to openvpn gateway 2015-03-06 14:05:54 no apk search on new website?! ? ? 2015-03-06 17:53:31 Sad, I've been subscribed to the alpine-users list for a couple weeks now, and there has been no traffic on it. Is it just not widely known, or what? 2015-03-06 18:38:35 <_ikke_> teiresias: same here 2015-03-06 18:38:41 <_ikke_> except shorter 2015-03-06 18:39:42 <_ikke_> teiresias: -devel aparently has more 2015-03-06 18:42:25 when I start X on my thinkpad w530... keyboard and mouse don't work at all, even though I installed xf86-input-{evdev,keyboard,mouse} 2015-03-06 18:42:31 am I missing something critical here? 2015-03-06 18:43:48 yes 2015-03-06 18:43:55 let me check what it is 2015-03-06 18:44:00 i think some udev or dbus thingy 2015-03-06 18:44:16 something that is done by setup-xorg 2015-03-06 18:45:26 oh hmm, I should probably run setup-xorg 2015-03-06 18:45:44 it's a short shell script 2015-03-06 18:45:50 check out what it does 2015-03-06 18:45:59 mdev and udev is what i see here 2015-03-06 18:46:33 thanks 2015-03-06 18:46:37 nice name by the way 2015-03-06 18:47:17 well it's no real name, it's more of an ever changing id 2015-03-06 18:47:51 is it a hash of your login time? 2015-03-06 18:48:03 no, the output of a dumbed down password generator ;) 2015-03-06 18:48:10 haha 2015-03-06 18:48:14 apg -q -a1 -n 1 -m 12 -M NCL 2015-03-06 18:48:50 ^^^ my alias for freenode nick generation 2015-03-06 18:49:21 do you use different parametrs for oftc? 2015-03-06 18:49:34 on other networks i run under stf or stef 2015-03-06 18:49:49 is this a protest against freenode? 2015-03-06 18:49:54 and i am privileged enough to not have to go to oftc 2015-03-06 18:50:03 partly protest, partly defense 2015-03-06 18:50:20 setup-xorg-base installed udev for me, which fixed everything, thanks 2015-03-06 18:50:35 you know your username is still set to stf? 2015-03-06 18:50:42 i am aware 2015-03-06 18:50:48 this is only about the nick 2015-03-06 18:50:56 this is not for privacy/anon 2015-03-06 18:51:12 defending against... spam? 2015-03-06 18:51:18 ghosting 2015-03-06 18:53:42 has someone got your nickserv password? 2015-03-06 18:53:43 ahills: i belong to the faction that believes in this https://ezcrypt.it/ML4n#ej6rorotmsxq7jF8ViyGjTVh 2015-03-06 18:56:01 well, thanks at least for starting your name with a lowercase glyph, so it is easy to tab-complete 2015-03-06 18:56:17 i always take care of that. indeed for that reason 2015-03-06 18:56:33 have you considered using stf as a constant prefix? 2015-03-06 18:56:58 i've been doing this for many years here, and never had problems with people identifying me, despite regularly changing nicks 2015-03-06 18:57:05 no need for the prefix 2015-03-06 18:57:07 apparently 2015-03-06 18:57:17 the experience over the years shows it 2015-03-06 18:57:30 everyone immediately identifies me, who knows me 2015-03-06 18:57:31 what if people widely adopt your philosophy? 2015-03-06 18:57:59 well, i'd rather urge them to change ircnetworks, instead of adopting workarounds. 2015-03-06 18:58:12 that's fair 2015-03-06 18:59:00 but then, i'd welcome a little more chaos in freenode ;) 2015-03-06 18:59:18 I wonder if my irc client could be configured to display usernames instead of nicks 2015-03-06 18:59:34 that's a nice idea! 2015-03-06 18:59:48 that would completely coopt the freenode nickserv thingy :) 2015-03-06 18:59:57 anyone's nickserv 2015-03-06 19:00:16 well, yes. but i'm only on this ircnetwork with an nickserv 2015-03-06 19:00:25 my scope is smaller ;) 2015-03-06 19:00:58 i guess you might run into troouble with all the root users ;) 2015-03-06 19:05:51 psh, root 2015-03-06 19:10:48 what do you guys use to interact with busybox's acpid, to query e.g. battery info? 2015-03-06 19:31:09 wow... fonts look positively terrible... 2015-03-06 20:13:59 ahills: i use: /sys/class/power_supply/BAT0/uevent 2015-03-06 21:47:14 would -anyone- be interested in powerdns? ;) 2015-03-06 22:03:51 James_T: i think it is in testing 2015-03-06 22:11:26 FWIW, I did some very loose benchmarking of libressl to find out if it's faster than openssl on Alpine 3.1.2, as was found by some early libressl results. 2015-03-06 22:12:21 I found libressl might be a few percent faster than openssl in a few tests, but not all. There's not any major difference, which is consistent with the idea that openssl has done some cleanup in the last year. 2015-03-06 22:12:45 I wouldn't use libressl for speed 2015-03-06 22:12:54 mjones_: speed is not the goal of libressl 2015-03-06 22:12:55 I would use it because the people designing it are security experts 2015-03-06 22:12:56 OpenSSL 1.0.1k vs. LibreSSL -HEAD in January. 2015-03-06 22:13:06 openssl is literal trash, quality-wise 2015-03-06 22:13:13 I would take libressl over it even if it was half the speed 2015-03-06 22:13:19 tA2p0mM5M4HU: :D 2015-03-06 22:13:54 what libressl needs is a review, not benchmarks 2015-03-06 22:14:09 tA2p0mM5M4HU: also the build in testing is broken 2015-03-06 22:14:09 also i guess lots of regression testcases 2015-03-06 22:14:24 sooooooooooooo 2015-03-06 22:14:33 tA2: ripping out the awful no-good memory allocation showed a 30% improvement in one very early test, which I can't readily locate with google. Some work I'm doing could benefit from such improvements (much as I was interested in potential musl improvements over glibc). 2015-03-06 22:15:33 and the patch to make it work sucks 2015-03-06 22:15:35 james_t: the git head is broken right now too. 2015-03-06 22:15:48 mjones_: hmm? 2015-03-06 22:15:59 i can build powerdns git master just fine 2015-03-06 22:16:37 libressl is broken. Haven't done pdns on alpine yet, but it's clean on debian. 2015-03-06 22:16:46 s/libressl/libressl-portable/ 2015-03-06 22:17:02 ha 2015-03-06 22:17:12 lel 2015-03-06 22:17:35 Just an FYI, because there's no googleable information on the current performance comparison. 2015-03-06 22:19:28 I need to build some Alpine AMIs, and I see no official ones. I guess there would be some interest in a build script? 2015-03-06 22:20:39 do it! 2015-03-06 22:22:38 hmm 2015-03-06 22:22:55 do i send patches to the alpine mailing list somewhere 2015-03-06 22:23:20 It seems like the preference is diffs to the mailing list, AFAICT. 2015-03-06 22:23:32 :) 2015-03-06 22:26:47 hello europeans, which company should I purchase a rail pass from if I need to travel between italy, switzerland, and germany? 2015-03-06 22:36:10 ahills: i dunno i guess few europeans take that offer often, i guess such railpasses are more for non-eu tourists. 2015-03-06 22:36:31 not a tourist, but I am also not eu 2015-03-06 22:38:00 locals don't use this so much i guess, this is really for tourists who want to travel as much as possible in a month 2015-03-06 22:40:14 i ride long distances on a train a lot, but since i travel mostly on fixed routes, back and forth, the various fare reductions make that more useful than such eu-wide passes 2015-03-06 22:40:56 btw i believe http://www.deutschebahn.com/de/start.html has the most complete offers all over eu. 2015-03-06 22:41:17 you can buy individual tickets there for all your routes 2015-03-06 22:41:34 dunno if that's cheaper than a month-pass 2015-03-06 22:42:02 also you ight try this: http://www.eurail.com/eurail-passes 2015-03-06 22:42:32 there is this 4 country pass for 114eur, that's quite cool 2015-03-06 22:46:06 thanks, I expected a pass to be cheaper, but I think you're right, individual tickets will probably be a better option 2015-03-06 22:46:18 unsure 2015-03-06 22:46:24 114 is quite competitive 2015-03-06 22:46:51 200km in germany can easily cost 70-80 eur 2015-03-06 22:47:28 I'm not seeing passes on this site... 2015-03-06 22:47:46 if you pass each border on a seperate ride, then i'd estimate around 200eur for costs on individual tickets 2015-03-06 22:47:54 ok 2015-03-06 22:47:55 this one: http://www.eurail.com/eurail-passes/select-pass 2015-03-06 22:48:39 found it, thanks 2015-03-06 22:48:59 but i guess, you have to try out the deutschebahn offers and see if that is more reasonable 2015-03-06 22:49:46 actually it's more expensive than 114 it seems 2015-03-06 22:49:56 I'm only seeing 413euro 2015-03-06 22:50:08 dynamic pricing. on the landing page it's enticing, on the details page aggravating ;) 2015-03-06 22:50:12 haha 2015-03-06 22:50:18 1st class only... is there no 2nd class option? 2015-03-06 22:51:01 i guess i get better prices because of geoip? 2015-03-06 22:51:10 oh god, they must MAIL me the pass??? 2015-03-06 22:51:12 what century is this? 2015-03-06 22:51:15 hehe ;) 2015-03-06 22:51:26 even in the US we have e-ticketing on our trains... and proper route planners... 2015-03-06 22:52:17 that's much easier if you're 1 country and not 28 2015-03-06 22:52:43 50 countries 2015-03-06 22:52:51 each with their own rules about who can fuck who 2015-03-06 22:53:19 it seems there are many private rail companies in europe, which I'm sure makes it very complex 2015-03-06 22:58:51 Telephone and telegraph used to be a prime route to generate hard currency through extensive export regulation. I'm not surprised if the same applies to rail. 2015-03-06 23:05:22 ah yes, colleague in germany confirms... half the price 2015-03-06 23:06:50 Fresh pull of libressl-portable still broken on my alpine but working on Debian. I'm assuming it's a clang vs. gcc problem... 2015-03-06 23:07:03 you using clang or gcc? 2015-03-06 23:09:29 Was using clang on alpine and gcc on Debian; now running again with gcc on Alpine. 2015-03-06 23:10:18 Does testing use both? 2015-03-06 23:18:13 hmm, I only use gcc when I build from testing, I don't know about the official packages 2015-03-06 23:26:12 hello 2015-03-06 23:27:17 is there a package for glusterfs out there for alpine? 2015-03-06 23:28:08 i have not found anything very recent on the subject via my google-fu 2015-03-06 23:29:51 xoritor: I don't see one in 'apk search' in 3.1.2, no. 2015-03-06 23:30:02 i didnt either :-/ 2015-03-06 23:30:29 i guess i should have mentioned i tried that first 2015-03-06 23:30:41 is gluster something you run production, or just want to test? 2015-03-06 23:30:49 prod 2015-03-06 23:31:15 well... right now it would be for testing 2015-03-06 23:31:22 heh 2015-03-06 23:31:36 but it would move to production 2015-03-06 23:31:39 that's much easier if you're 1 country and not 28 2015-03-06 23:32:21 I don't see ceph or sheepdog either. I wonder what Debian popcon would say about the popularity of these. 2015-03-06 23:32:46 sorry for the redundant redundancy 2015-03-06 23:32:48 i was going to do ceph, but trying to containerize it is a NIGHTMARE 2015-03-06 23:34:25 if alpine had it in the repos i may actually consider running alpine and then putting ceph on that for the bare metal... then firing up a vm from there to run coreos for the rest 2015-03-06 23:35:23 popcon results from debian: 2015-03-06 23:35:38 6823 glusterfs-client 1141 206 819 116 0 (Patrick Matthäi) 6856 glusterfs-common 1132 204 812 116 0 (Patrick Matthäi) 7952 glusterfs-server 340 141 170 29 0 (Patrick Matthäi) 27299 glusterfs 45 6 39 0 0 (Not in sid) 29274 libglusterfs0 2015-03-06 23:36:22 erp. Anyway, glusterfs-client and ceph-common are both neck and neck at just past the 6800th most popular package. 2015-03-06 23:36:30 i was actually trying to compile ceph on alpine... and got to the point where it needed glibc... it was just taking to long to get through 2015-03-06 23:36:43 that is a BEAST of a project 2015-03-06 23:37:12 But ceph itself is #7658, while glusterfs is #27299. This seems to mean that glusterfs-client is a prerequite of something, while ceph itself is more popular. 2015-03-06 23:38:04 ceph is the future really 2015-03-06 23:38:13 the future of... 2015-03-06 23:38:15 xoritor: good to know about ceph on musl, I always like to hear about musl compat and storage is one of my particular baliwicks. 2015-03-06 23:38:28 and glusterfs requires fuse 2015-03-06 23:38:38 Last fellows using container I spoke with were running NFS off of NetApps 2015-03-06 23:38:42 Hello all 2015-03-06 23:38:56 ahills, ceph is the #1 install for openstack storage 2015-03-06 23:38:58 I'm no lover of fuse. >:-/ 2015-03-06 23:39:04 Is this possible to build grsec kernel for ARM 2015-03-06 23:39:23 ceph does object, block, and distributed posix storage 2015-03-06 23:39:30 lol "cloud" 2015-03-06 23:39:31 ie... think nfs 2015-03-06 23:39:31 I didn't find any in alpine repo 2015-03-06 23:39:41 I try not to think of NFS, to avoid flashbacks 2015-03-06 23:40:14 think easy to use fault tolerant, distributed, replicated, self healing nfs 2015-03-06 23:40:24 ahh, salve 2015-03-06 23:40:28 ONC RPC isn't awesome, but generally I like NFS just fine. And I like it a lot better than block over FC for virtualisation environments. 2015-03-06 23:40:43 where you can replace a drive easily 2015-03-06 23:40:58 expand it indefinitely 2015-03-06 23:41:10 etc.. etc... 2015-03-06 23:41:23 savio: I have a notion I saw something in the release notes about an ASLR problem with PIE on ARM that could be related 2015-03-06 23:41:36 it has a native client that has a kernel module that has been there for years 2015-03-06 23:43:30 savio: No, it was the musl 1.1.6 release notes. FWIW: "This release features a major overhaul in the handling of atomic operations on ARM targets, improving efficiency when built for recent (v7+) cpu models and ensuring (via runtime detection) that baseline ARM binaries, which traditionally depended on the kernel's kuser_helper page for atomic support, work even on newer cpu/kernel combinations where it might be disabled for ha 2015-03-06 23:44:28 mjones_: I didn't find grsec package for ARM more specifically RPI 2015-03-06 23:44:59 Anything that needs glibc almost certainly needs to be fixed, though. I'm a portability fan from way back, and dislike monoculture immensely. 2015-03-06 23:45:33 savio: I suspect it doesn't exist, but I can't easily check. It's default on amd64: 2015-03-06 23:45:34 mjones_: https://forums.grsecurity.net/viewtopic.php?f=7&t=3292 2015-03-06 23:46:19 mjones_: above link suggest grsec does support ARM 2015-03-06 23:46:29 Not sure though 2015-03-06 23:46:50 im not sure if it requires it or not... but i didnt know how to get around the requirement for resolv.h 2015-03-06 23:46:52 savio: grsec and PaX are two different things. 2015-03-06 23:47:07 mjones_: yup 2015-03-06 23:47:34 mjones_: but grsec patch set includes pax as well right ? 2015-03-06 23:47:36 savio: my quote and that link say there are MMU/hardware issues with PaX and company, but they say nothing about grsec. 2015-03-06 23:47:47 grsec uses pax from what i know 2015-03-06 23:47:52 savio: if you do 'uname -a' on RPI, does the kernel name include '-grsec'? 2015-03-06 23:48:09 mjones_: nope 2015-03-06 23:48:11 ACTION could be wrong though 2015-03-06 23:48:13 mjo 2015-03-06 23:49:01 I guess its ncopa who maintain grsec in alpain 2015-03-06 23:49:16 May be he can comment on this 2015-03-06 23:49:23 pax is part of grsec 2015-03-06 23:50:37 ahills: so if ARM support for PaX is incomplete, you can't have grsec? 2015-03-06 23:50:50 RPI is an older ARM too, of course. 2015-03-06 23:51:21 RPI 2 is running ARM V7 2015-03-06 23:51:29 I don't know enough about grsec to know if PaX is core or not 2015-03-06 23:52:07 grsecurity incorporate pax and RBAC 2015-03-06 23:52:24 savio: at this point I strongly suspect that your ARM architecture can't support PaX; whether grsec will work without pax I do not know. 2015-03-06 23:52:31 And pax is different patch set 2015-03-06 23:52:47 mjones_: me too 2015-03-06 23:53:28 mjones_: there is one way to know this is to try ;) 2015-03-06 23:53:38 good luck o7 2015-03-06 23:54:21 xoritor: how hard did you try to get ceph compiled on alpine? I have a longer-term interest in it working, and a former cow-orker of mine works on Ceph... 2015-03-06 23:54:40 mostly just this morning 2015-03-06 23:54:44 i may work on it more 2015-03-06 23:54:55 but i am a bit in a time crunch right now 2015-03-06 23:55:00 so not real long 2015-03-06 23:55:36 really it was not that hard... i just hit that block on resolv.h and was not going to fool with trying to work around glibc 2015-03-06 23:56:06 ah, resolvers 2015-03-06 23:56:18 been working on those for unrelated reasons. 2015-03-06 23:56:37 musl chooses to do things in a more lightweight fashion. 2015-03-06 23:57:18 it's probably not a real blocker, though -- gcc causes a lot of header weirdness that musl and alpine do not brook. 2015-03-06 23:57:37 other than basic apline i had done "apk add git go automake autoconf libtool pkgconfig gcc linux-headers libc-dev g++ libuuid make util-linux-dev udev-dev xfsprogs xfsprogs-dev" to get to that point 2015-03-06 23:58:20 xoritor: k. 2015-03-06 23:58:43 xoritor: I was saying in a roundabout way that commenting out resolv.h is likely to have been the only change needed. ;) 2015-03-06 23:58:55 LOL... possibly 2015-03-06 23:59:38 alpine could use the package though, and quite a few others, if people want them. 2015-03-06 23:59:44 i will admit that i am not overly familiar with it... i may try it later 2015-03-07 00:00:42 xoritor: I'm giving it a look now while libressl-portable compiles and gives me a CANTREPLICATE of my own problem.... 2015-03-07 00:01:03 hahahaha... cool 2015-03-07 00:19:02 mjones_: just got confirmation from spender that grsec/pax works on ARMv7 2015-03-07 00:41:36 savio: ah. But no grsec kernel by default? 2015-03-07 00:42:05 mjones_: yes 2015-03-07 00:42:22 Don't know why?? 2015-03-07 00:43:25 original RPI is not ARMv7 though? 2015-03-07 00:43:38 I guess the install media is made to work on all RPI and not just RPI2? 2015-03-07 00:45:03 I have to run to a dinner for which I'm already behind, but I'll pick up the ceph stuff and packaging later and see what I can do. 2015-03-07 01:08:25 well... glusterfs gives me one after finishing ./configure.... during make i get rpc-transport.h:24:21: fatal error: rpc/rpc.h: No such file or directory 2015-03-07 01:14:14 rpc/rpc.h is from glibc & is not in musl 2015-03-07 01:15:50 yea commenting them out 2015-03-07 01:19:56 if you need sun rpc it might be possible to get via the semi-portable tirpc package 2015-03-07 01:20:01 not sure if that's packaged on alpine 2015-03-07 01:20:17 gahaaaaaaaaaaaaaaaaaaaa! 2015-03-07 01:20:17 but the whole api is utterly backwards and full of security risks 2015-03-07 01:20:30 this is nut balls 2015-03-07 01:20:34 things using it really should just be fixed not to use it 2015-03-07 07:18:34 systmkor: have you tried that problem 2015-03-07 07:54:52 yunfan, you refering to default resolution 1024x768 issue ? 2015-03-07 09:22:33 vkrishn: yep 2015-03-07 09:26:30 are you running iso, or installed on usb ? 2015-03-07 09:26:56 i am running iso 2015-03-07 09:29:51 not sure how to modify the boot param, but on my usb install I added nomodeset 2015-03-07 09:34:17 but then, why bother with 1024x768, if you are not intending to run X 2015-03-07 09:34:48 just install/configure ssh, then login into running iso 2015-03-07 09:35:02 vkrishn: because it enter a vga mode automateclly when display the login console 2015-03-07 09:36:11 yes, you would have trouble setting it first, I use ALT+mouse+drag 2015-03-07 09:36:17 vkrishn: i should first login and then install the ssh, now i cant see the bottom line which made me difficault to do installing job 2015-03-07 09:36:49 ALT+mouse+drag on the console to see the lower prompt 2015-03-07 09:39:08 will try 2015-03-07 09:41:09 nope , it cant , i am on mac osx with my macbook air 2015-03-07 09:43:43 hmm... 2015-03-07 09:44:10 hope its has such shortcut 2015-03-07 11:52:24 hey 2015-03-07 11:52:42 newbie here, so I have few stupid questions 2015-03-07 11:53:13 1) If I'm using "run-in-RAM" strategy, but with mounted persistence storage, where apk's will be installed? 2015-03-07 11:53:25 in /var or somewhere else? 2015-03-07 11:58:30 2) Is it possible to do something like "live upgrade", when, for example, I will mount iso with new alpine release, and kernel and packages will be upgraded "on the fly" (kernel with something like kgraft/kpatch) and services by just restarting with new package version 2015-03-07 13:02:38 2) no, and kexec isn't a premade feature either 2015-03-07 13:02:50 note though that the boot time & reboot time are very low 2015-03-07 13:03:21 1) i need to leave that to those doing a lot of ramboot setups 2015-03-07 13:04:40 one friend of mine would do 2) by re-imaging the "new" os image he prebuilds, i like that a lot since it is a singular change on the system, and you can do things like flipping old/new partition to have a consistent system state till reboot, on reboot you boot the other one 2015-03-07 13:04:57 i think he doesn't do that part (since no need) but, well, it's an idea :) 2015-03-07 13:05:51 i heard last week that suse and rh are possibly joining up instead of doing two alternating systems, so maybe k-patch-graft-splice will be upstream at some point 2015-03-07 13:12:06 Hello! 2015-03-07 13:12:18 Alpine is usable like a dekstop os? 2015-03-07 13:13:18 yes but there's less packaged desktop software than on other dists 2015-03-07 13:13:25 i use it on my laptop 2015-03-07 13:13:42 main thing i'm missing is chromium 2015-03-07 13:14:03 there's firefox, libreoffice, abiword, gimp, inkscape, ... 2015-03-07 13:14:31 xfce is the 'desktop environment' that's packaged 2015-03-07 13:14:33 dalias: ok, there are Xfce? 2015-03-07 13:14:37 cool :) 2015-03-07 13:15:41 dalias: zsh is also packaged? 2015-03-07 13:16:52 yes 2015-03-07 13:17:49 (and git? -> where can I check the packaged software?) 2015-03-07 13:18:08 cool 2015-03-07 13:18:28 imo easiest way to check packages is: http://git.alpinelinux.org/cgit/aports/tree 2015-03-07 13:18:49 ok thx 2015-03-07 13:19:50 xfce 4.8.3 :( 2015-03-07 13:20:30 darkfader, thanks 2015-03-07 13:20:50 also, I'm not quite sure why I can't choose to store configuration in /var 2015-03-07 13:20:51 sulido, what's latest? 2015-03-07 13:21:03 4.12 2015-03-07 13:21:25 if I'm willing to stick with booting from iso 2015-03-07 13:22:06 sulido, is it a big difference in functionality? 2015-03-07 13:22:17 gtk3 :D 2015-03-07 13:22:39 ah, so it just uses 3x the ram :-) 2015-03-07 13:23:01 :P 2015-03-07 13:23:11 I test Alpine :) 2015-03-07 13:25:57 ++ 2015-03-07 13:26:02 (and thanks!) 2015-03-07 13:28:41 is it possible to configure where to store config after running setup-alpine? 2015-03-07 14:18:56 folks i see my alpine VMs not halting completely still _on_ on "requesting system poweroff" 2015-03-07 14:19:17 wwwhat am i missing ? 2015-03-07 14:20:28 ok poweroff instead of halt -_- 2015-03-07 18:09:09 yeah some versions of halt are the same as poweroff, but not busybox I think 2015-03-07 19:49:12 yunfan, I just finished breakfast and got into work so I'll try messing around with it again while I get some of my work done today 2015-03-07 23:05:57 I have compiled Minetest from source on Alpine 3.1, however when I try to run it I get the following panic "PANIC: unprotected error in call to Lua API (runtime code generation failed, restricted kernel?)". 2015-03-07 23:06:01 How do I fix that? 2015-03-07 23:06:46 I have found this bug, but it has only been fixed in Minetest 0.4.11, whereas 0.4.12 is the latest: https://bugs.alpinelinux.org/projects/alpine/repository/revisions/77e61d273a6d3cb5432d72bd34ddd364aaa79e10 2015-03-07 23:06:57 It says "fix segfault due to JIT and PaX. Use shared lua instead of luajit" 2015-03-07 23:07:05 What does that mean "shared lua"? 2015-03-07 23:07:20 hm lua uses jit now? 2015-03-07 23:07:57 Yes in Minetest anyway, it should improve performance of the Lua mods a lot. 2015-03-07 23:08:25 luajit is a different implementation than the main one 2015-03-07 23:09:06 I have installed "luajit-dev" before compiling Minetest, do I need another one instead? 2015-03-07 23:09:44 well if luajit does not work on a pax kernel then try plain lua 2015-03-07 23:10:23 What would be the difference then? Would it not mean that the performance improvements are lost? 2015-03-07 23:11:10 but it would work at least 2015-03-07 23:11:28 nsz, thanks, you have been very helpful! ;) 2015-03-08 00:41:48 systmkor: okay 2015-03-08 03:00:00 yes, the performance improvements will be lost 2015-03-08 09:48:15 ahills: per documentation halt = shutdown -h now 2015-03-08 09:48:34 but apparently it doesn't mean the same on busybox and other distros :D 2015-03-08 09:48:46 i'm fine with poweroff anyway ^^ 2015-03-08 13:01:11 hehe: https://lists.debian.org/debian-kernel/2015/03/msg00137.html :-) 2015-03-08 13:04:44 Hi, what is the status of zfsonlinux in alpine linux? 2015-03-08 13:06:44 tA2p0mM5M4HU: ^ 2015-03-08 13:11:55 this tsync seems useful.. but it should be implemented for set*id 2015-03-08 13:49:24 what directories does gluster keep state in? 2015-03-08 13:49:33 ie... peer list 2015-03-08 13:49:37 etc... 2015-03-08 13:49:53 other than /etc/gluster 2015-03-08 13:52:19 i think i found it 2015-03-08 13:52:31 i think it is in /var/lib/glusterd/peers/ 2015-03-08 13:53:15 more specifically /var/lib/glusterd 2015-03-08 13:57:58 zenny: i ported the latest ZoL last year to alpine/musl, but during that, i found out, that running zfs on alpine creates a licensing problem (no rpc in musl, and tirpc has an incompatible license with zfs (which is fucked up cddl)) 2015-03-08 13:58:09 oops wrong channel 2015-03-08 13:58:11 lol 2015-03-08 13:59:05 well... fyi if you are looking for easy distributed replicated self healing filesystems in containers, glusterfs is very easy 2015-03-08 13:59:22 also the quality engineering of zfs on a native solaris is in no relation to the workarounds that they have to go through to work in the linux kernel are things, that reduce my trust in zfs on linux in relation to zfs on native solaris derivatives. 2015-03-08 13:59:44 next is to maybe port it to alpine... lots of glibc headers though :-( 2015-03-08 13:59:47 xoritor: glusterfs is great :-) 2015-03-08 14:00:01 jomat, i wanted to use ceph 2015-03-08 14:00:12 so you can use zfs in principle as a private person, but for serious data i'm not convinced. i stopped using zfs about half a year ago. 2015-03-08 14:00:13 jomat, but ceph is a royal PITA to use in containers 2015-03-08 14:00:26 Oh, I see... I just stuck at gluster :-) 2015-03-08 14:02:28 gluster rocks though 2015-03-08 14:02:31 i have used it lots 2015-03-08 14:02:49 and its easy to back up your data when things crash 2015-03-08 14:03:06 unlike ceph in that regard.... 2015-03-08 14:04:06 it took me all of about 15 min to get a working glusterfs cluster setup with dist-repl on coreos where i never got ceph actually working 2015-03-08 14:05:51 it uses fuse and thats not great, but it could be worse that is for sure 2015-03-08 14:08:19 right now i am trying to figure out how to make a Dockerfile and script to start it up bootstap it then store the /etc/gluster and /var/lib/glusterd data persistently on the coreos host so the container does not loose its information 2015-03-08 14:09:14 once i have it all working i will start trying to port it to alpine agian 2015-03-08 14:36:22 xoritor: ignoring the backup of data will be horrible if you run in stripe+dist mode, right? 2015-03-08 14:36:47 if it stripes + mirrors over 8 hosts thats what i mean 2015-03-08 14:39:31 yikes 2015-03-08 14:39:33 yea 2015-03-08 14:39:53 so would the new erasure encoded mode 2015-03-08 14:40:08 you cant just "backup" erasure cods 2015-03-08 14:40:15 s/cods/codes/ 2015-03-08 16:58:03 tA2p0mM5M4HU: thanks for the update. If there are technical hitches to bring zol to alpine, that is another case, but license issues have been discussed over and over on the internet. As you are aware, zol has been used even by organizations and projects. Even BSD guys like HyperCluster (now clusterHQ) seems to be drifting towards flocke (a combo of docker + zfs). 2015-03-08 17:51:16 zenny the licensing issue can be circumvented by someone doing a compatibile rpc library 2015-03-08 17:53:15 my concerns regarding applying something engineered for solaris on te linux kernel are more instintive after seeing the workarounds that were needed to bend zfs to linux 2015-03-08 17:53:25 i have a bad feeling with that 2015-03-08 17:53:43 i'd rather run for storage an illumos storage backend and an alpine front end 2015-03-08 17:56:44 tA2p0mM5M4HU: i know a few people that thing zfs on linux is prod grade. the thing is, i am yet to see any people running real prod systems say so 2015-03-08 17:56:56 while they all tinker with zfsonlinux for years 2015-03-08 17:57:23 where it's fine is backup dumps or i.e. boxes i use for data rescue 2015-03-08 17:57:28 but data? thanks no 2015-03-08 18:57:42 tA2p0mM5M4HU: Thanks for enlightening remarks. Maybe it would be nice to pxe boot smartos from an alpine pxe server, I guess. 2015-03-08 19:00:06 i'm kinda sad about my opinion, i have hope that people will prove me wrong. 2015-03-08 19:00:40 but yes, besides alpine i have some hopes in smartos/illumos 2015-03-08 19:03:05 someone should play with it and do awesome stuff 2015-03-08 19:03:17 (i mean ZoL) 2015-03-08 19:04:13 darkfader: llnl.gov seems to be running ZoL in production. 2015-03-08 19:06:05 tA2p0mM5M4HU: Do you think FreeBSD is faring better in this regard? 2015-03-08 19:11:31 zenny needs much less of bending as far as i heard. have no personal experiences, but good friends to use zfs on fbsd for quite some years 2015-03-08 19:12:55 however i must stress, that this is a feeling, and not something that should be considered fact. pls review it yourself make up your mind on your own. 2015-03-08 19:16:28 tA2p0mM5M4HU: Yep, I also had very good experience with zfs in freebsd (particularly freenas 0.7) 2015-03-08 20:11:45 Hi again, trying to build a pxe server with alpine 3.2.1 following http://wiki.alpinelinux.org/wiki/PXE_boot#Set_up_an_HTTP_server_to_serve_the_rest_of_the_PXE_boot_files Does this mean that a http server like nginx or apache is to be installed? 2015-03-08 21:47:56 did usa & israel covertly supply isis with weapons like they did with al-qaeda to justify wars ? 2015-03-08 21:47:56 did usa excute the creative mess in the middle east like they said they will, does the creative mess include explosion with uncertain responsibles to make people fight? 2015-03-08 21:47:56 how many human was killed because usa actions included in the creative mess? 2015-03-08 21:47:56 i was prevented on facebook and twitter, so plz send my qs there to help limiting usa & israel aggression against others. 2015-03-09 00:54:56 wtf? 2015-03-09 01:25:34 :D 2015-03-09 06:23:36 morning folks 2015-03-09 06:54:27 zenny: In my pxe setup, the http server is there only for the apkovl files 2015-03-09 07:15:36 This bug was "closed" yet appears to still be a valid issue. http://bugs.alpinelinux.org/issues/3701 2015-03-09 07:15:48 ACTION also got the same panic as per the attachments 2015-03-09 07:17:02 Is this *NOT* *YET* in the lastest alpine-xen iso? http://git.alpinelinux.org/cgit/aports/commit/?id=0b225cd4d001a0cab9ad84f52dd846bae44a1c16 2015-03-09 07:17:16 (Which means that the iso is simply dead...) 2015-03-09 07:35:28 DarkFox: iirc this was an upstream bug? but I could be thinking of a different one 2015-03-09 08:57:35 so after an apk upgrade my laptop didnt boot 2015-03-09 08:58:46 the reason is that i have encrypted rootfs and after the upgrade the kernel argument uses uuuid instead of /dev/sdaX 2015-03-09 08:59:06 i'm not sure why uuid fails 2015-03-09 09:00:29 ie in /boot/extlinux.conf the line APPEND root=... cryptroot=UUID=... cryptdm=crypt 2015-03-09 09:00:32 fails 2015-03-09 09:00:49 but with cryptroot=/dev/sdaX it's ok 2015-03-09 09:01:13 the uuid seems correct 2015-03-09 09:02:46 I'm trying to build nx-libs for x2goserver but It fails with xf86bigfont.c:49:22: fatal error: asm/page.h: No such file or directory 2015-03-09 09:03:12 I'm looking for the right makdepends for last 2 hours... 2015-03-09 09:04:13 Jean-Scotch, linux-headers ? 2015-03-09 09:04:19 I tried 2015-03-09 09:04:43 but without success 2015-03-09 09:05:14 perhaps you can just remove that 2015-03-09 09:05:22 dunno why it would need it 2015-03-09 09:05:31 you mean, patch the source to remove that include? 2015-03-09 09:06:07 dog dongs 2015-03-09 09:06:11 cat dongs 2015-03-09 09:06:12 etc 2015-03-09 09:08:12 Jean-Scotch, yes. you could try that. if it needs only PAGE_SIZE you could try instead limits.h 2015-03-09 09:08:44 ok. I will try that path 2015-03-09 09:10:32 oh there is an /etc/update-extlinux.conf 2015-03-09 09:13:05 fabled: there is a line stating: PAGE_SIZE. It is defined in So I guess you may be right ;) 2015-03-09 09:26:03 i think cryptsetup fails because /dev/disk/by-uuid/... is not yet available 2015-03-09 09:26:21 otherwise cryptsetup should support disk by uuid 2015-03-09 09:28:18 so either translate the UUID=... kernel opt to /dev/sdaX in init or make /dev/disk/by-uuid available before cryptsetup runs 2015-03-09 09:29:02 or dont touch my manually edited extlinux.conf menu items ok apk upgrade :) 2015-03-09 09:41:11 fabled: thanks. Now it compiles (still stuff to fix but at least it compiles) ;) 2015-03-09 13:04:36 ahills: Upstream or not; if it were patched then the iso should be at least bootable via usb... (Latest official iso image doesn't work for usb booting [xen grsec]) 2015-03-09 13:06:45 nsz: I've had this issue under arch; cryptroot=UUID=... was the solution :P Not quite sure what your issue is if you alread have that. 2015-03-09 13:07:42 i have cryptroot=UUID=... and it is *the* problem not the solution 2015-03-09 13:08:03 this envvar is handled by the alpine init script 2015-03-09 13:08:34 and uuid based mount/cryptsetup does not work at the point where it tries to do it 2015-03-09 13:09:20 i think alpine init script should be fixed but i'm not sure what's the best way 2015-03-09 13:09:56 I meant for my arch case; the UUID was the solution; while in your case... Might need to send in some patches to the init scripts. I'm yet to play with cryptsetup on alpine.. I do intend to open the device to boot to ram and then close it after extraction; if you find the solution, please send me a /query. :-) 2015-03-09 13:10:48 I'd take a look but I've just recently switched from my alpine to blackarch - here I have a working xorg... Speaking of which - I wonder when xorg will be fixed.. 2015-03-09 13:11:07 what's wrong with xorg? 2015-03-09 13:11:16 it works for me 2015-03-09 13:11:19 Oh? 2015-03-09 13:11:29 Not for myself; a friend and a few other people.. 2015-03-09 13:11:40 i just had to install the right xf86-video- and input- and .. packages 2015-03-09 13:12:09 Did you use the setup-xorg script 2015-03-09 13:12:11 ? 2015-03-09 13:12:23 (I've tried with and without it... No dice) 2015-03-09 13:12:23 i'm not sure 2015-03-09 13:12:43 i think i used setup-xorg, but that was not enough 2015-03-09 13:12:54 Manual; minimal xorg install with drivers = black screen that ACPI/powerbutton does manage to shutdown if pressed. 2015-03-09 13:13:18 nsz: xf86-... was manually installed. 2015-03-09 13:13:32 you need to inspect /var/log/Xorg.log.0 2015-03-09 13:13:32 xorg -configue claimed that there were no devices.. 2015-03-09 13:13:37 and dmesg 2015-03-09 13:13:44 hm 2015-03-09 13:13:57 Fun to inspect files from ram while unusable... Might be able to get it via ssh from another device. D 2015-03-09 13:14:00 :D 2015-03-09 13:15:03 I'll play more tomorrow. As for your cryptsetup... Wish you the best of luck. Init scripts and the initramfs should be the places to look. Maybe check for differences with archlinux and alpine. 2015-03-09 13:17:17 ACTION must call it a night. Good luck o/ 2015-03-09 13:26:05 nsz: which version did you upgrade to? 2015-03-09 13:31:01 nsz: i suppose the initscript could use blkdid to find the /dev/sd* device before calling cryptsetup 2015-03-09 13:32:06 nsz: could you plese check from the emergency shell if findfs UUID=.... is able to find the proper /dev/sdaX device? 2015-03-09 13:34:00 nsz: i think this might work as fix for the init script: http://sprunge.us/ZQbE 2015-03-09 13:37:36 thanks, will try it at home 2015-03-09 13:37:50 i upgraded from 3.1 to edge 2015-03-09 13:40:17 it could be something introduced in upstream cryptsetup 2015-03-09 13:41:01 relevant chunk in init script: http://git.alpinelinux.org/cgit/mkinitfs/tree/initramfs-init.in#n247 2015-03-09 13:42:29 i tried cryptsetup separately after boot and that worked 2015-03-09 13:43:15 it used /dev/disk/by-uuid/.. 2015-03-09 13:43:47 i think that may be missing at boot time, but i'll reboot and check in the evening 2015-03-09 13:43:54 do you run udev? 2015-03-09 13:44:03 i do on my desktops 2015-03-09 13:44:07 and udev create those 2015-03-09 13:44:29 but i dont use udev from initramfs 2015-03-09 13:45:15 i suppose other option is to hack mdev to create the /dev/disk/by-uuid symlinks 2015-03-09 14:32:15 what are you folks using to automate alpine's deployment ? 2015-03-09 14:32:59 coredumb: I plan to use PXE 2015-03-09 14:33:13 with a specially crafted apkovl 2015-03-09 14:33:45 Jean-Scotch: i still need ressource on that topic 2015-03-09 14:33:46 It's running fine in the lab 2015-03-09 14:33:53 apkovl what is it exactly ? 2015-03-09 14:34:02 links ? 2015-03-09 14:34:52 ohhhh answer file to setup-alpine 2015-03-09 14:34:58 when you do a lbu ci on run-from-ran, it generate a file $hostname.apkovl.tar.gz 2015-03-09 14:35:07 with all the config 2015-03-09 14:35:20 run-from-ram 2015-03-09 14:35:51 well i don't plan to run from ram 2015-03-09 14:35:55 does it matter ? 2015-03-09 14:36:06 and with PXE one can link the stratup process to {MAC}.apkovl.tar/gz from a http server 2015-03-09 14:36:50 you may have a /etc/local.d.install.start script which will install AL on disk 2015-03-09 14:37:03 mmmh 2015-03-09 14:37:05 /etc/local.d/install.start 2015-03-09 14:37:19 seems a bit complicated 2015-03-09 14:37:48 i'd rather go with "boot install process with this answer file and let me know when done " 2015-03-09 14:37:50 :D 2015-03-09 14:40:21 I seup a master machine. then du a "lbu package" on it. save the resulting apkovl as default.apkovl.tar.gz. Then start other machines with that file. 2015-03-09 14:41:03 It takes about 10 sec to have a new machine up&running 2015-03-09 14:41:09 Jean-Scotch: how do you setup IPs ? raid disks ? etc 2015-03-09 14:41:20 IP by dhcp based on MAC 2015-03-09 14:41:43 yeah not an option 2015-03-09 14:41:45 :D 2015-03-09 14:41:47 If there are 2 disks in the bos, mdadm setup a raid1 2015-03-09 14:42:14 then I give the raid to lvm2 2015-03-09 14:42:37 and export the LV as NBD 2015-03-09 14:42:47 to be used anywhere on my network 2015-03-09 14:43:18 can you tell that in the apkovl ? 2015-03-09 14:43:26 yes 2015-03-09 14:43:28 to auto setup the raid or kvm ? 2015-03-09 14:43:35 any link how ? 2015-03-09 14:43:59 with a small script in /etc/local.d/ 2015-03-09 14:44:04 not yet 2015-03-09 14:44:24 my tlk page on the wiki has sone hints already 2015-03-09 14:44:29 talk page 2015-03-09 14:44:32 user jch 2015-03-09 14:45:23 i need it to detect and configure disks/lvm then install package and bootloader do basic config and reboot 2015-03-09 14:45:52 very much like what kickstart does 2015-03-09 14:48:46 do it once by hand; record needed steps as a scritpt; put that script in local.d with a .start extention; add a script.stop which delete both start and stop one; a I think you are done 2015-03-09 14:49:17 I also have a question: In which package should I find a 'fixed' font for X? 2015-03-09 14:49:34 is there any example of this "answer file" format ? 2015-03-09 14:50:18 Jean-Scotch: i'd prefer having to modify a simple text file when changing settings than redoing a tar.gz archive... :) 2015-03-09 14:51:44 http://wiki.alpinelinux.org/wiki/Alpine_setup_scripts 2015-03-09 14:53:29 oh you can create it with -c 2015-03-09 14:53:32 i overlooked that 2015-03-09 14:55:45 mmmmh ok 2015-03-09 14:55:54 have to check that 2015-03-09 15:26:17 which AL package is equivalent to xorg-x11-fonts-core ? 2015-03-09 16:01:02 Jean-Scotch: xorg-x11-fonts-core from OpenSuSE ? 2015-03-09 16:01:48 AmatCoder: I think so. I fact I'm looking for core font to include in the x2goserver package I'm building 2015-03-09 16:02:17 I *think* that they are 'font-cursor-misc' and 'font-misc-misc' on Alpine Linux 2015-03-09 16:02:39 ok. thks. I will give a try 2015-03-09 17:20:55 DarkFox: I didn't mean, "it's upstream so stop posting", I meant, "I think it's upstream, that might help you trace the bug better 2015-03-09 17:33:31 \o/ with the help of the nice guys at x2go.org, I now have working alpine packages for x2goserver for single application. Will now focus on full desktop. 2015-03-09 17:34:31 There seems to be something broken in java ssl for docker-alpine. Is it possible that there are certificates missing from the default jre? 2015-03-09 17:53:04 cultureulterior: i recently dealt with openjdk on alpine, and found the default CA certificates didnt work for me 2015-03-09 17:53:41 i fixed it by overwriting /usr/lib/jvm/java-1.7-openjdk/jre/lib/security/cacerts with a copy from a debian installation 2015-03-09 17:55:08 buckley310: thank you! 2015-03-09 17:56:40 on debian you can find it here "/etc/ssl/certs/java/cacerts" your welcome :) 2015-03-09 17:57:42 yeah, the jre certs are not generated fully right 2015-03-09 17:58:18 we should really have update-certificates hook to generate the java cert store from the system ca-certificates 2015-03-09 17:58:24 but we don't have that code atm. 2015-03-09 18:53:56 I have 3 aports to submit. one is a patched one but two are new. I see that even new ones are submitted as patches against /dev/null. Is it the right way to submit to the ML? 2015-03-09 19:04:54 use the git mail feature 2015-03-09 19:04:57 git am, iirc 2015-03-09 19:06:54 I think my dev machine has no mail access... will check prior of doing anything... 2015-03-09 19:07:08 just requires an smtp server really 2015-03-09 19:07:13 It's be excellent if there was a FAQ on submitting patches and ports. 2015-03-09 19:07:23 s/It's/It'd/ 2015-03-09 19:07:57 Jean-Scotch: should be able to mail to a file and then transport the file to a machine with SMTP submission, if necessary. 2015-03-09 19:08:42 ok 2015-03-09 19:09:11 worst case scenario, you can mail and attach patches in the same format as git 2015-03-09 19:11:02 ok. will have a look. for now, I need a break... but I'm happy to have packaged x2goserver ;) 2015-03-09 19:24:53 hello, I've been having a weird problem, now alpine is not booting anymore 2015-03-09 19:25:16 I managed to use the live usb and chrooted into my installation 2015-03-09 19:25:24 what is the error message, and what happened right before it broke? 2015-03-09 19:25:35 I was just installing rsync via apk add 2015-03-09 19:25:47 and then my session closed (i was using ssh at the time) 2015-03-09 19:25:55 now I can't run programs anymore 2015-03-09 19:26:03 and the boot countdown just keeps looping 2015-03-09 19:26:24 vm or metal? Your hardware or not? 2015-03-09 19:26:30 I noticed this though: "apk update" --> "/bin/ash: apk: not found" 2015-03-09 19:26:34 my hardware 2015-03-09 19:26:52 shouldn't it be "/bin/_b_ash" ? 2015-03-09 19:26:56 that's bad. Might have lost a root disk. 2015-03-09 19:27:07 robin666: no 2015-03-09 19:27:21 it's an SSD, and I can mount it fine 2015-03-09 19:27:23 Alpine uses ash by default. Debian and Ubuntu and mint use dash by default. 2015-03-09 19:27:40 but I did add another HDD from my laptop earlier that day, to copy over some files 2015-03-09 19:27:46 using bash ubiquitously is an old Linux-ism that's thankfully starting to disappear. 2015-03-09 19:28:04 maybe that messed up the naming scheme with SATA or something 2015-03-09 19:28:09 uhm yeah. So you should have mentioned that first, you know. 2015-03-09 19:28:22 like when someone asked 'what happened right before it broke?' 2015-03-09 19:28:23 but I removed it now, still the same problem 2015-03-09 19:28:35 my bad, I'm kind of fishing in the dark here 2015-03-09 19:28:36 what happens when you remove the additional drive? 2015-03-09 19:28:44 exactly the same 2015-03-09 19:28:48 and it worked fine that day 2015-03-09 19:28:50 that's what broke it, in all likelihood. 2015-03-09 19:29:28 it's odd that it's still affecting my installation now though 2015-03-09 19:29:44 everything seems to be mounting fine 2015-03-09 19:29:46 I wonder if apk triggered a drive boot enumeration change. 2015-03-09 19:30:00 You're implying you've already removed the additional drive and it's still broken. Is that true? 2015-03-09 19:30:06 yes 2015-03-09 19:31:04 when you boot using live media, do a 'dmesg' and show us what drives are in the output 2015-03-09 19:31:59 what should I grep for? 2015-03-09 19:32:09 then show us $ROOT/boot/extlinux.conf so we can see what slice the boot menu is trying to boot 2015-03-09 19:32:46 dmesg | grep sd (but only paste us the minimum output to avoid flooding the channel) 2015-03-09 19:34:07 ok, I have to type it over since I can't use ssh anymore 2015-03-09 19:35:05 my extlinux.conf is booting by the uuid of the ext4 partition. You can see those with 'tune2fs -l ' 2015-03-09 19:35:18 EXT4-fs (sda3): INFO: recovery required on readonly filesystem 2015-03-09 19:35:33 s/those/UUIDs/ 2015-03-09 19:35:46 that means you have to fsck it. Let's do that first; could be an easy fix. 2015-03-09 19:35:47 ... write access will be enabled during recovery ... recovery complete 2015-03-09 19:35:55 'fsck /dev/sda3' 2015-03-09 19:36:22 no, hold on. That's your boot media. 2015-03-09 19:36:34 sda3 is where my root is 2015-03-09 19:36:52 the livecd root or not? Show us output of 'mount' 2015-03-09 19:37:21 no sda is my SSD, where I have alpine installed 2015-03-09 19:37:57 is sda3 mounted? You need to umount it before fscking. 2015-03-09 19:38:45 I see. You're reluctant to show us info because you can't copy-paste it. 2015-03-09 19:38:49 I unmounted it, I get the error "fsck.auto: no such file or directory" 2015-03-09 19:39:24 the error is after you give it 'fsck /dev/sda3'? 2015-03-09 19:39:33 yes 2015-03-09 19:40:19 if you 'dmesg | grep sda3' does it show up? 2015-03-09 19:40:43 no such file means there's no device file for /dev/sda3, assuming you typed it correctly 2015-03-09 19:41:35 it shows up, I think it's the fsck.auto part that's not being found? 2015-03-09 19:42:02 you're right. 2015-03-09 19:42:36 why is it selecting auto for fstype? 2015-03-09 19:42:49 no idea, can I specify it manually? 2015-03-09 19:43:07 fsck.ext4 /dev/sda3 2015-03-09 19:43:21 assuming it's ext4. 2015-03-09 19:43:29 it is, fsck.ext4 not found 2015-03-09 19:44:04 /sbin/fsck.ext4 /dev/sda3 2015-03-09 19:44:26 but you're running fsck from your livecd.... 2015-03-09 19:44:42 I am 2015-03-09 19:45:10 It's an alpine livecd? 2015-03-09 19:45:13 not found, there's only "fsck" in /sbin/ but nothing else 2015-03-09 19:45:16 yes it is 2015-03-09 19:45:54 (nothing else with *fsck* in it) 2015-03-09 19:46:40 fsck.ext4 is normally a link to ext2fsck (because ext2/ext3/ext4 are essentially the same thing) 2015-03-09 19:46:57 s/ext2fsck/e2fsck/ 2015-03-09 19:47:33 boot loop isn't caused by an unclear FS though, so let's skip that. 2015-03-09 19:48:12 do this and compare the UUIDs: 2015-03-09 19:48:57 first mount sda3 again 2015-03-09 19:49:05 tune2fs -l /dev/sda3 | grep UUID 2015-03-09 19:49:29 grep UUID $ROOT/boot/extlinux.conf 2015-03-09 19:49:33 tune2fs: not found :-( 2015-03-09 19:49:36 see if the UUIDs are the same. 2015-03-09 19:49:59 echo $PATH to see if the path is decent 2015-03-09 19:50:40 echo $PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 2015-03-09 19:51:49 yeah that's decent. 2015-03-09 19:52:46 ok go ahead and mount the SSD again, and look in $ROOT/boot/extlinux.conf 2015-03-09 19:53:18 $ROOT is wherever you have it mounted, obviously. 2015-03-09 19:54:40 ok there is nothing in boot 2015-03-09 19:54:54 i must have a separate boot partition then 2015-03-09 19:55:42 my bad; boot should be /dev/sda1 by default. 2015-03-09 19:55:51 yep, got it mounted now 2015-03-09 19:56:16 this is the line with the UUID in it: APPEND root=UUID=<> modules=..... 2015-03-09 19:56:41 do you need more? 2015-03-09 19:56:55 good. Now I'd find out if the UUID of /dev/sda3 matches that UUID 2015-03-09 19:57:11 but that's difficult without tune2fs 2015-03-09 19:57:25 blkid also shows uuids of block devices 2015-03-09 19:57:29 hm 2015-03-09 19:57:42 but dunno if it uses tune2fs for ext3 filesystems 2015-03-09 19:57:54 the ID matches 2015-03-09 19:58:16 jomat: thanks for the reminder! Yes, blkid will show the matching UUID 2015-03-09 19:58:45 robin666: ok then. Is there any error message except the boot loop? 2015-03-09 19:59:19 nope, I just see the boot loop 2015-03-09 19:59:52 any changes in UEFI/bios when you added and remove drives? 2015-03-09 20:00:05 Nothing is coming to me. 2015-03-09 20:00:16 no, I just connected the drive, booted up and mounted it 2015-03-09 20:00:24 then I copied some files 2015-03-09 20:00:32 and left the house 2015-03-09 20:00:42 i checked the clocks and there wasn't any power outage 2015-03-09 20:01:31 i was connected later that day through ssh, and installed rsync with apk add 2015-03-09 20:01:48 and I lost connection 2015-03-09 20:02:29 might be hardware. OCZ SSD? ;-) 2015-03-09 20:02:42 Kingston :p 2015-03-09 20:03:24 mmm. I have a Kingston 32GB ssdnow100 sitting right here that I won't use for anything important.... 2015-03-09 20:03:54 this one is a 60GB ssdnow 300 2015-03-09 20:03:58 small SSDs are deprecated for windows but work great even on larger Linux installs. 2015-03-09 20:04:10 do you have 'hdparm' by chance? 2015-03-09 20:04:31 no, too bad 2015-03-09 20:04:34 hdparm can now load firmwares, do secure erase, set password and everything 2015-03-09 20:05:01 but if it was a hardware problem, wouldn't I have problems mounting it and viewing the files? 2015-03-09 20:05:32 depends, I think. 2015-03-09 20:06:00 I bet there's an error that flashes on the screen very fast during the boot loop. 2015-03-09 20:07:03 not sure if this is normal, but on my boot partition 2015-03-09 20:07:11 there is a folder called boot 2015-03-09 20:07:14 kingston has a bootable ISO that will flash the firmware, but I hesitate to recommend that 2015-03-09 20:07:19 when I cd into it, I go back to root 2015-03-09 20:07:25 because it might be a waste of time. 2015-03-09 20:07:36 yeah, it's a symlink 2015-03-09 20:07:53 that's normal 2015-03-09 20:09:10 i don't see anything flashing it all 2015-03-09 20:09:20 it just goes "Alpine will be booted automatically in 1 seconds" 2015-03-09 20:09:24 then back to 3 2015-03-09 20:09:28 ad infinitum 2015-03-09 20:09:52 pressing spcae gives me a menu with one option: "Linux grsec" 2015-03-09 20:10:40 all normal 2015-03-09 20:10:44 same then when I pick that, screen flashes between the counts now but I just see part of the screen blacking 2015-03-09 20:10:52 no text or anything 2015-03-09 20:11:03 oh wait 2015-03-09 20:11:12 there is somethign in the bottom left corner, I ll try to video it 2015-03-09 20:11:21 is there a vmlinuz-grsec file in /boot? 2015-03-09 20:11:42 I don't see it anymore, maybe I was tripping 2015-03-09 20:11:44 let me check 2015-03-09 20:12:20 i could read part of it, it says reading vmlinuz 2015-03-09 20:12:27 ill check for the file now 2015-03-09 20:14:46 mjones_: there is no vmlinuz file 2015-03-09 20:15:29 I have boot, extlinux.conf initramfs-grsec, ldlinux.c32, ldlinux.sys libcom32.c32, libutil.c32 lost+found mboot.c32, menu.c32, vesamenu.c32 2015-03-09 20:18:10 that's the problm then 2015-03-09 20:18:23 your kernel is missing 2015-03-09 20:18:36 there should be a vmlinuz-grsec; that's the actual kernel image 2015-03-09 20:18:47 an fsck might turn it up 2015-03-09 20:19:05 if you copy the vmlinux-grsec from the boot livecd it should work 2015-03-09 20:19:10 great 2015-03-09 20:19:12 let me try that 2015-03-09 20:19:48 where is the boot on the live usb? 2015-03-09 20:19:51 was there a kernel upgrade when you were using apk? 2015-03-09 20:20:12 maybe there was, I have trouble recalling 2015-03-09 20:20:18 if you type 'mount' you should be able to see it 2015-03-09 20:21:02 other than hardware issue, the only obvious reason for a filesystem scramble would be a problem or a power outage during a kernel upgrade. 2015-03-09 20:21:52 I was going to use this kingston SSD for an alpine testing setup, too. 2015-03-09 20:23:02 if you have no config-grsec then I lean towards a logic problem though 2015-03-09 20:23:18 not a hardware problem. 2015-03-09 20:23:35 I copied the kernel, still won't oot 2015-03-09 20:23:41 i don't have the goncifg-grsec no 2015-03-09 20:23:45 copy config-grsec too 2015-03-09 20:23:50 not sure if needed. 2015-03-09 20:24:53 I think if you get the config-grsec in there with the vmlinux-grsec it will probably work. 2015-03-09 20:25:30 It's sounding like a failed kernel upgrade that wiped out your kernel. Normally the updates are atomic-ish so that can't happen. 2015-03-09 20:26:19 hm apk info -a git-doc says it's installed with about 1M size but it contains no files (and indeed i see no git manuals) 2015-03-09 20:26:20 copied the config-grsec, still looping 2015-03-09 20:26:23 is that normal? 2015-03-09 20:28:35 apk fix -u git-doc fixed it 2015-03-09 20:29:21 mjones: should I copy System.map-grsec, grsec, initramfs-grsec, modloop-grsec tooo? 2015-03-09 20:29:32 syslinux is missing too 2015-03-09 20:30:26 robin: I don't have syslinux nor modloop-grsec 2015-03-09 20:30:44 go ahead and copy intramfs and system.map 2015-03-09 20:31:16 intramfs-grsec and System.map-grsec, to be precise 2015-03-09 20:31:59 nsz: where are the fixed git files? I don't see mine either 2015-03-09 20:34:20 mjones_: copied those, still bootlooping 2015-03-09 20:36:27 when I chroot into my SSD partition, I can't execute any programs 2015-03-09 20:36:51 always says "not found" when I try apk update for exmample, not sure if this is related 2015-03-09 20:36:53 ld.so error? 2015-03-09 20:37:43 robin666: odd. 2015-03-09 20:37:59 $PATH still ok? 2015-03-09 20:38:09 yep 2015-03-09 20:38:46 'exec /bin/ash' 2015-03-09 20:38:49 works? 2015-03-09 20:39:05 yes 2015-03-09 20:39:16 I get no output, but it executes it 2015-03-09 20:39:27 well it will just replace your shell 2015-03-09 20:39:58 /bin/ls -la / 2015-03-09 20:40:16 '/sbin/apk update' 2015-03-09 20:40:23 '/sbin/apk upgrade' 2015-03-09 20:40:52 mjones_: apk info -a git-doc should list them if it's correctly installed 2015-03-09 20:41:08 i did apk update and apk fix -u git-doc 2015-03-09 20:41:14 "/bin/ash: apk: not found" 2015-03-09 20:42:43 readelf -hl /sbin/apk 2015-03-09 20:43:04 to see if something is wrong with the elf file 2015-03-09 20:43:46 ls -la /sbin/apk 2015-03-09 20:44:44 "ls: /sbin/apk: No such file or directory" 2015-03-09 20:45:09 robin666: the chroot worked ok, right? 2015-03-09 20:45:38 mjones_: yes, no errors 2015-03-09 20:46:38 in /sbin/ I have about 40-50 files, all are symlinks to /bin/busybox 2015-03-09 20:47:17 for example: acpid -> /bin/busybox; adjtimex -> /bin/busybox; arp -> /bin/busybox 2015-03-09 20:47:27 yes, that's normal 2015-03-09 20:47:32 it's an alpine thing 2015-03-09 20:47:44 or really, a busybox thing, and alpine uses busybox 2015-03-09 20:47:53 but you should have others also. Your apk is missing. 2015-03-09 20:48:11 have you anything that isn't linked to busybox? 2015-03-09 20:48:20 no 2015-03-09 20:48:44 no /sbin/nologin? 2015-03-09 20:52:20 mjones_, I do have nologin 2015-03-09 20:57:05 robin666: find -L . -type f -ls 2015-03-09 20:57:16 that will show all nonsymlink files. 2015-03-09 20:57:45 I have 204 on my alpine vm, but that includes a lot of optional packages for ceph 2015-03-09 20:58:38 mjones_, all files in my /sbin are symlinks 2015-03-09 20:59:02 today, on an alpine system, I noticed that the clock did not automatically adjust for daylight savings. i have discovered that installing tzdata and changing from "EST" to "EST5EDT" corrects the time. is EST5EDT a "DST-aware" timezone that i should always use or do you need to fix this manually twice a year? 2015-03-09 21:00:14 robin666: my /sbin/nologin isn't a symlink, but it might have been replaced by a package. Yours is a symlink to busybox? 2015-03-09 21:00:39 mjones_, yes 2015-03-09 21:01:13 buckley310: You should always use EST5EDT when that tz is an option. 2015-03-09 21:01:27 a.k.a. America/New_York, I believe. 2015-03-09 21:01:53 bucjkey310: no sanely modern system with knowledge of TZs should need to be fixed manually, ever. 2015-03-09 21:02:35 that's what i was hoping for :) thanks 2015-03-09 21:04:06 bucjkey310: you'll notice tzdata updates to systems whenever some politician changes a tz, or more commonly, DST for a political entity. 2015-03-09 21:04:32 mjones_, I have to head off to bed, thank you so much for all your help so far 2015-03-09 21:04:41 For instance, during the 2008 South Ossetia invasion, and the recent Ukrainian invasion, we tend to have Russians pop in and ask us to update TZ to reflect political control by Russia. 2015-03-09 21:04:47 Quite obnoxious. 2015-03-09 21:05:09 I might pop in again tomorrow night, or just get it over with and do a reinstall 2015-03-09 21:05:33 robin666: Yeah, I'm not sure of the root cause, but a reinstall would obviously fix it. 2015-03-09 21:05:40 I hate to say that though. 2015-03-09 21:05:43 i wish we could just split earth into four timezones and leave them alone... 2015-03-09 21:07:24 the 24 hour day is a Roman invention. I just took a trip to Chichen Itza on the Yucutan, and the tour guides like to give numerology explanations that use the 24-hour day and 52-day week even though those things are Roman not Mayan. 2015-03-09 21:08:21 Four timezones would be a regression if you think DST is worthwhile, though. (It's probably not worthwhile now, at least on paper.) 2015-03-09 21:09:12 i dont think DST is worthwhile :) 2015-03-09 21:09:19 on a completely unrelated note, ceph seems to require from libresolv res_nquery, which is a threadsafe version of res_query. 2015-03-09 21:09:36 musl doesn't have res_nquery. I wonder if dalias is around to comment. 2015-03-09 21:11:11 I agree with RMS on a few things, and one of those things is that C++ is ugly code. At least often, or usually. 2015-03-09 21:12:17 ahills: Indeed; my point still was it was patched yet the official latest iso is currently broken... Thought it would do better with a new image to replace the broken one. 2015-03-09 21:13:08 DarkFox: at current pace I expect a 3.1.3 ISO to be rolled awfully soon. Although a 3.1.2R2 would be spiffy. 2015-03-09 21:36:04 mjones_, res_query can be used instead 2015-03-09 21:36:33 musl's resolver is stateless. the reason we don't have res_n* functions is not to give a false impression that resolver states are supported 2015-03-09 21:43:33 the cheap one is 96boards but it has various issues so you should probably wait for the next one 2015-03-09 21:52:07 dalias: excellent, thanks for clarifying that for me. I'll need to make sure it all checks out after the build for sure. 2015-03-09 21:53:59 oops wrong window 2015-03-09 21:59:39 how can i get lxc networking to work? 2015-03-09 21:59:50 i used the default conf i found on some alpinelinux wiki 2015-03-09 22:00:22 and with that i have no ip in the guest 2015-03-09 22:00:45 running debian guest for glibc binaries? :) 2015-03-09 22:02:31 yes 2015-03-09 22:05:50 now i'm concurrently fighting with 3 different space-ship software.. why cant things just work ;_; 2015-03-09 22:13:27 neither debootstrap nor lxc works.. 2015-03-09 22:14:14 maybe qemu... 2015-03-09 22:24:15 oh lxc works finally 2015-03-09 22:43:25 :) 2015-03-09 22:46:27 i had to do bridges and iptables nat and forward stuff.. i hate linux networking :P 2015-03-09 22:47:46 (and the debootstrap helpfully includes zero tools to debug network issues) 2015-03-09 22:49:48 nice 2015-03-09 22:54:07 lxc networking is fairly simple with openvswitch http://blog.scottlowe.org/2014/01/23/automatically-connecting-lxc-to-open-vswitch/ 2015-03-09 22:55:08 is there a way to share files with an lxc container? 2015-03-09 22:55:15 other than copying 2015-03-09 22:57:25 I just copy whatever as root 2015-03-09 22:58:22 ah i can access the rootfs under /var/lib/lxc/foo.. 2015-03-09 22:58:43 yes 2015-03-09 23:00:48 Does Docker abstract LXC networking? Even people who are relatively familiar with Docker seem vague about the networking. 2015-03-09 23:00:54 other paths can be set with 'lxc.lxcpath = /xxxx/xxxx' in /etc/lxc/lxc.conf (or wherever) - & just create the container with '-f wherever' 2015-03-09 23:01:20 docker seems to use a libvirt nat bridge 2015-03-09 23:16:06 mjones_: that's because docker seems to suck hard on the network side 2015-03-09 23:16:07 :) 2015-03-09 23:16:08 BitL0G1c: makes sense. Nobody ever talks about using openvswitch with Docker. 2015-03-09 23:16:22 oh a lot of ppl do 2015-03-09 23:16:31 no one dares trying to integrates them 2015-03-09 23:16:41 docker firt 2015-03-09 23:16:45 first 2015-03-09 23:16:51 coredumb: that wouldn't stun me either. There's always a reason for something, and it seems like Docker (devs|users) aren't heavy packeteers. 2015-03-09 23:17:04 seems it would need major docker rewrite 2015-03-09 23:20:24 mmap(NULL, 8392704, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = -1 EPERM 2015-03-09 23:20:29 how do i fix this? 2015-03-09 23:20:34 i want rwx 2015-03-09 23:26:02 is there a good lxc guide for alpine? 2015-03-09 23:26:10 i'd like to try doing some stuff with containers at some point 2015-03-09 23:26:24 nsz, don't use the pax kernel :) 2015-03-09 23:26:55 but rwx is a bad idea (generally you can't expect it to work) 2015-03-09 23:27:02 what's trying to do rwx?? 2015-03-09 23:27:07 the sim 2015-03-09 23:27:13 ah 2015-03-09 23:27:38 you could use paxctl but you probably would be better off switching to vanilla kernel 2015-03-09 23:27:45 the pax kernel creates all sorts of problems 2015-03-09 23:27:52 ok 2015-03-09 23:28:00 lol 2015-03-09 23:28:28 pax kernel fixes all sorts of problems 2015-03-09 23:28:47 just a point of view :) 2015-03-09 23:30:54 pax kernel makes it impossible to even account for memory usage 2015-03-09 23:31:01 since everything in /proc is removed... 2015-03-09 23:31:37 it also makes mmap ignore the requested address, which is a bug 2015-03-09 23:32:32 (for example this makes it impossible to attempt to make a new mapping contiguous with an existing one) 2015-03-09 23:33:22 dalias - I used the alpine wiki + http://blog.scottlowe.org/2014/01/23/automatically-connecting-lxc-to-open-vswitch/ to get up to speed on lxc 2015-03-09 23:35:01 if you use ovs - just do NOT set 'lxc.network.link' in the containers config file - let the ovsup / ovsdown scripts attach the ovs ports 2015-03-09 23:35:49 I use lxc with routed interfaces... I don't like l2-traffic :-) 2015-03-09 23:36:22 never had an issue accounting memory on a grsec kernel ... 2015-03-09 23:38:21 run busybox top then press 's' :-) 2015-03-09 23:38:31 that's the only good memory usage utility and it fails 2015-03-09 23:38:47 because /proc/%d/smaps doesn't exist 2015-03-09 23:39:37 btw paxctl -c -permxs fixed the problem 2015-03-09 23:39:54 now i almost have a working setup 2015-03-09 23:46:02 fffuu the wheezy libc is too old for linaro toolchain 2015-03-09 23:46:16 why is debootstrap only available for wheezy.. 2015-03-09 23:46:41 debian distupgrade.. 2015-03-09 23:50:49 dalias: i must confess that i don't use busybox top 2015-03-09 23:51:10 and that i mostly don't use grsec kernels on alpine 2015-03-09 23:52:14 seems like htop doesn't have this issue 2015-03-09 23:56:57 probably because it can't actually show meaningful info about memory usage :) 2015-03-09 23:57:30 nsz, fun... 2015-03-09 23:57:45 nsz, maybe with paxctl it would work directly on musl? 2015-03-09 23:57:58 i suspect the error from musl's dynamic linker was due to a load segment that's rwx... 2015-03-10 00:00:58 ah 2015-03-10 00:02:38 inability of mmap to map the binary would give that error 2015-03-10 00:02:58 (i really should fix the ldso error reporting to show _why_ it happened) 2015-03-10 00:11:22 Debian's predictably annoying at this point in Stable's lifecycle because many things are too old for comfort or convenience. 2015-03-10 01:23:10 mjones_: Happen to know when 3.1.3 will exist? 2015-03-10 01:24:08 DarkFox: nope! I have no particular information. I'm just inferring from the release timeline of 3.1.1 and 3.1.2. 2015-03-10 01:24:57 hopefully before linux 4.0.16 2015-03-10 01:26:01 Diftraku: Why do you say that? I didn't know 4.0 was anything other than mooted until just now when I checked kernel.org. 2015-03-10 01:26:16 4.0 is still in rc3, fyi. 2015-03-10 01:26:25 the kernel versiom terminator runs :3 2015-03-10 01:26:31 *version 2015-03-10 01:28:41 What's the policy for alpine stable, anyway? 3.1.2 is on kernel 3.14.30 which kernel.org lists in the longterm branch, now. 2015-03-10 01:30:45 kernel 4.1.15 is the one terminator runs 2015-03-10 01:30:51 not 4.0.16 2015-03-10 01:31:54 mjones_: Okay. Thanks anyway. :) 2015-03-10 01:31:57 ACTION can't wait for updates :P 2015-03-10 01:41:40 DarkFox: if you install a bunch of random packages, there's more chance every day of an update! ;) 2015-03-10 01:42:16 mjones_: Hmm? 2015-03-10 01:42:40 mjones_: Why would you want to do that for the sake of such updates? 2015-03-10 01:45:06 ACTION gets the point; lacking emoticons destroyed the fun :( 2015-03-10 02:03:55 mjones_, wouldn't it be great if debian had a list of "painful if outdated" packages that would receive new versions during stable? 2015-03-10 02:04:15 i suspect it's a small enough set that it wouldn't be costly to maintain 2015-03-10 02:04:22 and the 'upgrades to stable' could be optional 2015-03-10 02:04:49 most packages are painful if outdated, which is one of the reasons not to use debian 2015-03-10 02:05:52 ahills, :) 2015-03-10 02:06:34 I say that as I'm using it right now... 2015-03-10 02:06:57 I would have every machine on alpine if guile and rustc would build against musl 2015-03-10 02:07:11 what non-alpine distros do you guys use (by choice, because you like them)? 2015-03-10 02:07:13 i would guess most users couldn't care less if any of the behind-the-scened system stuff is outdated as long as it has security patches 2015-03-10 02:07:35 but they'll be upset if certain user-facing stuff is outdated 2015-03-10 02:07:46 for desktop, the browser is probably the most important 2015-03-10 02:08:10 that's true, and it's impossible to backport security patches to, e.g., firefox 2015-03-10 02:08:13 also things users spend a lot of time with and customize -- things like text editors 2015-03-10 02:08:31 depends on the editor maybe... I haven't noticed any difference between vim 7.* 2015-03-10 02:08:35 for server, it would be things like httpds/sql daemons/etc. 2015-03-10 02:08:42 and maybe php version, etc 2015-03-10 02:09:03 you think keeping e.g. nginx, apache up to date is important? 2015-03-10 02:09:19 both projects I think backport security patches to some older versions, although maybe not to debian's satisfaction 2015-03-10 02:09:54 anyhow I shouldn't complain too much, when managing many machines, debian's stability for daemons at least is a huge timesaver 2015-03-10 02:11:32 dalias: absolutely, Debian should have that. Browser is the first thing, but I've also needed current Docker 1.2+ for a build environment recently. 2015-03-10 02:12:14 it is not really too difficult to build on debian, I wish apt was as easy as apk for packaging though 2015-03-10 02:12:20 My dear programmers also have a bad tendency to require the latest versions of prerequisites for difficult-to-understand reasons that they usually don't explain. 2015-03-10 02:12:27 haha 2015-03-10 02:12:31 are they using node.js? 2015-03-10 02:13:00 No; worse. (I kinda like node.js so far, too.) 2015-03-10 02:13:21 hmm, I will gracefull exit this conversation before grace is no longer possible 2015-03-10 02:13:30 Perl libraries, libpcre++ instead of libpcre, and other bad choices -- not modern stuff. 2015-03-10 02:14:29 I feel your pain 2015-03-10 02:14:38 ahills: . If you have bad things to say about Node, I'm all ears. I'm planning on using it for something imminently. 2015-03-10 02:15:12 ah, well, I will try to talk delicately so as not to blind you with my bias, but... 2015-03-10 02:15:28 I usually go native language. I'm specifically sitting out python until python3 wipes out python2, having been bitten by the Python team's intransigence w.r.t. TLS SNI in 2.7. 2015-03-10 02:15:47 in my experience, while generally language package managers are truly terrible (c.f. python, ruby), node's is extremely bad by comparison 2015-03-10 02:15:53 oh! 2015-03-10 02:15:59 installing node packages is one of the worst experiences one can have on a computer 2015-03-10 02:16:16 except maybe losing a hard disk full of your long-curated music collection... :'( 2015-03-10 02:16:25 I was going to qualify the whole thing by saying that language package managers are always evil, evil, evil, and you can't go by those because they're always evil. 2015-03-10 02:16:46 well, but with python, and even ruby 2015-03-10 02:16:49 and of course our friend perl 2015-03-10 02:16:57 it is trivial for, e.g., debian to package py-* 2015-03-10 02:17:07 with node it is not so 2015-03-10 02:17:08 language-oriented people versus systems-oritented people always have to solve this with nerf swords. 2015-03-10 02:17:15 haha, that's the truth 2015-03-10 02:17:34 in any case, that's not really a language deficiency so much as a tooling deficiency, which may be worked around in some years 2015-03-10 02:17:41 now, the language deficiency... javascript 2015-03-10 02:17:52 then some wiseguy who reads current blogs asks why you can't just containerise his whole static-linked mess 2015-03-10 02:18:08 haha 2015-03-10 02:18:18 (if he's a really sharp wiseguy he points out that this is gone by Google, and Google are not slow children.) 2015-03-10 02:18:29 s/gone/done/ 2015-03-10 02:18:43 Google pays money for that to happen 2015-03-10 02:18:45 I prefer not to 2015-03-10 02:18:59 anyhow, most of my remaining complaints are against JavaScript the language 2015-03-10 02:19:06 So far I haven't hated JS, but I don't code terribly often or well. I can be persuaded by Go, possibly. 2015-03-10 02:19:18 if you have no issue with the language, perhaps either you will have a great time with node, or perhaps instead you just haven't dipped too deeply into javascript yet 2015-03-10 02:19:28 Go is interesting, I wish I had more time to devote to learning it 2015-03-10 02:20:00 oh, node's standard library also has some serious deficiencies, such as not being able to treat file-like objects as file-like objects unless they're actually simple files 2015-03-10 02:20:11 So NPM stuff can't be easily distro-packaged? I have somewhere I rant to read about the awful proliferation of JS frameworks... 2015-03-10 02:20:13 e.g. reading from /dev/stdin must be handled specially 2015-03-10 02:20:27 if it could be easily distro-packaged, I imagine arch would have done it 2015-03-10 02:20:42 I tried to simple-package it for distribution across a set of four machines, and that was a week of wasted effort 2015-03-10 02:20:59 whoa. 2015-03-10 02:20:59 in the end it was easier just to wait the four hours for all the dependencies to resolve and download 2015-03-10 02:21:27 It's not the time that concerns me so much as mixing packaging systems. 2015-03-10 02:22:06 Back to deploying straight from the SCCM I guess. ;) 2015-03-10 02:22:34 there's also one tiny other funny tidbit 2015-03-10 02:22:58 the creator of node has a great quote (I would search for it if my flight wasn't upcoming)--he dosen't believe in writing good software because he believes that software inherently sucks 2015-03-10 02:23:34 so... he sounded like a self-aware rasmus lerdorf 2015-03-10 02:23:45 the creator of a language which has a very sloppy design, to the point of being effectively unusable 2015-03-10 02:23:50 Eh. I'm often told that such quotes are not what they appear to be (c.f. "noops"). 2015-03-10 02:24:30 Well, the creator of node didn't create the JS language. 2015-03-10 02:24:34 well, the project has grown out of his hands, which means that probably that attitude will not prevail 2015-03-10 02:24:50 yes, that much is true, but node is the ecosystem in which you will live 2015-03-10 02:25:28 in any case, if you have a good experience with node, and are somehow able to defeat their packaging system's efforts to remain unpackageable, you will have done sysadmins of the world a great service 2015-03-10 02:26:09 I only have one final philosophical thought, which is probably deeply offensive to some in this very channel, but regardless: web developers rarely produce high quality (robust, secure, efficient) code in any scenario, and node is both by and for web developers 2015-03-10 02:26:09 I'm having a little visionof questing into Mordor here (and I don't even read Tolkien). 2015-03-10 02:26:42 I would absolutely agree with that, but: 2015-03-10 02:27:27 the most excellent thing about code quality is that it's additive. You don't have to start from scratch if you want to build a quality (say) CMS; often you can start with a low-quality CMS. 2015-03-10 02:27:33 it is not a categorical truth by any means, but it is something to consider when you will be dealing with the work of thousands of a category 2015-03-10 02:27:43 Then again sometimes you can't. 2015-03-10 02:27:52 I find that using an unstable core leads to an unstable product or a rewrite 2015-03-10 02:27:59 but my experience is limited to one person (myself) 2015-03-10 02:29:32 It's always about the right tool for the job. And as I said, I always go with the platform-native language. 2015-03-10 02:30:01 I suppose the question is, where do you define the platform? 2015-03-10 02:30:10 But let's say you're automating something in AWS. You can use boto, but that's python and I'm intent on avoiding python for now. Amazon has a native version for v8/node. 2015-03-10 02:30:11 Is "web" a platform? 2015-03-10 02:30:31 I would avoid node before python--node is much less stable 2015-03-10 02:30:40 not saying that you should, just that I would 2015-03-10 02:30:49 but I have coded extensively in python, mostly for prototyping 2015-03-10 02:31:01 Web has no backend platform. I mean like vmware uses (IIRC) Perl, and SmartOS uses js/v8/node sorta, and Windows uses CLR with probably C#. 2015-03-10 02:31:18 Unix uses C! 2015-03-10 02:31:31 Yes, it does. And I code C. (Quite poorly.) 2015-03-10 02:31:35 Haha 2015-03-10 02:31:49 C is still my favorite language, even after exploring so many others 2015-03-10 02:34:54 The thing is, if I generalised from recent experience, I would also want to stay away from python because I had to work with Plone CMS in Zope python-based app server. 2015-03-10 02:35:15 the versions of those with which I had to work were nasty business. I know enough not to blame that on python, though. 2015-03-10 02:36:12 I hope current versions don't eschew databases for a proprietary blob containing both configuration information and content... 2015-03-10 02:40:13 But since you mention it, web Frontend native _is_ ECMA^WJavaScript. Skill transfer from middle/backend to frontend is seductive. 2015-03-10 02:56:40 Man, ceph has a very large number of prerequisites. :-/ 2015-03-10 02:56:42 Yeah, except it's not a development ecosystem which particularly encourages writing good quality, stable code, which is much more critical when it's running on the server than on the client 2015-03-10 02:59:31 Eh. The closure compiler is like a linter... 2015-03-10 02:59:58 sure, except the language defies static analysis 2015-03-10 03:02:32 any dynamically-typed lagnuage will, no? 2015-03-10 03:03:45 yes, but most of them can't be abused to defeat linters 2015-03-10 03:03:51 except maybe perl 2015-03-10 03:13:11 ahills: there is much wailing and gnashing of teeth all around. 2015-03-10 03:27:44 ceph needs libleveldb?!? I think I'm calling it a night. 2015-03-10 07:00:33 morning 2015-03-10 07:00:41 morning 2015-03-10 08:03:02 morning 2015-03-10 08:04:23 I'm trying to export some devices from a host to an LXC containers, and it ain't working. Do any AL applied kernel patches stop me from doing this? 2015-03-10 08:33:11 no 2015-03-10 08:33:28 ScrumpyJack: you need allow use of the device in your lxc config 2015-03-10 08:34:16 for example, I enable /dev/kvm in some of my containers 2015-03-10 08:34:28 to do that i need to add those lines to my config: 2015-03-10 08:34:33 # kvm 2015-03-10 08:34:33 lxc.cgroup.devices.allow = c 10:232 rwm 2015-03-10 09:00:10 ncopa: yes, of course. I add them in the config, or i use lxc-cgroup but I can't see my devices in my container :( 2015-03-10 09:01:14 ah, you need manually mknod them 2015-03-10 09:01:26 or cp -a from host system 2015-03-10 09:02:49 i'm trying to add /dev/loop and /dev/fuse. I'll try mknod 2015-03-10 09:18:25 ncopa: yes resolve_dev is needed in init for cryptroot 2015-03-10 09:18:43 that fixes the issue 2015-03-10 09:19:13 i assume if the device name is /dev/sdaX then resolve_dev is noop 2015-03-10 09:19:41 yes 2015-03-10 09:19:47 it will resolve symlinks too 2015-03-10 09:19:57 but i dont think that matters 2015-03-10 09:20:10 thanks. I'll push a patch 2015-03-10 09:25:47 mkinitfs-2.7.1-r4 should have the fix 2015-03-10 14:49:55 ncopa: as i see you talking about mkinitfs, did i send my patches to the correct mailing lists ? aports that is 2015-03-10 14:50:11 or should i have sent it to devel ? 2015-03-10 14:51:20 i think it was correct 2015-03-10 14:51:35 this one right? http://git.mauras.ch/mkinitfs/patch/?id=af7928a2d51388f241b6d88e8fa0da07ee336aec 2015-03-10 14:53:21 ncopa: yes and the other one too 2015-03-10 14:53:23 http://git.mauras.ch/mkinitfs/patch/?id=c9613a0612e781e05225e38e69cdb90d82c7f897 2015-03-10 14:53:44 let's you set mount options and mount type from the cmdline 2015-03-10 14:58:32 what root_options and root_type are needed for 9p? 2015-03-10 15:00:31 mount -t 9p -o trans=virtio,version=9p2000.L /hostshare /tmp/host_files 2015-03-10 15:00:31 ok 2015-03-10 15:00:33 found it 2015-03-10 15:02:35 the patch does whitespace changes 2015-03-10 15:02:41 do you think you can clean those up? 2015-03-10 15:03:36 i am sceptic to introduce root_options and root_type 2015-03-10 15:47:06 ncopa: yeah think i messed that a bit with my \t being 4 spaces 2015-03-10 15:48:11 9p was the start of it but i thought it could be interesting for quick tests/changes to have an options to change these 2015-03-10 18:57:22 mjones_: unfortunately I'm without a computer for an unknown period of time 2015-03-10 18:57:55 anyone know which italian stores might have an x1 carbon charger? :P 2015-03-10 18:58:22 ahills: oh! 2015-03-10 18:59:01 I know the X1 C uses the new USB-looking charger, and I was wondering the other day about the status of the effort to standardise a charger for all laptops... 2015-03-10 18:59:17 ...in the same way that microUSB has been standardised for phones in the EU. 2015-03-10 18:59:52 ahills: OTOH, you're in Italy. How bad can things be? Have an espresso. 2015-03-10 19:00:24 ACTION has an espresso, but it's mighty grey in Manhattan today. 2015-03-10 19:00:55 Iam actually in Istanbul right now, but I've given up, as Lenovo doesn't sell that machine here... 2015-03-10 19:01:45 I'd been contemplating the Dell XPS13 Sputnik vs. X1Carbon for a while. The Carbon has hiDPI option, and the later XPS13s have 1080 at least, but nothing... 2015-03-10 19:02:04 ...has more than 8GB hardwired to the board, and I don't think I should regress. 2015-03-10 19:02:13 My silly phone keyboard can't mako the chars needed to describe the food I'm about to go eat 2015-03-10 19:02:34 When I got these Thinkpads (T430 and later T420), everything had awful resolution and often bad screens. 2015-03-10 19:02:59 Carbon gen 2 has the worst mouse in tte world, gen 3 has a good mouse and very high res... I have the gen 1 and love it 2015-03-10 19:03:04 1600x900 2015-03-10 19:03:06 ahills: I type 7-bit even though I know diacritical marks. It's my thing. 2015-03-10 19:03:43 yeah, no mousebuttons is an issue too. 2015-03-10 19:03:48 how do I type the i with no dot and the g with a circumflex 2015-03-10 19:04:01 my thumbn hurt, bye 2015-03-10 19:04:10 The worst thing about macs is one mouse button, and those who copy macs usually can't manage 3 like thinkpads used to. 2015-03-10 19:04:39 ahills: l8r. 2015-03-10 20:19:26 back to alpine! 2015-03-10 20:19:41 Anaphaxeton: from what? 2015-03-10 20:20:13 from my isp's stock router and no server, just an arch desktop 2015-03-10 20:20:31 it worked but is was not ideal 2015-03-10 20:24:00 Anaphaxeton: ah. Closed-source software often makes me nervous. 2015-03-10 20:25:01 espacially when the isp can gain access "to help you" 2015-03-10 20:25:23 mine doesnt have this "feature" apparently 2015-03-10 20:27:15 Anaphaxeton: well, it can be nice to have an option for remote management in many cases. (I used to run a service provider.) 2015-03-10 20:27:35 dunno, it scares me 2015-03-10 20:27:39 :p 2015-03-10 20:27:42 Talking people through complex operations is wearying, subject to communications or human error, and not automatable. 2015-03-10 20:28:23 Anaphaxeton: it's not a choice you or I would take. But for some end-users it's a big benefit. 2015-03-10 20:28:41 certainly 2015-03-10 20:29:10 Unfortunately there's a popular attitude these days that ISPs are always up to no good, and that's saddening. 2015-03-10 20:29:56 I was in the industry when the edge was switched (dial-up), competition was ubiquitous and fierce, and switching costs were relatively low. 2015-03-10 20:31:05 Also, some users seem to think they're entitled to dedicated, nonoversubscribed bandwidth for their USD$39.95 per month, and can't be convinced otherwise. 2015-03-10 20:31:57 Intensive users should be very thankful for the half-dozen grannies who only check email, who subsidise their above-average consumption. 2015-03-10 20:34:51 Anaphaxeton: If Linux is your router, you might want to set your default queuing disclipline to fq_codel, enable ECN and tune TCP initcwnd and some other things. 2015-03-10 20:35:46 hmmm do you happen to keep a nice blog with all such info? 2015-03-10 20:36:41 I should, but I don't. 2015-03-10 20:37:01 All of these things are sysctl parameters in the kernel. Normally you want to put them in /etc/sysctl.d/local.conf (create that file). 2015-03-10 20:37:18 'sysctl -a' shows all parameters. 2015-03-10 20:38:39 (I typically do this on servers not Layer3 routers. Most things will be the same except default_qdisc.) 2015-03-10 20:41:17 Example /etc/sysctl.d/local.conf for recent Linux kernel such as Alpine Linux 3.x: 2015-03-10 20:41:29 # Ask for ECN instead of just responding to it. net.ipv4.tcp_ecn = 1 # FairQueue for servers, fq_codel for routers. #net.core.default_qdisc = fq net.core.default_qdisc = fq_codel 2015-03-10 20:41:49 ah, nowrap. 2015-03-10 20:43:39 thanks for this info, i had no clue 2015-03-10 20:43:48 but now another topic 2015-03-10 20:44:14 how the hell do i install on a mounted fs? 2015-03-10 20:44:54 it ihas to be mounted because it is efi+btrfs :S 2015-03-10 20:47:44 I don't think I understand the question. It has to be mounted why? You can untar to a mounted filesystem to install the filesystem contents. 2015-03-10 20:48:04 It's not clear if you need to install a bootblock and partition table, or what. 2015-03-10 20:49:09 You can clone an existing disk with dd, or mirror content to a mounted disk with rsync. 2015-03-10 20:49:15 i have a partition table happily keeping two filesystems 2015-03-10 20:49:45 I think I see where this is going. 2015-03-10 20:49:49 taring untaring and messing sounds /... messy 2015-03-10 20:50:13 if i do it it will be tar and untar 2015-03-10 20:50:39 So you have two partitions, and they are currently what, and you want to do what? 2015-03-10 20:50:50 using the 2nd disk of the system as a place to keep tha tarball 2015-03-10 20:51:15 but install on the first partition? 2015-03-10 20:51:41 only the kernel and boot loader goes there 2015-03-10 20:51:43 Are you booting cd or usb or what? 2015-03-10 20:51:52 sata DoM 2015-03-10 20:52:11 domU in Xen? 2015-03-10 20:53:23 disk-on-module 2015-03-10 20:54:22 ok i have a simple idea, it will take a little longer but it will work 2015-03-10 20:55:43 one efi partition (boot vfat partiton) one root partition (btrfs) and a whole hdd with xfs as a file keeper 2015-03-10 20:57:44 I see what you're trying to do. 2015-03-10 20:58:12 You're assuming the alpine installer doesn't grok uefi nor btrfs and trying to achieve that result by hand, right? 2015-03-10 20:58:50 Making the second disk xfs afterwards, and moving userland there, is easy. I would install regularly first though. 2015-03-10 21:01:58 how big is the disk-on-module? 2015-03-10 21:02:25 you know alpine can install in overlay mode for sdcards, etc 2015-03-10 21:06:08 the dom is 4gb 2015-03-10 21:07:00 i am planning to partition it via subvolumes to accomodate vservers 2015-03-10 21:07:26 and yes tha big disk just received the rootfs 2015-03-10 21:07:34 which will go to the dom 2015-03-10 21:08:30 eh, I'm not sure if I would go to the trouble to have a bunch of vserver root partitions on the flash, and everything else on rotational disk. 2015-03-10 21:08:55 the rottional disk should usually be off 2015-03-10 21:09:04 i dont like sounds in my bedroom :p 2015-03-10 21:09:07 a basic Alpine install is all of 256mb storage. 2015-03-10 21:09:49 I'm not sure how much the rotational would power down. I guess there are no real crons or anything. 2015-03-10 21:10:34 I'd check out the other install method though. Let me get you a link. 2015-03-10 21:12:10 anyone know why the current nginx package leaves out the stub status module? is the package just trying to be a slim as possible? 2015-03-10 21:12:56 Anaphaxeton: http://wiki.alpinelinux.org/wiki/Installation # Check out 'data' mode; I think it will suit your use-case. 2015-03-10 21:13:23 andyshinn: not sure, but my guess would be security. 2015-03-10 21:19:08 hmm,i wonder what sort of security implications it has? as far as i know, it would need to be enabled in the config to be used 2015-03-10 21:24:17 andyshinn: - you can use 'wrk' for stress testing nginx 2015-03-10 21:26:09 i'm trying to pull current metrics from nginx, not necessarily stress test it 2015-03-10 21:29:17 you'd need to rebuild with '--with-http_stub_status_module' - nginx-naxsi is built without stub_status too (& also has all the server strings anonymised) 2015-03-10 21:35:09 there is no gummiboot?? =O 2015-03-10 21:35:21 fortunately i have a static one 2015-03-10 21:40:06 andyshinn: I agree that that the proper security is to excludeit from the default config. I was just giving an educated guess why it might be excluded, assuming it was deliberate. 2015-03-10 22:07:30 oh damn 2015-03-10 22:07:48 the efifb problem again 2015-03-10 22:08:04 which includes a vesafb problem 2015-03-10 22:08:29 those two want the framebuffer in kernel 2015-03-10 22:09:02 and Alpine has it as module,, hence they disappear 2015-03-11 01:01:24 Question - How should one "best" handle containers when the host itself runs in ram; telling lbu to backup the entire /var/lib/lxc seems a little crazy as that 2015-03-11 01:01:30 defeats the purpose of lbu. 2015-03-11 01:02:04 Need to bootstrap both installs on boot; configuring both with their own archives 2015-03-11 01:05:44 You can put the container roots in a defined place instead of /var/lib/lxc, so lbu doesn't need to touch them, then back them up separately. 2015-03-11 01:06:13 I like /srv, as per FHS, or possibly /opt 2015-03-11 01:06:59 My preference would be /srv/lxc or /srv/containers. 2015-03-11 01:07:32 ACTION wonders what CoreOS does. 2015-03-11 01:07:58 mjones_: It doesn't include /var/lib/lxc by default 2015-03-11 01:08:31 IIRC var doesn't matter at all :P 2015-03-11 01:08:46 (to lbu) 2015-03-11 01:09:21 Then I don't understand the question. 2015-03-11 01:11:15 mjones_: lbu/apk setup the host system on boot; here apk handles all packages and lbu handles configurations. But when it comes to lxc - the lxc install is as if it were on a disk, so doesn't use apk/lbu to set up the environment on boot. 2015-03-11 01:11:58 So lbu on the host; can include way too much and just backup the entire lxc or a script can re-create the lxc at boot each time... 2015-03-11 01:12:35 DarkFox: ah. 2015-03-11 01:12:53 I'm thinking the best solution would to have the lxc alpine installed as if it were booting to ram and not from disk. Extracting everything during it's virtual boot. 2015-03-11 01:13:49 Can it runtime detect whether it's sys, data, or diskless mode? In other words, shouldn't either way be supported? 2015-03-11 01:15:17 mjones_: Anymode should be supported; but the alpine template just does sys install- I want diskless. 2015-03-11 01:15:33 lxc-create -t alpine (template) 2015-03-11 01:17:57 DarkFox: I'm suggesting that all three modes should be supported with template(s), automagically. 2015-03-11 01:18:23 As in, this is a Suggestion For Improvement based on your use-case. 2015-03-11 01:18:25 Should be as in would be nice or is mplemented 2015-03-11 01:18:35 Ah 2015-03-11 01:18:41 So... bugs.alpinelinux.org it is? :P 2015-03-11 01:18:50 ACTION hasn't used lxc on alpine, but should probably give it a whirl. 2015-03-11 01:19:59 DarkFox: You can always file the bug then submit the patch from your fix. ;) 2015-03-11 01:20:03 mjones_: My use-case here is that I want to run tor (and other system subsets) in isolated installs aiming for an alpine-backed (qubes-like but lxc instead of xen) tails-like system. 2015-03-11 01:20:48 mjones_: I'l report the bug; as for a patch - probably not anytime soon from myself... :D 2015-03-11 01:20:55 My current use-cases are sys mode, but I'm bound to need data and diskless before too long for virt hosts or storage. 2015-03-11 01:21:41 Nice 2015-03-11 01:21:43 DarkFox: frankly, with that kind of use-case I'd think you could generate more than average interest from others. 2015-03-11 01:22:09 mjones_: Hopefully :) 2015-03-11 01:22:21 I'd been toying with the capsicum capabilities based stuff -- which I think is now the same as the Linux capabilities thanks to Google? -- for a similar use-case. 2015-03-11 01:22:34 er, capsicum from FreeBSD, that is. 2015-03-11 01:24:23 More along the plan; I'd also like to support other networks and allow the user to coexist in all seemlesly; while nothing should get in the way. LiveCD amnesic, flexible etc. 2015-03-11 01:24:26 I had a personal project to do a containers/local-storage cluster than ran from SDcards on Dell PowerEdge R610s on SmartOS, but lost that hardware when I left my last place. 2015-03-11 01:25:47 It'd probably be well-served by a specialised 'installer' chooser letting the user select apps on startup, but the rest of the requirements should be suited by regular packages, I think. 2015-03-11 01:26:03 May create an run servies purposed to exist to help other members - ideally for communication and filesharing. 2015-03-11 01:27:20 mjones_: Indeed; have thought about capsicum but alpine is out of the box a lot tinier than *BSD generally allows for while alpine itself is very well put together in terms of security-related decisions 2015-03-11 01:27:59 mjones_: Boot configuration would be a must indeed; not all would need xorg and that option may be auto-detect disabled if a system doesn't have enough ram. 2015-03-11 01:28:25 I'd file the RFE as "LXC package should support 'disk' and 'diskless' modes as well as 'sys'", and then put the use-case as an addendum to the RFE 2015-03-11 01:30:43 mjones_: I am about to :) 2015-03-11 01:31:30 mjones_: Should it go under alpine setup scripts? LXC template isn't quite a setup script - but it includes them and it takes the same purpose. 2015-03-11 01:32:41 I lean toward setup scripts, but I'm not sure. 2015-03-11 01:32:59 I claim no expertise. 2015-03-11 01:34:52 :) 2015-03-11 01:38:03 I learned early on never to claim expertise in anything, lest you acidentally find yourself arguing a TCP/IP stak detail with Vint Cerf or something. 2015-03-11 01:38:12 s/stak/stack/ 2015-03-11 01:39:16 Hehe 2015-03-11 01:39:45 mjones_: I _focus_ my attention to security, anonymity, privacy, cryptography, etc - myself. 2015-03-11 01:41:31 I used to do a lot of work with security, but find that the bulk of that work today is far too cargo-cult for my stress level. 2015-03-11 01:41:41 Not the best of it by any means, but the _bulk_. 2015-03-11 01:41:57 Bulk; by what measures? 2015-03-11 01:42:11 Infinite information? Infinite subsets? 2015-03-11 01:42:40 Trying to get password-complexity requirements moved to the 21st century instead of the old canards about numbers and characters and rotations. 2015-03-11 01:43:07 Only to find out the organisation had signed contracts with clients that promised _those_specific_ password measures. 2015-03-11 01:43:57 Or, a real pet peeve is people who block ICMP Echo Reply. There are millions of hosts on the internet that don't ping for no good reason. That stopped being clever in 1995. 2015-03-11 01:44:56 When they block ICMP and break path MTU discovery I can't take it. 2015-03-11 01:45:24 :D 2015-03-11 01:46:10 Nothing _wrong_ with diabling ICMP replies; if you want your server to exist but not appear to host anything, helps evade scanners - then use obscure UDP ports.:P 2015-03-11 01:47:21 PCI audits that fault the target for giving RFC1323 timestamp replies, on the putative belief that this will aid the kill-chain by letting hostiles know your _uptime_. 2015-03-11 01:48:22 Yes, it's wrong. zmap can map the whole internet in less than an hour, with sufficient bandwidth, including every port. Such a survey is where you can look up exactly how many machines don't Echo Reply, and what ports they have open. 2015-03-11 01:48:32 It's stupid and people who do it should be ashamed. 2015-03-11 01:49:18 s/whole internet/whole IPv4 internet/ 2015-03-11 01:49:45 mjones_: Again; i you don't want to appear to exist, you can hide by replying to nothing - and maybe do some port knocking or require that you come from a specific host. 2015-03-11 01:49:51 Scans -> good luck 2015-03-11 01:50:40 also, I'm a fan of zero-trust networking, which means a lot of things but here I'm emphasizing that address-based access control should rarely if ever be used. 2015-03-11 01:51:26 zero-trust ? 2015-03-11 01:51:32 DarkFox: the hosts in question scan on some ports, so they aren't hiding. 2015-03-11 01:51:52 Zero-trust networking means a variety of things, largely dependent on what someone is trying to sell you. 2015-03-11 01:52:15 I read zero-trust as 0trust or TNO 2015-03-11 01:52:22 But one of the bigger things is it means you should distrust all source addresses equally. 2015-03-11 01:53:02 That is why I said portknocking - andeven that; to be cryptographically unique per a period of time. 2015-03-11 01:53:14 s/unique/signed 2015-03-11 01:53:36 Machines on LAN should have to AAA and encrypt just like outside machines. In the end, this simplifies things, and removes many firewalls, but it's highly nonconventional -- and security people tend to be far too conservative in general. 2015-03-11 01:53:53 That is AAA and encrypt to hit local servers. 2015-03-11 01:55:20 AAA? And that trust method is called host-based security; which everyone should be using. IPv6 makes it more plausible to be a norm if every device gets it's own address 2015-03-11 01:55:23 I do a lot of work in small-and-medium enterprise, and I like performance and simplicity. 2015-03-11 01:55:46 Yes, you can call it host-based and drop the discrete firewalls and (most of) the VPNs. 2015-03-11 01:56:48 mjones_: Familiar with MinimaLT? 2015-03-11 01:56:54 AAA is an abbreviation mostly used by Cisco that means authentication, authorisation, and accounting. Who's connecting, what privs do they have, and an audit log. 2015-03-11 01:57:08 DarkFox: no. I'll bing it. 2015-03-11 01:57:27 ACTION designed a networking system with the same goal as MinimaLT to then find it's existance. :P 2015-03-11 01:57:34 Bing!? :( 2015-03-11 01:58:29 That's a joke. ;) 2015-03-11 01:59:15 Good :P 2015-03-11 01:59:19 Sounds interesting, but only if deployed. SCTP is probably dead outside of Signalling System 7, because nobody uses it. 2015-03-11 01:59:29 Nobody uses it because no damn middleboxes will pass it, among other reasons. 2015-03-11 01:59:34 ss7 \o/ 2015-03-11 01:59:55 ss7 = when is the plan to destroy this crap? :P 2015-03-11 02:00:17 TLS is an awfully good solution that's extremely mature, despite weak areas. Google has done a good job with that since 2010. 2015-03-11 02:00:33 Awfully bad solution * 2015-03-11 02:01:16 Large overheads, increadible attack surface from the poorly written protocol - let along the poor implementations that are forever vulnerable to all the attacks... 2015-03-11 02:01:49 Most connections through firewalls today are HTTP(S), SQL, SSH. Maybe SMTP, IMAP, LDAP. All of those can or do work over TLS except SSH which is encrypted separately. 2015-03-11 02:02:13 Imaginging perfection in new protocols is utopian. 2015-03-11 02:02:45 MinimaLT uses libNaCl (or salt; or libsodium for the portable version); far less overheads than TLS over TCP, much faster to establish and use a commmunication channel - and it allows for onion routing. 2015-03-11 02:02:53 Google and others are working on a successor to SNI that obfuscates the destination hostname from intermediaries. 2015-03-11 02:03:21 Technically if you need datagrams you can use dTLS, although UDP can be overrated. 2015-03-11 02:03:36 mjones_, how would that possibly work? 2015-03-11 02:03:42 ACTION personally _FOR_ 100% encrypted and anonymised communications/networking where all protocols work in a decentralised manner (which is doable for all our "internetneeds") 2015-03-11 02:04:14 Onion routing is an achievement, but it makes me cringe because it 'breaks' route optimisation, and is wasteful of resources. 2015-03-11 02:04:50 mjones_: UDP is far more flexible than TCP; MinimaLT itself implements it's own tcp-like ontop of udp agan; while being much faster. 2015-03-11 02:05:06 > Faster to establish minimalt over udp than unencryted over tcp 2015-03-11 02:05:25 Check out TCP False Start. HTTPS is awfully quick and mature. 2015-03-11 02:05:37 Everybody who implements in UDP re-implements TCP. 2015-03-11 02:06:19 I've worked with 3 commercial and am aware of multiple FOSS packages used for bulk data transfer over UDP, and I think they're overwhelmingly misguided and mistaken. 2015-03-11 02:06:27 mjones_: Onion routing is great; but garlic routing takes it further for allowing route optimisations to be improved while providing redundency - yes a "waste" of resources comared to unencrypted and direct.... Better to have secure infrastructure than utterly broken and insecure cleartext networking.. 2015-03-11 02:06:37 Small price to pay for the benefits 2015-03-11 02:07:05 Tor has little or nothing to do with encrypted traffic, and you know it. 2015-03-11 02:07:22 Tor works with HTTPS, Tor works with HTTP. 2015-03-11 02:07:32 mjones_, you can't trust that the peer isn't an MITM without verifying that the cert they're providing matches, and you can't do that before providing the hostname 2015-03-11 02:07:44 Tor works by using TLS wrapped in TLS ... I don't like tor for that reason. 2015-03-11 02:08:21 In commercially significant scenarios, people use UDP because it lets them sneak around firewalls and middleboxes that screw with TCP or higher-level protocols, or which have limited TCP implementations like the 64k maximum window size in Windows XP and 2003/. 2015-03-11 02:08:48 Tor is awefully fast considering it's overheads - yet it is trivial to create MUCH FASTER networking with better cryptography and less overheads... CJDNS is a good example - it doesn't however anonymise traffic, it at least is end-to-end encrypted. 2015-03-11 02:09:24 dalias: I'd have to look for the IETF proposals to supplant SNI with a privacy-enhanced version to know how they want to do it, but I know it's somewhere in-progress. 2015-03-11 02:09:33 Until then, SNI is my huckleberry. 2015-03-11 02:09:59 You can DNScurve? 2015-03-11 02:10:22 mjones_, i just don't see how it's possible cryptographically 2015-03-11 02:10:49 they could probably make it so MITM gets detected later at the cert negotiation phase so you would _know_ someone intercepted the hostname request, and then abort the connection 2015-03-11 02:10:52 mjones_: No... UDP is used when the packet dosn't need to be acknowledged (I.e. live stream of data; don't care if we lost data 3 seconds ago); or when the flexibilities of custom congestion control allows the protocol to be less of an impact on the network (Example... torrents that use UTP protocol; that congestion control will max the bandwidth without interfeering with any other traffic on the net 2015-03-11 02:10:58 work) 2015-03-11 02:11:02 but i don't think you can prevent the interception to begin with 2015-03-11 02:11:35 Interception; you can't prevent - you can howeer work over multiple mediums and apply cryptography to make interception either partial or useless. 2015-03-11 02:12:26 DarkFox: Those are classic cases for UDP, but I'm specifically talking about where UDP is used for bulk transfer of data and packets can't be dropped. 2015-03-11 02:13:14 Incidentally, most video streaming is over HTTP(S) now anyway. I've done a little bit of work in this area. ;) 2015-03-11 02:13:14 mjones_: Read the second part to that message consisting of UTP 2015-03-11 02:13:15 ... 2015-03-11 02:13:56 You should be able to do that with fair queing disclpline, or CoDel on a router. Linux still uses qfifo_fast by default. 2015-03-11 02:14:00 If you want higher bandwidth; you'll need to use UDP and adjust the bitrate dynamically to saturate without interfeering with the network. 2015-03-11 02:14:31 mjones_: Regardless; UDP isn't overrated - TCP is. 2015-03-11 02:14:40 DarkFox: that seems to be the traditional concensus for many people, but I'm saying it's not very correct at all. 2015-03-11 02:14:59 DarkFox: De gustibus! I think we'll agree to disagree for now. 2015-03-11 02:15:12 TCP only benefits when routers in the backbone set it on a higher priority than UDP. 2015-03-11 02:15:52 QoS is a bad solution to most any question. 2015-03-11 02:16:04 UDP and basic wrappers ontop are much better than TCP - especially for secure/encrypted communications where you don't even want to disclose what data was dropped along the ay. 2015-03-11 02:16:47 I haven't worked in the core in some time, but I have serious doubt any SP would do such a thing unless responding to a UDP-based DoS situation. 2015-03-11 02:16:50 I hate this keyboard.... Type too quick and kes get dropped.... 2015-03-11 02:17:56 mjones_: There are countries or ISPs that do perference TCP due to low bandwidths and torrents taking up the udp space... 2015-03-11 02:18:15 Rate limiting is mostly used on control-planes for obvious reasons, and sometimes for ICMP. Most traffic these days is TCP, obviously. 2015-03-11 02:18:34 Everyone just moves traffic to tcp/443. 2015-03-11 02:18:48 Most traffic is TCP; yes sad fact. Anther sad fact is that most traffic is unencrypted 2015-03-11 02:19:06 I think you're offering up a conspiracy theory. However, if you have some cites, I'll read them. 2015-03-11 02:19:25 TLS over TCP is slow - MinimaLT over UDP is MUCH FASTER 2015-03-11 02:19:32 That was my only real argument here... 2015-03-11 02:20:10 I would have cites - but memory consists of metadata not references... Long time ago that I've read these. "Search the interwebs" and you'll probably find some worth citing 2015-03-11 02:20:11 I spend a lot of time working on TCP, and have run parts of therouting core in the past, and most of the things about which users are paranoid are simply not true. 2015-03-11 02:20:43 DarkFox: Look up QUIC. ;) 2015-03-11 02:20:49 ACTION should report that LXC bug again 2015-03-11 02:20:53 mjones_: I know it already 2015-03-11 02:22:20 Again; MinimaLT (and related works) are much better than the current networking standards 2015-03-11 02:22:42 http://www.ethos-os.org/ 2015-03-11 02:23:20 If it's very good then I'm sure it will see some support and use. 2015-03-11 02:23:58 ^ I have similar goals as per these people - but I have different implementation methods. Short term = alpine with lxc isolation for developmental purposes; long term = rust-written RTOS with a userland that works on linux/bsd/windows/etc. 2015-03-11 02:24:10 Rust being LLVM really helps with the latter part. 2015-03-11 02:24:29 ethos is written in C for kernelland, and go for userland - rust for both is more logical 2015-03-11 02:24:32 RTOSes are a bit of a weird duck. 2015-03-11 02:24:54 The thing is there isn't a dominant OSS RTOS because people mostly use RT-Linux these days. 2015-03-11 02:25:12 mjones_: RTOSs and microkernels are great systems - but generally fail due to complexities; using safe languages like rust makes it muchsafer and easier to create such a system. 2015-03-11 02:25:43 Similar things have been said about a lot of systems. 2015-03-11 02:25:53 Indeed 2015-03-11 02:26:37 you know how you change the world of OSs today, you start from scratch :P 2015-03-11 02:26:40 Microkernels are better systems; just harder to create due to focus being with monolythc kernels and such 2015-03-11 02:26:49 systmkor: Indeed :) 2015-03-11 02:27:08 DarkFox, well the microkernel & monolithic kernel issue in someways are solvable 2015-03-11 02:28:20 DarkFox, for example there is the the seL4 microkernel which for open source is the most formally verified 2015-03-11 02:28:29 systmkor: I'm waiting for more development in the rust-osdev world; while I work on my short term projects and userland systems preparing for a pure-rust operating system that knows only encrypted networking, and decentralised resource management (for storage, communications, lookups, etc) 2015-03-11 02:29:58 DarkFox, well I the best strategy is making Linux a hybrid kernel 2015-03-11 02:30:00 systmkor: seL4 is verified in a limited scope.. 2015-03-11 02:30:23 I don't run microkernals now -- although I had two NeXT cubes and still have an Alpha somewhere. 2015-03-11 02:30:31 DarkFox, yes but compared to other kernels it has many orders of magnitude more verification 2015-03-11 02:30:55 systmkor: My strategy is to create a platform-agnostic userland of tools that can run trivially on windows, linux, bsd, and a standalone environment. 2015-03-11 02:31:02 DarkFox, all proofs by definition are limited in scope and can't escape axioms 2015-03-11 02:31:17 OS X has a microkernel, if that's what you want. 2015-03-11 02:31:28 mjones_: Wrong type of kernel 2015-03-11 02:31:44 seL4 was the right tree to bark up :) 2015-03-11 02:31:58 DarkFox, I think best strat to do is making Linux a hybrid kernel 2015-03-11 02:32:07 meaning you can at compile time 2015-03-11 02:32:23 choose between pure microkernel to pure monolithic 2015-03-11 02:32:46 so for systems that can't escape certain performance issues 2015-03-11 02:32:52 systmkor: Again; I care more for the userland that fits my goals; and for that userland to work everywhere - then latter to create a standalone system that depends on no large operating system code bases. 2015-03-11 02:33:00 they put what limited modules they need in the kernel 2015-03-11 02:33:02 and the rest in userland 2015-03-11 02:33:26 DarkFox, well having a common basal set of kernel system calls 2015-03-11 02:33:34 that could be standardized with e.g. seL4 2015-03-11 02:33:44 then that makes userland wayyy easier to translate across platforms 2015-03-11 02:34:32 The microkernel stucture that I'm thinking about is where the kernel exists more to ensure that it's children processes stay within boundaries and interfaces to communicate with eachother. 2015-03-11 02:35:00 Here a driver is a userland module; that the kernel gives access where needed; and is only interacted with via approved interfaces. 2015-03-11 02:35:04 DarkFox, my argument is that making a standard mircokernal ISA so to speak 2015-03-11 02:35:10 making userland utils more portable 2015-03-11 02:35:13 is made much eaiser 2015-03-11 02:35:15 *easier 2015-03-11 02:35:24 not perfect but easier than today 2015-03-11 02:35:46 systmkor: No point; userland tools if written in rust while being platform agnostic; it'll work anywhere that rust/llvm can compile for. 2015-03-11 02:36:18 For a pure rust system; that means that it would only need to port the parts of rust that are platform specific such as files, networking, file descriptors, etc. 2015-03-11 02:36:26 Essentially IO 2015-03-11 02:36:35 DarkFox, there is an existing solution of that 2015-03-11 02:36:47 DarkFox, http://www.openmirage.org/ 2015-03-11 02:37:04 it's an OCaml libOS that runs on top of Xen 2015-03-11 02:37:05 systmkor: I'm thinking more for rustboot; http://zinc.rs/ and a lot like ethos-os. 2015-03-11 02:37:14 DarkFo: I know seL4, but NeXTStep, OS X, and Tru64 are also microkernels. 2015-03-11 02:37:57 mjones_: Different structure 2015-03-11 02:38:24 DarkFox, agreed having userland tools built on top of Go, Rust, and OCaml 2015-03-11 02:38:28 would be pretty sweet 2015-03-11 02:38:38 I know, but microkernel isn't a panacea, obviously. 2015-03-11 02:38:53 mjones_, it isn't 2015-03-11 02:38:58 There's also OSv, which promises to have Van Jacobsen's net channels replace sockets. We'll see. 2015-03-11 02:39:05 systmkor: mirage looks nice 2015-03-11 02:39:09 Thanks for the link 2015-03-11 02:40:00 mjones_, the thing is though practically the amount of time it would take to formally verify the kernel and it's updates would be virtually impossible 2015-03-11 02:40:21 I looked at mirage for doing some work, but reimplementing everything is a lot of work. Also, while I like Xen fine, I mostly use KVM, and some commercial outfits are in love with VMware so I've used that a lot too. 2015-03-11 02:40:33 so given real world issues in some ways it could be argued that a microkernel is necessary but not sufficient 2015-03-11 02:41:01 I think 'rough concesus and running code' is the bet with house odds, if you know what I mean. 2015-03-11 02:41:17 c/concesus/concensus/ 2015-03-11 02:41:36 mjones_, ? 2015-03-11 02:41:52 There was a super-lightweight erlang stack on xen too, but it hasn't taken over the world. 2015-03-11 02:41:55 ACTION afk for a little while. o/ 2015-03-11 02:42:23 mjones_, oh i'm not expecting mirageOS to take over the world 2015-03-11 02:42:35 but I think it could definitely replace a lot of core services 2015-03-11 02:42:53 that commonly run on general purpose OSs 2015-03-11 02:43:16 like a DNS server, that may be best to be a mirageOS unikernel 2015-03-11 02:43:33 or an NTP server 2015-03-11 02:44:05 mjones_, I think for me the interest is if there becomes better core OS support with Xen 2015-03-11 02:44:10 it allows for a better mix an match 2015-03-11 02:44:21 of a program/app/daemon/service 2015-03-11 02:44:33 gets of a general purpose OS 2015-03-11 02:45:06 my admin server to control my data-center may best be a general purpose OS 2015-03-11 02:45:11 I went through the state of the microkernels less than a year ago, and nothing is poised for a big leap in usage. 2015-03-11 02:45:23 mjones_, completely agreed 2015-03-11 02:45:40 There's one you failed to mention, whose name I am somehow forgetting. 2015-03-11 02:46:07 just stating that a shift to that paradigm I think could provide a lot more interoperability, etc. 2015-03-11 02:46:11 There's one with a distribution (not Hurd). 2015-03-11 02:46:16 ohhh 2015-03-11 02:46:24 Genode OS 2015-03-11 02:46:33 Genode! That's it 2015-03-11 02:46:45 I just turned it up on a websearch as you said it. 2015-03-11 02:46:53 they are going to be or are actively switching to the seL4 microkernel 2015-03-11 02:47:02 mjones_, another cool one is QubesOS 2015-03-11 02:47:12 I had forgotten that for a few months. Gotta put that on my project list right now. 2015-03-11 02:47:33 mjones_, there repo is god awful and heavily depends and compiles against/with fedora 2015-03-11 02:47:39 I read a bunch of the Qubes material about six months ago, on the principal's blog. 2015-03-11 02:47:51 mjones_, would love to get a lot of there stuff ported to Alpine 2015-03-11 02:48:00 with a much cleaner build system etc. 2015-03-11 02:49:34 And this is why I can't bring myself to acquire an 8GB ultrabook. 2015-03-11 02:49:51 ACTION has somehow used up all 16GB of RAM, and with only one little VM running! 2015-03-11 02:51:00 VM chrome? 2015-03-11 02:51:04 :P 2015-03-11 02:51:07 Nope, not ram. 8gb in disk buffer cache. No, it's some JS chewing up my cores. 2015-03-11 02:51:15 Iceweasel/Firefox. 2015-03-11 02:52:10 I probably have 200 tabs open and it's hard to find the culprit in firefox. Not totally trivial in chromium, but with a dedicated tool, much easier. 2015-03-11 02:53:20 systmkor: I think I failed to mention that I don't like general purpose :P 2015-03-11 02:54:34 If there were kernel that knew nothing more than ssh and how to display accordingly... I'd have a pretty thin laptop :P 2015-03-11 02:54:47 s/laptop/client system/ 2015-03-11 02:56:25 chromeOS has an acceptable SSH client 2015-03-11 02:56:31 DarkFox, well I think that's why it's imperative to make it easier to have hybrid kernel and make it stupid simple to create a "distro" 2015-03-11 02:56:35 I have a Dell Chromebook 11 with 4GB. 2015-03-11 02:57:01 DarkFox, otherwise until people do that they are just doing snowflake cases that only solve it for their own narrow needs 2015-03-11 02:57:22 and very hard to solve anyone elses 2015-03-11 02:59:21 DarkFox, that's why I think getting a nix style package manager working on Alpine 2015-03-11 02:59:36 with simple scripting of the 'base' distro into a desired image format 2015-03-11 02:59:49 with automatable system testing 2015-03-11 03:00:05 makes all those custom desires about your distro 100x easier to build 2015-03-11 03:00:55 systmkor: The system that I described eariler that I'd like to create knows only how to securely communicate with others running the same system (or userland tools that should run on any platform). 2015-03-11 03:01:22 securely communicate with others running the same system? 2015-03-11 03:02:21 DarkFox, that's questionable if that is even theoretically possible 2015-03-11 03:02:57 not saying it isn't 2015-03-11 03:03:37 systmkor: Well; so much that modern strong cryptography can do - while that is as modular as any function. 2015-03-11 03:04:02 DarkFox, go for what you want on your own but I don't think that will result in much project outside of a very narrow self needed requirements 2015-03-11 03:06:13 DarkFox, that sorta somewhat goes out the window when you are running machines you don't control or without having a perfectly verified hardware & TPM 2015-03-11 03:06:16 The userland should work everywhere; the minimal RTOS would exist only to glue them all together in a trusted andminimal code base 2015-03-11 03:06:49 DarkFox, what do you mean by RTOS because that has a lot of meanings 2015-03-11 03:07:21 Real time operating system; not general purpose 2015-03-11 03:07:42 that still is somewhat too vague still 2015-03-11 03:07:53 wikipedia :P 2015-03-11 03:08:11 DarkFox, doesn't really matter because when people refer to RTOSes they mean way more than just that 2015-03-11 03:08:19 or variety of ways 2015-03-11 03:08:41 DarkFox, do you mean a non-general purpose OS with a deterministic scheduler? 2015-03-11 03:09:30 Well; yes. But freertos is a good example 2015-03-11 03:09:37 also when you are referring to OS in what sense are referring to it 2015-03-11 03:09:49 because that goes from effectivelly meaning just the kernel to Ubuntu 2015-03-11 03:09:56 lol 2015-03-11 03:10:56 yah makes pinning down what people mean a bit difficult 2015-03-11 03:12:05 I say OS as kernel + userland tools; for my case, both will be as minimal as possible while fiting all of the project goals (essentially just 100% encrypted networking, decentralised infrastructure, and trusted code base) 2015-03-11 03:12:31 There's hard-real-time and soft-real-time. 2015-03-11 03:13:04 But RT-Linux is probably dominant on 32-bit and up microcontrollers and micro+MMU now. 2015-03-11 03:13:27 mjones_, well regardless if 'hard-real-time' you sorta need to also specifify the time delta you are expecting or gaurenteeing 2015-03-11 03:13:36 Seems to be what the vendors are using for network devices in particular. 2015-03-11 03:13:42 because real time can mean between like 900 ms to nano seconds 2015-03-11 03:14:12 systmkor: I think that's a function of kernel HZ or ticks. Linux is tickless, now, so...I'm not terribly sure. 2015-03-11 03:14:17 or other time scales depending on what you are expecting of the user interface to be 2015-03-11 03:14:27 In any case, it's adjustable. 2015-03-11 03:14:42 well I meant not just at the scheduler level 2015-03-11 03:14:54 but at the blackbox point of i input something 2015-03-11 03:15:01 and it outputs after everything is said and done 2015-03-11 03:15:05 within how much time scale 2015-03-11 03:15:41 mjones_, DarkFox I know I'm being pedantic but just trying to make sure I'm understanding what you mean 2015-03-11 03:16:03 systmkor: My last message lagged to send... Connection almost dropped 2015-03-11 03:16:10 #realtime 2015-03-11 03:16:12 :P 2015-03-11 03:16:38 I know of no dominant RTOS -- dominant across industries -- except likely Linux. 2015-03-11 03:16:52 Aviation has its own dominant choices, but those are largely related to regulation and approvals. 2015-03-11 03:17:09 I think that, in itself, says something important. 2015-03-11 03:17:42 mjones_, also has some notion of what time interval they are dealing with because for example plain flaps, wings etc. can only move so quickly or they would blow off or blow up 2015-03-11 03:18:06 (I like RTOSes and microkernels, and spent quite a bit of time on this subject last year looking for a general-purpose RTOS with excellent IPv6 for high-end microcontrollers.) 2015-03-11 03:18:22 awesome 2015-03-11 03:18:27 i really like microkernels as well 2015-03-11 03:18:49 but I think the mode to success is through integration not segregation/sharding of open source projects 2015-03-11 03:18:59 that is on the long term scale 2015-03-11 03:19:07 Also, for those who don't know, at least half of the RTOSes are not open-source, which explains lack of dominance. Many are supplied by MC and board vendors. 2015-03-11 03:19:21 unless some extreme change in SE/technology blind sides us 2015-03-11 03:19:37 mjones_, best method :P 2015-03-11 03:19:49 That reminds me, I sold my HP stock because I was tired of waiting for them to ship memristors. 2015-03-11 03:20:00 dude just 1 more year 2015-03-11 03:20:01 :P 2015-03-11 03:20:01 Some time before they announced...Linux+ was it? 2015-03-11 03:20:57 DarkFox, well I think a good start would be helping making Alpine a 'base OS' or one that's really easy to build your own custom distro on top of 2015-03-11 03:20:59 I hear Sun was working on nonvolatile-core systems someting like 10 years ago... 2015-03-11 03:21:36 DarkFox, for example I would like to be able to install a same set of packages on a machine but change my init system from openRC to runit 2015-03-11 03:21:38 to compare the two 2015-03-11 03:22:05 I think Gentoo and/or Arch support init modularity. 2015-03-11 03:22:07 meaning just change a build flag, not manually re-writing all of the init scripts just for myself 2015-03-11 03:22:37 mjones_, I think they support it to some degree but it would be nice to build a generic solution for 2015-03-11 03:22:40 The way this is accomplished seems to be multiple init scripts in the package. 2015-03-11 03:22:43 systmkor: What do you think my short term goals are? Take alpine and create a tor,i2p,cjdns, etc modular system; using lxc for isolation and maybe xen for further isolation... Purpose:Developmental environment and alpine-based tails-like livecd that other people could use for development. 2015-03-11 03:22:47 your init & supervisor problems 2015-03-11 03:23:13 DarkFox, idk what your short terms goals are 2015-03-11 03:23:24 Alpine will be my base for development for userland of my long term goals; this userland should work everwhere. 2015-03-11 03:23:25 i'm figuring you also meant that rhetorically 2015-03-11 03:23:33 DarkFox, awesome 2015-03-11 03:23:50 also I think it would be really cool to be able to within reason work with varrying core-utils 2015-03-11 03:24:03 systmkor: Short term = userland; long term = standalone rtos using that userland 2015-03-11 03:24:17 like busybox, gnu coreutils, plan9s, sbas/dbase etc. 2015-03-11 03:24:28 rust written coreutils exists 2015-03-11 03:24:33 DarkFox, cool cool 2015-03-11 03:24:40 DarkFox, a complete set of functionality? 2015-03-11 03:24:53 meaning at least equivilent to busybox 2015-03-11 03:24:55 Check it on github; not complete yet but very portable :) 2015-03-11 03:24:59 then you need a POSIX RTOS 2015-03-11 03:25:01 DarkFox, link? 2015-03-11 03:25:14 systmkor: github.com/SOMEONE/coreutils :) 2015-03-11 03:25:22 DarkFox, also if it isn't functionally complete yet, then from general user it doesn't matter 2015-03-11 03:25:30 uutils/coreutils 2015-03-11 03:25:56 systmkor: Sure; but coreutils is surprisingly huge :P 2015-03-11 03:26:20 DarkFox, well that's why i said busybox 2015-03-11 03:26:23 not gnu coreutils 2015-03-11 03:26:32 Sure 2015-03-11 03:26:39 because there's probably a lot of things that don't belong in gnu coreutils 2015-03-11 03:26:43 They are after a more complete 2015-03-11 03:26:53 I'm all for that 2015-03-11 03:27:03 but it would be nice to have a reduced set compile option 2015-03-11 03:27:22 or easily configure & compile what functionality is compiled 2015-03-11 03:27:49 so for example you can get it to work on an embedded system like a soho router or your personal dev box 2015-03-11 03:28:16 DarkFox, cool that, that exists, I want to rewrite a portion of coreutils in go-lang 2015-03-11 03:28:17 I won't be using coreutils on my standalone system - as that would be smaller and *NOT* general purpose; and when not gneral purpose... Why need coreutils? :) 2015-03-11 03:28:31 systmkor: That also has been done 2015-03-11 03:28:41 DarkFox, done or in process? 2015-03-11 03:28:43 Rust is much better than go **NO WAR 2015-03-11 03:28:47 Progress 2015-03-11 03:28:52 These things are never done :P 2015-03-11 03:28:52 DarkFox, link? 2015-03-11 03:29:06 DarkFox, in some facets I agree that Rust is better 2015-03-11 03:29:07 systmkor: ... search interwebs and github :) 2015-03-11 03:29:19 but problem is that its still heavily in development 2015-03-11 03:29:26 For my rtos and portable userland - it fits perfectly :) 2015-03-11 03:29:28 DarkFox, ah, very specific 2015-03-11 03:29:44 Go only benefits from google excessive money bags 2015-03-11 03:29:49 And apple's swift same deal. 2015-03-11 03:29:54 https://github.com/aisola/go-coreutils 2015-03-11 03:29:57 But rust is MUCH better than both 2015-03-11 03:30:08 DarkFox, again in certain aspects 2015-03-11 03:30:12 Just less funded 2015-03-11 03:30:16 :P 2015-03-11 03:30:25 DarkFox, well that at the end of the day makes a huge difference 2015-03-11 03:30:25 Okay; in just about ever ? :) 2015-03-11 03:30:42 i can have the perfect OS design but if it isn't even built or not funded at all 2015-03-11 03:30:42 just about every* 2015-03-11 03:30:45 it doesn't really matter 2015-03-11 03:30:52 sadly 2015-03-11 03:31:10 DarkFox, there memory safety gaurentees are questionable 2015-03-11 03:31:20 there or their ? 2015-03-11 03:31:25 ... 2015-03-11 03:31:40 their fits :P 2015-03-11 03:31:45 oh yes it does 2015-03-11 03:31:50 :) 2015-03-11 03:31:57 but i also think English is retarded when it comes to spelling 2015-03-11 03:32:15 English not your first language? 2015-03-11 03:32:23 Now there's a good point. 2015-03-11 03:32:24 or probably one of the worst languages ever for consistency, & accuracy 2015-03-11 03:32:33 DarkFox, no it's my first language 2015-03-11 03:32:37 Hehe 2015-03-11 03:32:48 I like English 2015-03-11 03:32:50 I still think its shit for anything but Literary/Music/Arts 2015-03-11 03:32:55 English and C may have their quirks, but by god they built the world. 2015-03-11 03:32:56 But again; I can't compare it 2015-03-11 03:33:19 DarkFox, to continue on about rust 2015-03-11 03:33:34 rust is a language that I have the least disagreements with :) 2015-03-11 03:33:34 their multi-paradigm language is good in certain cases but a death sentence in others 2015-03-11 03:33:38 Rust and Esperanto have a nice narrative, but I don't know anyone who speaks Esperanto. ;) 2015-03-11 03:34:19 death sentenc where? 2015-03-11 03:36:38 also there many ways of doing the same code but with different syntax 2015-03-11 03:36:45 for, do while, while, infinite 2015-03-11 03:36:48 for example 2015-03-11 03:37:13 DarkFox, one is that the project over time most likely will suffer from feature creep 2015-03-11 03:37:29 and one facet being paradigms 2015-03-11 03:37:46 which can provide code that is very maliable for any case 2015-03-11 03:38:07 but one problem is that it makes unintentional obfuscation of code much easier, which is bad 2015-03-11 03:38:33 it form effectively dialects of the language which then takes extra time to learn when one is trying to understand a different project 2015-03-11 03:38:51 which is bad because generally some of the biggest problems related to programming is the human problem not the code itself 2015-03-11 03:39:26 also with that many paradigms I question there actual soundness of runtime library & compiler 2015-03-11 03:39:49 and also certain paradigms can cause in the long term as the project grows 2015-03-11 03:40:09 Does rust do dynamic linking or only static like go? 2015-03-11 03:40:16 mjones_: Both 2015-03-11 03:40:23 more mental work trying to juggle the idiosyncrasies of the paradigms & the architecture than the actual execution of code to get something done 2015-03-11 03:40:42 mjones_, I've been bitching at go developers about that 2015-03-11 03:41:11 Only major issue I have with rust is that it can't compile to size-optimized so it can't factor code to loops and functions; just expand execution for maximum performance 2015-03-11 03:41:24 Which is fine; but would be nice to have it optimize size down 2015-03-11 03:41:39 fucking stupid but I wouldn't be surprised if they add that in later because from the general dev use case is that it doesn't matter and in some cases is better that there isn't dynamic linking 2015-03-11 03:42:11 What is this about now? 2015-03-11 03:42:19 Rust does both dynamic and static linking... 2015-03-11 03:42:21 go and static vs dynamic linking 2015-03-11 03:42:29 Oh go; right 2015-03-11 03:42:53 ACTION loves how rust handles shared objects for importing modules; amazingly clean comared to other languages that I've seen the same thing 2015-03-11 03:42:58 also without dynamic loading and enabling a loader then you can't really do ASLR and other various PaX features 2015-03-11 03:43:23 DarkFox, example? 2015-03-11 03:43:37 One moment 2015-03-11 03:43:46 Rust and go have a lot in common. I've only actually encountered Rust very recently, and I'm annoyed by go only being static. 2015-03-11 03:43:55 DarkFox, also I don't think go is perfect but realllly good for a certain subset of problems 2015-03-11 03:44:27 mjones_, they'll eventually fix that especially when developers hit a point were they are building bigger and bigger projects 2015-03-11 03:44:32 Google does static apps for isolation, but I don't care for that from an optmisation and performance point of view. 2015-03-11 03:44:37 and it ends up being some ungodly 1 gig file 2015-03-11 03:44:57 https://github.com/Kintaro/wtftw/blob/master/core/src/config.rs#L225 2015-03-11 03:45:08 mjones_, also it is just a bandage on the package management problem 2015-03-11 03:45:26 The thing is that if they hit 1G deploys it'll probably get factored into multiple services... 2015-03-11 03:45:31 systmkor: ^ 2015-03-11 03:46:04 cool 2015-03-11 03:46:17 ACTION has made some effort to clean up wtftw's source code - removing unsafe unwrap()s mostly 2015-03-11 03:46:25 mjones_, in what way? 2015-03-11 03:46:55 do you mean as in like docker services, app engine junk, ? 2015-03-11 03:47:48 I was kinda saying that from a Google internal platform point of view. (I don't, and have never, worked for Google.) 2015-03-11 03:48:01 mjones_, oh I didn't mean internal to google 2015-03-11 03:48:07 I meant for the users of go like docker 2015-03-11 03:48:23 other people with bad design or just forced into it due to nature of the problem 2015-03-11 03:48:29 will end up with 1G execs 2015-03-11 03:48:41 and they'll complain enough that they'll end the 'static linking only' 2015-03-11 03:48:59 It can be a fine line between not reinventing the wheel and dependency hell. 2015-03-11 03:49:19 mjones_, dependency hell is a result of bad package managers 2015-03-11 03:49:45 systmkor: Did you see the code? (No reply to your request for the example) 2015-03-11 03:49:55 DarkFox, looks clean 2015-03-11 03:50:10 but I've never really dealt with similar code so it's like eating pizza for the first time 2015-03-11 03:50:17 and saying it's the best 2015-03-11 03:50:25 systmkor: I suspect we're using different definitions of 'dependency hell'. 2015-03-11 03:50:26 I don't really have anything to compare against but still looks clean 2015-03-11 03:50:34 mjones_, i don't think so 2015-03-11 03:50:47 systmkor: Fair enough 2015-03-11 03:50:53 mjones_, but what's your definition? 2015-03-11 03:51:00 Yours is probably the better definition, but I mean when code drags in a dozen prerequisites and uses one or a couple of functions from each. 2015-03-11 03:51:07 (note: not trying to sound sarcastic or snarky) 2015-03-11 03:51:16 Not the old circular and conflicting dependency thing. 2015-03-11 03:52:20 s/thing/tree/ 2015-03-11 03:52:23 Rust has its own language repo, too. I'd like to see a language that just says 'no' to that. 2015-03-11 03:52:36 cycling dependency tree (IIRC) 2015-03-11 03:52:52 mjones_, static linking doensn't really solve or address the dozens of dependencies from a couple of funciton calls 2015-03-11 03:53:07 mjones_: Repo; refering to crates.io ? 2015-03-11 03:53:18 that's partially depends on how you compile your modules/libraries 2015-03-11 03:53:23 and again your package manager 2015-03-11 03:53:45 of being able to have multiples of the same package&version on the system with no conflicts 2015-03-11 03:53:51 such as nix provides 2015-03-11 03:54:10 systmkor: no, of course not. I was trying to say that 1GB deploys of packages that bring along all of their dependencies (and are static) happen because of numerous included dependencies. 2015-03-11 03:54:34 yes, but i don't mean so much the end size 2015-03-11 03:54:39 but that the transmit size 2015-03-11 03:54:44 rust's cargo(dependancy manager) is one of the cleanest that I've seen for a language. Don't see why one wouldn't like this - if you have rust you're probably compiling and this works perfectly for that. IF you need to distribute things then you distriute compiled binaries and don't use cargo for dependancies. 2015-03-11 03:54:51 meaning if they have to recompile their program in docker and send the new container 2015-03-11 03:55:06 a gig becomes a much bigger data center problem than 1MB 2015-03-11 03:55:50 DarkFox, I think dependency managers should be included with modern languages but they should also be designed to work extremely easily and cleanly with the OSes package manager 2015-03-11 03:55:51 systmkor: ah, I see. I was just lamenting 1GB in general. 2015-03-11 03:56:03 mjones_, /me laments with you :P 2015-03-11 03:56:08 systmkor: whih cargo does 2015-03-11 03:56:21 Speaking of rust... 2015-03-11 03:56:31 DarkFox, feel free to get a lot of that ported to Alpine? 2015-03-11 03:56:59 14:46:51 systmkor | do you mean as in like docker services, app engine junk, ? 2015-03-11 03:57:02 Erm 2015-03-11 03:57:04 Fail paste 2015-03-11 03:57:12 https://bugs.alpinelinux.org/issues/3949 2015-03-11 03:57:42 cool cool but go package that son :P 2015-03-11 03:57:57 lol Alpine with a propaganda poster 2015-03-11 03:58:08 Alpine Development, Do Your Part:P 2015-03-11 03:58:26 Lolwat where? 2015-03-11 03:58:30 I wish 2015-03-11 03:58:32 DarkFox: good request. I'm going to get up to speed with aports contributions too. 2015-03-11 03:58:34 not that it exists 2015-03-11 03:58:47 mjones_: Cool 2015-03-11 03:58:59 DarkFox, I'm trying to free up time to write a variety of test scripts 2015-03-11 03:59:03 mjones_: I still need to make that bug report for diskless lxc :P 2015-03-11 03:59:07 to verify that libressl works with a variety of packages 2015-03-11 03:59:16 I have it compiled and working with ssh & curl 2015-03-11 03:59:30 systmkor: Awesome 2015-03-11 03:59:45 systmkor: I'd love to see libre become the openssl replacement for alpine 2015-03-11 03:59:45 Yeah, I was doing ceph 'port' to see how hard it would be, and it's a pain. I'm pretty sure my first aport will be something much more trivial. 2015-03-11 03:59:51 DarkFox, feel free to send me scripts of programs that depend on SSL and use it so i can test on my system 2015-03-11 03:59:56 alpine; openbsd ported to linux.\o/ 2015-03-11 04:00:33 DarkFox, I somehwat would like to see the same level of security care, expertise, and person power that is in OpenBSD but for Alpine 2015-03-11 04:00:44 Any issues with libressl replacing open would be an issue in all other dists, and not alpine specific. 2015-03-11 04:00:53 systmkor: znc, irssi, intel's uefi, lbu, exim, 2015-03-11 04:00:58 But we do need some test rig to prevent regression surprises and stuff. 2015-03-11 04:01:30 DarkFox, there is a dead project to do this 2015-03-11 04:01:33 systmkor: uefi with libre ;) 2015-03-11 04:01:34 but I really want to help build it 2015-03-11 04:01:42 exim huh? Right after Debian moved to postfix... ;) 2015-03-11 04:01:54 mjones_: fine opensmtp 2015-03-11 04:02:10 Which is probably already libressllol 2015-03-11 04:02:18 I HATE THIS KEYBOARD 2015-03-11 04:02:51 Quick question; what is the cleanest way to increse the resolution on alpine? (TTY no Xorg) 2015-03-11 04:02:53 Buy a keyboard with mechanical switches and be a snob about it. You know you want to. :-) 2015-03-11 04:03:16 DarkFox: hardware framebuffer or VM? If the former, not immediately sure. 2015-03-11 04:03:26 mjones_: Nah; I'll stick to my 10" chicklet keyboards 2015-03-11 04:03:40 I'm using my main laptop (that I normally just use headless with a real keyboard) right now 2015-03-11 04:03:42 DarkFox, mjones_ http://wiki.alpinelinux.org/wiki/Alpine_Package_Testing_Suite 2015-03-11 04:03:55 Since low and high end computers are effectively the same these days, might as well take advantage of the wide range of customisation options. 2015-03-11 04:04:02 mjones_: former indeed; I expected vidcontrol but doesn't exist :) 2015-03-11 04:04:11 i personally could care less about lua I think alpine desperately needs something 2015-03-11 04:04:18 I have a CM storm with cherry MX browns right here but I'm foolishly using the laptop keyboard, which I used to loathe. 2015-03-11 04:04:29 pkgfile for alpineanyone ? 2015-03-11 04:04:50 systmkor: ah, I missed that one, thanks. 2015-03-11 04:04:53 DarkFox, well if you can email me any regression or test scripts that would speed up my testing abunch 2015-03-11 04:04:59 mjones_, yah the wiki needs a lot of work 2015-03-11 04:05:13 systmkor: I hae none sadly 2015-03-11 04:05:26 well not at moment but over the course of the week 2015-03-11 04:06:28 Anyone have a recommendation for an Avoton-type ITX-sized board, off the top of their head? A friend showed me an MSI one around 18 months ago, but I think Intel is still making reference boards and I prefer those. 2015-03-11 04:07:11 ACTION notes he is currently booted from a usb with blackarch one a laptop and alpine from an sd on another 2015-03-11 04:08:36 I need to buy a desk. I just found out Ikea is selling electric sit-stand models for surprisingly cheap. They used to cost a fortune back when I first used them many moons ago. 2015-03-11 04:10:12 moons =days; maybe you mean full moons; or blue moons; or blood moons, much more rare 2015-03-11 04:11:03 it means moon cycles, from new moon, waxing, full, waning. 2015-03-11 04:11:27 Ah 2015-03-11 04:13:18 mjones_, moon of what planet :P 2015-03-11 04:13:27 Which are what, a fortnight in length? 2015-03-11 04:13:36 systmkor: Luna. 2015-03-11 04:13:37 ;) 2015-03-11 04:40:25 lol 2015-03-11 07:14:49 herp 2015-03-11 07:14:56 i should like 2015-03-11 07:14:58 install alpine 2015-03-11 07:15:06 and get the pdns patches into it 2015-03-11 08:04:49 James_T: which pdns patches? 2015-03-11 08:13:51 https://github.com/PowerDNS/pdns/commit/c2b4ccc0d125a30a1970f555f572bf74de27a3d5 specifically 2015-03-11 08:15:01 ncopa: ran into some interesting issues when testing it under musl... that one took a lot of work to debug :) 2015-03-11 08:18:22 ncopa: well, 3.4.4 will have those commits cherry-picked into it anyway 2015-03-11 08:28:47 i suppose we can just bump to 3.4.4 then 2015-03-11 08:28:54 if you want i can cherrypick that patch though 2015-03-11 08:47:54 yeah 2015-03-11 08:48:09 3.4.4 should be released in a week or so 2015-03-11 08:48:22 that commit against 3.4.3 along with the execinfo fix is good 2015-03-11 08:52:25 ncopa: could you bump alpine tp 2.20 (the MTA) and add --with-passfile=.pine-pass to the cofigure script? 2015-03-11 08:54:58 you are getting the source from washington.edu, where I beleive it is unmaintained now 2015-03-11 08:55:58 ScrumpyJack: where is new upstream? 2015-03-11 08:56:06 http://patches.freeiz.com/alpine/info/all.html 2015-03-11 08:56:40 that is the 2.20 source with all the patches applied 2015-03-11 08:57:33 you can get the unpatched source from http://patches.freeiz.com/alpine/release/src/ 2015-03-11 08:57:45 (but why would you :) 2015-03-11 08:59:34 that page is a bit confusing. the patched source is http://patches.freeiz.com/alpine/patches/alpine-2.20/alpine-2.20.tar.xz 2015-03-11 09:00:00 found it yes 2015-03-11 09:00:26 awesome. 2015-03-11 09:27:31 ncopa, ScrumpyJack sup 2015-03-11 09:32:03 systmkor: morning dude 2015-03-11 09:42:02 evening :P 2015-03-11 09:42:43 :P 2015-03-11 09:43:00 does alpine work ok in virtualbox? 2015-03-11 09:49:19 James_T, in what manner? 2015-03-11 09:55:51 James_T: i would expect it to do so 2015-03-11 09:57:34 maybe meaning does guest tools works? 2015-03-11 10:09:46 yeh 2015-03-11 10:42:32 James_T, open source or closed source version 2015-03-11 10:42:44 i can't remember if there is a closed source version that may just be for vmware 2015-03-11 11:03:13 virtualbox uses open-vm-tools 2015-03-11 11:03:19 only vmware has vmware-tools what are closed source 2015-03-11 11:03:33 asfar as i know atleast 2015-03-11 11:05:46 there are oss vmware tools 2015-03-11 11:12:58 thats's the same open-vm-tools 2015-03-11 11:24:22 ah yeah 2015-03-11 11:44:04 olo kernel panic on first boot 2015-03-11 11:44:06 winning 2015-03-11 12:17:16 systmkor: I see you made it to twitter :P 2015-03-11 12:17:32 (@alpinelinux last) 2015-03-11 12:18:01 James_T: Is this the xen image boot attempt from a usb/sd ? 2015-03-11 12:18:45 ACTION 's only experience for a kernel panic on alpine so far. :) 2015-03-11 12:21:00 yarp :P 2015-03-11 12:22:26 systmkor: Tomorrow - libressl official in alpine \o/ 2015-03-11 12:22:29 Byebye openssl :D 2015-03-11 12:22:53 I hope alpine doesn't go that fast... Not that openbsd did :P 2015-03-11 12:26:02 DarkFox, you mean as in that would be awesome or that's actually the case? 2015-03-11 12:27:45 systmkor: For ? Libressl in openbsd; that is done already. If it were in alpine;I would expect at least in edge-testing :) 2015-03-11 12:28:45 ah okay, was going to say it would have been nice for someone to hit me up if it was official since I talk about it a decent amount 2015-03-11 12:28:59 just have some work to get through then trying to do more for that 2015-03-11 12:30:35 systmkor: When do you think it'll be in edge-testng for everyone to help beta-test it ? 2015-03-11 12:32:09 well the APKBUILD is written, but I want to do a few more basic tests before I submit it to the aports mailing lists 2015-03-11 12:32:16 I want that email in by this coming Sunday 2015-03-11 12:32:45 would be sooner but right now I'm up 5:30 a.m. trying to finish this web scraping project for guy on marketing team 2015-03-11 12:32:47 wooooo 2015-03-11 12:32:58 systmkor: You happen to have decent hardware for compiling ? 2015-03-11 12:33:12 ACTION doesn't sadly... otherwise rust and cargo would be in aports by now :P 2015-03-11 12:34:10 DarkFox, not amazing hardware, newest Alpine Hardware is about 4 years old but it's a Core i5 with 2 cores but effectively 4 parallel threads 2015-03-11 12:34:16 and I think 8 gigs of memory 2015-03-11 12:34:31 disk IO not amazing but I think 7200 rpm 2015-03-11 12:34:43 ACTION 's i5 single core + HT with 8G ram... But the fan is ALWAYS ON 2015-03-11 12:34:44 :/ 2015-03-11 12:34:52 Well; alost always... never cooled down 2015-03-11 12:35:12 Hence, I'm switching more to a rraspberry pi and an atom 10" notebook 2015-03-11 12:36:58 I would like to have a beefy build box but i don't make any money at moment sooo that will have to wait 2015-03-11 12:37:08 well I should say no liquid assets 2015-03-11 12:38:06 I might use my freebsd router as a compile box... 2015-03-11 12:38:13 (Most powerful computer that I have = router) 2015-03-11 12:38:14 XD 2015-03-11 12:38:23 ehk, votes for OpenBSD router 2015-03-11 12:38:27 Not my decision to purpose that... Just happened to be. 2015-03-11 12:38:31 lol 2015-03-11 12:38:55 pfsence to be more exact; I'd also rather openbsd but haven't dug that deep with bsd routers. 2015-03-11 12:39:12 Intel NUC = small but powerful little device 2015-03-11 12:39:12 DarkFox, I think there is a fork of pfsense to work on top of OpenBSD 2015-03-11 12:39:15 but it's relatively new 2015-03-11 12:39:28 systmkor: Why fork? It is written in crappy php ... :( 2015-03-11 12:40:12 DarkFox, https://opnsense.org/about/about-opnsense/ 2015-03-11 12:40:15 or rewrite 2015-03-11 12:40:17 I don't remember 2015-03-11 12:40:20 but that's where it is 2015-03-11 12:41:10 If screenshots look similar = fork 2015-03-11 12:41:11 :P 2015-03-11 12:41:17 :P 2015-03-11 12:41:27 Is it web based? 2015-03-11 12:41:34 If yes; then I just hope it isn't php 2015-03-11 12:41:50 I once considered rewriting pfs in either rust or lua 2015-03-11 12:43:04 I get that lua is sorta like the C of scripting languages and fairly fast 2015-03-11 12:43:07 ACTION really likes the code use to create alpinelinuxorg; checked it out the other day. 2015-03-11 12:43:12 Clean lua and Makefile. :) 2015-03-11 12:43:16 but tbh at this point I just want a type safe scripting language 2015-03-11 12:43:32 systmkor: Fst and the interpreter is what? 26KiB in size? 2015-03-11 12:43:32 which hell might as well make rust & go scriptable 2015-03-11 12:43:54 Typing is slow 2015-03-11 12:44:00 Not ideal for scipting 2015-03-11 12:44:05 Lua is fast like this 2015-03-11 12:44:27 well that's nice but if you want a system programming that means your shit needs to be at least minimum of type safe 2015-03-11 12:44:30 systmkor: http://sourceforge.net/projects/opnsense/ 2015-03-11 12:44:44 systmkor: (1) PHP :( (2) Clean interface; MUCH better than pfsense. :P 2015-03-11 12:44:57 At least visually 2015-03-11 12:45:21 nice 2015-03-11 12:46:16 I'm not one for visuals; but I currently feel like designing a mock for my userland related projects... 2015-03-11 12:46:41 My last mocks were created in vim using ANSI escape coour codes; then printed to the terminal with cat. :-) 2015-03-11 12:46:48 Works very well. :D 2015-03-11 12:46:56 Easy to script stages to animate too 2015-03-11 12:50:37 systmkor: If you were to create a program from scratch; purposed for secure communications or otherwise secure computing - what language woud you pick? 2015-03-11 12:52:25 DarkFox, if its 5 to 10 years from now probably rust 2015-03-11 12:52:41 at moment probably go, or OCaml 2015-03-11 12:52:56 that alone wouldn't be enough 2015-03-11 12:52:57 OCaml.. TODO learn this 2015-03-11 12:53:23 Played with go; liked it until played with rust - then ... never again go lol 2015-03-11 12:53:25 I would want 0 shits about speed oracle probably written in Haskell 2015-03-11 12:53:37 Rust 1.0 ... sooo clean 2015-03-11 12:54:01 DarkFox, for me one thing I don't like about rust is that it gets into 2015-03-11 12:54:05 ACTION massive air quotes 2015-03-11 12:54:21 elegant syntax vs better pragmatic syntax 2015-03-11 12:54:39 It is both ;) 2015-03-11 12:54:45 meaning it seems to choose more "elegant" syntax over more pragmatically good syntax 2015-03-11 12:54:56 no pragmatically good 2015-03-11 12:55:14 imo efficacy of a languages syntax 2015-03-11 12:55:24 For how I read it; it is more for clean code that it can parse and optimize best. 2015-03-11 12:56:02 isn't measured primarily how clean it is to describe a clode block to an intermediate/advanced person of X programming language 2015-03-11 12:56:17 the true test of the pragmatic efficacy of the syntax of a language is 2015-03-11 12:56:36 1. how easy is it for people who have never programmed before to pick up and learn 2015-03-11 12:57:01 2. how easy is it for a programmer to fuck up tired,drunk, or near a vacation (easier is worse) 2015-03-11 12:57:35 3. how easy is it to quickly understand a foreign project/code base 2015-03-11 12:58:08 the problem with more "elegant" syntaxes is that in small code segments they are more succinct and expressive 2015-03-11 12:58:24 IMHO; rust is very easy for someone new to try out 2015-03-11 12:58:28 Haskell on the other hand... 2015-03-11 12:58:30 but on a varied amount of projects & larger code bases 2015-03-11 12:58:38 you end up with dialects of the language 2015-03-11 12:58:40 like ruby 2015-03-11 12:58:51 Easy but not if you've had experience with another language; then it just screws with your thinking :P 2015-03-11 12:58:55 were everyone has there "this is obviously" the common way of doing a finite loop 2015-03-11 12:59:21 DarkFox, sadly our opinion on how easy it is for someone new to try out is worthless 2015-03-11 12:59:37 for example I think C style languages especially Perl is harder for a new person to learn 2015-03-11 12:59:56 than a randomly generated syntax (within reason not including brainfuck style for example) 2015-03-11 13:00:09 but that was just one paper/analysis 2015-03-11 13:01:04 the problem with more experienced programmers is that they conflate memorize idiosyncrasies that came with learning the language with "how easy it is to learn for someone else" 2015-03-11 13:01:30 Perl is .... never good for anyone but those who dedicated time to _love_ it :P 2015-03-11 13:01:46 Way too many issues with perl... 2015-03-11 13:01:58 similar how to a professor on some new subject to you says its just patently obvious but the entire class is confused 2015-03-11 13:02:34 that's a perfect case of were the learned person of a subject can't empathize/see from their viewpoint on what things mean and how to learn that subject 2015-03-11 13:02:42 same shit happens with programming syntax 2015-03-11 13:02:55 Indeed 2015-03-11 13:03:08 so that's why I prefer go syntax for bigger projects because there is less room for ways to program a given problem 2015-03-11 13:03:17 I soled this by asking friends who have never seen code to attempt to understand :P 2015-03-11 13:03:19 instead of having every loop under the sun like Ruby 2015-03-11 13:03:23 it has one, the for loop 2015-03-11 13:03:31 which makes some cases less elegant 2015-03-11 13:03:40 but that marginal loss in "elegance" 2015-03-11 13:03:48 rust's loops are perfectly fine 2015-03-11 13:03:49 is far outweighed by the amount of time gained back 2015-03-11 13:03:52 IMHO 2015-03-11 13:04:14 not trying understand someone elses interpretation of when to use a do while, infinte, for, etc. loops 2015-03-11 13:04:33 DarkFox, the problem isn't so much how easy it is for you to be mentally internally consistent with yourself 2015-03-11 13:05:06 but how easy it is for anyone writing for the same end solution being consistent with eachother 2015-03-11 13:05:09 current and in future 2015-03-11 13:05:27 on what that syntactic/idiomatic notion of that portion of the code 2015-03-11 13:06:05 so for example if it's not hard to imagine that you can't get every programmer to agree when it is most obvious to use a do while loop 2015-03-11 13:06:06 http://rustbyexample.org/loops.html 2015-03-11 13:06:10 rustbyeample changed 2015-03-11 13:06:42 3 keywrds... loop, for, while 2015-03-11 13:06:55 Works perfectly... 2015-03-11 13:07:01 yah see I would argue you are going to run into like 60% of people say in one situation that the while loop is obvious and what makes sense 2015-03-11 13:07:10 then 40% say the for loop is clearer 2015-03-11 13:07:22 with that you start creating mental barriers between programmers 2015-03-11 13:07:31 to parse and mentally map what the code menas 2015-03-11 13:07:33 More fun; while let a = some_iterator.next(); or for a in some.iter() 2015-03-11 13:07:33 *means 2015-03-11 13:07:58 or 1 keyword for 2015-03-11 13:08:05 functionally equivelent 2015-03-11 13:08:14 some marginal loss in elegance 2015-03-11 13:08:32 but many man hours saved in being confused by different notions of when and what a type of loop means 2015-03-11 13:08:51 and I'm talking about having to deal with other peoples code 2015-03-11 13:09:02 dealing with your own as any measure is pretty much useless 2015-03-11 13:09:15 loop is forever; for is per an iterator. while is so long that a condition is true... 2015-03-11 13:09:42 yup, and i gaurentee you that people are going to argue over edge case when which applies 2015-03-11 13:09:43 I don't see where you don't find this lean or easy for a new-commer... 2015-03-11 13:09:49 or when someone clearly should have used a for loop 2015-03-11 13:09:51 but used a while 2015-03-11 13:09:57 and now you are mislead reading their code 2015-03-11 13:10:01 Something like the rustbyexample documentation is PERFECT for someone new to programming or experienced in any given language. 2015-03-11 13:10:02 even though it's functionally correct 2015-03-11 13:10:09 but now your having to backtrack what they meant 2015-03-11 13:10:32 Overloading for.... how does go even do infinite via for? 2015-03-11 13:10:36 for true? XD 2015-03-11 13:11:02 I think that's it 2015-03-11 13:11:09 which is functionally equivelent 2015-03-11 13:11:16 almost no loss in expressiveness and "elegance" 2015-03-11 13:11:19 that... sounds funky 2015-03-11 13:11:29 again marginal loss of "elegance" 2015-03-11 13:11:40 for much gained in not bickering the "right" way to program something 2015-03-11 13:11:52 or having different mental models of when to use and what that loop means 2015-03-11 13:12:19 again it doesn't matter what I think 2015-03-11 13:12:29 it matters with an actual study of new comers learning the code 2015-03-11 13:12:44 how long it takes to get walking and how quick they can master and read larger code bases 2015-03-11 13:12:47 systmkor: it is for { } 2015-03-11 13:12:50 (Infinite) 2015-03-11 13:12:56 http://golang.org/doc/effective_go.html 2015-03-11 13:13:02 ah 2015-03-11 13:13:09 yah makes sense 2015-03-11 13:13:16 be back shortly 2015-03-11 13:13:34 Go is good for those coming from C++ imho; but it is way too safe-forced; you can't for example go write a kernel in it. 2015-03-11 13:13:47 Rust is awesome like that; http://zinc.rs/ 2015-03-11 13:14:11 DarkFox, well that's were I think they start to differ in their aims as a language 2015-03-11 13:14:20 Rust; you have compiler's word that everything not in an unsafe codeblock is safe; while anything in such is where auditing should focus. 2015-03-11 13:14:27 Indeed 2015-03-11 13:14:34 Go isn't written in Go is it? Don't believe so 2015-03-11 13:15:46 I do agree; that visually go vs rust - go may look simplier and cleaner... But rust's power is much more powerful. Lifetimes for example - really decreases the overheads of a garbage collector (that go uses). 2015-03-11 13:17:05 rust's macros also offer a lot for performance and reduced code 2015-03-11 13:17:15 hi, if i wanted to do something like: 2015-03-11 13:17:18 ip rule add from 192.168.2.0/24 table vpn 2015-03-11 13:17:20 ip rule add to 192.168.2.0/24 table vpn 2015-03-11 13:17:26 would i put this in /etc/conf.d/staticroutes 2015-03-11 13:17:44 reduced code better still for readbility. I've written and compared code between go and rust; the rust is generally less 2015-03-11 13:18:01 i need to learn lua 2015-03-11 13:18:11 i'm way behind 2015-03-11 13:18:29 i created an extra table, ie by doing: 2015-03-11 13:18:31 echo "10 vpn" >> /etc/iproute2/rt_tables 2015-03-11 13:18:49 sillysausage: Possible but I look at this as /etc/network.d/interaces; I could be wrong... 2015-03-11 13:19:01 ScrumpyJack: LUA tiny :3 2015-03-11 13:19:03 DarkFox, macros don't bode well for security 2015-03-11 13:19:14 systmkor: Hmm? 2015-03-11 13:19:25 but I need to get back to work 2015-03-11 13:19:42 ACTION doesn't see how macros decrease security.... at all. 2015-03-11 13:20:39 DarkFox: "LUA tiny :3" ? do you mean LUA is tiny? 2015-03-11 13:20:54 ScrumpyJack: Very damn tiny 2015-03-11 13:20:57 :) 2015-03-11 13:21:25 well, that figures, as it's adopted here in Alpine Linux :) 2015-03-11 13:21:34 Indeed 2015-03-11 13:22:12 ScrumpyJack: http://www.lua.org/ 2015-03-11 13:22:32 DarkFox: where would it go? 2015-03-11 13:22:34 Not the prettiest... but very nice 2015-03-11 13:22:36 in there 2015-03-11 13:22:52 http://wiki.alpinelinux.org/wiki/How_to_configure_static_routes 2015-03-11 13:22:57 it seems like that is more appropriate 2015-03-11 13:22:59 sillysausage: No idea; that isjust the file that I'd look at - not saying that is the answer. 2015-03-11 13:23:01 but that's only for static routes 2015-03-11 13:23:11 i wonder who would know 2015-03-11 13:23:30 oh 2015-03-11 13:23:33 i think i found it in 2015-03-11 13:23:38 option 3 is hat I was thinking :) 2015-03-11 13:23:41 is what * 2015-03-11 13:24:29 ttp://wiki.alpinelinux.org/wiki/Dynamic_Multipoint_VPN_%28DMVPN%29#Commit_Configuration 2015-03-11 13:24:37 http://wiki.alpinelinux.org/wiki/Dynamic_Multipoint_VPN_%28DMVPN%29#Commit_Configuration 2015-03-11 13:24:43 under an interface called gre1 2015-03-11 13:24:47 but that's not really appropriate 2015-03-11 13:24:56 but i guess 2015-03-11 13:25:07 it could go under eth0:2 2015-03-11 13:27:11 sillysausage: http://wiki.alpinelinux.org/wiki/How_to_configure_static_routes 2015-03-11 13:27:17 Option 3 is what I recommend 2015-03-11 13:28:47 lol, you routes failed? 2015-03-11 13:30:15 ScrumpyJack: where have you seen lua adopted by alpine? 2015-03-11 13:30:20 ACTION seen so far just the website 2015-03-11 13:30:26 ACTION hasn't eally been looking 2015-03-11 13:33:40 DarkFox: Alpine ACF is written in LUA 2015-03-11 13:34:12 ACF is the web interface correct? 2015-03-11 13:34:22 yip 2015-03-11 13:34:40 Nice 2015-03-11 13:34:44 I'll have to check it' code 2015-03-11 13:35:46 ScrumpyJack: Happen to have one public for all to access? :P 2015-03-11 13:36:02 Or screenshots etc? 2015-03-11 13:36:22 nope, but i could put one together. nice idea. 2015-03-11 13:36:37 http://wiki.alpinelinux.org/wiki/User:K0gen/ACF_Screenshots 2015-03-11 13:36:39 Lol 2015-03-11 13:36:41 :) 2015-03-11 13:36:54 i meant a public sandbox of alpine with ACF 2015-03-11 13:37:45 Ah 2015-03-11 13:38:22 I do agree to this; read only sd card + raspberry pi with an lxc that itself is exposed should do it :P 2015-03-11 13:39:03 all my rpies are spoken for. I'll put it in a vm :) 2015-03-11 13:39:13 :P 2015-03-11 13:39:18 alpine xen \o/ 2015-03-11 13:39:25 \o/ 2015-03-11 13:39:39 Bot... only once? :( 2015-03-11 13:39:56 there is no ACF for xen (that would be very cool) 2015-03-11 13:40:20 ScrumpyJack: Indeed; not what I meant however... Speaking of which - lxc would also benefit a lot from that 2015-03-11 13:40:45 ACTION wonders how easy it is to re-theme/template acf.. really needs a better theme :P 2015-03-11 13:59:47 DarkFox: several ACF skins are available in acf-skins 2015-03-11 13:59:56 please feel free to submit more :) 2015-03-11 14:00:09 Awesome 2015-03-11 14:00:19 ACTION will first need to play with acf; which isn't tonight 2015-03-11 14:00:25 Thu Mar 12 01:00:21 AEDT 2015 2015-03-11 14:00:32 ACTION out for now. o/ Good night world. 2015-03-11 14:00:39 ACTION really needs to work on more documentation for ACF, but hasn't had time 2015-03-11 14:00:55 is there an alpine equivalent of debian's build-essential? more specifically, I need to build a compiled python module and I'm not sure what I need aside from python-dev 2015-03-11 14:22:19 Never mind, got it figured out 2015-03-11 15:36:55 ncopa: i've updated the patch to fix the \t mess 2015-03-11 16:41:25 BitL0G1c: hmm, this is my unbound config https://dpaste.de/SkUP/raw 2015-03-11 16:41:38 i decided i wanted it listening on a second subnet 2015-03-11 16:42:02 but it seems to say 2015-03-11 16:42:08 [1426092128] unbound[2496:0] debug: failed address 192.168.1.2 port 53 2015-03-11 16:42:12 [1426092128] unbound[2496:0] fatal error: could not open ports 2015-03-11 16:42:18 when i try to start it 2015-03-11 16:42:45 eth0 is 192.168.1.1, while eth0:2 is 192.168.1.2 2015-03-11 16:43:14 could it be dnscrypt doing something weird. 2015-03-11 16:43:41 dnscrypt was set to listen on 2015-03-11 16:43:45 # override listen address where DNSCRYPT listen 2015-03-11 16:43:47 DNSCRYPT_LOCALIP=127.0.0.2:53 2015-03-11 16:44:58 in unbound.conf I just set 'interface: 10.0.3.1' 2015-03-11 16:45:18 by default it listens on :53 2015-03-11 16:45:20 from what i read i could have unbound listening on multiple interfaces 2015-03-11 16:45:28 https://www.linode.com/docs/networking/dns/use-unbound-for-local-dns-resolution-on-ubuntu-10-04-lts-lucid 2015-03-11 16:45:43 192.168.2.0/24 is on it's own routing table too 2015-03-11 16:45:47 right, back to alpine packaging 2015-03-11 16:46:07 i wonder why its saying the port is in use 2015-03-11 16:46:22 could it be the port can't be bound on two different interfaces? 2015-03-11 16:47:38 netstat -lptun to check if a server is running on the port 2015-03-11 16:48:15 http://hastebin.com/ojunalemow.css - how i setup a 2nd ip (vmnet is my bridge but would be the same as your eth0) 2015-03-11 16:48:30 https://dpaste.de/kfSE/raw 2015-03-11 16:48:33 doesn't seem to be one there 2015-03-11 16:48:40 on 192.168.2.1:53 2015-03-11 16:50:11 it looks like it is already listening on eth0 (.1) 2015-03-11 16:50:17 yes it is 2015-03-11 16:50:24 eth0 is 192.168.1.1 2015-03-11 16:50:41 actually maybe that will work 2015-03-11 16:50:43 rc-service unbound stop && netstat -lptun 2015-03-11 16:51:01 yes i noobed up 2015-03-11 16:51:05 if it's still listening kill unbound or reboot 2015-03-11 16:51:08 turns out i do not need to be listening on 192.168.2.1 2015-03-11 16:51:16 i can just point it to 192.168.1.1 2015-03-11 16:51:33 hosts on 192.168.2.0 are now able to see that because i fixed the access control 2015-03-11 16:55:10 brb 2015-03-11 16:56:45 grr: coda.h:148:2: error: unknown type name 'u_short' 2015-03-11 16:58:44 #include 2015-03-11 17:01:41 "u_short is non-standard and causes build failure with musl libc." 2015-03-11 17:02:26 ncopa: replaces u_short with unsigned short - job done 2015-03-11 17:03:46 ah yes, short,ushort,u_short are in sys/types.h 2015-03-11 17:03:48 Aren't all the standard in the form of *_t now? 2015-03-11 17:03:53 thanks 2015-03-11 17:03:59 standards, that is. 2015-03-11 17:04:21 typedef unsigned short u_short, ushort; (in sys/types.h) 2015-03-11 17:12:26 how do i activate the apk cache? 2015-03-11 17:12:38 oh, and good evening 2015-03-11 17:15:09 Anaphaxeton: I think there's one authmatically in /var, but you don't mean that? 2015-03-11 17:15:38 My /var/cache/apk has 263M of packages in it right now. 2015-03-11 17:15:45 No activation required. 2015-03-11 17:17:03 and the rest? http://sprunge.us/dFRY 2015-03-11 17:17:08 8( 2015-03-11 17:20:19 ScrumptyJack: find /usr/include -type f -exec grep u_quad_t {} \; -print 2015-03-11 17:20:55 You need to be able to distinguish the definition of a struct from the reference to it from another file, though. 2015-03-11 17:21:13 ScrumptyJack: I will help. 2015-03-11 17:22:01 s/ScrumptyJack/ScrumpyJack/g /* Should use good keyboard */ 2015-03-11 17:22:50 u_quad_t is defined in 2015-03-11 17:23:59 also 2015-03-11 17:26:12 er 2015-03-11 17:27:45 can you run alpine as kvm dom0? 2015-03-11 17:30:34 ziac: surely, but I'm not sure how difficult or compromising with a xen-enabled kernel. 2015-03-11 17:31:59 ziac: the default kernel doesn't have xen, and I don't know if PaX/grsec work with xen. 2015-03-11 17:32:28 so, the xen kernel doesn't have PxX/grsec? 2015-03-11 17:32:45 But there seem to be a complete set of xen packages. 2015-03-11 17:33:10 ziac: I don't know, and I'm not in a position to check it out right now. 2015-03-11 17:33:39 One of the alpine use-cases is thin/lightweight VM hosts, but I use mostly KVM these days 2015-03-11 17:33:42 yeah, but I can't find any packages related to kvm, or maybe I'm missing out something? 2015-03-11 17:34:09 ;) 2015-03-11 17:34:28 KVM is in modern kernels; what you have to install is 'qemu-system' and supporting packages 2015-03-11 17:35:08 but, isn't there supposed to be something like qemu-kvm in repo? 2015-03-11 17:35:21 or, is it not needed? 2015-03-11 17:36:27 I _believe_ that qemu-kvm on Debian is just a meta-package for qemu-system. 2015-03-11 17:36:40 So the same name 'qemu-kvm' is not needed on Alpine. 2015-03-11 17:37:07 ah, I see! 2015-03-11 17:37:11 :) 2015-03-11 17:37:19 However, in practise you also need seabios and, I'm pretty sure, coreboot, for use of KVM 2015-03-11 17:37:29 and I don't see those in apk repos. 2015-03-11 17:38:03 I can't test it this second, but it would be quick to find out for you. 2015-03-11 17:38:17 isn't seabios included with qemu? 2015-03-11 17:39:43 It's a separate prerequisite package on Debian, and I would think it would be the same on Alpine. 2015-03-11 17:40:48 On Debian, when you install qemu-system, it pulls in the separate package seabios. No such package exists on Alpine. 2015-03-11 17:41:20 well, it's strange that seabios would be left out from repo when qemu is included??? 2015-03-11 17:41:32 ACTION is running 3.1.2 and 'stable' repo; additional packages might be in 'testing'? 2015-03-11 17:42:11 ziac: possibly. I take it you don't have a running install yet? 2015-03-11 17:42:45 I need to buy some avoton boards for testing anyway, but until then all of my Alpines are KVM guests 2015-03-11 17:42:59 I'm testing one inside qemu :D 2015-03-11 17:43:18 you can still make it a KVM host if you want 2015-03-11 17:43:32 if you have a higher-end CPU with virtualisation instructions 2015-03-11 17:43:47 I don't think you need SLAT to do VM-in-VM 2015-03-11 17:44:10 I can't do it this second, but you can 'apk add qemu-system' and then try to fire it up: 2015-03-11 17:45:05 ACTION thinks better of pasting when it will script out linefeeds. 2015-03-11 17:45:12 s/script/strip/ 2015-03-11 17:45:56 it gives some error, about audio driver not being installed! 2015-03-11 17:46:15 I've been meaning to do this myself, in 'disk' and possibly 'diskless' configuration, for a KVM cluster. 2015-03-11 17:46:32 I'm using SPICE without audio, so probably that's the reason 2015-03-11 17:47:04 I'll like to go with diskless if I can 2015-03-11 17:47:06 :) 2015-03-11 17:47:11 QEMU has audio by default; I don't think SPICE is making that difference. 2015-03-11 17:47:22 let me see... 2015-03-11 17:47:35 Disable audio on the qemu-system command line 2015-03-11 17:49:14 -soundhw defines the sound hw, but I don't see how it can be entirely disabled. 2015-03-11 17:49:32 Well, my Debian is an older version of QEMU though. 2015-03-11 17:50:06 I think you're right though: BIOS is included with Bochs; SeaBIOS is not required. 2015-03-11 17:50:35 I have seaBIOS packages installed but my VMs are getting Bochs 2015-03-11 17:51:06 (run 'dmidecode' on the guest to see the hardware) 2015-03-11 17:51:54 yea, I see it. probably it'll work 2015-03-11 17:52:17 I think so. 2015-03-11 17:52:35 coreboot and seabios are optional in QEMU, I see now 2015-03-11 17:52:39 I use qemu-kvm a lot with AL and all I had is qemu-system-x86_64 and libusb 2015-03-11 17:52:51 or UEFI is supported now too, I believe 2015-03-11 17:53:31 you use alpine as kvm host? 2015-03-11 17:53:41 Not currently. 2015-03-11 17:53:58 I have a bunch of projects with alpine, and I haven't gotten to that yet. 2015-03-11 17:53:58 yes. AL on bare matal and AL in KVM 2015-03-11 17:54:09 My KVM hosts are Debian for now. 2015-03-11 17:54:57 I see. 2015-03-11 17:55:20 I need to buy some servers now that I no longer have a lab full of hardware. 2015-03-11 17:55:46 Jean: how did you configure AL as kvm host? 2015-03-11 17:58:03 mjones_: this is my first time testing Alpine, now, I've been playing with it since morning. :) 2015-03-11 17:58:04 from an usbstick for now 2015-03-11 17:58:15 and from PXE later on 2015-03-11 17:58:43 Jean: you are using kvm or xen? 2015-03-11 17:58:49 kvm only 2015-03-11 17:58:55 great! 2015-03-11 17:59:07 that's what I'm trying to achieve! 2015-03-11 17:59:38 can you tell more about your config? 2015-03-11 17:59:39 without libvirt. I launch my guests with a oneliner ash script 2015-03-11 18:00:04 I do the same 2015-03-11 18:00:14 ?? 2015-03-11 18:00:18 except my oneliner is broken up into many lines with \ 2015-03-11 18:00:18 ;) 2015-03-11 18:00:38 my config is mostly described on the wiki on my personnal page (and talk) 2015-03-11 18:00:44 Let me make it one line so I can paste it without formatting errors: 2015-03-11 18:01:01 mjones_: the same 2015-03-11 18:01:09 where is your wiki page? 2015-03-11 18:01:48 http://wiki.alpinelinux.org/wiki/User_talk:Jch 2015-03-11 18:02:14 qemu-system-x86_64 --enable-kvm -m 640 -boot order=cd -vga std -drive file=${DISKIMG} -usbdevice tablet -netdev user,id=user.0 -device e1000,netdev=user.0 -vnc localhost:0,share=allow-exclusive -spice addr=127.0.0.1,port=5931,disable-ticketing -drive file=${CDROM},media=cdrom -drive file=alpine2.qcow -chardev spicevmc,id=charchannel0,name=vdagent 2015-03-11 18:03:17 virsh has some nice abstractions but I haven't gotten around to working with it yet. 2015-03-11 18:03:41 I usually go low-level then add abstractions; it's easier for me. 2015-03-11 18:04:10 do you run them as headless server? 2015-03-11 18:04:24 CS/IT has gotten a lot more complicated in the last 10 years with the proliferation of abstractions and options. It's probably hard for new learners. 2015-03-11 18:04:51 ziac: right now the KVM hosts are 16GB laptops, now that I'm working for myself. 2015-03-11 18:05:03 yes all my boxes are 1000km away ;) 2015-03-11 18:05:09 But generally headless servers, yes. 2015-03-11 18:05:39 Jean-Scotch: the speed of light is a bugger. 2015-03-11 18:05:45 back 2015-03-11 18:05:48 is there any option to have a display locally? 2015-03-11 18:06:03 I mean with that config? 2015-03-11 18:06:14 yes, but I haven't bothered to suss it out. 2015-03-11 18:06:31 the SPICE gives a larger display than KVM. 2015-03-11 18:06:36 I'm working on it ;) I did package x2goserver 2 days ago and did send my proposal to the ad-hoc ML. I'm waiting for them to be published ;) 2015-03-11 18:06:37 er, than VNC I mean. 2015-03-11 18:06:53 What's x2goserver, Jean? 2015-03-11 18:07:11 see http://x2go.org 2015-03-11 18:07:29 There should be an SDL option for straight display on framebuffer, but I haven't tried it yet. 2015-03-11 18:07:44 mjones:I guess you have to install xorg 2015-03-11 18:07:47 ? 2015-03-11 18:08:04 It's running fine for a single app. I'm now working for a full desktop solution. 2015-03-11 18:08:12 I happen to have xorg on the laptops, but I wouldn't run dedicated VM hosts that way. 2015-03-11 18:08:31 right, sys/types.h it is 2015-03-11 18:08:37 you don't need xorg with x2go. 2015-03-11 18:09:09 Ah, x2go is a new remote framebuffer protocol. 2015-03-11 18:09:10 only the needed libs for the apps 2015-03-11 18:09:18 how does it work? 2015-03-11 18:09:20 Still need a graphical desktop client. ;) 2015-03-11 18:09:34 ACTION makes a mental note to find a SPICE client for ChromeOS 2015-03-11 18:09:42 can you have a local window without x? 2015-03-11 18:09:47 it's not new and not framebuffer. It's a FOSS implementation of the NX protocol 2015-03-11 18:10:00 Ah! NX. Makes sense. 2015-03-11 18:10:33 all calls are already to 2015-03-11 18:10:44 geez, I want to learn all these stuffs 2015-03-11 18:10:47 Competition is good. I'm not terribly familiar with NX, except that traditionally there weren't a huge number of support options, and not all OSS> 2015-03-11 18:11:02 ziac: from where are you starting? 2015-03-11 18:11:15 Computing is a gigantic subject today. 2015-03-11 18:11:27 I use NX in production for the last 5 years with bedian boxes. but now I'm migrating all my boxes to AL 2015-03-11 18:11:40 s/bedian/debian/ 2015-03-11 18:11:41 It can be a lot of work to keep up even when it's your job. 2015-03-11 18:12:15 well, I have been using linux for 5 years now, but haven't got a good hang of it still now. 2015-03-11 18:12:36 I'm interested in using Alpine for vm guests, vm hosts, bare-metal servers, but not particularly for workstations with X. 2015-03-11 18:13:00 ziac: are you comfortable with a text-editor, and if so, which one? 2015-03-11 18:13:21 nano maybe.... 2015-03-11 18:13:31 somewhat vi! 2015-03-11 18:13:42 ziac: there are a lot of specialties even within Linux. I hardly ever mess with X and graphics, except to use them, for instance. 2015-03-11 18:14:14 ziac: I first used Linux in 1994, but I mostly stuck with BSD and Solaris until 2005, when I found Linux had improved a lot. 2015-03-11 18:14:48 yeah, once I tried to understand just the basics of X over 5 straight days, but I got nowhere! 2015-03-11 18:14:50 Then again, I also managed to totally miss Debian until 2007. I might have been less displeased with Linux in the 1990s if I'd had experience with Debian then. 2015-03-11 18:15:23 It's immensely helpful to combine book-learning with hands-on experience. They reinforce each other. 2015-03-11 18:15:39 I would urge you to be very comfortable with vi. 2015-03-11 18:16:10 While also revealing that I'm actually not overly comfortable with vi, but am fixing that. 2015-03-11 18:16:30 I see everybody worshipping vi, why is that? 2015-03-11 18:16:37 <_ikke_> vim* 2015-03-11 18:16:43 Modeful editors are still ahindrance for me. But emacs is hideous, so what can you do? 2015-03-11 18:16:55 _ikke_: nvi :P 2015-03-11 18:17:05 vi is not a synonym for vim. 2015-03-11 18:17:16 <_ikke_> No, I know 2015-03-11 18:17:20 <_ikke_> I find vi dreadful 2015-03-11 18:17:30 <_ikke_> because it's just not vim 2015-03-11 18:17:34 I like both vim-like and emacs 2015-03-11 18:17:37 ziac: it's virtually impossible for you to find a Unix system without vi. vi is like the qwerty keyboard of Unix. 2015-03-11 18:17:42 I use both for different purposes 2015-03-11 18:18:06 emacs becomes usable when you use a proper keyboard for it 2015-03-11 18:18:10 emacs bindings 2015-03-11 18:18:16 let me show you the keyboard I"m talking about 2015-03-11 18:18:29 http://atreus.technomancy.us/ 2015-03-11 18:18:31 okay, someday soon I'll grab a book on vi! 2015-03-11 18:18:36 ^ the keyboard is also modal too 2015-03-11 18:18:39 zacts: customisation is a problem, even if you store your stuff in a global git repo. 2015-03-11 18:18:47 so the keys mean different things depending on what mode you are in 2015-03-11 18:18:56 I also hear that vimmers like this keyboard too 2015-03-11 18:19:03 Jump on someone else's machine to show them something? No customisation. Setting up a host for someone? No customisation. Change-restricted environment? No customisation. 2015-03-11 18:19:03 but it was originally deisgned for emacs 2015-03-11 18:19:18 mjones_: indeed, that can be an issue 2015-03-11 18:19:24 vi is ubiquitous 2015-03-11 18:19:29 and a POSIX standard 2015-03-11 18:19:33 Plus, emacs is bloated and huge and has LISP in it. Emacs is an IDE, and when I want an editor, I don't want an IDE. 2015-03-11 18:19:44 yeah 2015-03-11 18:19:51 I only currently am using emacs for lispy languages 2015-03-11 18:19:52 ziac: start with the vi cheat-sheet or quickref card. Trust me. 2015-03-11 18:19:54 <_ikke_> they say emacs is an SO 2015-03-11 18:19:54 and org-mode sometimes 2015-03-11 18:19:56 <_ikke_> OS* 2015-03-11 18:20:18 mjones_: ziac: I've found that Drew Neil's Practical Vim by pragmatic press is a great book 2015-03-11 18:20:22 tanks mjones :) 2015-03-11 18:20:25 once you get through vimtutor 2015-03-11 18:20:31 but so are bairui's tutorials 2015-03-11 18:20:38 _ikke_: and they're right. 2015-03-11 18:20:41 bairui is like a great teacher and master of vim 2015-03-11 18:20:43 "Eight Megs and Constantly Swapping!" 2015-03-11 18:20:55 Of course that was when a lot of hosts only had eight megs. 2015-03-11 18:21:00 I don't like the slow bootup times of emacs 2015-03-11 18:21:11 that's why I could never fully switch to evil-mode 2015-03-11 18:21:12 I don't get a laugh anymore from the kids unless I say "Eight Gigs and Constantly Swapping!" 2015-03-11 18:22:06 emacs only has shell-outs because it's so goddamned heavyweight and slow. 2015-03-11 18:22:43 What's weird is that I've occasionally met Windows people who are huge vim-on-Windows fans. 2015-03-11 18:22:54 And at least one of them didn't work in CS/IT! 2015-03-11 18:23:00 <_ikke_> woa 2015-03-11 18:23:17 like, yeah. 2015-03-11 18:23:52 :) 2015-03-11 18:24:02 Custom keyboards suffer from the custom problem too. 2015-03-11 18:24:06 Notice it's on top of a mac. 2015-03-11 18:24:22 Great hardware, but one damn mouse button? I don't even put up with two. 2015-03-11 18:24:57 Trying to use two buttons to do the job of the third button is the kind of frustration that average people say they hate. 2015-03-11 18:25:38 The one big problem I have with my chromebook is that third-button is done with three-simultaneous fingers on the multitouch, and it only works for me 50% of the time. 2015-03-11 18:26:14 It's why we used to make fun of macs even when their hardware was way better than x86. 2015-03-11 18:38:17 :) 2015-03-11 18:42:11 ACTION is not a curmudgeon! One mouse button is just ridiculous. 2015-03-11 18:43:40 ACTION thinks otherwise 2015-03-11 18:44:17 626451 Mar 11 17:10 APKINDEX.f47f7f90.tar.gz 2015-03-11 18:44:22 is the above my cache? 2015-03-11 18:46:01 sysmkor: on the buttons or the curmudgeonliness? 2015-03-11 18:46:22 Anaphaxeton: look in /var/cache/apk and you should see any .apk files that are cached. 2015-03-11 18:46:38 mjones_, only that file 2015-03-11 18:47:19 That's the index you pull down when you do 'apk update'. 2015-03-11 18:47:31 If you installed something, it would be ached. 2015-03-11 18:47:32 i see 2015-03-11 18:48:32 So if you do 'apk add ethtool' then after it installed you'll have in the cache 2015-03-11 18:48:39 now i am cloning git, lets see 2015-03-11 18:48:59 ethtool-..apk 2015-03-11 18:49:09 i added the sdk. nothing new appeared in /var/cache/apk 2015-03-11 18:49:36 I think you didn't do an apk operation. Show us he command 2015-03-11 18:50:00 apk add alpine-sdk 2015-03-11 18:50:09 lots of goodies got installed :D 2015-03-11 18:50:49 Anaphaxeton, iirc, alpine-sdk is meta package 2015-03-11 18:50:51 OK, I would htink that would ave cached! 2015-03-11 18:51:01 all of the package contents is in the index file 2015-03-11 18:51:06 Still should have cached the individual pkgs 2015-03-11 18:51:06 so no .apk file is recorded in cache 2015-03-11 18:51:09 it'll just work 2015-03-11 18:51:22 fabled, it seemeds to be but it pulled a lot packages 2015-03-11 18:51:33 you get a file in cache only if: 2015-03-11 18:51:44 1. it's not in any existing local repository 2015-03-11 18:51:53 2. it's installed size is non-zero 2015-03-11 18:52:02 Anaphaxeton: is your /etc/apk/cache a symlink to /var/cache/apk? 2015-03-11 18:52:21 (if installed-size=0, it's assumed to be meta package, and the .apk is never used; only the dependencies in the index are used) 2015-03-11 18:52:25 Anaphaxeton: are you installing from local media by chance? 2015-03-11 18:52:36 fabled: good to know. 2015-03-11 18:53:50 mjones no, and i am not installing. i am running the cd, willing to rebuild the kernel 2015-03-11 18:55:08 mjones: have you suffered from kvm vnc slow screen update? 2015-03-11 18:56:15 I mostly use spice, because the default screen size is larger. I don't remember slowness when I briefly used VNC. 2015-03-11 18:56:34 Runing only textmode in the VM. 2015-03-11 18:58:03 I have seen slow screen update in VNC. really slow :( 2015-03-11 18:58:19 I was also running in text mode. 2015-03-11 18:59:00 SPICE is not terribly fast either 2015-03-11 18:59:24 I'm trying to figure out if there's any config problem. 2015-03-11 19:05:07 systmkor, you should try new mosquitto on edge/main 2015-03-11 19:05:49 any luck with xmmp session over websockets 2015-03-11 19:07:05 no not yet been swamped at work 2015-03-11 19:07:18 just plowing through an all nighter 2015-03-11 19:07:23 *choo choo* 2015-03-11 19:08:33 you can have a different port for websocket call 2015-03-11 19:09:50 if I understood correctly, network protocol wise, its uses the http protocol but when requested for ws:// it upgrades the session to websocket 2015-03-11 19:10:28 you can also enable/server normal webpages on the same port 2015-03-11 19:10:50 enable/serve 2015-03-11 19:11:33 so when js calls for wss:// https protocol+websocket 2015-03-11 19:13:54 vkrishn: yes, HTTP upgrade is how websockets are called. wss:// maps to tcp/443, and ws:// to tcp/80. Should always use HTTPS though. 2015-03-11 19:14:18 mosquitto has got nice bridge features 2015-03-11 19:14:35 why always use https ? 2015-03-11 19:14:41 vkrishn: I will look at mosquitto, but did you mean xmpp instead of xmmp? 2015-03-11 19:15:02 yes, the messaging protocol 2015-03-11 19:15:06 not player 2015-03-11 19:15:22 vkrishn: 1) It avoids pesky middleboxes that don't understand modern standards and will block the upgrade on putative 'security' concerns. (I hate these.) 2015-03-11 19:15:35 2) Most things should be migrating to TLS, today. 2015-03-11 19:15:38 hm.. can I get alpine linux on a beaglebone black? 2015-03-11 19:16:20 'Security' middleboxes pose one of the greatest endemic threats to the ability of the network and its protocols to evolve. 2015-03-11 19:16:41 systmkor, right xmpp ? 2015-03-11 19:17:03 vkrishn, yah i was curious about that but I haven't had a chance to work on it 2015-03-11 19:17:13 Websockets tutorials supposedly all recommend wss:// for the former reason, which I reckon to be as much a problem in practise as in theory. 2015-03-11 19:17:51 zacts, http://lists.alpinelinux.org/alpine-devel/4674.html ... no beaglebone is not there yet, but it's not far away either 2015-03-11 19:18:15 fabled: oh nice thanks 2015-03-11 19:18:21 perhaps I can help with this effort 2015-03-11 19:18:28 I would much rather run alpine than arch 2015-03-11 19:18:30 I am not sure I want all my mqtt connections to be secure 2015-03-11 19:18:31 on my beagles 2015-03-11 19:19:13 you basically need to add kernel config, and the u-boot script + config 2015-03-11 19:19:20 maybe, when I intend to have the msg as secure 2015-03-11 19:19:22 is there an alpine-linux development channel? 2015-03-11 19:19:30 zacts, #alpine-devel 2015-03-11 19:19:34 ah 2015-03-11 19:37:20 vkrishn: thanks for mentioning mosquitto; it has some relevance for a big project on which I'm working. 2015-03-11 19:38:37 vkrishn: I don't know your reasons, but I urge people to use TLS/HTTPS for most things now. TLS and transport encryption are a Solved Problem. 2015-03-11 19:40:00 ACTION spent many years avoiding SSL and its problems before having his mind changed utterly by a presentation in 2012. 2015-03-11 19:42:06 mjones_, TLS ~ sorta solved 2015-03-11 19:42:14 mjones_, also HTTP/2 is coming out 2015-03-11 19:42:43 http2 is now a published standard 2015-03-11 19:43:05 mjones_, oh and fun fact HTML5 + CSS3 is Turing complete 2015-03-11 19:43:08 http://lambda-the-ultimate.org/node/4222 2015-03-11 19:43:44 My work involves spdy and http/2. I'm aware of the caveats of TLS and its PKI, and I'm of the very strong opinion that it solves way more problems than it causes. I can give specifics. 2015-03-11 19:44:04 mjones_, oh I just meant it isn't completely solved yet 2015-03-11 19:44:11 mjones_, but I agree that is what we should be using 2015-03-11 19:44:22 systmkor: I didn't know that. I'm not one to write compilers to prove Turing-completeness, though. 2015-03-11 19:44:45 mjones_, there is a proof of concept, meaning it's already proven 2015-03-11 19:45:09 systmkor: OTOH, porting native game engines to asm.js and doing breathtaking things in the browser has tremendous implications for the future of webapps, webgames, HTML5 and the whole ecosystem. 2015-03-11 19:45:44 systmkor: and this is one reason I'm concentrating on web performane work these days, as an independent. 2015-03-11 19:45:51 you ready for new malware, http://www.youtube.com/watch?v=-kl4hJ4j48s 2015-03-11 19:46:06 heh. 2015-03-11 19:46:15 mjones_, did you actually contribute to HTTP/2? 2015-03-11 19:46:31 that wasn't to come out snarky (i has 0 sleep) 2015-03-11 19:46:49 systmkor: if you wouldn't mind, could you briefly say which parts of TLS bother you? (I suspect PKI trust anchors.) I could use the feedback for my new ventures. 2015-03-11 19:47:52 systmkor: not a bit. I'm sorta sad to see HTTP/1.1 tart to recede, as I spent its early years really adoring that you could debug it with telnet or a simple TCP socket. 2015-03-11 19:48:04 mjones_, well PKI but I think that's a almost separate but equally important problem 2015-03-11 19:48:05 s/tart/start/ 2015-03-11 19:48:14 meaning I don't necessarly thing PKI should be solved via TLS 2015-03-11 19:48:50 mjones_, there aren't any particular parts of TLS that really bother me 2015-03-11 19:48:56 systmkor: I'm cautiously optimistic about DANE vastly improving the trust anchors issue. 2015-03-11 19:49:28 mjones_, is that similar to DNS Sec? 2015-03-11 19:50:10 it means embedding the cert authorisation in DNS, so you don't need a CA and don't need to deal with an outside org for PKI validation. 2015-03-11 19:50:47 oh god no 2015-03-11 19:50:48 In practise, one should have DNSsec production before relying on DANE so you can ensure the DANE trust anchors aren't compromised en route. 2015-03-11 19:50:51 that's a terrible idea 2015-03-11 19:51:06 You can also embed SSH fingerprints in DNS, with the SSHFP record type. 2015-03-11 19:51:10 DNS is already a bad protocol, adding that on top 2015-03-11 19:51:12 no no no 2015-03-11 19:51:27 systmkor: other than sorta-mandating DNSsec, it's a good idea. 2015-03-11 19:51:46 DNS is a great protocol that has had fewer issues than most. 2015-03-11 19:52:28 DNS was invented in 1983. It's a global master-slave replicating key-value store, massively redundant, lightweight, flexible, with overwhelming uptime. 2015-03-11 19:52:55 Having your system be as good as DNS is some of the highest praise I can imagine. 2015-03-11 19:53:37 It's been used as a distributed user-auth store, a general-purpose key-value store, with existing implementations and mature tools. 2015-03-11 19:54:14 Work on UDP, works on TCP. (Middlebox caveat here. Hate those things.) 2015-03-11 19:55:06 DNS is a terrrible protocol 2015-03-11 19:55:24 systmkor: 'de gustibus'. ;) 2015-03-11 19:55:43 It's not really a matter of taste, but I think we'll agree to disagree. 2015-03-11 19:56:03 no there is some work I've wanted to get to on why it's such a bad protocol 2015-03-11 19:56:06 and more than just taste 2015-03-11 19:56:14 Although I wouldn't mind hearing what you have against it. 2015-03-11 19:57:45 DNS, TCP, HTTP run the network today, full stop. Proposing something radically different seems to me to be proposing utopian socialism to Cambodian peasants. 2015-03-11 19:58:06 The salesmanhip might sound good, but the proof is in the pudding. 2015-03-11 19:58:19 well first you have all of the inherent DNS security issues (cite: Dan Kaminsky) 2015-03-11 19:58:49 In a year everyone who wears glasses might have been executed as an enemy of the state and you could be toiling in the rice fields. Meet the new boss, same as the old boss. 2015-03-11 19:59:00 next you don't have a clear cut differentiation between the data & it's BS hack of compression 2015-03-11 19:59:23 that's a no no 2015-03-11 19:59:23 I know Kaminsky and DJB on DNS. That's a valid criticim, and largely mitigated with random port selection. 2015-03-11 20:00:12 It's a weird early encoding, but...once it's established fact, I'm not sure that it matters much in practise. 2015-03-11 20:01:07 There's a difference between saying that today's State Of The Art best practises would see it done differently, and saying it's bad or needs to be replaced. 2015-03-11 20:01:53 Again, you can write a paper on the wonders of SCTP. I spent time seeing if I could use to solve problems, and the answer is no. 2015-03-11 20:02:11 No one outside of one industry is willing to use SCTP for anything. 2015-03-11 20:02:13 then your "data" types for DNS records are crap CNAME vs. MX vs. PTR which are not clearly defined seperately or in some instances identical producing a lot of crapy DNS records online 2015-03-11 20:02:44 That criticism is very weak, IMO. 2015-03-11 20:02:51 it's not 2015-03-11 20:02:56 you could have a much cleaner 2015-03-11 20:03:22 K/V description of what a 'domain' maps to 2015-03-11 20:03:24 Probably at a cost in flexibility, if we;re honest. 2015-03-11 20:03:51 well what could be done would be more soundly flexible and less ambiguous 2015-03-11 20:03:51 CNAME, MX, PTR are perfectly fine. 2015-03-11 20:03:56 ehhhhhhh 2015-03-11 20:04:07 CNAM -> CNAME -> PTR 2015-03-11 20:04:51 A criticism is that the SOA record allows only A records, and that a CNAME can only be present once in an RR. Those are bad implementation choices on which to standardise, not a bad protocol. 2015-03-11 20:05:40 well the protocol, it's been a couple years since I was more intimately knowledgable of it 2015-03-11 20:05:46 RR->CNAME->CNAME->AAAA is currently valid 2015-03-11 20:06:08 I shouldn't say RR there; I guess I mean 2015-03-11 20:06:12 ? 2015-03-11 20:06:18 in short even with same tech of the 1980s 2015-03-11 20:06:44 I think a formalizable unamibigous spec, with better future fitting, and k/v decleration etc. 2015-03-11 20:06:58 basically I think just about every way DNS can be improved leaps and bounds 2015-03-11 20:06:59 You can criticise 512 bytes (prior to EDNS0 and excepting TCP) too, but that was the situation on the ground. 2015-03-11 20:07:55 It's ironic you say that, because the strength of the network was always 'rough concensus and running code'. Two independent implementations are still the informal endorsement of a standard. 2015-03-11 20:08:10 mjones_, also big no no which causes way too much headache and pain 2015-03-11 20:08:19 is no version number field 2015-03-11 20:08:25 I kinda think you lack perspective. Have you ever worked with or studied SMB/CIFS protocols from Microsoft et al? 2015-03-11 20:08:47 Here's how Microsoft does a mail protocol: 2015-03-11 20:09:01 Microsoft is an organization of a bunch of smart people producing some of the biggest crap known to computer science 2015-03-11 20:09:10 mjones_, jut cause someone else does it shittier 2015-03-11 20:09:13 We'll implement our mail protocol on shared pipe semantics. 2015-03-11 20:09:16 doesn't mean your not dealing iwht a pile of shit 2015-03-11 20:09:23 Oh, we'll need shared storage for that. Let's use our disk-sharing protocol. 2015-03-11 20:09:32 it's like comparing a pile of pony crap vs a large horse's crap 2015-03-11 20:09:37 yah one is bigger but there both shit 2015-03-11 20:09:56 That's based on an agglomeration of block-sharing protocols from multiple vendors circa 1979, with extensions, that runs on 8-bit machines with 64k RAM. 2015-03-11 20:10:23 mjones_, again if nothing else 2015-03-11 20:10:24 And that requires some kinda RPC, which is its own implementation nightmare. 2015-03-11 20:10:37 if they provided a version # field with more than 2 bits 2015-03-11 20:10:47 it could save a tone of headache 2015-03-11 20:10:56 In the zeal never to write the same code twice, anything Microsoft that you want to implement requires you to go back and implement every bit of Microsoft's stack dependencies. 2015-03-11 20:11:12 mjones_, dude legacy code uber alles 2015-03-11 20:11:13 :P 2015-03-11 20:11:23 In the meantime, you or I could write a basic SMTP or POP implementation in a high-lever language in a day. 2015-03-11 20:11:33 And I have, albeit badly. 2015-03-11 20:12:37 well again I'm rusty on DNS, I would need a decent amount of time review on how it could have and can be vastly improved 2015-03-11 20:12:41 Their file formats are the same way, which is why OOXML has a field called 'Do it Like Word 6'. Because they have no intention of implementing outside their own giant codebase. 2015-03-11 20:13:08 systmkor: I thank you for taking the time to clarify what you meant. 2015-03-11 20:13:09 mjones_, you did read my comment about Microsoft above right? 2015-03-11 20:13:17 Legacy works both ways, though. 2015-03-11 20:13:38 I read all of them. 2015-03-11 20:13:44 mjones_, http://cdn.meme.am/instances/500x/55704072.jpg 2015-03-11 20:14:36 I grok. 2015-03-11 20:14:42 mjones_, I marginally thoughts about how Microsoft outside of Oracle has probably been the biggest chain&ball, regression of computer science 2015-03-11 20:14:49 for the past 25 years 2015-03-11 20:15:24 Unlike DNS or TCP or HTTP, Microsoft only has the influence you give it. I mostly ignore it. 2015-03-11 20:15:26 *I somewhat believe that Microsoft 2015-03-11 20:15:44 mjones_, well that is unless 51% of people around you "need" it 2015-03-11 20:15:52 then your kinda sorta fucked 2015-03-11 20:16:05 - referring to an organization setting 2015-03-11 20:16:49 I absolutely understand what you're saying, but I'm also saying that I choose not to do that. 2015-03-11 20:17:06 mjones_, at startup I'm trying to keep that at bay at all costs 2015-03-11 20:17:12 *almost all costs 2015-03-11 20:17:42 I'll gladly loose all my weekends for a year to build a work around than to deal with that cancerous issue 3+ years from now 2015-03-11 20:17:54 Sometimes it's hard. I inadvertently made someone cry once because I said she shouldn't send me a text announcement in Word format, because I couldn't open it on OpenBSD/SPARC. 2015-03-11 20:18:06 lol 2015-03-11 20:18:28 systmkor: I'm a big believer in avoiding all lockin. It's about 100x easier than it was 15 years ago; trust me. 2015-03-11 20:18:51 mjones_, current architecture goals OpenBSD for core backbone architecture (e.g. LDAP servers, Config Management Server, Private Git Repo) 2015-03-11 20:18:57 Microsoft is fairly easy to avoid, as long as you don't have clingers. 2015-03-11 20:19:06 then Alpine for Dev Environments and the 80% of stuff that needs to be ran with Linux 2015-03-11 20:19:35 mjones_, agreed, getting one of my co-workers to spend our spring break to learn OpenStack 2015-03-11 20:19:48 to avoid the other shiet lock-in that is AWS 2015-03-11 20:19:51 I had an eye-opener recently. After enduring ten years of claims that 'Exchange is the standard', you should have seen the whinging when the organisation standard became gmail. 2015-03-11 20:20:03 lol 2015-03-11 20:20:09 but, but it just woooorks 2015-03-11 20:20:18 I can't dick around for 2 hours anymore :P 2015-03-11 20:20:20 jk 2015-03-11 20:20:20 Outlook (incidentally a terrible piece of software) clingers have no tolerance. 2015-03-11 20:20:40 mjones_, well that's why I think legacy is very very bad 2015-03-11 20:20:55 and by that I mean like trying to support code maybe 5 years old 2015-03-11 20:21:06 that hasn't been critically re-examined within that time frame 2015-03-11 20:21:30 open standards that can be implemented unencumbered are 99% of the way there; I think you should go easy on that last 1% of imperfection. 2015-03-11 20:21:32 so really like a "rolling legacy" 2015-03-11 20:21:42 old code is slightly different. 2015-03-11 20:21:49 yah, yah i know 2015-03-11 20:21:59 Code and systems that freeze are like sharks that stop moving forward in the water. 2015-03-11 20:22:03 it's that special little mistake :P 2015-03-11 20:22:09 The moment they stop moving forward, they start dying. 2015-03-11 20:22:24 very much agree 2015-03-11 20:22:32 They can often be revived, but let no one convince you they don't start to die. 2015-03-11 20:22:46 that said what I think movement means 2015-03-11 20:22:55 is at minimum audit/bug fixing 2015-03-11 20:23:37 As long as the implementations continue to evolve, I'm rather tolerant of the last 1% of quirks in TCP or DNS or HTTP/1.1, or HTML. 2015-03-11 20:23:56 Bugfixes and standards updates. 2015-03-11 20:24:33 Code isn't a toaster. When time moves on you will need to add IPv6, or DNS EDNS0, or HTTP/2.0, or any number of features and RFCs. 2015-03-11 20:24:39 mjones_, #legacy-systems that are critical not fault tollerant points in your architecture 2015-03-11 20:24:41 mjones_, http://giphy.com/gifs/rjWu7ks7deuxa/html5 2015-03-11 20:25:00 mjones_, or move from 32-bit to 64-bit epoch :P 2015-03-11 20:25:27 audit I like to 'handle' with static analysis and automated testing and responsive fixes. Formal human audit is a bonus. 2015-03-11 20:26:08 If it's not fault tolerant and it's fixable, it will be evolved out of the system. 2015-03-11 20:26:28 Some things aren't fixable, like the speed of light. 2015-03-11 20:27:19 mjones_, http://www4.pictures.zimbio.com/mp/MTpSTZ6_l-6x.gif 2015-03-11 20:27:29 Incidentally, one of the best ways to avoid organisational lock-in is to give people expensive macbooks, and have some chromebooks for other stuff. 2015-03-11 20:27:30 mjones_, kinda sorta :P 2015-03-11 20:27:53 about speed of light, such as warp-drive 2015-03-11 20:27:54 Give someone a $2k MBP or Air and somehow they suddenly forget about all their Microsoft dependencies. It's magic, really. 2015-03-11 20:28:25 Apple, the better opiate of the masses :P 2015-03-11 20:28:47 that said I do enjoy my mac products but not in a programming/hacking/network/it way 2015-03-11 20:28:55 more of a i just need this shit to work from day to day 2015-03-11 20:29:23 I used to have NeXT cubes with '040s and I'm not remotely a hater. Apple is a superb tool to prevent lockin. 2015-03-11 20:30:25 Just a tip about lock-in, since you mentioned it. A cheap investment to avoid pain later. Figuring our Microsoft CALs alone is something you should be willing to pay to avoid. 2015-03-11 20:30:45 s/our/out/ 2015-03-11 20:31:53 Don't use Office, don't use SQL Server, and don't need CALs, and now Microsoft is making scarcely any money from you even if you run Windows on the servers and clients. 2015-03-11 20:32:13 mjones_, also If software costs 200k per year for the company but I could pay 2 programmers full time to provide equivalent open source solution 2015-03-11 20:32:17 would rather go with the latter 2015-03-11 20:32:25 Obviously. ;) 2015-03-11 20:33:16 The hard part is preventing lock-in solutions from sneaking in or being adopted organically. I won't obnoxiously recite stories, but you'd be surprised what can happen. 2015-03-11 20:34:00 Not having any significant amount of Windows clients or servers helps prevent accidents, but it's possible to avoid most lockin even with Windows under the right conditions. 2015-03-11 20:35:29 I don't bother. I've never run much Windows and am not very good with it. 2015-03-11 21:08:57 DarkFox: ok, there is a public acf. it has postfix mysql lvm openntpd openldap lighttpd dns accessable using acf. it's a free for all and rebuilds every hour 2015-03-11 23:33:52 ScrumpyJack, curious about your thoughts on having more granual packages than now for Alpine 2015-03-11 23:34:22 like nginx, nginx-lib, nginx-conf, nginx-openrc 2015-03-12 06:42:18 ScrumpyJack: Link? 2015-03-12 06:46:25 hi, I see some broken dependency(maybe) in alpine. Like, when I try to run firefox, it says no such file as libicui18n.so.54 and when I try to run audacious it says, libdbus-glib-1.so.2 file is missing. And there are some other things too that I can't recall right now. Can anybody help me with this? 2015-03-12 06:47:10 and I haven't found any file related to them in the repository 2015-03-12 06:48:28 hiu: Have you tried updating all packages ? 2015-03-12 06:48:41 you mean upgrade? 2015-03-12 06:49:53 yeah, I've upgraded: apk upgrade 2015-03-12 06:50:01 Hmm 2015-03-12 06:50:13 Tried uninstalling and reinstalling firefox and audacious? 2015-03-12 06:50:55 <_ikke_> find / -name 'libdbus-glib-1.*' 2> /dev/null 2015-03-12 06:51:02 Are you running a sys, data, or diskless install? 2015-03-12 06:51:42 sys install. *ikke_: I'll try 2015-03-12 06:53:09 ACTION only has diskless alpine installs. No issues with dependancies so far. :) 2015-03-12 06:53:22 Good luck; I'm out of ideas here. 2015-03-12 06:53:40 ikke: no output! 2015-03-12 06:54:00 hiu: Means that you don't have it :) 2015-03-12 06:54:07 DarkFox: that's sad :( 2015-03-12 06:55:17 but, doesn't that mean a broken dependency in the repo? 2015-03-12 06:55:58 hiu: apk fix firefox 2015-03-12 06:56:37 yeah, tried it couple of times....... 2015-03-12 06:56:54 <_ikke_> hiu: and package dbus-glib? 2015-03-12 06:57:14 ikke: also tried 2015-03-12 06:57:20 <_ikke_> hmm, seems to contains lbdbus-glib-0 2015-03-12 06:59:18 wait a minute, the: apk fix lbdbus-glib-0 fixed audacious :D 2015-03-12 06:59:40 how is that possible??? 2015-03-12 07:00:15 but, apk fix dbus-glib didn't fixed it! 2015-03-12 07:07:40 seems like it contains icu-libs-54.1-r0 2015-03-12 07:08:32 but, it seems to not work with firefox, any idea? 2015-03-12 07:41:57 DarkFox: http://weisshorn.alpinelinux.uk:8001/ 2015-03-12 08:07:11 hiu: have you run ldd? 2015-03-12 08:42:26 sys/types.h defines 2015-03-12 08:42:27 typedef long long quad_t; 69 typedef unsigned long long u_quad_t; 2015-03-12 08:42:35 oops 2015-03-12 08:42:41 typedef long long quad_t; 2015-03-12 08:42:45 typedef unsigned long long u_quad_t; 2015-03-12 08:43:28 yet compiling i get coda.h:153:2: error: unknown type name 'u_quad_t' 2015-03-12 08:45:10 #include ;) 2015-03-12 08:45:27 is it wrapped in a feature test macro? 2015-03-12 08:46:01 all relevant includes i can find are sys/types.h 2015-03-12 08:46:25 ahills: nope 2015-03-12 08:47:06 gcc has a preprocessor output option 2015-03-12 08:47:28 you could recreate the trivial case 2015-03-12 08:47:43 http://sprunge.us/iRJa 2015-03-12 08:48:26 ahills: that's beyond my capabilities 2015-03-12 08:48:38 coffee calling :) 2015-03-12 08:49:13 what? it's two lines 2015-03-12 08:49:35 #include 2015-03-12 08:49:50 quad_t x; 2015-03-12 08:50:18 find the gcc option, might be -E 2015-03-12 09:13:07 ahills http://sprunge.us/NiSB 2015-03-12 09:15:31 and does it build? 2015-03-12 09:15:41 yup 2015-03-12 09:16:47 so must be a problem with your other code... either an undef or othel include madness 2015-03-12 09:17:20 sorry for terseness, on a phone because italy is a backwards country 2015-03-12 09:17:53 backwards, but warm 2015-03-12 09:18:26 yes, too warm in milano 2015-03-12 09:19:12 and their stores wouldn't sell me a charger for my laptop 2015-03-12 09:25:01 you forgot your charger? :) 2015-03-12 09:33:08 I forgot I was traveling to a third world country... better luck in Germany I hope 2015-03-12 09:33:50 lol, we regularly go to italy and germany too 2015-03-12 09:33:58 funny that 2015-03-12 09:35:00 this is my first nime in europe in 15 years 2015-03-12 09:35:03 time 2015-03-12 09:35:37 loving the trains... very fast and silent 2015-03-12 09:36:02 about 1€/km in Germany though :P 2015-03-12 10:36:26 Is it right that on AL resolv.conf does not take the search nor domain directive into account or do I miss something? 2015-03-12 11:14:56 Jean-Scotch: it used to, i'm pretty sure 2015-03-12 11:15:04 but yeah i've noticed the same since a few weeks 2015-03-12 11:15:31 i still had it filed as "uh, idk, must be me" 2015-03-12 11:15:55 OK. It's a bug then not a wanted feature... 2015-03-12 11:16:46 As I'm new to busybox, I didn't know if it was normal or not... 2015-03-12 11:17:46 It does break a lot of thing in my setup :( 2015-03-12 11:19:10 as a workaround I use a lot of hosts files but as I plan to evolve to dynamic dns update from dhcp, ti's annoying at least 2015-03-12 11:25:17 I'm in the process of scripting dynamic update of tinydns from dhcp. Next step will be to renumber all the MAC of my 70 KVM. It will be a pita to adjust everything by hand :( I will wait to some bug fix before pushinf that to production... 2015-03-12 11:26:34 s/70 KVM/70 KVM and LXC/ 2015-03-12 11:28:17 I will fill a bug report... 2015-03-12 11:28:19 Jean-Scotch: could you open the bug report for the broken resolver? 2015-03-12 11:28:22 thank you! 2015-03-12 11:28:30 because i'll forget and remember for 5 months or something 2015-03-12 11:29:37 do I assign it to someone ? 2015-03-12 11:42:28 no 2015-03-12 11:42:34 ok 2015-03-12 11:43:29 i wonder if that bug relates to fbettag's ragequit on using any kind of linux :) 2015-03-12 15:11:19 i am compiling a kernel for my new alpine 2015-03-12 15:11:27 my questions are 2015-03-12 15:11:46 how can i change make jobs cflags etc? 2015-03-12 15:12:03 how is the initramfs constracted 2015-03-12 15:12:05 ? 2015-03-12 15:12:26 i hve an archlinux background and many things feel familiar :D 2015-03-12 15:13:52 another question is why is nfs4.1 not selected and why are framebuffers compiled as modules? 2015-03-12 15:14:36 we loose efifb and uvesafb this way... 2015-03-12 15:14:43 sorry 2015-03-12 15:14:50 efifb & vesafb 2015-03-12 15:15:24 those two are not a burden 2015-03-12 15:19:18 darkfader: the bug is submitted #3977 2015-03-12 15:19:57 ty so much 2015-03-12 15:56:02 https://web.archive.org/web/20150312152401/http://www.bbc.com/news/entertainment-arts-31858156 2015-03-12 15:56:08 you guys might be interested 2015-03-12 15:56:16 terry pratchett is dead 2015-03-12 15:56:19 rest in peace 2015-03-12 23:46:42 hi there 2015-03-12 23:47:07 do you know how to build the initramfs image with lvm support? 2015-03-13 00:46:40 Mo0O: You read the wiki? 2015-03-13 07:27:50 wanted to give a try to http://wiki.alpinelinux.org/wiki/Setting_Up_Fprobe_And_Ntop but package ntop seems missing (both from stable and edge) 2015-03-13 08:16:46 Jean-Scotch: ntop is in git 2015-03-13 08:19:44 building it now. it was missing architecture target 2015-03-13 08:23:34 ScrumpyJack: cool. thanks 2015-03-13 08:25:09 build failed i'm afraid 2015-03-13 08:26:19 and i've been pulling my hair out for a few days over some other sources that don't compile with musl :( 2015-03-13 08:44:33 just the same this morning trying to compile gnuplot 5.0.0 as an upgrade to the one currently in AL :( 2015-03-13 09:01:51 is ntopng better than ntop ? 2015-03-13 09:22:34 in the meantime you could try vnstat 2015-03-13 09:43:13 hmmm. it does'nt seem to split stats in seen IP... I want to use it on the router and to be able to state the internet consumption for every device in the server pool... 2015-03-13 09:44:05 for obvious reason I want only a probe on the router 2015-03-13 09:46:14 Jean-Scotch: apk update && apk add ntop 2015-03-13 09:46:33 I did use http://rtg.sourceforge.net/ for that purpose but I wanted some more "modern" stuff ;) 2015-03-13 09:46:39 ok I gie it a try 2015-03-13 09:46:45 *give 2015-03-13 09:48:40 DarkFox: yes indeed 2015-03-13 09:48:49 seems gentoo has a lot of bandage for ntop, so i guess its not perfect. 2015-03-13 09:49:01 but atleast it builds now. 2015-03-13 09:54:14 it's installed. I will now have a look deep inside ;) 2015-03-13 10:01:44 Mo0O: Sorry; what was this in response to? 2015-03-13 10:02:44 DarkFox │ Mo0O: You read the wiki? 2015-03-13 10:02:48 ;) 2015-03-13 10:02:59 Hi there, I've install alpine on a lvm volume -/boot inculded- and try to load it using grub on a phisical /boot partition, here's my grub.cfg http://sprunge.us/VALQ, I've follow the lvm wiki http://wiki.alpinelinux.org/wiki/Setting_up_Logical_Volumes_with_LVM, and rebuild initramfs like in http://wiki.alpinelinux.org/wiki/LVM_on_LUKS, but when I want to load alpine I ends in a initramfs shell with no 2015-03-13 10:03:00 lvm command and no /dev/mapper/{*} 2015-03-13 10:03:06 That helps for context... You had a question prior 2015-03-13 10:03:17 Right 2015-03-13 10:03:25 Mo0O: Still no luck? :( 2015-03-13 10:03:33 no :/ 2015-03-13 10:04:15 ACTION currently hardening his alpine install - sadly, no suggestions from myself for now. Good luck. o/ 2015-03-13 10:04:43 god luck to you to DarkFox \o 2015-03-13 10:05:10 Mo0O: If alpine's docs aren't enough try archlinux's - it's docs are often better than any other source you'll find. 2015-03-13 10:08:54 DarkFox: thanks for the advice, I know this wiki as I'm a long time arch user 2015-03-13 10:09:04 :) 2015-03-13 10:09:32 ACTION originally started using arch as it was a bsd-like, simple and minimal linux system. And now - Alpine is that exact reasoning (WITHOUT SYSTEMD) :-) 2015-03-13 10:09:54 Not to mention the by default better security/base and even smaller. :) 2015-03-13 10:10:23 Mo0O: Anyhow; good luck with mkinitramfs modules. 2015-03-13 10:10:49 +1 2015-03-13 10:10:55 thx DarkFox 2015-03-13 11:59:43 Mo0O: - check the alpine-dev mailing list - I sent a setup-disk.new which includes support for LUKS & LVM on LUKS installs 2015-03-13 12:03:27 I'll put it up to download 2015-03-13 12:04:58 yay 2015-03-13 12:04:58 my install in virtualbox kpanic 2015-03-13 12:06:36 http://it-offshore.co.uk/downloads/setup-disk.new - just install with 'setup-disk.new -E $MNT' or just 'setup-disk.new -E' 2015-03-13 12:07:10 & it will detect the LUKS partition(s) 2015-03-13 12:15:21 oh, great, thanks BitL0G1c 2015-03-13 12:19:07 np - it should work without issue 2015-03-13 12:25:05 there is also http://it-offshore.co.uk/downloads/setup-lvm for creating partitions - it works fine for standard partitions & also for LVM as long as the volume groups only span one disk - needs to be rewritten for that 2015-03-13 13:05:10 Is there an lsb-release package/binary for alpine? 2015-03-13 13:31:40 "Google Code shutting down" http://lwn.net/Articles/636535 2015-03-13 13:33:02 I think some top institutions/univ in G-20 countries should start mirroring github..etc 2015-03-13 13:33:30 for archival only 2015-03-13 14:57:55 clandmeter: ScrumpyJack: ntop is totally unstable and crash often. from A couple of seconds to an hour or a little bit more... with nothing in the logs and only "killed" while running in foreground 2015-03-13 15:34:00 Jean-Scotch: it probably needs work 2015-03-13 16:12:27 any clue how much a disk install of alpine uses ram? 2015-03-13 16:12:39 I need a baseline to ask for :3 2015-03-13 16:59:11 Diftraku: I have one running with 46M used... 2015-03-13 17:01:33 and 260M on the disk 2015-03-13 17:21:45 wonder if I could get away with 1gig ram running nginx, php, mysql, mail and ldap... 2015-03-13 17:21:52 prolly 2gig to be safe 2015-03-13 17:30:50 with php you need ~10GB for anythnig more than the phpinfo page 2015-03-13 17:31:00 but if you use a good and sane language, you can get away with 1GB easy 2015-03-13 17:31:29 that's not specific to alpine, PHP is just fundamentally poorly designed and insecure 2015-03-13 17:41:07 do you know how can I fix: WARNING: Ignoring /v3.1/main/x86_64/APKINDEX.tar.gz: No such file or directory 2015-03-13 17:41:14 this http://wiki.alpinelinux.org/wiki/Alpine_Linux:FAQ#WARNING:_Ignoring_APKINDEX.xxxx.tar.gz doesn't fix 2015-03-13 17:44:37 Mo0O, executing what command gives that warning 2015-03-13 18:00:05 vkrishn: apk search ... 2015-03-13 18:00:14 apk add also 2015-03-13 18:02:37 ahills: I'd go for hhvm but not sure how well it compiles on musl 2015-03-13 18:04:01 php-fpm along with nginx and proper caching for static/resource heavy requests (read: mysql) tend to work quite well at less than a gig (with some swapping depending on the size of the mysql db) 2015-03-13 18:04:23 but yeah, individual php processes eat a ton of ram for no apparent reason 2015-03-13 18:07:26 Mo0O, you could be having defunct repo in /etc/apk/repositories, remove or comment that 2015-03-13 18:07:33 then run `apk update` 2015-03-13 21:21:03 anyone has seen an alpine KVM guest losing its virtio network upon reboot ? 2015-03-13 21:21:27 have to remove interface and put it back to get eth0 working 2015-03-13 21:21:44 any idea where to look at ? no error in logs whatsoever :/ 2015-03-13 21:31:46 I've been using without any problems via libvirt - I just changed it to virtio & could ssh straight into the vm 2015-03-13 21:34:28 on both 32 & 64 bit 2015-03-13 21:35:06 host is debian wheezy 2015-03-13 22:23:52 I can't even get alpine to -boot- in my virtualbox :P 2015-03-13 23:03:06 James_T: - save yourself a lot of headache & get vmware from kickass.to - I could never get it running smoothly in vbox. Or even better - run it in KVM 2015-03-13 23:03:49 haha 2015-03-13 23:03:53 i'll do it on kvm 2015-03-13 23:04:07 ACTION reads up on the arch wiki 2015-03-13 23:04:23 kvm with libvirt works great 2015-03-13 23:05:18 kewl 2015-03-13 23:20:18 <3 my free legit workstation 2015-03-13 23:22:13 :D 2015-03-13 23:25:20 it's basically an extended evaluation key 2015-03-13 23:25:33 for a year 2015-03-13 23:25:37 :P 2015-03-13 23:25:58 ;) 2015-03-14 01:33:52 Diftraku: I don't know what hhvm is, but I guarantee you the PHP language is not conducive to elegant designs, so it is highly unlikely that a secure design is possible 2015-03-14 01:34:11 I only say this because I have spent the better part of my professional career learning the different ways that people can find to ignore security 2015-03-14 01:34:31 and also because I value security as a general principle for the internet 2015-03-14 08:28:28 Hi, I want to try out alpine linux on a vm, potentially using it later to run a small home server. How do the iso's differ? Thanks 2015-03-14 08:38:33 ch077179: It is described on the wiki 2015-03-14 08:41:22 ch077179: http://wiki.alpinelinux.org/wiki/Installation 2015-03-14 08:41:45 Advanced section contains a number of links for installing in various virtual machine hosts or hypervisers 2015-03-14 08:42:28 I am on that page. I don't see the descriptin of minimal vs standard vs vanilla? 2015-03-14 08:42:29 ch077179: As for your original question; maybe not mentioned on the wiki but you can hover your mouse over them and they show you a caption describing the iso's purpose 2015-03-14 08:42:39 ok 2015-03-14 08:42:46 standard: most common used packages included. Use this for routers and servers that run from RAM. 2015-03-14 08:43:02 Mini: for disk installs from the network 2015-03-14 08:43:11 got it 2015-03-14 08:43:18 :) 2015-03-14 08:43:19 yeah, I'll go with the mini probably 2015-03-14 08:43:23 thanks 2015-03-14 08:43:48 I have a bricked my book as well. Is it possible / sensible to put alpine on that? 2015-03-14 08:44:09 wd mybook* 2015-03-14 08:44:21 ... just about to say books are paper :P 2015-03-14 08:44:29 Depends how it is bricked 2015-03-14 08:45:00 Bricked bootloader or firmware, may not be recoverable (without very not fun [unless you know what you're doing] hardware hacks) 2015-03-14 08:45:01 ssh config. I changed the key and killed my session or some such nonsense.. 2015-03-14 08:45:33 I vote; attempt to put alpine on any hardware that you can 2015-03-14 08:45:34 :) 2015-03-14 08:45:51 but uh.. I'd be keeping the firmware? 2015-03-14 08:46:13 as in, I'd still have the white light glowing 2015-03-14 08:46:27 Depends; you can dual boot in many cases; or you could create a chroot'd environment on the existing system if it already runs Linux (which you said ssh so probable) 2015-03-14 08:47:08 yeah it is a tiny core or dsl flavor I think 2015-03-14 08:47:47 Steps: Unbrick/root, then either install in a chroot or alongside you're existing install - then dual boot. 2015-03-14 08:48:04 but since I bricked it I have it mounted via sata bay. Still doable? How is that type of installation called? (so I know what to google for) 2015-03-14 08:48:05 Chroot is easier for most systems as booting gets more complicated. 2015-03-14 08:48:35 AGain; wiki in advanced section. "Replacing non alpine linux with alpine remotely" 2015-03-14 08:48:38 May be useful 2015-03-14 08:48:50 pulled that up already but haven't read it. ok. 2015-03-14 08:49:03 May not; either way - scan through the wiki; I don't know this exact ddevice you have and the wiki will be one of the better resources. 2015-03-14 08:49:15 do you happen to have a pointer how to unbrick the ssh config while it's mounted in the bay? 2015-03-14 08:50:00 Filesystem ext by chance? If so; you might be able to put a suid shell or terminal on the device and get in that way. 2015-03-14 08:50:19 Again; don't know this device. 2015-03-14 08:50:22 ok.. the filesystem is ext4 2015-03-14 08:50:31 ACTION out for now. Good luck ch077179 :-) 2015-03-14 08:50:47 ACTION must leave * ^ 2015-03-14 08:50:54 thanks :) 2015-03-14 08:51:00 no worries, have a nice weekend 2015-03-14 08:51:57 ch077179: You too; also just before I part for now - I recommend doing a diskless install first. Generally cleaner for development and testing. 2015-03-14 08:52:22 sure. and I'll back up the / tree first as well 2015-03-14 08:52:53 ACTION using diskless booting from an sd card; intend to remove the internal HDD for this laptop. Diskless means that it lives in ram after the boot - hence it doesn't kill the SD card by writing to it constantly. 2015-03-14 08:53:15 'lbu commit' for any changes; that will then be written to the disk for the next boot. 2015-03-14 08:53:22 Well; I'm out. Good luck again. o/ 2015-03-14 08:53:29 merci, have a good one 2015-03-14 10:22:32 HI. I just setup a new AL-edge KVM in order to test ejabberd in a LXC. But the LXC does'nt start. I just did as usual. the start log is http://sprunge.us/ibQZ 2015-03-14 10:24:06 is LXC broken in edge? 2015-03-14 10:31:01 it seems you need to create /dev/shm yourself 2015-03-14 10:31:02 the exact same procedure is runninf fine in stable 2015-03-14 10:39:49 rootfs/dev/shm does exist... 2015-03-14 10:40:22 then mount -t tmpfs foobar rootfs/dev/shm 2015-03-14 11:07:09 nope :( 2015-03-14 11:12:58 maybe it's a new bug introduced with lxc-1.1.0 (stable has lxc-1.0.7) 2015-03-14 11:13:38 i have lxc-1.1.0 and it seems to work 2015-03-14 11:14:27 are you running edge or just lxc@edge? 2015-03-14 11:14:34 edge 2015-03-14 11:15:26 but i only use one debian install inside lxc occasionally 2015-03-14 11:17:49 if I comment out the line defining the mount point in config, the LXC starts fine 2015-03-14 11:18:03 I dunno if dev/shm is really needed 2015-03-14 11:18:17 I have some debian LXC running without it 2015-03-14 11:18:59 dev/shm is used by the libc for eg shared semaphores 2015-03-14 11:19:09 so some libc interfaces are broken without it 2015-03-14 11:19:48 but you should be able to do the tmpfs mount inside the container 2015-03-14 11:20:52 i dont have any mount setup and it just works 2015-03-14 11:21:54 http://www.cyberciti.biz/tips/what-is-devshm-and-its-practical-usage.html seems to say that it is optional but improve perfs 2015-03-14 11:23:24 thats nonsense 2015-03-14 11:46:10 after further reading, /dev/shm is used for POSIX shared memory and named semaphore. As in the LXC /dev is already tmpfs, all is really needed is to mkdir /dev/shm... 2015-03-14 13:33:34 I have a question regarding the creation of a bootable usb drive. I am currently not on AL. In the manual how-to I'm told to dd if=/usr/share/syslinux/mbr.bin of=/dev/sd_stick 2015-03-14 13:33:49 where do I obtain the correct mbr.bin 2015-03-14 13:38:33 in the syslinux package for your distro 2015-03-14 13:38:42 any will do? 2015-03-14 13:39:00 I think so 2015-03-14 13:39:38 I did it on a debian squeeze for my first try 2015-03-14 13:41:05 yeah any syslinux will do 2015-03-14 13:41:45 ok, thanks 2015-03-14 13:43:55 why isn't creating a bootable usb drive much easier? something like dd if=installer.iso of=/dev/usb_drive ? 2015-03-14 13:44:08 shouldn't the iso contain all files already? 2015-03-14 13:44:39 because booting a CD and booting a USB have different requirements, and making a hybrid image is a massive pain 2015-03-14 13:44:52 but I wish alpine would just distribute the damn USB image... who even uses CDs these days? 2015-03-14 13:45:04 amen to that 2015-03-14 13:45:34 <_ikke_> Yeah, I always have to fall back to unetbootin for alpine images :-( 2015-03-14 13:45:34 I think I once created a usb like that, basically one step. It was arch iirc 2015-03-14 13:45:35 I haven't used optical media since 1998 2015-03-14 13:45:52 yeah, arch doesn't mind creating the hybrid image 2015-03-14 13:46:02 the openbsd method is preferrable 2015-03-14 13:46:12 install56.iso = cd, install56.fs = usb/etc 2015-03-14 13:46:43 interesting. didn't know about that 2015-03-14 14:27:45 trying the unetbootin way of making a USB stick from vanilla alpine iso give's me a nice initramfs emergency shell... 2015-03-14 14:29:14 mmmh will try alpine classic 2015-03-14 14:33:33 Mh.... starting mpd throws this at me: https://0.jmt.gr/?a2b9c7008c0c1f34#cORfN34POGbT9aa8SSX0zR3jr3otHUt1NIbWz2fjrOM= 2015-03-14 14:34:57 mounting boot media failed 2015-03-14 14:34:59 :( 2015-03-14 14:36:27 ok time to test dd 2015-03-14 14:37:38 even worse 2015-03-14 14:37:40 mmmh 2015-03-14 14:38:55 coredumb: dd the iso then follow the other instructions for fixing up the mbr... 2015-03-14 14:39:40 ahills: mmmh oh 2015-03-14 14:39:42 jomat: if you can't fork()... you may have a more serious problem 2015-03-14 14:40:04 ahills: link ? 2015-03-14 14:40:18 my internet here is extremely slow, but ok 2015-03-14 14:40:20 it's on the wiki 2015-03-14 14:40:30 http://wiki.alpinelinux.org/wiki/Create_a_Bootable_USB 2015-03-14 14:40:54 food time bye 2015-03-14 14:41:04 ahills: yeah, but doesn't sshd also fork? 2015-03-14 14:41:45 I try Upgrading linux-grsec@edge (3.14.30-r0 -> 3.14.35-r0) 2015-03-14 14:43:30 ahills: well yeah that's the page i'm on 2015-03-14 14:43:51 i dd the iso then dd the mbr on it 2015-03-14 14:43:56 doesn't help 2015-03-14 14:47:33 mmmh ok the device name part lemme try that 2015-03-14 14:53:24 yep doesn't help setting it to sdb or sdb1 2015-03-14 14:57:35 ok, same with mpd and 3.14.35-0-grsec 2015-03-14 14:57:48 and mpd 0.19.9 2015-03-14 15:05:53 i don't get how this should even work to start with ... initramfs is trying to mount usbdisk then switch_root on it but indeed the usbdisk only contains the iso content ... 2015-03-14 15:06:34 even mpd --no-daemon triggers that fork bug 2015-03-14 15:13:45 and yep, stracing it shows "fork(" as last line and then nothing more 2015-03-14 15:14:12 have you tried on linux-vanilla ? 2015-03-14 15:14:59 I'll try that 2015-03-14 15:23:21 ok had to change legacy boot mode to win8 instead of win7 in my bios 2015-03-14 15:23:24 -_- 2015-03-14 15:24:04 hello 2015-03-14 15:24:43 how to set default locale in alpinelinux? is there locale command? 2015-03-14 15:35:09 mh yeah, works with vanilla :-/ 2015-03-14 15:41:04 jomat: ? 2015-03-14 15:41:11 y0g1: ? 2015-03-14 15:41:36 jomat: how to set LC_ALL in alpinelinux? 2015-03-14 15:42:07 jomat: does musl support locale settings? 2015-03-14 15:42:54 dunno, did you try sth. like export LANG=en.utf8 2015-03-14 15:45:09 no, i don't have any program to test it 2015-03-14 15:45:26 jomat: i just want to know if there is something like localization 2015-03-14 15:48:43 ok now how to debug XBMC not seing mouse nor keyboard \o/ 2015-03-14 15:48:46 :D 2015-03-14 15:50:17 does alpinelinux has xorg-apps? xinput command? 2015-03-14 15:50:37 in my install also keyboard and mouse are invisible 2015-03-14 15:51:23 https://deranfangvomende.wordpress.com/2011/08/07/alpine-linux-x11-input-not-working/ 2015-03-14 15:51:26 try this 2015-03-14 15:51:29 i had the problem once 2015-03-14 15:51:49 poettering hal'd effect or something :) 2015-03-14 15:52:16 or rather, have a look at the x logfile 2015-03-14 15:55:16 dbus-core: error connecting to system bus: org.freedesktop.DBus.Error.FileNotFound - i run alpinelinux in chroot so this is a problem 2015-03-14 15:55:32 when i will finish kernel compilation i will test it in normal enviroment 2015-03-14 15:57:13 darkfader: lemme see thx 2015-03-14 15:57:16 :) 2015-03-14 15:57:28 another question 2015-03-14 15:57:36 coredumb: lol, you also have no keyboard? 2015-03-14 15:57:44 i don't know your root mount stuff!!!! :) 2015-03-14 15:57:47 i started to update my base install in edge 2015-03-14 15:57:51 ok 2015-03-14 15:58:07 only to see that xbmc needed older glew package 2015-03-14 15:58:21 so i sitched back to non edge 2015-03-14 15:58:25 and installed the rest 2015-03-14 15:58:35 and ... i'm pretty sure it's not a good idea :D 2015-03-14 15:58:44 you can pin the package backwards (interesting) or forwards (safer but messy if it's something with X) 2015-03-14 15:59:00 you can do apk add glew@main 2015-03-14 15:59:13 so everything else on edge 2015-03-14 15:59:29 but it's mostly what you now achieved manually 2015-03-14 15:59:33 is an apk check happy? 2015-03-14 15:59:37 so i have to pin @main first 2015-03-14 16:00:30 darkfader: there's no xorg.conf by default though 2015-03-14 16:02:35 also 2015-03-14 16:02:38 http://pastebin.com/qNST2MsK 2015-03-14 16:02:39 well 2015-03-14 16:02:40 O_o 2015-03-14 16:02:41 it's 2011 2015-03-14 16:03:11 keyboard work - I added it manually to xorg.conf.d 2015-03-14 16:03:29 so, same shit different year? 2015-03-14 16:03:30 but touchpanel with penmount doesn't 2015-03-14 16:03:55 coredumb: your dbus is running or what are you saying 2015-03-14 16:04:09 y0g1: never had one really configured, idk about that 2015-03-14 16:05:29 darkfader: talking about udev 2015-03-14 16:05:34 darkfader: under standard linux I used official driver from manufacturer 2015-03-14 16:05:38 or is dbus starting udev itself ? 2015-03-14 16:05:54 darkfader: but I see that there is opensource version and will try it 2015-03-14 16:07:13 coredumb: not sure any more. i don't have udev running, sucks since i can't do kpartx magic easily but saves me the shit 2015-03-14 16:07:27 can you do 2015-03-14 16:07:33 rc-update add udev boot 2015-03-14 16:07:58 i'm not sure why it's not in the list and it's not "codisplayed" with dbus iirc 2015-03-14 16:09:02 so i added load kbd in xorg.modules.conf.d still not kbd -_- 2015-03-14 16:09:18 coredumb: xorg.conf.d 2015-03-14 16:09:24 if i look at above :) 2015-03-14 16:09:38 yeah typing like i remember 2015-03-14 16:09:44 sry 2015-03-14 16:09:48 but it's in the correct file 2015-03-14 16:09:50 loaded 2015-03-14 16:09:54 but nothing works 2015-03-14 16:10:12 and udev even in boot doesn't show up 2015-03-14 16:10:15 O_o 2015-03-14 16:17:31 no display at all now 2015-03-14 16:17:36 doesn't look good lol 2015-03-14 16:18:05 meh 2015-03-14 16:18:17 ok got it back 2015-03-14 16:18:20 still no device 2015-03-14 16:19:07 s/device/input/ 2015-03-14 16:22:08 [ 28.925] (II) The server relies on udev to provide the list of input devices. 2015-03-14 16:22:10 If no devices become available, reconfigure udev or disable AutoAddDevices. 2015-03-14 16:23:40 hmm.. I got error when compilling kernel: arch/x86/boot/header.S:450: Error: can't resolve `VO__end' {*UND* section} - `VO__text' {*UND* section} 2015-03-14 16:23:44 is it normal? 2015-03-14 16:24:50 darkfader: udev not started by default 2015-03-14 16:24:58 so can't load inputs 2015-03-14 16:25:01 -_- 2015-03-14 16:25:18 well 2015-03-14 16:25:25 tell greg kroah hartmann about it 2015-03-14 16:25:41 i think by now he has switched to admitting udev isn't perfect 2015-03-14 16:26:57 darkfader: howto force alpinelinux to stay with vga console mode? I can't run alpinelinux - the screen is blank 2015-03-14 16:27:18 google for nomodeext or so 2015-03-14 16:27:33 nomodeset? 2015-03-14 16:27:35 idk 2015-03-14 16:27:53 darkfader: it doesn't work 2015-03-14 16:27:57 well 2015-03-14 16:27:58 I just installed X on a laptop... apk add xf86-video-intel xf86-input-mouse xf86-input-keyboard xf86-input-evdev xorg-server udev;rc-update add dbus;rc-update-add udev did it 2015-03-14 16:27:59 idk 2015-03-14 16:28:04 darkfader: nah the debate is not if udev sucks or not 2015-03-14 16:28:24 but why alpine doesn't start nor show it when it obviously should 2015-03-14 16:28:26 :) 2015-03-14 16:28:31 darkfader: kernel boots in vga, but when alpinelinux starts switching video mode then i lost console 2015-03-14 16:29:44 darkfader: network doesn't work so I cant ssh to it :| 2015-03-14 16:39:02 ll /etc/runlevels/default/udev 2015-03-14 16:39:04 lrwxrwxrwx 1 root root 16 Mar 14 17:28 /etc/runlevels/default/udev -> /etc/init.d/udev 2015-03-14 16:39:12 but no rc-status command can show it -_- 2015-03-14 18:03:48 jomat: I mean when you get kernel errors like that, it's more likely that you have some bad memory or bad sectors on disk or something 2015-03-14 18:04:08 coredumb: I followed the very simple directions on that page and it worked first try, not sure what else there is... 2015-03-14 18:04:16 it's probably just that your motherboard doesn't support boot from usb... 2015-03-14 18:46:16 #3979 2015-03-14 18:46:46 I found a typo in /sbin/setup-disk #3979 2015-03-14 19:33:04 ahills: yep as i said earlier i had to set it to "win8.x" boot instead of "win7" 2015-03-14 20:28:09 anyone to help me debug why udev while being set to runlevel default doesn't start by itself ? 2015-03-14 20:28:31 and why rc-status is unable to see it ? 2015-03-14 20:29:54 http://pastebin.com/raw.php?i=8AwTk3qx 2015-03-14 20:53:39 coredumb did you add it? rc-update add udev sysinit 2015-03-14 21:06:42 crow: in sysinit or boot or default 2015-03-14 21:06:53 doesn't change anything :( 2015-03-14 21:13:40 crow: ok i reinstalled 2015-03-14 21:13:42 works better 2015-03-14 21:14:57 how come netmount tries to mount nfs shares before activating network 2015-03-14 21:17:18 coredumb i have it in sysinit. 2015-03-14 21:17:42 crow: yeah i think i messed up my system doing an edfe mix 2015-03-14 21:17:49 edge 2015-03-14 21:17:54 I'm reading the apk wiki entry. Do I need to make changes to the package system permanent as well, even though I 'sys' installed AL? 2015-03-14 21:36:39 ch077179 whick apk wiki, and what packages? If you did sys , just apk update && apk upgrade will bring your package to actuall state. 2015-03-14 21:40:48 xbmc crashing... 2015-03-14 21:40:50 http://pastebin.com/vtT6cymr 2015-03-14 21:40:52 any idea ? 2015-03-14 21:41:23 when starting a library scan it crashes 2015-03-14 21:41:25 :( 2015-03-14 22:07:55 so seems that nfs client is broken in edge 2015-03-14 22:08:34 nfs statd hanging at boot 2015-03-15 01:43:42 hello 2015-03-15 01:47:55 I was experimenting with Arch linux, but I had problems with the mkinitcpio system. It seems very buggy. I had grub crypto mods opening my disk, then mkinitcpio was supposed to use a key on initramfs to reopen it. However, mkinitcpio never worked right, and it got to the point that I couldn't boot at all. How's alpine work? 2015-03-15 01:55:57 Is anybody in here? 2015-03-15 01:56:32 arch linux? 2015-03-15 01:57:11 on alpine fortunately syslinux is the default bootloader 2015-03-15 01:57:47 which is not as big spaceship as grub so it falls down less often 2015-03-15 02:01:38 can syslinux unlock luks? 2015-03-15 02:02:47 yes 2015-03-15 02:03:07 (i use encrypted rootfs on my laptop) 2015-03-15 02:03:14 kool 2015-03-15 02:03:41 actually sysclinux cannot unlock luks 2015-03-15 02:03:54 so you can get lxde and use it as a reasonable workstation? 2015-03-15 02:03:59 it just passes kernel parameters that the init system can handle 2015-03-15 02:04:20 and if you have the necessary tools in the initramfs then it will work 2015-03-15 02:04:38 oh, so you have an /boot partition 2015-03-15 02:04:47 yes 2015-03-15 02:04:53 you have to have one 2015-03-15 02:04:58 for the kernel at least 2015-03-15 02:05:38 I was trying to do w/out and got grub to work, but mkinitcpio never built the intramfs properly. 2015-03-15 02:06:24 half the time it would not include the files that I listed in the FILES= section 2015-03-15 02:07:28 then, even though I had the encrypt hook, it stopped including cryptsetup 2015-03-15 05:17:17 coredumb: sorry, my stay in europe has clouded my data processing abilities :) 2015-03-15 05:17:30 eu laws are ilttle bit more "frei" than US laws 2015-03-15 07:41:46 ScrumpyJack, how do you plan to use luufs ? 2015-03-15 09:44:54 ahills: np :) 2015-03-15 10:18:17 hello 2015-03-15 10:19:27 I need to know, which services in which runlevel do I need for alpinelinux boot process. 2015-03-15 10:50:00 ahills: can you elaborate what happened? "sorry, my stay in europe has clouded my data processing abilities" 2015-03-15 10:53:36 y0g1: rc-status --all 2015-03-15 11:57:05 Hi, I could not find anything about docker in alpinelinux in wiki. Is there anyone who is running docker successfully in alpinelinux-3.2.1? 2015-03-15 12:04:26 zenny: why is a chroot not enough? what benefits does docker bring? i'm asking because i'm clueless what docker is good for and why people use it. 2015-03-15 12:21:31 docker reminds me of freebsd jails, but on steroid with portability, scaleability and high-availability in mind. FreeBSD jails are chroot on steroid with some bells and whistles for manageability, imho. 2015-03-15 12:23:53 that sounds more like marketing, what's the immediate benefits? 2015-03-15 12:23:58 and in heterogenous production environments when you have hundreds of chrooted instances, it becomes unmanageable, imho. 2015-03-15 12:24:12 what becomes unmanageable? 2015-03-15 12:24:36 hundreds of nodes sure need other maintenance than a handful 2015-03-15 12:24:49 so docker is a vm management thingy like puppy or ansible? 2015-03-15 12:25:40 rpu3uO8PEVZZ: I do not know why your are so aggressive against something. I suggest you to go and read the docs at docker.io site. 2015-03-15 12:27:36 not aggressive 2015-03-15 12:27:51 just asking someone who is using it why he is using it 2015-03-15 12:27:53 or for a complex application with several CI tools, check flocker or dokku at github.com. 2015-03-15 12:28:05 the website doesn't tell me your story 2015-03-15 12:28:31 sorry if my questions sound inconvenient to you 2015-03-15 12:31:07 docker and other virtualization tools provide rapid deployment of nodes than chroot. 2015-03-15 12:31:30 how is this measured this rapidness? 2015-03-15 12:36:08 Have you ever seen a real datacenter with thousands of nodes running chrooted instances? They use one or other management tools for their virtualization. If you have a practical experience with handling with datacenter (I guess you have), you would realize what they really mean for portability. There is a company called hypercluster (clusterHQ) which was relying on FreeBSD jails with a very nifty tweak, but they are moving towa 2015-03-15 12:37:01 your question is similar to why do you need internet when you already have radio/television/newspaers, and therefore unanswerable. 2015-03-15 12:38:02 it is all about evolution of the way people improvise, I guess. 2015-03-15 12:39:04 BTW, I didn't land here neither to advocate one or other technolgies, but to ask for a simple thing. There is a docker in alpine repos, and wanted to learn if someone has already deployed it at production or testbeds, fyi. 2015-03-15 12:40:07 github.com/zenny/docker-alpine could be relevant 2015-03-15 12:40:12 fbsd jails are quite different and more mature than chroot or other jail like stuff on linux 2015-03-15 12:42:25 This is nothing new that you are stating. Then go for openvz, xen, qemu-kvm, virtualbox, vmware if you are not comfortable with. 2015-03-15 12:42:44 i am doing that 2015-03-15 12:42:56 what i wanted to find out, why are people using other solutions like docker 2015-03-15 12:43:07 but i did not succeed. 2015-03-15 12:43:18 I have been using them, but for scaleability, high-availabilty and portabilty, I personally found docker more easy. 2015-03-15 12:43:50 more easy. interesting, how? what was hard, that is now easier? 2015-03-15 12:44:12 No comment! 2015-03-15 12:44:29 Taste of pudding lies in eating! 2015-03-15 12:45:05 You are whining around the same thing again and again, sounds harassing. 2015-03-15 12:54:00 sorry if my questions make you feel uncomfortable, but they are objective and neither whining nor harrasing. 2015-03-15 12:55:54 what you call whining again and again, is trying to get to the bottom of the original question, why. but its quite hard to get objective answers. 2015-03-15 12:56:00 RTFM is what I can say about your questions. Ease of use is a subjective thing like it is easy for a Hungarian to learn Magyar, but very difficult to someone from England. 2015-03-15 12:56:44 as said the manual is not very informative, i'd like to get insights from users. 2015-03-15 12:57:06 exactly this kind of stuff "it's easier than before" 2015-03-15 12:57:25 but i need more context to understand what was hard before that is now easier 2015-03-15 12:57:34 for youi 2015-03-15 12:57:39 not the manual writers 2015-03-15 12:57:43 Your questions have no answers unless you have an experience of handling a real datacenter with multiple nodes. And there is a book published "Orchestrating Docker", please read that book. 2015-03-15 12:58:19 so you can't tell me why you use docker? 2015-03-15 12:58:31 The main easiness is the portability. You can make a package of apps and move from one node to other without redoing the same stuff agtain and again 2015-03-15 12:58:48 but that is possible with other virtualization tech, right? 2015-03-15 12:58:58 has that improved with docker? 2015-03-15 12:59:22 or is this more like puppy? 2015-03-15 12:59:26 Nope. Take openvz, it still uses the old kernel that does not support many modern hardwares. 2015-03-15 12:59:49 well i nver take openvz 2015-03-15 12:59:54 if i had to, i'd use chroots 2015-03-15 13:00:25 but i avoid both if possible 2015-03-15 13:00:53 the only thing where a chroot is ok, is the debian install on my alpine laptop, for stuff, that needs sabotaged distros ;) 2015-03-15 13:02:17 I didn't object you to not to use chroots, did I? So what is the deal? Keep on using that. You should use OpenBSD in that case if you are so fond of chroots. 2015-03-15 13:02:32 i'm not fond of them 2015-03-15 13:02:52 much less of openvz 2015-03-15 13:03:33 so docker is like chroots with puppy? 2015-03-15 13:04:33 hmm. thank you 2015-03-15 13:04:40 and sorry if i upset you 2015-03-15 13:04:44 I suggest you to do 'apk add docker' and test yourself 2015-03-15 13:07:32 How do you do resource management with chroot per se? 2015-03-15 13:07:44 btw you should avoid this systemd-dev answers to inconvenient questions. at least for me it immediately reminded me of poetterings responses to inquisitive minds. 2015-03-15 13:08:08 oh, i wrote i use proper compartmenting vm tech. i avoid chroot, only for the damn debian i have a chroot 2015-03-15 13:09:06 i have no usecase for many easily updatable chroots. 2015-03-15 13:09:48 so again, thank you for your answers, and sorry again if it made you uncomfortable 2015-03-15 13:11:56 would be interesting to know how this compares to nixos, i heard they are also about easy updates on mass deployments 2015-03-15 13:13:53 https://github.com/NixOS/nixpkgs/issues/1088 2015-03-15 13:32:04 zenny :)) so everyone wants docker support in everything. but why? 2015-03-15 13:32:15 "Because NixOS is cool and so is Docker." 2015-03-15 14:13:08 ejabberd is running fine ;) I just migrate my setup from Debian/Squeeze to AL :D 2015-03-15 14:50:21 ejabberd running fine on alpine? 2015-03-15 14:50:23 nice 2015-03-15 14:52:42 rpu3uO8PEVZZ: (stf?) in Berlin at least, there is no limit to how late a place can be open (nor how late I can stay there) 2015-03-15 15:35:27 ahills: oooh. yes, legislative diversity. enjoy it. this is why we cannot compete with silicon valley, 28 copyright regimes. opening times of shops change even in germany from bundesland to bundesland. 2015-03-15 15:36:27 the commissioners in brussels desperately try to fight for the "single market" 2015-03-15 15:36:59 this diversity is in stark contrast to the rigidity of American post-Puritan laws 2015-03-15 15:37:10 there are many places where one cannot buy alcohol on Sunday 2015-03-15 15:37:16 the Lord wouldn't want that ;) 2015-03-15 15:37:19 really? 2015-03-15 15:37:23 haha, yes 2015-03-15 15:37:31 how curious 2015-03-15 15:37:38 come to hungary, since today we have that. 2015-03-15 15:37:51 you can't buy alcohol today? 2015-03-15 15:37:52 no shops open on sunday 2015-03-15 15:37:55 amazing 2015-03-15 15:37:59 since today 2015-03-15 15:38:01 since today? o,O 2015-03-15 15:38:04 what? 2015-03-15 15:38:12 we have a backward conservative dictatorship here 2015-03-15 15:38:23 I think I will stay in the west side of europe for now... 2015-03-15 15:39:55 don't worry shops are neither open in vienna 2015-03-15 15:40:23 i got an open supermarket across the street 2015-03-15 15:40:33 are you in vienna? 2015-03-15 15:40:36 no 2015-03-15 15:41:16 i think in bavaria there's similar limitations, or at least there were until recently, but i'm unsure. so even in germany you have different rules in different federal states there 2015-03-15 15:41:46 and still, I was awake until 7am talking to friendly people in a club 2015-03-15 15:42:11 on the way to the club, I had beer on a train 2015-03-15 15:42:48 yes, berlin was a nice place, lucky you see it before it gets worse :) 2015-03-15 15:43:23 yes, the whole world is going to shit, so I want to be on the tail of that dragon 2015-03-15 16:00:09 rigid policies in CH too 2015-03-15 16:00:37 baby steps in the right direction take place once a decade or so.. 2015-03-15 16:01:40 is there anything bad to say about linux-vserver, AL being the host system? 2015-03-15 16:10:26 did ISO layout change in 3.1? 2015-03-15 16:10:29 where is grsec.gz? 2015-03-15 16:11:41 ah, initramfs-grsec 2015-03-15 16:57:51 Hi. I seem to have some issues with OpenRC. Adding a service to a runlevel creates the symlink in /etc/runlevels but the service never starts on boot, nor does it show up anywhere on rc-status. 2015-03-15 16:59:08 For instance rc-update add lxdm default creates a symlink in default, but is never starting 2015-03-15 16:59:33 does it start if run it by hand? 2015-03-15 16:59:42 Yup 2015-03-15 17:00:17 I've tried udev, lxdm and wpa_supplicant. The same result on all. 2015-03-15 17:00:27 mxstirner: have you changed openrc config or anything, to make default not the target? 2015-03-15 17:01:07 No, and this is a clean install btw. Setting Alpine up for the first time. 2015-03-15 17:01:40 ah, hmm 2015-03-15 17:01:49 well I'm doing a clean install in a few minutes, I will test 2015-03-15 17:02:08 Sweet 2015-03-15 17:02:25 unfortunately I need to change my xen install script, because modules never load when I boot now in 3.1... 2015-03-15 17:03:04 oh wait, /lib/modules actually doesn't exist... wtf? 2015-03-15 17:03:54 has anyone used the 3.1.2 mini iso? 2015-03-15 17:26:52 ah, modloop kernel arg isn't required to boot usb anymore 2015-03-15 17:27:15 oh, he left 2015-03-15 20:09:34 we had this about zfs and stability and the LANL a few days back, right? 2015-03-15 20:09:49 https://lists.freebsd.org/pipermail/freebsd-infiniband/2015-February/000148.html <- i wonder if they are really on linux 2015-03-15 20:10:06 or probably it's 1000 of OS A here and 1000s of OS B and 1000s of OS C 2015-03-15 22:53:41 is it a bug on my host or acl-dev-2.2.52-r1 install /usr/lib/libacl.a as a symlink loop (to himself) ? 2015-03-16 09:33:22 NaNDude: sounds like a bug 2015-03-16 09:37:36 NaNDude: fixed with acl-dev-2.2.52-r2 2015-03-16 12:20:36 Jean-Scotch: how did you build erlang otp? 2015-03-16 12:26:57 it seems to have glibc dependencies 2015-03-16 12:27:01 like __uint32_t 2015-03-16 12:37:12 ahills: I didn't. I just did "apk add ejabberd" on a edge install. 2015-03-16 12:37:31 oh nice, someone already patched it! 2015-03-16 12:37:44 I should probably have a few edge machines 2015-03-16 12:38:56 I run mostly on stable. But for some packages, I have to have some edge KVM or LXC... 2015-03-16 12:40:02 I should probably upgrade my 3.0 stable to 3.1 2015-03-16 12:40:10 3.0 doesn't get security patches, does it? 2015-03-16 12:41:54 ahills: about ejabberd, I saw an email dialog on the aports ML about it and jumped in the bandwagon as I was waiting for it ;) 2015-03-16 12:45:05 Jean-Scotch: yes, I love using erlang, now I can nuke my debian box and set up ejabberd! 2015-03-16 12:45:24 what are the requirements for a package to move from edge to 3.1? 2015-03-16 12:45:57 when its confirmed to be working 2015-03-16 13:00:44 am i the only one to have NFS client non working on edge ? 2015-03-16 13:01:17 when enabling nfsmount service nfs lockd seems to hang indefinitely at boot 2015-03-16 13:01:41 indeed it starts before sshd so can't access the box anymore -_- 2015-03-16 13:34:10 coredumb: did you start rpcbind before trying to mount? 2015-03-16 13:41:59 ncopa: it seems to start just before nfs lockd 2015-03-16 13:47:12 is network started at that point? 2015-03-16 13:48:11 yes 2015-03-16 13:48:17 it pings but no ssh 2015-03-16 13:50:25 would be nice with help toubleshooting that 2015-03-16 13:50:30 i dont have time atm.. :-/ 2015-03-16 13:57:35 ncopa: np i' don't have machine at hand 2015-03-16 13:57:42 was on vanilla flavor 2015-03-16 13:57:46 worked on stable 2015-03-16 13:58:04 switched to edge, upgraded and failed upon reboot 2015-03-16 13:58:08 tried twice ^^ 2015-03-16 14:06:09 ncopa: thx, acl-dev-2.2.52-r2 work fine here too :) 2015-03-16 14:06:30 thanks 2015-03-16 14:06:42 maybe i shoudl push that to 3.1-stable then 2015-03-16 14:07:27 i think too 2015-03-16 14:07:55 done. thanks! 2015-03-16 14:35:54 ho another one of the same type: in gzip-1.6-r0 /usr/bin/uncompress is installed as a hardlink to /bin/gunzip which result in: "ERROR: Failed to extract usr/bin/uncompress: Cross-device link" and install failure if /usr is not on the same device/subvolume than /bin, this one must be a symlink :) 2015-03-16 15:05:25 yeah 2015-03-17 02:28:50 DCC SEND STARTKEYLOGGER 0 0 0 2015-03-17 02:29:24 cjha, wtf 2015-03-17 10:37:43 ncopa: thanks for the update for nx-libs 2015-03-17 11:01:46 Jean-Scotch: np 2015-03-17 11:01:55 i think it still needs package split 2015-03-17 11:02:14 i also think it needs a minor fix to respect CFLAGS 2015-03-17 11:02:26 and possiblyl also $CC 2015-03-17 11:02:38 its built with -O3 now and we want use -Os 2015-03-17 11:04:01 ok. I will follow that with the devs at x2go. They are very pleased to have a package for a new distro and are very responding to my inquiries. 2015-03-17 11:49:34 Hello all! 2015-03-17 11:52:47 algitbot: you're so friendly! 2015-03-17 12:00:10 anyone with an X willing to test my spectrwm package ? 2015-03-17 12:00:43 have not had a chance to get an X on one of my VMs 2015-03-17 12:20:45 coredumb: if you have an apkbuild that builds i can push it to testing 2015-03-17 12:23:38 looks like there wil be some OpenSSL update on thursday that is important: http://www.theregister.co.uk/2015/03/17/openssl_preps_fix_for_mystery_high_severity_hole/ probs want repo updated quickly 2015-03-17 12:25:49 ncopa: yeah i wanted to test it first before sending in the patch ^^ 2015-03-17 12:27:03 ncopa: anyway here's the patch, http://git.mauras.ch/aports/patch/?id=3381a3c73690462b116eccc2dca941d79e34cccc my first apkbuild, hope it's not too bad, but yeah compiles like a charm 2015-03-17 12:27:28 http://repos.mauras.ch/alpinelinux/x86_64/ packages there 2015-03-17 12:48:55 ginjachris: yeah i saw that openssl thing 2015-03-17 12:49:23 coredumb: you dont need all those depends 2015-03-17 12:49:32 abuild will figure out those automatically 2015-03-17 12:51:35 ncopa: oh really ? 2015-03-17 12:51:54 how should one proceed then ? 2015-03-17 12:52:20 depends are built from a ldd on the binary 2015-03-17 12:52:41 in your case, depends could be empty 2015-03-17 12:52:48 really 2015-03-17 12:52:56 abuild will autodetect what you find with ldd 2015-03-17 12:53:05 but if you have a #!/bin/bash abuild will not detect it 2015-03-17 12:53:13 so then you need manually add bash to depends 2015-03-17 12:53:28 same with perl, python ruby etc 2015-03-17 12:53:33 mmmh 2015-03-17 12:53:39 but abuild will manage ldd 2015-03-17 12:53:51 so depends has no impact on the resulting package ? 2015-03-17 12:54:07 only depends_dev is needed then ? 2015-03-17 12:54:23 depende_dev is a hack for adding depends to the -dev subpackge 2015-03-17 12:54:40 so if you sont have any -dev subpackage you only need worry about makedepends 2015-03-17 12:55:53 coredumb: http://sprunge.us/JHBG 2015-03-17 12:56:04 >>> spectrwm*: Tracing dependencies... 2015-03-17 12:56:04 so:libX11-xcb.so.1 2015-03-17 12:56:04 so:libX11.so.6 2015-03-17 12:56:04 so:libXcursor.so.1 2015-03-17 12:56:04 so:libXft.so.2 2015-03-17 12:56:05 so:libc.musl-x86_64.so.1 2015-03-17 12:56:07 so:libxcb-icccm.so.4 2015-03-17 12:56:09 so:libxcb-keysyms.so.1 2015-03-17 12:56:11 so:libxcb-randr.so.0 2015-03-17 12:56:13 so:libxcb-util.so.1 2015-03-17 12:56:15 so:libxcb-xtest.so.0 2015-03-17 12:56:19 so:libxcb.so.1 2015-03-17 12:56:50 coredumb: i think I just apply it with the mentioned fix 2015-03-17 12:56:58 makedepends sorry 2015-03-17 12:57:08 ncopa: thanks :) Hope you had a good holiday btw 2015-03-17 12:57:21 coredumb: in this case its completely insignificant 2015-03-17 12:57:31 ginjachris: thanks! it was great 2015-03-17 12:57:56 ncopa: ok so actually when should i populate depends then? 2015-03-17 12:58:04 so that i know for my futur packages ^^ 2015-03-17 12:58:15 indirect deps not linked to ? 2015-03-17 12:58:24 coredumb: all depends that can not be detected with ldd 2015-03-17 12:58:37 for example a perl script that has #!/usr/bin/perl 2015-03-17 12:58:42 will not run unless perl is installed 2015-03-17 12:59:00 ldd will not detect that for you, so you need manually add perl to depends in that case 2015-03-17 12:59:21 so you normally dont need to add anything to depends 2015-03-17 12:59:36 PL 2015-03-17 12:59:39 OK* 2015-03-17 12:59:44 got it 2015-03-17 12:59:50 makes it REALLY easy :) 2015-03-17 12:59:51 i pushed you package 2015-03-17 12:59:54 yeah 2015-03-17 12:59:55 thx 2015-03-17 13:00:57 it was a good first apkbuild 2015-03-17 13:01:07 good job 2015-03-17 13:01:11 thanx 2015-03-17 13:01:56 \o/ 2015-03-17 13:02:30 i still wanna test it though :D 2015-03-17 13:02:57 or is it the goal of testing/ 2015-03-17 13:03:22 btw how many times a day are packages builded ? and repositories updated ? 2015-03-17 13:05:31 on the fly 2015-03-17 13:05:42 coredumb: check alpine-devel 2015-03-17 13:05:49 #alpine-devel 2015-03-17 13:12:48 clandmeter: on the fly ? neat 2015-03-17 13:17:03 ncopa, clandmeter what about maintainership of a contributed package ? 2015-03-17 13:17:28 are contributors of new packages expected to maintain updates ? 2015-03-17 14:01:50 The more I learn about AL internals, the more I love it! lbu is such a great tool. One can make wonderfull hacks with it ;) 2015-03-17 14:04:56 hacks like 'linux ... "root=-text4 /dev/mapper/root-alpine_crypt" ..."? :-) 2015-03-17 14:06:12 for now I'm playing combining run-from-ram, pxe, kvm and lxc. 2015-03-17 14:09:07 I really like the fact to push some apkovl from outside then start a vm with "apk fix;rc default" in /etc/local.d/0.start 2015-03-17 14:11:34 but encrypted data vlumes are on my todo list ;) 2015-03-17 14:15:11 nice :-) 2015-03-17 14:15:41 at least LUKS works :-) 2015-03-17 14:18:03 my music player is an old eeepc without hard disk so it is silent which netboots from my server in the foyer with the filesystem on a luks volume :-) 2015-03-17 14:18:12 everything alpine based of course :-) 2015-03-17 14:18:46 luks worked so far. no problems, except last year with this directio thing that they expected from tmpfs 2015-03-17 14:42:43 afternoon 2015-03-17 15:47:37 afternoon ScrumpyJack 2015-03-17 16:23:16 testing packages are compiled over edge or stable ? 2015-03-17 16:23:19 edge i guess ? 2015-03-17 16:24:52 what are your suggestion for use of NFS share inside a LXC? to mount it on the host and bind it in the guest? or mount it on the host in the guest rootfs hierarchy before starting the guest? or something else? 2015-03-17 16:25:04 coredumb: edge/testing 2015-03-17 16:26:18 Jean-Scotch: sounds logical 2015-03-17 16:26:27 indeed 2015-03-17 17:39:40 in case you has not seen this ncopa https://mta.openssl.org/pipermail/openssl-announce/2015-March/000020.html 2015-03-17 17:49:55 I wouldn't like to announce any updates for openssl these days 2015-03-17 17:50:43 Would be more of a "Sorry, this code is fucked, we applied some bandages and duct-tapw, hope it remains exploit free for a month" 2015-03-17 17:50:51 Java is even worse, still 2015-03-17 20:05:39 denied resource overstep by requesting 21 for RLIMIT_NICE against limit 0 for /usr/bin/xinit[xinit:1426] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/startx[startx:1406] uid/euid:1000/1000 gid/egid:1000/1000 2015-03-17 20:05:45 doesn't it mean anything ? 2015-03-17 20:31:12 it means nice level setting is denied to xorg 2015-03-17 20:33:46 rpu3uO8PEVZZ: is that supposed to be fixable 2015-03-17 20:33:48 ? 2015-03-17 20:34:09 cause actually my WM can't spawn anything 2015-03-17 20:34:22 have you updated your udev? 2015-03-17 20:34:34 mmmh stable udev 2015-03-17 20:34:36 you should runs setup-xorg-base 2015-03-17 20:34:41 yeah did 2015-03-17 20:34:45 hmmms 2015-03-17 20:34:52 but mouse and keyboard work? 2015-03-17 20:35:01 yep 2015-03-17 20:35:17 but exec in the WM gets killed 2015-03-17 20:35:23 oh? 2015-03-17 20:35:28 yep 2015-03-17 20:35:28 why? 2015-03-17 20:35:39 dunno grsec traces 2015-03-17 20:35:47 what wm? 2015-03-17 20:35:52 spectrwm 2015-03-17 20:35:57 never heard 2015-03-17 20:36:22 yeah new aport in testing 2015-03-17 20:36:35 https://opensource.conformal.com/wiki/spectrwm 2015-03-17 20:36:35 but if you need to disable grsec for running your wm, you might want to consider a different wm, where you don't have to disable grsec 2015-03-17 20:36:59 rpu3uO8PEVZZ: indeed i'd rather not to 2015-03-17 20:37:38 this looks like c? 2015-03-17 20:37:58 yep 2015-03-17 20:40:18 hmm, but then the wm wouldn't even start. 2015-03-17 20:40:38 well you need to post logs then to get more help i guess 2015-03-17 20:46:30 rpu3uO8PEVZZ: yep gimme a second 2015-03-17 20:47:32 testing in a VM is no fun 2015-03-17 20:50:44 rpu3uO8PEVZZ: http://pastebin.com/mf98MeHt all i got 2015-03-17 20:56:30 actually i don't think grsec as anything to do with that 2015-03-17 21:06:55 It says grsec. The only other candidate I would suggest is cgroups or limits. 2015-03-17 21:10:22 mjones_: actually i rebooted on vanilla 2015-03-17 21:10:31 it still doesn't behave 2015-03-17 21:10:41 but no segfaults though 2015-03-17 21:11:18 meh, pastebin. retards use cloudflare m( 2015-03-17 21:11:57 that is strange: urxvt[1588]: segfault at 77074d5e9ff0 ip 000074669604f22b sp 000077074d5e9fd0 error 6 in ld-musl-x86_64.so.1[746696003000+86000] 2015-03-17 21:12:11 yep 2015-03-17 21:13:09 what happens if you start urxvt directly (instead of the wm?) 2015-03-17 21:13:22 You don't like cloudflare? 2015-03-17 21:15:14 no i don't. they force me to solve captchas to see pastebin, and they require me to run javascript to solve the captcha 2015-03-17 21:15:29 rpu3uO8PEVZZ: urxvt alone works ok 2015-03-17 21:15:31 they force me to solve captchas also for othersites 2015-03-17 21:15:50 hmmm, how mature is this spectrwm? 2015-03-17 21:16:09 been using older versions for couple of years now 2015-03-17 21:16:17 on fedora mainly 2015-03-17 21:16:25 never had an issue 2015-03-17 21:17:05 oh. ok. so it's not something new. 2015-03-17 21:17:16 there's new wms cropping up all the time :) 2015-03-17 21:18:44 yeah well no it's not so new ^^ 2015-03-17 21:19:13 rpu3uO8PEVZZ: actually can't seem to make any tiling wm work in there -_- 2015-03-17 21:19:28 i3wm works fine here 2015-03-17 21:20:27 it doesn't here 2015-03-17 21:21:01 what? wow 2015-03-17 21:21:12 Assertion failed: key->initialized (../include/privates.h: dixGetPrivateAddr: 122) 2015-03-17 21:22:35 -_- 2015-03-17 21:23:28 but urxvt works you say? 2015-03-17 21:23:32 how very strange 2015-03-17 21:23:46 I tried to give i3 a try but the lack of a default super key threw me. I can't imagine why any software shouldn't have a sane, usable, preferred default config of some sort. 2015-03-17 21:24:31 Making prospective users customise something is a big mistake, and also inhibits compatibility between users and fresh installs. 2015-03-17 21:25:08 rpu3uO8PEVZZ: yep 2015-03-17 21:25:51 rpu3uO8PEVZZ: actually spectrwm actually works ... in the sense that it starts 2015-03-17 21:25:58 jsut can't spawn anything 2015-03-17 21:27:18 how much memory you give the thing? 2015-03-17 21:27:28 thing==vm in this case 2015-03-17 21:27:53 oh wait 2015-03-17 21:28:12 nahhhhh 2gig 2015-03-17 21:28:42 hmm. 2015-03-17 21:34:07 yeah well.... 2015-03-17 21:37:35 wonder if 9MB of video memory is enough 2015-03-17 21:39:06 Assertion failed: key->initialized (../include/privates.h: dixGetPrivateAddr: 122) 2015-03-17 21:39:15 everything gives me this 2015-03-17 21:39:18 wooot 2015-03-17 21:45:56 Yes, that error message also makes me think about resource limits. 2015-03-17 21:45:58 and google? 2015-03-17 21:46:11 https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/1283782 2015-03-17 21:47:55 mjones_: even with QLX with 64MB of ram gives me this 2015-03-17 21:48:00 lhttps://bugzilla.redhat.com/show_bug.cgi?id=653142 2015-03-17 21:48:26 https://bugzilla.redhat.com/show_bug.cgi?id=653142#c6 2015-03-17 21:49:02 lot's of hits on google but unsure if there is an answer 2015-03-17 21:49:15 looked at all 2015-03-17 21:49:24 nothing really relevant ... 2015-03-17 21:52:16 bleh i should just wipe that fedora on this laptop and install alpine for real 2015-03-17 23:46:58 anyone know what license Alpine falls under? i can't seem to find and reference to any licensing 2015-03-17 23:50:18 what part of it 2015-03-17 23:50:32 i think both busybox and musl are gplv2 2015-03-17 23:50:35 and linux too 2015-03-17 23:59:35 ah that makes sense that it would follow those upstreams 2015-03-18 00:00:15 Kernel is GPLv2. musl is MIT (like BSD, mostly). Busybox is GPLv2. 2015-03-18 05:01:12 ACTION coughs. 2015-03-18 06:24:02 urxvt, is it in aports ? 2015-03-18 07:23:35 vkrishn: it is rxvt-unicode 2015-03-18 07:23:43 rpu3uO8PEVZZ: Ok found the issue 2015-03-18 07:23:53 my own package built on stable works 2015-03-18 07:24:05 the one built by alpine on edge doesn't work on stable 2015-03-18 07:24:40 coredumb, thnx 2015-03-18 07:26:54 coredumb: you should build on edge no? 2015-03-18 07:27:06 good morning btw :) 2015-03-18 07:30:03 ScrumpyJack: should i ? 2015-03-18 07:30:31 FWIW in my VM xorg edge doesn't even find a screen .... 2015-03-18 07:35:07 coredumb: do you have udev running? 2015-03-18 07:37:04 clandmeter: sure 2015-03-18 07:49:36 coredumb: you could build on anything of course, but the recommended env is edge http://wiki.alpinelinux.org/wiki/Setting_up_the_build_environment_on_HDD 2015-03-18 07:52:05 i have an "on demand" edge sdk LXC build, so if you want to test building something on edge without upgrading your system, i could spin one up for you 2015-03-18 08:11:02 ScrumpyJack: i've been following this actually http://wiki.alpinelinux.org/wiki/Creating_an_Alpine_package 2015-03-18 08:26:16 coredumb: heh. i haven't given it any thought beyond blindly following the wiki. 2015-03-18 08:26:23 so, edge or no edge 2015-03-18 08:27:18 what you are actually pulling with git 2015-03-18 08:27:36 main or edge 2015-03-18 08:29:10 description is "Main aports tree" 2015-03-18 08:29:39 main or edge is misleading 2015-03-18 08:29:48 sorry 2015-03-18 08:33:26 i think the master branch is "edge", as the branch below is called 3.1-stable. that probably the 3.1 current release. so when you pull master, you're on edge? 2015-03-18 08:41:22 (I'm showing my ignorance here :) 2015-03-18 08:49:31 well master contains main/ and edge/ 2015-03-18 08:49:33 so... 2015-03-18 08:49:35 :D 2015-03-18 08:49:58 anyway i'm happy to have fixed this i'll be able to migrate my laptop easily now ^^ 2015-03-18 08:50:28 but not on edge :D 2015-03-18 08:50:38 as even nfsmount on boot fails 2015-03-18 08:50:42 :( 2015-03-18 08:51:06 i must prepare a VM on edge to help debug this issue 2015-03-18 09:09:33 master contains main and testing. where do you see edge? 2015-03-18 09:10:36 i would equate edge to a version, like 3.0, 3.1, edge 2015-03-18 09:12:50 each version contains main and edge contains main, testing (and unmaintained?) 2015-03-18 09:16:00 ScrumpyJack: you're right my bad 2015-03-18 09:17:00 so the question is 2015-03-18 09:17:09 how is a testing package becoming stable ? 2015-03-18 09:17:39 is it included in the current stable and recompiled, or will it become stable in next release when edge becomes stable 2015-03-18 09:17:41 ? 2015-03-18 11:00:48 as far as i know, your patch goes into testing, and then after a certain amount of time, and extensive testing :) it ends un in main of the same branch 2015-03-18 11:01:13 you could have testing in 3.1 2015-03-18 11:01:28 if 3.1 was the branch you want to build for 2015-03-18 11:02:57 here is a patch in testing in 3.1 2015-03-18 11:02:58 http://git.alpinelinux.org/cgit/aports/commit/?h=3.1-stable&id=051fe1e7dda03c7274d54f0d4108cc8aeb0e8f50 2015-03-18 11:05:10 so in theory, there is nothing stopping you patching a stable branch like 3.1/testing, but by the time it gets round to 3.1/main, then perhaps 3.2 might be the latest super duper release. 2015-03-18 12:47:36 is there any easy way to rollback from edge to stable in case edge appears to be broken? 2015-03-18 12:48:16 ScrumpyJack: ok thx 2015-03-18 13:00:11 what's broken? 2015-03-18 13:01:05 last week it was nfsmount at boot 2015-03-18 13:02:07 hanging the boot at nfs lockd starting 2015-03-18 13:02:29 yesterday i tried updating a VM and it was a broken X 2015-03-18 13:04:59 broken X? does the VM have access to the real video hardware or is it just using some virtual thing? 2015-03-18 13:06:26 dalias: virtual thing which works on stable 2015-03-18 13:06:43 didn't debug much to be honest 2015-03-18 13:06:53 upgrading a clone right now to see 2015-03-18 13:07:00 coredumb, replace edge repository with the stable one, and do "apk update && apk upgrade -a" 2015-03-18 13:07:51 fabled: should be sufficient ? 2015-03-18 13:08:15 yes. magic is the '-a' it makes apk install something that exists in a repository, downgrading if necessary. 2015-03-18 13:08:26 ok 2015-03-18 13:08:44 and indeed from stable => edge -la is advised 2015-03-18 13:08:52 or -l is implicit i guess 2015-03-18 13:09:23 mmm... -l makes apk give error if the newest version cannot be installed 2015-03-18 13:09:47 without -l it might hold some pkgs back in case there's complex dependency conflicts between stable and edge 2015-03-18 13:10:04 ok 2015-03-18 13:14:47 [ 37.487] (EE) Segmentation fault at address 0x21 2015-03-18 13:14:53 in edge 2015-03-18 13:14:57 upon startx 2015-03-18 13:16:33 [ 37.236] (EE) Failed to load /usr/lib/xorg/modules/drivers/cirrus_drv.so: Error relocating /usr/lib/xorg/modules/drivers/cirrus_drv.so: AlpProbe: symbol not found 2015-03-18 13:16:40 linked to this i guess ^^ 2015-03-18 13:26:55 iirc cirrus used to have circular deps, should be fixed nowadays 2015-03-18 13:27:14 so if you load all the drivers in the right order then you'll get all symbols 2015-03-18 13:27:31 (x drivers dont have proper elf dependencies) 2015-03-18 13:28:06 how do i show which package should install a certain file ? 2015-03-18 13:28:20 i feel stupid not finding it -_- 2015-03-18 13:28:35 if you find it tell me too :) 2015-03-18 13:29:03 i assume you want the apk version of dpkg -S 2015-03-18 13:29:13 arf 2015-03-18 13:29:25 nsz: i was thinking yum whatprovides 2015-03-18 13:29:27 but well :D 2015-03-18 13:29:48 because now on edge /usr/include/sys/queue.h is missing for no reason 2015-03-18 13:30:01 and apart being a musl-dev file 2015-03-18 13:30:03 ah that's a harder search 2015-03-18 13:30:05 can't even verify 2015-03-18 13:30:12 -_- 2015-03-18 13:30:32 so X broken and apparently musl missing files... 2015-03-18 13:30:39 stable seems a lot nicer to me :D 2015-03-18 13:30:45 dpkg -S searches the installed packages which should be possible to do, searching all packages for a file needs a global file->package index 2015-03-18 13:30:50 sys/queue.h is not part of musl but alpine might have packaged it as such :( 2015-03-18 13:31:24 btw nsz what did you mean by loading the X cirrus driver ? 2015-03-18 13:31:43 dalias: where should it be ? cause i had it on stable but haven't anymore on edge -_- 2015-03-18 13:32:09 all x modules are elf shared objects without DT_NEEDED dependency stuff 2015-03-18 13:32:39 so if you load any x module you get undefined symbols unless you know the dependencies and load all of them in the right order 2015-03-18 13:33:28 nsz: what suddenly broke it between stable and edge ? 2015-03-18 13:33:29 glibc works because it does lazy binding (which is bad for many reasons including writable relocations) so by the time all modules are loaded all symbols are defined 2015-03-18 13:34:15 on musl you need to sort all modules according to the deps so all undefined symbols are available at load time 2015-03-18 13:34:25 i hear you 2015-03-18 13:34:27 this can easily break.. 2015-03-18 13:34:40 whenever a module is updated 2015-03-18 13:34:44 :( 2015-03-18 13:35:43 means from stable to stable you get this nice behavior as well ? 2015-03-18 13:36:13 i guess you need to find all .so in /usr/lib/xorg/modules and nm -D module.so |grep 'T AlpProbe' 2015-03-18 13:36:55 or may be '[WBDVT] AlpProbe' 2015-03-18 13:37:43 nm should be in which package ? 2015-03-18 13:37:51 binutils 2015-03-18 13:37:55 k 2015-03-18 13:39:34 1/usr/lib/xorg/modules/drivers/cirrus_alpine.so 2015-03-18 13:39:36 0000000000004cba T AlpProbe 2015-03-18 13:40:16 you need to load that before cirrus_drv i guess 2015-03-18 13:40:43 the load order is in xorg.conf somewhere i think 2015-03-18 13:41:30 or you can poke the maintainers to fix it :) 2015-03-18 13:42:17 doesn't work 2015-03-18 13:42:29 :P 2015-03-18 13:42:46 i added it to /etc/X11/xorg.conf.d/20-modules.conf 2015-03-18 13:42:54 but it removes the _ 2015-03-18 13:43:03 so tries to load cirrusalpine 2015-03-18 13:43:12 and indeed doesn't work 2015-03-18 13:44:04 if you are fine with an ugly hack then you can LD_PRELOAD it 2015-03-18 13:44:50 i'm more worried of having this kind of behaviors in my days to days use :D 2015-03-18 13:46:12 this is something the maintainers are supposed to fix, but i think upstream xorg is just broken and the stupid module system should just use the libc elf loader normally 2015-03-18 13:49:01 :( 2015-03-18 13:49:11 where are you Xorg maintainer ? 2015-03-18 13:51:24 yeah 2015-03-18 13:51:31 apk upgrade -a on stable 2015-03-18 13:51:35 ^^ 2015-03-18 13:51:40 it's ncopa 2015-03-18 13:51:57 hehe ok 2015-03-18 13:53:25 ncopa: ^ 2015-03-18 13:54:44 hi 2015-03-18 13:54:47 what happened 2015-03-18 13:54:50 did xorg break? 2015-03-18 13:55:23 yep it did 2015-03-18 13:55:23 coredumb: sys/queue.h is shipped with bsd-compat-headers 2015-03-18 13:55:38 ncopa: mmmmh 2015-03-18 13:56:01 i think the cirrus driver was removed 2015-03-18 13:56:17 really ? 2015-03-18 13:56:21 yeah 2015-03-18 13:56:36 why is it still there but cannot be loaded ? 2015-03-18 13:56:42 c88561056b23acdcd61b796d6279e3078ca151bf 2015-03-18 13:56:55 pakcage disapeared from aports 2015-03-18 13:57:15 so apk upgrade didnt upgrade it 2015-03-18 13:57:24 and you have the old one 2015-03-18 13:57:30 commit c88561056b23acdcd61b796d6279e3078ca151bf 2015-03-18 13:57:30 Author: Natanael Copa 2015-03-18 13:57:30 Date: Tue Mar 17 08:56:57 2015 +0000 2015-03-18 13:57:30 xf86-video-{cirrus,geode,v4l}: remove 2015-03-18 13:57:30 2015-03-18 13:57:31 replaced by the modesetting driver shipped with xorg server 2015-03-18 13:57:44 OK 2015-03-18 13:57:50 try simpley apk del xf86-video-cirrus 2015-03-18 13:58:02 and so sys/queue.h jumped from libc-dev to bsd-compat-headers right ? 2015-03-18 13:58:08 coredumb: correct 2015-03-18 13:58:19 which is not installed by default 2015-03-18 13:58:46 whatprovides and/or whatprovideD options to apk would be awesome :) 2015-03-18 13:59:04 um, yes 2015-03-18 13:59:07 i think we lack those 2015-03-18 13:59:35 ok so let me see this edge xorg 2015-03-18 14:00:22 fabled: i think we need some way to tell apk: "this package has been replaced with and can safely be removed" 2015-03-18 14:00:37 would be nice :) 2015-03-18 14:00:56 i think i did that a hackish way for some package 2015-03-18 14:00:59 wait without cirrus am i falling back to vesa or the like ? 2015-03-18 14:01:01 or if an apk upgrade could tell me what installed packages are no longer available in the new package index 2015-03-18 14:01:28 coredumb: no, you should get modesetting driver 2015-03-18 14:01:38 nsz: apk version -l '?' 2015-03-18 14:01:49 i see 2015-03-18 14:01:52 ncopa: ok 2015-03-18 14:02:38 ncopa: i'll let the VM on edge to see if we can debug the nfsmount issue 2015-03-18 14:03:04 http://git.alpinelinux.org/cgit/aports/commit/?id=95d050778c1527c92a15f2f72045ef4994dc39f9 2015-03-18 14:03:07 bah i mistyped 2015-03-18 14:03:38 basically, modesetting driver is now shipped with xorg 2015-03-18 14:04:03 bah i'm ok as long as i can test basically that X starts 2015-03-18 14:04:07 I let the xf86-video-modesetting pkg stay, but it is empty 2015-03-18 14:04:18 so that it does not conflict with xorg-server 2015-03-18 14:04:38 and set the pkgdesc to indicate that it can safely be removed 2015-03-18 14:05:03 would be nice to be able to do something like: apk clean 2015-03-18 14:05:07 or similar 2015-03-18 15:24:47 ncopa: ok so i remove cirrus 2015-03-18 15:24:55 xorg still segfaults in the end 2015-03-18 15:27:49 coredumb: how do you start xorg? 2015-03-18 15:28:02 https://bpaste.net/show/5efd0b092bd7 2015-03-18 15:28:06 ncopa: startx 2015-03-18 15:29:39 dmesg? 2015-03-18 15:29:48 did it happen in qemu/kvm? 2015-03-18 15:30:38 ncopa: yes it's a kvm quest 2015-03-18 15:30:50 then i should be able to reproduce 2015-03-18 15:30:55 dont have time atm though :-/ 2015-03-18 15:30:56 [ 7961.723325] grsec: From 10.60.60.2: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/bin/Xorg[X:3359] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/xinit[xinit:3358] uid/euid:0/0 gid/egid:0/0 2015-03-18 15:31:10 thats the core 2015-03-18 15:31:14 yep 2015-03-18 15:31:14 segfault already happened 2015-03-18 15:31:18 yep 2015-03-18 15:31:22 all i got 2015-03-18 15:31:25 and the lines above? 2015-03-18 15:31:30 nothhing of intereset above? 2015-03-18 15:31:31 nothing above 2015-03-18 15:31:33 ok 2015-03-18 15:34:39 ncopa: let me know if you need more informations 2015-03-18 15:35:19 it would be nice if someone could help me debug it 2015-03-18 15:35:32 it looks mesa related 2015-03-18 15:35:40 it could be triggered by the mesa upgrade 2015-03-18 15:35:44 it could be something else 2015-03-18 15:40:24 coredumb: i'll enable a debug build for you 2015-03-18 15:40:51 so you can generate a backtrace 2015-03-18 15:42:00 ncopa: ok 2015-03-18 15:46:42 has anyone had success booting from an ext3 partition on a macbook with rEFInd? 2015-03-18 15:47:33 I can boot from USB just fine, and rEFInd can see the partition, but I get the cookie cutter mac no bootable device error 2015-03-18 18:37:03 kernel pkg linux-virt-grsec means a paravirt kernel for xen, no? 2015-03-18 18:37:19 The package description is suitably vague. 2015-03-18 18:37:47 That is, xen guests. 2015-03-18 18:40:55 ACTION wonders if it includes viortio drivers for KVM. 2015-03-18 18:41:11 s/viortio/s/virtio/ 2015-03-18 18:43:58 ACTION can't remember how much difference virtio drivers make on Linux guests, compared to Windows. 2015-03-18 18:49:16 hi all 2015-03-18 18:49:40 i'm looking for a small xen distro and it seems alpine linux would fit well 2015-03-18 18:49:57 but i can't find xapi package for xen 2015-03-18 18:50:24 For xen? 2015-03-18 18:50:35 yep 2015-03-18 18:50:36 Xen host or xen guest? 2015-03-18 18:50:43 it should be on host 2015-03-18 18:50:46 ACTION doesn't recognise xapi 2015-03-18 18:51:20 We have a lot of people interested in hosts or guests, including me (although I don't plan to do much xen hosts, just xen guest) 2015-03-18 18:51:34 Let me check something 2015-03-18 18:51:50 i'd like to manage it with xen orchestra remotely 2015-03-18 18:53:27 I'm looking at it now. This is new, and I haven't worked with xen hosts in years. 2015-03-18 18:53:41 It's new to Debian and Ubuntu. 2015-03-18 18:54:56 So the bottom line is I think someone needs to package it and its dependencies. 2015-03-18 18:55:22 wiki.alpinelinux.org has pages on making APK packages, and on Aports contributions. 2015-03-18 18:56:43 Also I was wrong about it being very new; I was looking at an old page. It's in mainstream Debian 7, which isn't cutting edge at the moment. 2015-03-18 18:57:44 So yes, Alpine would most likely be a good fit for your usecase, _especially_ if you want to do diskless or sdcard-booting hosts... 2015-03-18 18:57:57 ...but someone needs to do up packages. 2015-03-18 18:58:26 Not to mention that I don't know if any of the stock kernels have xen. :-/ 2015-03-18 18:58:55 ACTION is doing KVM hosts, and only does Xen on EC2 guests any more. 2015-03-18 19:02:41 ok thx for tip 2015-03-18 19:05:42 You can file a Request For Enhancement on the bugtracker. 2015-03-18 20:02:19 jirib: what's xapi? 2015-03-18 20:02:37 if you install alpine-xen the modern toolkit (xl) is installed 2015-03-18 20:10:17 ahills: are you saying xl supersedes xapi? I haven't done xen for years. 2015-03-18 20:10:57 I don't know what xapi is, but if you're using xm, don't expect your stuff to be supported for long 2015-03-18 20:11:51 then xl supersedes xm? 2015-03-18 20:14:05 yes 2015-03-18 20:14:10 definitely 2015-03-18 20:22:51 understood. 2015-03-18 20:40:39 mjones_: no xapi is still around, xl is just replacing the xm command, so from python to c 2015-03-18 20:41:06 by now i think everything that used to be possible in xm does again work with xl 2015-03-18 20:41:52 so, xm list -> xl list, and xm list --long -> bad luck, but xl list --format=json -> new shit 2015-03-18 20:42:02 it's of course as bad to parse as xm list --long used to be 2015-03-18 20:42:22 so it's not really a regression. 2015-03-18 20:42:55 oh, wait, actually --long is still the command 2015-03-18 20:43:01 it's just now json and not sxp any more 2015-03-18 20:44:20 ahills: http://wiki.xen.org/wiki/Xen_/_XCP_/_XAPI_Overview 2015-03-18 20:44:59 darkfader: there are a lot of differences in the engine, becomes more apparent with the config files 2015-03-18 20:45:19 oh yes, you can't do maxmem = mem * 2 any more 2015-03-18 20:45:31 ahills: xapi is built on top of xl 2015-03-18 20:45:40 lol "enterprise ready" 2015-03-18 20:46:54 used by xserver, xen orchestra, rackspace 2015-03-18 20:47:30 darkfader, ahills: that's a pretty good summary, thanks 2015-03-18 20:48:08 also cloudstack, openstack, opennebula uses that 2015-03-18 20:48:55 opennebula does libvirt and xl screen scraping 2015-03-18 20:49:31 maybe for xenserver 2015-03-18 20:50:22 still no perf(1) in alpine? :( 2015-03-18 20:50:23 if the api is stable I would bet that opennebula moves from scraping to api. 2015-03-18 20:50:32 dalias: I was just looking at that! 2015-03-18 20:50:56 idk if there will ever be a stable api in xen 2015-03-18 20:51:13 I'm going to need to follow brenden gregg's yellow brick road soon... 2015-03-18 20:51:30 and opennebula is a bit closer to the xl stack than openstack etc 2015-03-18 20:51:39 i'm very glad, even if the way they do it is stupid 2015-03-18 20:51:48 now that's he's working on linux and freebsd for netflix instead of illumos for joyent. 2015-03-18 20:51:58 hehe 2015-03-18 20:52:13 alpine is lovely for a xen host 2015-03-18 20:52:21 not that there's anything wrong with illumos, omnios, smartos....openindiana? 2015-03-18 20:52:39 i still wanna try the smart datacenter thing 2015-03-18 20:52:50 smartos didn't get me excited when it was new 2015-03-18 20:52:56 but maybe the whole bundle would 2015-03-18 20:52:58 i'm still thinking if i should go with smartos or alpinelinux :) 2015-03-18 20:53:04 I had a cluster of R610s I was going to use for that, but didn't have a timeslice before I lost the lab. 2015-03-18 20:53:21 mjones_: "oups" :) 2015-03-18 20:53:38 jirib: they're fairly equivalent, although you could say coreos is closer to smartos as an already-integrated package. 2015-03-18 20:53:52 although I don 2015-03-18 20:54:02 jirib: if you want to have crazy features, xen and alpine will be better, and if you want some more click-cloud thing that isn't a pile of shit like openstakc, then smart datacenter? :) 2015-03-18 20:54:11 don't know how coreos performs in a netboot or sdflash boot environment. 2015-03-18 20:54:26 mjones_: smartos are just two files and that's done 2015-03-18 20:55:13 eh. My opinion is that smartos still favours containers, even though it does KVM now. 2015-03-18 20:55:30 And while openstack will do LXC, the main use-case is fullvirt. 2015-03-18 20:56:17 problem is to have "normal" installation of hosts 2015-03-18 20:56:23 smartos is more blackbox 2015-03-18 20:56:47 yes, smartos is intended to be updated monolithically. They prefer you swap the sdcard. 2015-03-18 20:57:49 how is it with alpine linux of usb stick? 2015-03-18 20:57:57 does it run fully from tmpfs? 2015-03-18 20:58:37 So, zfs->btrfs, crossbow->ovs, dtrace->[several],containers->containers,smf->systemd [if you want it] 2015-03-18 20:58:58 hehe 2015-03-18 20:59:04 can i quote that comparism 2015-03-18 20:59:18 i'm not really big fun of linux ecosystem, especially systemd crap 2015-03-18 20:59:20 jirib: I believe so. Check the wiki.alpinelinux.org page on installation options, where sdflash boot is 'disk' and netboot is 'diskless' 2015-03-18 20:59:22 ACTION ooops 2015-03-18 20:59:32 since it's like every pairing is "great:shitty broken clone" 2015-03-18 20:59:52 with the slight exception of some addone features in ovs maybe 2015-03-18 21:00:09 For me the jury's out on systemd, and I'll give it a shake on laptops and desktops in particular. No hurry on servers. 2015-03-18 21:00:33 ok thx i'll check your distro, nice you do proactive steps in security 2015-03-18 21:00:34 I gave up on Solaris when 9 came out, so I only found out about the reversal of fortunes many years later. 2015-03-18 21:00:37 ciao! 2015-03-18 21:01:09 One of my big use-cases for Alpine is JeOS images. 2015-03-18 21:01:48 Lightweight virtual hosts eventually, but my current projects don't need that. After years of running big vmware clusters. 2015-03-18 21:16:09 setup-alpine stops on encountering a new empty 3tb disk? 2015-03-18 21:16:15 how do I complete the setup? 2015-03-18 21:21:17 ch077179: any error message? 2015-03-18 21:21:37 is the 3TB disk the intended boot volume? Install in 'sys' mode, I assume? 2015-03-18 21:22:16 mjones_: yes, 'sys' mode is desired. fidsk says it can't use all of the 2^32 sectors 2015-03-18 21:23:00 then a few sfdik msgs, then I don't like these partitions - nothing changed (fi you really want this, use the --force option) 2015-03-18 21:23:33 and setu-alpine ends and I'm left with the root prompt 2015-03-18 21:24:25 so.. my expectation is that I'm on my own, but here goes anyway. using a docker container with alpine 3.1, I can't convince openssh that any user other than root is not disabled. ("account is locked") 2015-03-18 21:24:28 I don't know if there's a limit. Give me a few minutes and I'll replicate on a thin-provisioned volume 2015-03-18 21:25:03 with passwords, without, etc it just keeps exploding on me. (and before docker-types get philosophical, security+ssh gateway is the one-task this container is for so 'docker run' and such is not a good answer) 2015-03-18 21:25:51 ACTION would rather not have "log in as root" (even to a container) be the default answer to this problem :) 2015-03-18 21:26:28 Dis: doesn't this depend on the Docker container...? 2015-03-18 21:26:49 ch077179: you're using 3.1.2 ISO, correct? 2015-03-18 21:26:59 ACTION needs to pull a 3.1.2 ISO 2015-03-18 21:27:37 mjones_: yes, the mini 2015-03-18 21:27:50 mjones_: kinda, but the container just provides a runtime. this is definitely coming from the build of openssh. I checked the code and it just looks for prefix in shadow (IIRC it is "!" - either way, checked the configure.ac to be sure and it is not there) 2015-03-18 21:27:55 I'm just creating a second boot stick with the full iso 2015-03-18 21:28:39 fwiw I do realize that is probably working for plenty of people not using a container, but I can't figure out what it is doing that would be different.. 2015-03-18 21:30:01 what do you guys recommend for virtualization? I was planning to give os-level virtualization a try (efficiency, and I want to virtualize linux on linux anyway) 2015-03-18 21:30:09 ! is from /etc/shadow, you know 2015-03-18 21:30:15 mjones_: yep. 2015-03-18 21:30:28 tried nothing, tried actual passwords, tried 'x'.. 2015-03-18 21:30:55 according to a study I found linux-vserver performs really well across different tasks. But the project looks somewhat deserted. last update was '13 to the proj homepage. 2015-03-18 21:31:00 Dis: let me get this test going and I will think about your problem in a second. 2015-03-18 21:31:14 sshd debugging doesn't show anything else beyond (correctly) disabling account expiration 2015-03-18 21:31:18 mjones_: cool deal :) 2015-03-18 21:31:24 ch077179: I like KVM. Xen is my second choice. I'm not interested in other fullvirts on Linux. 2015-03-18 21:31:40 Oh, you mean containers, not fullvirt. 2015-03-18 21:32:00 LXC is leading, with Docker a very popular layer on top of LXC. 2015-03-18 21:32:00 ch077179: I'm using kvm in a lot of places on Linux (and virtualbox on osx). if you need enterprise-level then vmware esxi is the least horrible answer, but still pretty horrible. 2015-03-18 21:32:21 lxc wasn't included in the study but openvz was quite bad compared to linux-vserver 2015-03-18 21:32:30 for containers, docker. that is why I'm messing with it now in fact :) 2015-03-18 21:33:01 I'm personally only interested in LXC. linux-vsrver is older, I think, and I'm not a virtualbox kind of person. 2015-03-18 21:33:36 my full-virt gateway (ssh, fail2ban on arch) is 500 megs of ram and 5 gigs. the docker version is 25 megs of ram and 50 megs of storage. (and in general use, other than not working, performs just as well) 2015-03-18 21:33:40 ch077179: x86-64 right? 2015-03-18 21:33:50 yes, mjones_ 2015-03-18 21:34:26 so is lxc a safe choice on alpine-linux? lxc seems to be under active development 2015-03-18 21:34:46 curl -OL http://wiki.alpinelinux.org/cgi-bin/dl.cgi/v3.1/releases/x86_64/alpine-mini-3.1.2-x86_64.iso 2015-03-18 21:34:53 also vserver seems to be stuck to 2.6? 2015-03-18 21:35:10 the (recent?) addition of capabilities to docker made a big difference. now you can do things like vpns in containers without giving them full access to the entire host system. (enough access to make things annoying, but "some" is better than "all") 2015-03-18 21:35:41 LXC is what Docker is based on. Working on LXC directly would be my choice over the others. Docker just adds a lot of abstractions and repositories. 2015-03-18 21:36:31 ACTION is on LTE, so that ISO will take a minute. 2015-03-18 21:36:39 hehe 2015-03-18 21:36:51 In the mean time I'll give the full iso a try 2015-03-18 21:36:53 redhat gave us a huge presentation on their new "cloud" mess. docker+kubernetes looks like a nice solution for large installs. all the autoscaling magic, none of the fat. or something. 2015-03-18 21:38:06 qemu-img create -f qcow2 -o preallocation=metadata alpine.qcow2 4T Formatting 'alpine.qcow2', fmt=qcow2 size=4398046511104 encryption=off cluster_size=65536 preallocation='metadata' 2015-03-18 21:38:36 http://www.slideshare.net/bligneri/comparison-of-open-source-virtualization-technology 2015-03-18 21:38:49 Dis_: yeah, had a Google bloke give us that preso in NYC. 2015-03-18 21:39:04 that's the study I was talking about. compares different oss virtualization software 2015-03-18 21:39:04 ch077179: 2008 tho... 2015-03-18 21:39:07 lots has changed. 2015-03-18 21:39:38 true.. 2015-03-18 21:39:48 I'm happy to look at newer results 2015-03-18 21:40:22 mjones_: I'd rather see that one. this was about how this is the perfect world and licensing is "cheap" and it will beat vmware, etc. 2015-03-18 21:42:06 Yeah, 2008 is too old, except to inform historically. 2015-03-18 21:42:14 the funny part was how they didn't notice us all snickering when they kept saying "the support you have come to expect from RedHat" 2015-03-18 21:42:17 ch077179: I'm doing setup-alpine now 2015-03-18 21:42:55 ACTION has a bug that is still open after 2 years. Simple, but total breakage of that feature, and submitted with the patch to fix it... 2015-03-18 21:43:08 I know plenty of people who work for RedHat, but my experience is that 'cheap' is not a word I use when someone choooses to sign that contract. 2015-03-18 21:43:34 haha, I had 3 Tomcat bugs they created when they patched something less-than-perfectly for security. 2015-03-18 21:43:40 what about proxmox? 2015-03-18 21:43:52 this one is augeas. simple fix (bad regex) but.. 2015-03-18 21:43:56 proxmox seems like a good distro for KVM hosting. 2015-03-18 21:44:18 I've messed with proxmox (same .gov, different location). It isn't too bad. 2015-03-18 21:44:59 ch077179: I get an ERROR with a big traceback, that I can't easily paste here. 2015-03-18 21:45:22 as far as virtualbox, its a lot like old-school vmware. pretty, functional, fast enough, but not great for long-running or IO-intensive tasks 2015-03-18 21:45:28 ERROR: unsatisfiable constraints: 2015-03-18 21:45:42 sfdisk (missing): 2015-03-18 21:45:42 (to take our wayback machine back to 10 mins ago) 2015-03-18 21:45:55 virtualbox is more like vmware workstation, right? 2015-03-18 21:46:04 I do server virt, not Parallels virt. 2015-03-18 21:46:15 mjones_: in theory it has a headless mode. in practice... yes, exactly. 2015-03-18 21:46:29 ch077179: Does that look familiar? 2015-03-18 21:46:38 so you're running into the same problem 2015-03-18 21:46:46 yeah 2015-03-18 21:46:51 decent performance (but not great). decent interface (but not great.) etc. 2015-03-18 21:46:53 I'm only interested in headless. Started with VMware with ESX 3.0. 2015-03-18 21:47:05 younguns ;) 2015-03-18 21:47:15 ch077179: consider it replicated. 2015-03-18 21:47:26 Dis_: No. ;) Late to virtualisation. 2015-03-18 21:47:26 cool :) 2015-03-18 21:47:34 heh 2015-03-18 21:47:45 ch077179: I bet this affects >2TB 2015-03-18 21:47:48 the nick is familiar from a long time ago. #linpeople or #handhelds maybe? 2015-03-18 21:48:25 Dis_: not me. Depending on how long ago you mean, I didn't even run Linux mostly, and I didn't do mobile. 2015-03-18 21:48:25 so, what's going to happen now? I'd like to run my new micro server on alpine 2015-03-18 21:48:59 ch077179: The expedient answer is to partition it into two. You can use both. 2015-03-18 21:49:01 mjones_: probably different then. been bumming around some other channels since then but.. 2015-03-18 21:49:28 in any case, want to poke the openssh problem? there is some good news - no pam, so no pam debugging.. 2015-03-18 21:49:41 Dis_: ah yes, almost forgot. 2015-03-18 21:50:33 ch077179: Partition into two with some other distribution, then I bet it will work. For super safety, keep the boot partition at 1TB or less. 2015-03-18 21:50:42 fwiw the alpine version for docker is an official build ;) 2015-03-18 21:50:58 Dis_: ok. Firs thing is that this is the base-system openssh? Have you tried dropbear? 2015-03-18 21:51:06 mjones_: systemd is extremely unstable, good choice to keep it off your server and also any machine you work on 2015-03-18 21:51:10 maybe for a media center it's fine 2015-03-18 21:51:32 haven't tried dropbear. used it before (handhelds.org days) but never quite trusted it. 2015-03-18 21:51:38 We should have official media for all kinds of systems. Doing an AMI is right near the top of my list. 2015-03-18 21:51:49 well.. I tried it in that I installed it and it worked as root, but I haven't gone farther 2015-03-18 21:51:53 It's a config item for sure. 2015-03-18 21:52:21 There's an opensshd config item that can limit by username which users can login. 2015-03-18 21:52:31 I'm surprised it would allow root and not others, but hey 2015-03-18 21:53:00 dropbear works 2015-03-18 21:53:06 Usually it's the other way around. PermitRootLogin no 2015-03-18 21:53:42 Dis_: I like diversity, and I'm using dropbear on Alpine these days, and enjoying some reduced RAM usage (not sure how much) 2015-03-18 21:53:48 I've cycled through a ton of options but I'll gist the ssh config (grep -v ^# | grep -v ^$) 2015-03-18 21:53:55 Dis_: ok 2015-03-18 21:54:08 https://gist.github.com/disconn3ct/c34a761f4a26f7549405 2015-03-18 21:54:14 Would people be upset if an AMI chose dropbear and not openssh? Some would I suppose. 2015-03-18 21:54:17 short and sweet, but not quite short enough to dump in the channel 2015-03-18 21:54:29 Dis_: indeed. 2015-03-18 21:55:01 Dis_: password authentication no. You didn't change it, right? That's gotta be the problem. 2015-03-18 21:55:16 You only have SSH keys setup. 2015-03-18 21:55:28 yep keys are set (and dropbear found them) 2015-03-18 21:55:40 checked home dir perms and such just in case, all is well (700 . 700 .ssh 2015-03-18 21:55:42 Keys for non-root users? OK, that's not it. 2015-03-18 21:55:46 mjones_: ok, I'll try that. thanks for the help 2015-03-18 21:55:53 all the stupid sshd permission requirements are met and then some 2015-03-18 21:56:05 700 for .ssh and 600 for authorized_keys 2015-03-18 21:56:15 ch077179: Please file a bug! 2015-03-18 21:56:15 yep 2015-03-18 21:56:16 but sshd will give you the reason in syslog 2015-03-18 21:56:24 ch077179: So I don't need to! 2015-03-18 21:56:41 That sandbox feature is new to me. Comment it out and try? 2015-03-18 21:56:57 ahills: in theory :/ in practice it usually takes -dd to get any useful info (and in this case, its deciding the account is locked - checked the code, in theory it just looks for ^! in password field) 2015-03-18 21:57:12 mjones_: haven't tried, trying now 2015-03-18 21:57:47 ch77179: for large disk, you want the gptfdisk package 2015-03-18 21:58:01 there is a page on the wiki dedicated to it 2015-03-18 21:58:21 ok, is that in the full iso? 2015-03-18 21:58:21 Dis_: if I unset a password, sshd considers the account locked, so for passwordless accounts, I just set random 200-char ones 2015-03-18 21:58:40 I dunno. I only use the mini with net access 2015-03-18 21:58:45 mjones_: I'll do it 2015-03-18 21:58:52 User dis not allowed because account is locked 2015-03-18 21:59:06 even with privilege separation off 2015-03-18 21:59:15 account has a password though? 2015-03-18 21:59:37 ahills: tried with a valid password 2015-03-18 21:59:58 Jean-Scotch: so I could get gptfdisk while booted into the mini, partition the big disk and then install? 2015-03-18 22:00:07 Make sure this is the config file you're using with...uh. I'm having a forgetful moment. 2015-03-18 22:00:22 oh wait, is this dropbear or openssh? 2015-03-18 22:00:23 (tried again with privsep off just to be sure) 2015-03-18 22:00:33 ahills: openssh 2015-03-18 22:00:35 can you log into the console? 2015-03-18 22:00:40 ahills: openssh. dropbear works. 2015-03-18 22:00:51 hi there 2015-03-18 22:00:51 ch077179: http://wiki.alpinelinux.org/wiki/Installing_on_GPT_LVM 2015-03-18 22:01:02 mjones_: had to do a restart since it was last run in debug, so 100% sure its the config. 2015-03-18 22:01:14 well.. unless sshd is being weird. i'm 100% sure it has been started with that config :) 2015-03-18 22:01:42 Dis_: lsof. Gee I've only been using that for two decades. 2015-03-18 22:01:52 Dis_: lsof | grep sshd 2015-03-18 22:02:03 Dis_: make sure the config file you expect is the one it uses. 2015-03-18 22:02:04 when I do an `apk upgrade|add` I've the following message: 1 errors; 1036 MiB in 387 packages # do you know how to fix that? 2015-03-18 22:02:15 mjones_: if you've been using it that long you'll know it doesn't hold the config open :P 2015-03-18 22:02:28 but it was reading it earlier (UsePAM off generated warnings) 2015-03-18 22:02:42 thanks guys, good night 2015-03-18 22:02:43 Dis_: np. Definitely go for syslog at this point. 2015-03-18 22:02:54 Mo0O: there's a fix option... 2015-03-18 22:02:59 ch077179: goodnight. 2015-03-18 22:03:39 mjones_: updated the gist 2015-03-18 22:03:54 great, thanks mjones_ :) 2015-03-18 22:04:01 it says passwordinteractive failed, but didn't prompt (since it is disabled) 2015-03-18 22:04:05 Mo0o: "apk -fv update && apk -fv upgrade" 2015-03-18 22:04:50 Dis_: show me the /etc/shadow entry. Mangle the hash. 2015-03-18 22:05:04 Also the /etc/passwd. 2015-03-18 22:05:23 Mo0O: let me know if that works. 2015-03-18 22:05:30 good option too, but I've fixed it manualy, thanks 2015-03-18 22:05:33 mjones_: excluding the times shadow was 'x' or '': dis:$6$hashhashhash:16512:0::::: 2015-03-18 22:05:48 passwd is simple: dis:x:1000:1000:Linux User,,,:/home/dis:/bin/ash 2015-03-18 22:05:57 again, its been :: and :!: and ..etc 2015-03-18 22:06:03 ACTION has been fighting all day :( 2015-03-18 22:06:09 Dis_: something isn't acting the way we think. 2015-03-18 22:06:22 can you replicate with another user on the same machine? 2015-03-18 22:06:32 yah. the match code is super simple. and (unless configure gets weird) it is only looking for ^! 2015-03-18 22:06:53 you know its bad if I'm reading openssh source code. on purpose. 2015-03-18 22:07:03 Could be worse. Could be openssl. 2015-03-18 22:07:18 yah. i did that on purpose once. the doctors made me better. nice doctors. 2015-03-18 22:07:28 so many .. many.. nice doctors. 2015-03-18 22:07:49 Everybody stayed away from it, that's why what happened, happened. 2015-03-18 22:07:53 yah 2015-03-18 22:08:03 "it works so who cares" 2015-03-18 22:08:12 openssh source code is pretty clean for how complex the software is 2015-03-18 22:08:20 and of course, the corollary "someone else is probably looking at it" 2015-03-18 22:08:38 yah. although declaring variables inside one #ifdef and then using them in others gives me the creeps. 2015-03-18 22:08:44 I think some of 'they don't take people's patches anyway', too. 2015-03-18 22:08:45 (in C at least) 2015-03-18 22:09:14 yah 2015-03-18 22:09:24 Dis_: you're right, lsof wouldn't do it. But I was hoping to avoid the thing I need to suggest now: strace. 2015-03-18 22:09:37 Dis_: Or turn up the debuglevel. There's a debuglevel in sshd.conf. 2015-03-18 22:09:56 sshd_config that is. 2015-03-18 22:10:01 this block is simple tho. configure.ac says linux uses only a prefix (!) and the block checks. I didn't dig into how it opens/uses shadow, might have to do that.. 2015-03-18 22:10:16 getpwent() 2015-03-18 22:10:16 in theory it goes to 3. i'll pastebin 2015-03-18 22:10:37 Shadow only gets used through library functions. 2015-03-18 22:10:40 so, it happens for all users, or just that one? 2015-03-18 22:10:48 Which reminds me. musl does TCB and Alpine doesn't use that... 2015-03-18 22:13:17 updated the gist with the useful bits. can put the whole log in if you want but that is the entire connect/auth block 2015-03-18 22:14:27 gonna try again with passwordauth on and see if it prompts, but it didn't before.. 2015-03-18 22:14:47 no prompt 2015-03-18 22:15:32 the only thing i didn't do that might matter is dig through the alpine openssh patches. guess thats the next stop. 2015-03-18 22:15:57 User dis not allowed because account is locked input_userauth_request: invalid user dis debug2: input_userauth_request: try method none 2015-03-18 22:16:46 Try method none. I guess that would let you right in? 2015-03-18 22:16:54 heh. method none fails next 2015-03-18 22:17:17 Failed none for invalid user dis from 172.17.42.1 port 59155 ssh2 2015-03-18 22:18:18 I doubt an alpine patch did this. 2015-03-18 22:18:27 yah it looks clean enough 2015-03-18 22:19:18 (me too, or I'd have checked much earlier) 2015-03-18 22:20:08 You didn't try another username, though. 2015-03-18 22:20:14 Maybe a longer one. 2015-03-18 22:20:39 if this works I'm gonna find the developer responsible and punch him in the face a bunch. but lets try. 2015-03-18 22:21:28 oh for fscks sake. 2015-03-18 22:21:36 'disconnect' (id 1001) worked 2015-03-18 22:22:19 ahills did ask ;) 2015-03-18 22:22:25 (twice) 2015-03-18 22:22:26 ooooh. its uid related. 2015-03-18 22:22:31 Maybe it's checking for short names, or certain short names. 2015-03-18 22:22:34 1000 fails. 1001 works 2015-03-18 22:22:35 no kidding? 2015-03-18 22:22:40 Try again. 2015-03-18 22:22:45 did you just edit /etc/passwd? 2015-03-18 22:22:51 I always use UIDs starting at 1000. 2015-03-18 22:23:06 yeah, most of my boxes only have one non-system user, and it's uid 1000 2015-03-18 22:23:06 mkpasswd isn't a Linux thing... 2015-03-18 22:24:13 By which I mean to say, BSD uses/used BerkelyDB for actual passwds, generated from the flat files, but Linux does not. 2015-03-18 22:25:07 tested a few times. 1000 invariably fails 2015-03-18 22:25:22 are you using adduser/deluser or just editing /etc/passwd? 2015-03-18 22:25:49 even di2 works in 1001 but not 1000 2015-03-18 22:25:51 adduser/deluser 2015-03-18 22:26:01 with the occasional rm -rf /home/{whatever} 2015-03-18 22:26:07 huh 2015-03-18 22:26:10 number of lines in the file? Doubt it... 2015-03-18 22:26:20 this in a VM so you can easily see what a fresh install looks like? 2015-03-18 22:26:29 strace would've found it ;) 2015-03-18 22:26:49 haha, after hours of parsing output 2015-03-18 22:26:52 mjones_: strace would have shown that it read the data, not why it failed 2015-03-18 22:26:56 also, ahills++ 2015-03-18 22:27:35 I'm assuming there's a if uid>1000 { proceed 2015-03-18 22:28:07 yah. generally its configured in pam 2015-03-18 22:28:15 or explicit in the config 2015-03-18 22:28:53 is anything about your alpine setup non-standard? 2015-03-18 22:29:46 not especially (other than docker and supervisord) 2015-03-18 22:29:53 hmm 2015-03-18 22:30:11 is this alpine-in-a-docker? 2015-03-18 22:30:34 it takes the stock docker image (official etc) and adds openssh, rsyslog, fail2ban , supervisor. copies the authorized_keys into ~root, sets up rsyslog/fail2ban and runs setup-sshd -c openssh. 2015-03-18 22:31:41 https://gist.github.com/disconn3ct/c34a761f4a26f7549405 2015-03-18 22:31:59 that is the new version (force uid) but otherwise.. 2015-03-18 22:32:16 unfortunately I haven't had time to experiment with lxc/docker 2015-03-18 22:32:19 the ssh config hasn't been integrated to the build yet. 2015-03-18 22:32:48 ahills: me either. made time today. for a lot of workloads its kinda epic so.. 2015-03-18 22:33:14 when I return from travels I'll have to look into it 2015-03-18 22:33:49 strangely enough, this isn't the workload that is gonna work for me even :/ need pam to get google-auth (time-generated 2-factor) working. but it will work for my other vms. 2015-03-18 22:34:36 LXC is cool, but bear in mind that you can get a similar low footprint with resource ballooking, and regular overlay/thin-provisioned filesystems, too 2015-03-18 22:34:50 s/ballooking/ballooning/ 2015-03-18 22:34:51 yah. 2015-03-18 22:35:37 i'm already doing that on my cloud systems (and chrooted web, etc) but this is definitely the future. ballooning has nothing on "native process" 2015-03-18 22:36:34 You did reminds me about the payoff, though. 2015-03-18 22:39:54 the ssh+rsyslog+fail2ban (with iptables) container is taking 35M of ram. the minimum arch system (admittedly, with pam) to do the same thing is 500M. might be able to strip it down to 400-450, even in x64, but .. 2015-03-18 22:40:12 er, full-virt arch system that is. 2015-03-18 22:40:28 haven't tried stripping a full-virt alpine down 2015-03-18 22:40:33 My 640M Alpine VM consumes about 38M at start, with dropbear. 2015-03-18 22:40:38 no pam. 2015-03-18 22:41:03 That goes up due to buffer caching, which I could tame if I wanted 2015-03-18 22:41:08 yah 2015-03-18 22:41:48 Disk is about 256MB, almost half of which is LKMs which can mostly be dropped in an AMI. 2015-03-18 22:42:09 but at the end of the day, we're back to the old days (single-user partitioned mainframes == full virt) and heading to multi-user systems (containers or whatever - isolated software workloads without hardware partitioning) 2015-03-18 22:42:15 its the 60s all over again, grab your tie-dies.. 2015-03-18 22:42:28 Haven't checked to see the difference between dropbear and openssh. 2015-03-18 22:42:44 what about idle cpu time? 2015-03-18 22:43:01 I'll bounce it and see 2015-03-18 22:44:50 Hmm. 4 seconds from initialisation to getty/login; 99-100% idle, initial RAM utilisation 30760k. 2015-03-18 22:46:00 QEMU proc 5.9->9% host CPU. 2015-03-18 22:46:16 total apples and oranges (your vm vs my cloud host, not to mention totally unrelated workloads) but I can beat that by at least a second and - running - am beating the ram use. since its just 4 processes, on the "host" system -. 2015-03-18 22:46:32 (supervisord, fail2ban, opensshd, rsyslogd) 2015-03-18 22:47:40 0.03% at idle, of a random linode 2015-03-18 22:48:05 Yeah, that's about 14 procs -- init, acpid, two syslogs, dropbear, five gettys, login, ash and 'ps' 2015-03-18 22:48:45 QEMU 192M RAM resident. 2015-03-18 22:50:26 35M resident :) its not perfect for every workload but its definitely got a place. 2015-03-18 22:51:15 with capabilities support it can do weird networking. I'm gonna try converting my vpn/downloads box. 2015-03-18 22:51:17 shared userland libs aren't shared across containers are they? 2015-03-18 22:51:42 nope (although you can share mountpoints. poor mans nfs server basically) 2015-03-18 22:52:56 I don't mean the storage, I mean the libs in RAM 2015-03-18 22:53:03 I guess not, as it's userland. 2015-03-18 22:53:24 A major reason why Google doesn't mind doing them static. 2015-03-18 22:53:44 yah. docker and kubernetes is their current platform-of-doom. 2015-03-18 22:54:01 and puppet, which they evidently use on windows and osx somehow. (it is supported, just not reasonable..) 2015-03-18 22:55:12 They use puppet on osx, but I'm not sure Google Platform uses docker. I think it's LXC, groups and statically-linked apps. 2015-03-18 22:56:49 http://www.wired.com/2014/06/eric-brewer-google-docker/ although admittedly I was trusting the redhat sales dudes 2015-03-18 22:58:55 gonna bail but I'll be back later (once I convince znc to let me log in again :) ..) 2015-03-18 22:58:58 thanks for the fix :) 2015-03-18 23:00:46 I'll probably github the container when I'm done. simple alpine box with fail2ban and ssh, suitable for perimeters and not much else 2015-03-18 23:33:13 I'm tring to install virt-manager, so I've done: apk add virt-manager kvm qemu 2015-03-18 23:33:45 but when I launch virt-manager it return the following error: rror starting Virtual Machine Manager: 'module' object has no attribute 'VIR_DOMAIN_BLOCKED' 2015-03-18 23:33:58 do you know how to fix that? 2015-03-18 23:36:39 Mo0O: you're running Alpine on the bare-metal host, correct? 2015-03-18 23:36:58 I think this is a config file, but I use qemu directly, not with virt-manager. 2015-03-18 23:37:02 Let me check something. 2015-03-18 23:39:37 mjones_: yes it's on a bare-metal host 2015-03-18 23:40:26 Looks like the default config of virt-manager on Debian doesn't do auth; let me check alpine. (All my alpines are guests, not hosts.) 2015-03-18 23:41:44 Ugh. Lots of graphical dependencies! 2015-03-18 23:42:29 Good thing I put it on a sandbox VM 2015-03-18 23:43:37 Literally 100 dependency packages. 2015-03-18 23:47:26 sorry mjones_ 2015-03-18 23:48:04 It was a scratch VM. I'm just saying, though. 2015-03-18 23:48:32 ok 2015-03-18 23:48:39 I'm actually googling for that error now. 2015-03-18 23:48:53 I don't want to read the python code through if I can help it. 2015-03-18 23:50:01 I've googled for, and the fix looks like a py-libvirt update 2015-03-18 23:51:27 Yeah, that's on Gentoo though. 2015-03-18 23:51:31 Not sure...of the root cause. 2015-03-18 23:51:47 me too 2015-03-18 23:51:49 Show me how you're launching 2015-03-18 23:52:48 I'm just running: virt-manager # using root 2015-03-18 23:55:53 ok, if you do virt-manager --help you get debug options 2015-03-18 23:56:09 try with --debug 2015-03-18 23:56:27 I cant run it because my machine is headless 2015-03-18 23:57:39 I use KVM/QEMU directly, so I've never used this. Another option is virsh. 2015-03-19 08:40:10 rpu3uO8PEVZZ: it's not fixed at all actually 2015-03-19 08:40:13 -_- 2015-03-19 11:44:39 does a "simple user" (me :) may/must close a bug he reported as "resolved" in the issue tracker ? #3980 is resolved, but i do not know how to mark it :) 2015-03-19 11:59:18 NaNDude: normally a "manager" will decide when an issue is closed, but you can comment on it and say "it is now working. ticket can be closed" 2015-03-19 12:14:38 ok thx 2015-03-19 17:45:26 "Production support for Btrfs" https://blogs.oracle.com/linux/entry/announcing_general_availability_of_oracle2 2015-03-19 17:58:04 Ah, Oracle Linux. Coulda been a contender if it wasn't for, you know, Oracle. 2015-03-19 17:59:28 I once tried to consolidate a small enterprise on one version of Linux (often a mistake), placate my DBAs, and stop paying Red Hat all at the same time by switching everything to Oracle Linux. 2015-03-19 18:00:02 Of course it didn't work. All Oracle had to do was not charge us stupid money for each node getting updates. Of course they're literally not capable of that. 2015-03-19 18:01:13 It says they're supporting Docker. I wonder if it's supported out of Docker repos or if Oracle has repos. 2015-03-19 18:03:16 vkrishn: only supported on their kernel-uek-3.8.13-55.1.6.el7uek 2015-03-19 18:03:22 ok... any way of getting around this one no resolv library found 2015-03-19 18:03:32 Support for ksplice, though. Interesting. 2015-03-19 18:03:42 i saw something about it somewhere now i cant find it 2015-03-19 18:03:43 xoritor: resolv is built into musl. What are you building? 2015-03-19 18:03:50 mjones_, ceph 2015-03-19 18:03:55 ah! 2015-03-19 18:04:05 did I talk to you about that before? I think I did. 2015-03-19 18:04:10 eya 2015-03-19 18:04:13 I worked on it for a while. 2015-03-19 18:04:21 i have it running in containers using fedora 2015-03-19 18:04:24 but.... 2015-03-19 18:04:37 ceph/base latest 1c2008089014 20 hours ago 846.9 MB 2015-03-19 18:04:42 Then I found out I was doing a lot of it the hard way, and last night set up a new dev machine using Edge and pulled the aports. 2015-03-19 18:04:53 oh? 2015-03-19 18:04:55 and? 2015-03-19 18:05:06 You won't be able to build ceph without a patch for res_nquery to res_query. 2015-03-19 18:05:13 hmm 2015-03-19 18:05:16 interesting 2015-03-19 18:05:16 dalias gave me a pointer last week. 2015-03-19 18:05:16 ok 2015-03-19 18:05:32 ACTION waits patiently 2015-03-19 18:05:36 Basically, IMO, it needs some regression test after that's done 2015-03-19 18:05:42 yea 2015-03-19 18:06:01 if I hurry up I can probably get the APKBUILD submitted into the testing repo soon 2015-03-19 18:06:03 i have it working, will probably rebuild using ubuntu 2015-03-19 18:06:17 oh sweet... if you want me to test it i can 2015-03-19 18:06:44 I'd say it's coming to Alpine, but I wouldn't wait for it just yet, _especially_ if you're using it for production or serious testing. 2015-03-19 18:07:20 also, it will most likely be latest-stable, whereas before I was building the nightly git tree 2015-03-19 18:07:26 of ceph. 2015-03-19 18:08:08 yeah, I broke down and made a proper dev environment, largely for ceph, but also for everything else. 2015-03-19 18:08:26 just wishing nice support for zfs or btrfs in next AL release, if possible 2015-03-19 18:08:51 assuming dalias is right and the threadsafeness of res_nquery isn't literally required, then the alpine build should pass regression tests. 2015-03-19 18:09:22 btrfs is supported now. Just not on root volume in the installer, unless you do some manual work. 2015-03-19 18:10:31 btrfs has kernel modules, and userland packages. Same with XFS. 2015-03-19 18:10:35 ok 2015-03-19 18:10:58 mjones_, thanks! 2015-03-19 18:11:08 ok... going to go play a bit with my kids 2015-03-19 18:11:14 ttyl. 2015-03-19 18:12:50 mjones_, you can easily confirm 2015-03-19 18:12:54 size src/network/res_*.o 2015-03-19 18:13:20 only res_state has nonzero data/bss, and it's not referenced by any other translation units (just there to make broken apps happy) 2015-03-19 18:13:35 so there's zero global state and thus no way it can fail to be thread-safe 2015-03-19 18:14:25 dalias: I'll meditate on that for a minute. 2015-03-19 18:14:53 I understand what you're saying, but I don't grok it yet. 2015-03-19 18:15:36 So if the app isn't explicitly calling res_state there's no problems possible? 2015-03-19 18:16:40 I understand about not making state promises. So the traditional stub resolvers do keep state, and thus needed a threadsafe version? 2015-03-19 18:16:58 Do you think all the threaded apps call res_nquery just because they're threaded apps? 2015-03-19 18:18:09 Anyway, I had changed the check in configure to res_query, but I haven't even gotten to making a code patch yet, because I was still working my way through the prerequisites in configure. 2015-03-19 18:18:50 there are various reasons apps call res_nquery 2015-03-19 18:19:00 Then I realised snappy and leveldb were already in testing, and I was being silly, so I broke down and made a new dev VM. 2015-03-19 18:19:08 one is that they want a local resolver state (e.g. using custom nameservers or config options) 2015-03-19 18:19:20 this is silly 2015-03-19 18:19:33 if you want to send the query to a custom nameserver, use res_mkquery and sendto() 2015-03-19 18:19:54 Yeah that makes sense. I don't know all the possible options, though. 2015-03-19 18:20:20 musl's resolver is completely stateless 2015-03-19 18:20:23 I'm wondering if res_nquery gets picked out of the manpage simply because it says thread-safe, and doing otherwise seems foolish. 2015-03-19 18:20:31 maybe so. i dunno 2015-03-19 18:20:36 you'd have to look at how they're using it 2015-03-19 18:20:43 ayup. 2015-03-19 18:21:03 what would be the fix for upstream... 2015-03-19 18:21:05 but replacing it with res_query is not going to break any safety requirements 2015-03-19 18:21:21 #ifdef STATELESS_RESOLVER res_nruery() res_query() ? 2015-03-19 18:21:31 however it might change what the program is doing if they're using res_nquery and poking at the local state they got from res_ninit to change its options/nameservers 2015-03-19 18:21:54 well res_query is thread-safe even in glibc and other libcs 2015-03-19 18:22:06 it just uses the global resolver state (with proper locks) 2015-03-19 18:22:24 the only need for res_nquery is if you actually want to have a separate state instance 2015-03-19 18:22:31 I see. 2015-03-19 18:22:42 so either res_nquery should just be replaced with res_query unconditionally 2015-03-19 18:22:54 So the upstream pull-request is actually 2015-03-19 18:22:57 or alternate code to achieve the same thing is needed if res_nquery is not available 2015-03-19 18:23:25 /* We don't use res_nquery here because we're not doing stupid stuff. */ 2015-03-19 18:24:16 unless there's a platform where it makes a difference. 2015-03-19 18:24:45 Do you know a modern POSIX where it wouldn't be stateless by default? 2015-03-19 18:26:14 like i said glibc isn't stateless, but the state is properly protected by locks 2015-03-19 18:26:20 Anyway, it should be straightforward to verify the code isn't doing anything that requires state. 2015-03-19 18:26:49 actually the state might be thread-local now i think 2015-03-19 18:26:51 i forget 2015-03-19 18:27:00 but it doesn't matter as long as you're not modifying it manually 2015-03-19 18:27:10 Understood. 2015-03-19 18:27:12 because the only state is stuff it loaded/cached from resolv.conf, etc. 2015-03-19 18:27:58 musl doesn't keep any state; it just reloads from resolv.conf and such every time 2015-03-19 18:28:29 I'm thinking ahead to the upstream diff, but I'm not an expert and don't want to get a patch rejection. 2015-03-19 18:28:38 (being that it's going to send network queries out anyway, accessing a local file is orders of magnitude faster than that, so the cost is minimal and the benefit is that you're never using stale config) 2015-03-19 18:29:02 well you can always ask them why they're doing it that way and what changes would be acceptable 2015-03-19 18:29:17 imo that's a more diplomatic approach that proposing a change that might be controversial 2015-03-19 18:30:39 Yes, wouldn't be bad to engage them. I think I have a former cow-orker working on Ceph at Dreamhost, too. 2015-03-19 18:31:40 And it won't hurt me a bit to delve into stub resolvers, considering I'm doing some fairly recondite DNS work at the moment. 2015-03-19 18:32:14 Thanks a bunch, Rich. 2015-03-19 18:40:12 I'm reading some are working to port ceph to AL ;) 2015-03-19 18:40:28 I would love that 2015-03-19 18:41:02 I'm just right now in the process of deploying debian VM to give ceph a try on AL boxes :D 2015-03-19 18:45:34 mjones_: when you have something to test, count me in as fervent tester :p 2015-03-19 18:47:12 ceph and xnbd-server are the last bits non AL im my planned infrastructure... 2015-03-19 18:48:00 Jean-Scotch: I guess now I have to finish it. That's what I get for saying I was working on it. :P 2015-03-19 18:48:16 :D 2015-03-19 18:50:31 Jean-Scotch: planned infrastructure? What's the stack? 2015-03-19 18:51:56 mjones_: have a look at http://wiki.alpinelinux.org/wiki/User:Jch and the talk page ;) for now I have about 80 VM running will be about 100 I guess 2015-03-19 18:52:32 Ah, right. I forgot to look at your talk page before. 2015-03-19 18:57:57 if successfull, I will be able to bootstrap it fully and automagivally with only one 16 GB usbstick ;) 2015-03-19 19:08:05 that'd be worth a blog post. ;) 2015-03-19 19:24:36 I'm taking _a lot_ of notes on my internal redmine. And I will at least update the AL wiki with relevant parts 2015-03-19 19:25:25 I also write quite a few shell scripts to automate this stuff and manage it 2015-03-19 19:31:22 I read it, and it's quite unconventional even by my standards. 2015-03-19 19:31:34 I'd love to see it all diagrammed and documented. 2015-03-19 19:32:31 so do I :p 2015-03-19 19:33:18 at least it's fun to build and I learn a lot about AL internal doing it 2015-03-19 19:54:44 Jean-Scotch, nice talk page, would be useful when I set AL boxes 2015-03-19 19:55:26 thanks 2015-03-19 19:58:16 I have a lot more docs written but in french... so to add it to the w.a.o is always an explicit task 2015-03-19 20:00:13 why not publish them on your blog pgs, and gradually translate AL related to wiki 2015-03-19 20:07:50 I do not have a blog 2015-03-19 20:08:25 nor any page on any "social network" website 2015-03-19 20:09:46 I already found my talk page when looking after some tips with my favorite search engine ;) 2015-03-19 20:09:54 there are few nice free webhosts that don't add ads, I use pmwiki on them 2015-03-19 20:10:31 lol. I do not put ads on my own web servers neither :D 2015-03-19 20:10:51 And I manage a few wikis on them 2015-03-19 20:11:16 I'm tentatively planning on doing a site in git and exporting through octopress. 2015-03-20 06:50:43 i'm following the lvm on luks wiki page 2015-03-20 06:50:55 upon luksOpen action i get this 2015-03-20 06:50:57 http://i.imgur.com/CDbH7gI.png 2015-03-20 06:50:59 debug enabled 2015-03-20 06:51:01 any idea ? 2015-03-20 06:51:22 Huh. Would you look at that! 2015-03-20 06:51:58 And obviously you put in the right password, correct? 2015-03-20 06:52:08 New install? 2015-03-20 06:53:01 indeed 2015-03-20 06:53:05 yes new install 2015-03-20 06:53:15 you see that it's correctly unlocking 2015-03-20 06:53:19 in dmesg i got 2015-03-20 06:53:31 table: 252:0 crypt: IV mechanism needed 2015-03-20 06:53:43 s/needed/required/ 2015-03-20 06:54:16 reload ioctl on[space][space]failed. 2015-03-20 06:54:37 i used -c serpent-xts -s 512 -h ripemd160 to format fwiw 2015-03-20 06:54:46 Something is supposed to go between those spaces. 2015-03-20 06:55:06 :( 2015-03-20 06:55:26 Try one more set of parameters just to see if it does the same thing? Repeat none of those options, I suggest. 2015-03-20 06:56:00 one more set? 2015-03-20 06:57:42 mjones_: yes ok works if i don't specify ciphers and hash 2015-03-20 07:08:01 interesting. 2015-03-20 07:08:45 I'm guessing it's never been tested with options like that, and got missed in QA. 2015-03-20 07:09:51 mjones_: how do i close the device ? 2015-03-20 07:10:00 cryptsetup close lvmcrypt 2015-03-20 07:10:08 gives me the i'm busy finger 2015-03-20 07:10:33 wanted to try if i shouldn't have used serpent-xts-plain64 instead 2015-03-20 07:17:53 yep that's me missing -plain64 2015-03-20 07:17:55 -_- 2015-03-20 07:23:10 that must have been the missing argument. 2015-03-20 07:24:17 I've actually only used luks+dm-crypt on lubuntu or debian, where I let it do the default thing. 2015-03-20 07:30:59 i've followed the page to check with benchmark to select what's best 2015-03-20 11:28:13 oh nice keymap not set when booting luks 2015-03-20 11:30:54 mmmmh weird 2015-03-20 11:36:21 Ohno, todays update broke my ssh... 2015-03-20 11:51:10 ok, downgrading from 6.8_p1-r0 to 6.7_p1-r0 works again... 2015-03-20 11:53:59 jomat: edge ? 2015-03-20 11:54:20 is there a way to ensure the keymap is set when asking for the luks passphrase ? 2015-03-20 12:03:47 yep, pinned edge 2015-03-20 12:13:11 coredumb: in your initrd you simply loadkey it before the cryptsetup. i believe theere is support for that. check out mkinitfs or whats it called. 2015-03-20 12:13:28 rpu3uO8PEVZZ: k 2015-03-20 12:14:29 you have a /etc/mkinitfs/features.d/keymap.files? 2015-03-20 12:14:36 which kontains /etc/keymap/* 2015-03-20 12:15:00 if not, create it, and run mkinitfs again 2015-03-20 12:15:34 rpu3uO8PEVZZ: yep saw that 2015-03-20 12:15:53 added keymap in the feature list in mkinitfs.conf 2015-03-20 12:15:59 rebuilinding and rebooting to see 2015-03-20 12:16:42 works like a charm 2015-03-20 12:16:44 thx rpu3uO8PEVZZ 2015-03-20 12:19:13 coredumb you can enable keymap if you add the keymap "feature" to /etc/mkinitfs/mkinitfs.conf 2015-03-20 12:19:30 oh, i'm slow... 2015-03-20 12:19:30 :) 2015-03-20 12:21:25 ^^ 2015-03-20 12:26:31 ok a script to automate luks and lvm installations wouldn't be so bad ^^ 2015-03-20 13:31:49 heh, I just enter my password in qwerty, but type as if it's not 2015-03-20 13:49:00 ahills: hehe hopefully my qwertz keyboard is not sor far than qwerty ^^ 2015-03-20 13:50:40 ahoi 2015-03-20 13:55:06 heh, I have no idea about any layouts aside from qwerty and dvorak 2015-03-20 16:16:54 Snow. Snow after the start of Daylight Savings Time! I blame Congress. 2015-03-20 16:17:39 The American Congress extending DST by two weeks on either side has caused me no end of trouble. 2015-03-20 16:20:27 the whole daylight saving time thing is lame, actually as are timezones. utc ftw! 2015-03-20 16:22:58 gotta move to iceland or the iss to have it as a local tz though. 2015-03-20 16:26:45 ${localtime} is an artifact of the Roman Empire. We live in the ruins of hegemonies. 2015-03-20 16:27:07 I didn't know iceland was on utc. 2015-03-20 16:46:05 huh? i don't see how it has any relatin to the roman empire 2015-03-20 16:46:31 local time is merely a natural consequence of basing your concept of "time of day" on the sun 2015-03-20 16:46:41 which will be observed differently in different locations 2015-03-20 16:47:21 the tyranny of the sun! earlier today it tried to kill us with this eclipse thing. and now this revelation. i need to dig a deeper basement! 2015-03-20 16:48:46 formalizing the difference into time zones with discrete boundaries on the other hand is a consequence of high-speed transportation (originally trains) where velocities need to map into differences between (locally observed) times at the start and end points for coordinating commerce 2015-03-20 16:50:53 The Romans invented the 24-hour day. 2015-03-20 16:51:06 The timezones were codified in the 19th century. 2015-03-20 16:51:28 timezones would happen the same with a different number of hours in a day 2015-03-20 16:52:19 The two 12-hour spans were codfied with highsun, noon, in the middle. 2015-03-20 16:52:24 if you work with people 9h ahead and 7 behind of you, tz-s make less sense in this domain, than in the physical transport domain 2015-03-20 16:52:53 and of course in the agricultural domain 2015-03-20 16:52:59 With different assumptions, a cultural norm of one arbitrary time measure could have emerged instead. That's why I say it goes back to the Romans. 2015-03-20 16:53:52 If instead of a sun-referencing time, there was an integer time -- call it, uh, time_t -- there would have been no reason for TZs. 2015-03-20 16:54:27 also i believe the 24/12h division comes from the babylonians, although i've no idea if they applied their base12/base60 system to time as well. i'd guess yes. 2015-03-20 16:54:29 But the roman time was set by the sun, instead of simply recording the sun by the time. 2015-03-20 16:55:12 Frankly, the tech wouldn't easily support that and the culture would have found it unnatural, but that doesn't mean our current system isn't the fault of the Roman republic^wempire 2015-03-20 16:55:59 rpu3uO8PEVZZ: you might be right about the Babylonians. 2015-03-20 16:56:48 actually the babylonian base12/base60 system is quite cool 2015-03-20 16:59:01 hour/minute/second gets applied to angle and map longitude/latitude also, so it's demonstrably Not Bad. 2015-03-20 16:59:41 even if you work with ppl in other TZs you still have plenty of social activity to coordinate with people in your own locality 2015-03-20 16:59:55 absolutely 2015-03-20 16:59:55 who are generally going to organize their days around daylight patterns 2015-03-20 17:00:21 so rather than one good solution (timezones) you have zero good solutions (whatever system you use is bad for one or the other :) 2015-03-20 17:00:50 yes, that was what i tried to allude with transport and agricultural domains 2015-03-20 17:03:06 dalias: the hypothetical alternative is that your locals know that happy hour starts at ~5600 in your city, and at 2500 in that other city to which they sometimes travel. 2015-03-20 17:04:07 In retrospect, there's not a tremendous amount of value in having everyone's time be the same. But the value of universal time doesn't start to show up until you're communicating at a high fraction of C. 2015-03-20 17:05:14 I don't have a problem with the current system, except that I'd like to see far fewer changes in tzdata. And that's mostly a political problem. 2015-03-20 17:16:21 what complicates things massively is if you personally live in HST tz 2015-03-20 17:16:34 and if you do, you can go utc as well 2015-03-20 17:19:26 So, not being able to cut-and-paste through a VNC or SPICE session is hugely inconvenient. I'm using KVM-QEMU with user-mode networking. Serial is a possibility with a klugey config, but only documented to work if I use virsh or virt-manager, which I don't. 2015-03-20 17:19:58 SSH doesn't work from host to guest with user-mode networking. It'd work the other way, but I still wouldn't be able to cut and paste. 2015-03-20 17:23:15 I feel like I might be missing something pretty obvious. Otherwise I guess the least-bad option is to run an sshd on the host, and login from guest to host. 2015-03-20 17:24:02 Actually I guess NFS would be far less bad, if it's going to be limited to file transfers. 2015-03-20 17:24:35 ACTION wonders if SPICE or VNC have a shared-drive mechanism as does RDP. Useful, that. 2015-03-20 17:35:57 mjones__, rpu3uO8PEVZZ be prepared with new method, coz if you won a free ticket to mars colony to device the tz's it might come handy 2015-03-20 17:37:11 Star colonists should use UTC. 2015-03-20 17:38:08 ;) 2015-03-20 17:40:39 mjones__: why would they use utc? a completely irrelevant scheme if you're not on earth? 2015-03-20 17:41:17 Because it's a canonical timescheme, and it would be pointless and incompatible to use anything else. 2015-03-20 17:41:51 well utc would only be another localtime like now est is 2015-03-20 17:41:54 Each planet having its own time is like each operating system having its own HTML. 2015-03-20 17:43:17 what we discussed here i thought was that different domains need different timezones. like agricultural only local, transport already something geographical. internet related stuff, something global on the planet level. 2015-03-20 17:43:40 i guess some etalon tied to the local sun-system would make most sense? 2015-03-20 17:44:15 The rotation speed and hours wouldn't match up anyway. 2015-03-20 17:45:07 i think this phrase: "Because it's a canonical timescheme, and it would be pointless and incompatible to use anything else." is a phrase that the agricultural domain dwellers would ask the global transport domain people, and similarly those would ask about using just one global tz like utc 2015-03-20 17:46:26 hey, I tried to install AL two days ago on a home server and setup-alpine failed because of disk size. fdisk complained about having to address 2^32 sectors and the setup dropped me on a root prompt. mjones__ told me to file a bug. Do I have to register for that? 2015-03-20 17:47:46 so save agony , you would be allowed to use sun-dial 2015-03-20 17:50:09 <_ikke_> ch077179: Yeah, you have to register on redmine 2015-03-20 17:52:01 <_mjones> SSHing into the KVM instance turned out to be rather trivial; I had missed something. 2015-03-20 17:52:04 vkrishn: on the darkside of the moon of course :) 2015-03-20 18:49:21 so re my partitioning problem... can I not partiton the disk somehow with fdisk and then run setup-alpine? without resorting to another distro? 2015-03-20 18:50:44 <_mjones> I would use a generic boot disk. Er, generic Linux boot disk. 2015-03-20 18:51:03 <_mjones> No, yes, you can use Alpine. It's a live-cd. 2015-03-20 18:51:16 <_mjones> fdisk sda.... 2015-03-20 18:52:19 <_mjones> I'd probably do a much-smaller system disk than data. When I was done I'd mount the big data disk as /srv or /home depending on the use. 2015-03-20 18:52:39 <_mjones> Bear in mind a starting Alpine 3.1 install consumes about 256MB disk, not counting swap. 2015-03-20 18:52:41 right, can I not just start with a small partition and leave the rest unpartitioned? 2015-03-20 18:52:49 <_mjones> You could do that too. 2015-03-20 18:53:07 <_mjones> It would only take a minute to put a filesystem on the bigger one too. 2015-03-20 18:53:32 <_mjones> It will be only the boot partition that is limited this way. Also, are you using uefi or bios? 2015-03-20 18:53:39 err... 2015-03-20 18:53:46 \/boot 100m /swap 2G and / maybe 4G? 2015-03-20 18:53:53 <_mjones> This limitation can depend on the hardware. As someone said, GPT partitions are necessary above 4TB or 2TB. 2015-03-20 18:54:08 <_mjones> Those sizes are ample. 2015-03-20 18:54:14 <_mjones> Let me check my /boot 2015-03-20 18:54:16 hm.. rigt gpt setup 2015-03-20 18:54:32 I have internet so I could install packages 2015-03-20 18:54:35 <_mjones> Yeah, those are fine. Kernel modules live in /lib and not in /boot/ 2015-03-20 18:55:06 <_mjones> Your hardware setup could play a part in the problem, it what I meant to convey. 2015-03-20 18:55:07 re bios vs uefi 2015-03-20 18:55:29 I'm not sure, I think it's bios, I never read anything about uefi, and frankly I don't even know what it does 2015-03-20 18:56:21 basically I want alpine to be the host and virtualize BU, web, mail, cloud servers 2015-03-20 18:56:24 <_mjones> What's the hardware? If it's a newish disk in an older mainboard, that can cause a problem like this. 2015-03-20 18:56:40 it's a wd red. new. 2015-03-20 18:56:51 <_mjones> mainboard or system? 2015-03-20 18:56:57 it's the hp proliant micro gen 8 2015-03-20 18:57:18 command to detect mainboard? 2015-03-20 18:57:49 cup is a g1610t at 2.3 ghz 2015-03-20 19:00:47 <_mjones> gen8 is 2 years old or less, right? 2015-03-20 19:00:50 <_mjones> Can't remember. 2015-03-20 19:02:18 yes 2015-03-20 19:02:25 2013 is about right 2015-03-20 19:02:52 intel c204 chipset, if that's of help 2015-03-20 19:07:17 <_mjones> That's new enough not to have fundamental problems with LBA or anything. 2015-03-20 19:07:37 <_mjones> Just boot up alpine and instead of running setup, partition it. 2015-03-20 19:08:04 ok, I just addetd gptfdisk 2015-03-20 19:08:18 there are no man pages ever on alpine, right? 2015-03-20 19:08:37 <_mjones> apk add man man-pages 2015-03-20 19:09:03 <_mjones> and whenever you add a package, add any -doc that exists. 2015-03-20 19:09:22 <_mjones> There are still, unfortunately, fewer man pages than there should be. 2015-03-20 19:09:51 err.. I just booted the usb stick, I can install packages to it, right? 2015-03-20 19:10:15 apk ran fine, but gptfdisk --version says -ash: pgtfdisk: not found 2015-03-20 19:12:05 <_mjones> I'm looking. I got the same... 2015-03-20 19:12:06 yeah that works with vim 2015-03-20 19:12:15 installing packages that is 2015-03-20 19:12:26 maybe gptfdisk isn't a command? 2015-03-20 19:12:56 <_mjones> Yes. 2015-03-20 19:12:56 got it 2015-03-20 19:12:59 it's gdisk 2015-03-20 19:13:01 <_mjones> Executable name is 'gdisk' 2015-03-20 19:13:15 ACTION should rtfm 2015-03-20 19:13:22 <_mjones> I was looking at the APKBUILD for that. 2015-03-20 19:13:34 how'd you do that? 2015-03-20 19:13:49 <_mjones> No...things should try not to violate the 'Principle of Least Astonishment.' 2015-03-20 19:14:05 <_mjones> uh, I have a development machine where I pulled the 'aports' tree. 2015-03-20 19:14:12 hehe, that can def help 2015-03-20 19:14:16 ok.. :) 2015-03-20 19:14:22 <_mjones> This is like BSD 'ports' or pkgsrc. 2015-03-20 19:14:37 alright, I'll stop blathering for a moment and try to figure things out on my own 2015-03-20 19:14:40 <_mjones> I should have done it earlier. 2015-03-20 19:14:49 <_mjones> pulled the aports, I mean. 2015-03-20 19:22:47 just some general, maybe random questions about alpine-linux: Is AL the right choice for a large disk home server? I want to do virtualization and I'm focused on efficiency there, so I considered linux vserver (I'm not too happy about it not virtualizing network interfaces though). My focus will be backup, file server, mail, web, collaboration and cloud. 2015-03-20 19:36:08 <_mjones> ok 2015-03-20 19:36:44 <_mjones> Large-disk. You want filesystems, maybe LVM, tools. Alpine has the same as all the dists. 2015-03-20 19:37:25 <_mjones> Virtualisation, should have the same as the others. LXC/Docker > vserver these days, or you have KVM or Xen. 2015-03-20 19:38:51 <_mjones> Let's go from the other direction. Alpine has less marketshare than a leader like Ubuntu, Debian, CentOS. Arch has a fabulous wiki too. Alpine has less direct documentation than these, so where things differ, it will be less straightforward to find a direct answer. 2015-03-20 19:40:10 <_mjones> Alpine is about musl libc, small-footprint, OpenRC (so no systemd), excellent options for diskless or sdflash install options. Minimalist, low-resource overhead, while retaining 98% or more functionality. 2015-03-20 19:41:05 <_mjones> If someone is new to Linux servers, Ubuntu or Debian are probably more conservative choices. 2015-03-20 19:41:29 i disagree, the simplicity of alpine makes up for the lack of extensive documentation in many areas 2015-03-20 19:41:52 alpine is really about being simple, robust and easy to administer 2015-03-20 19:41:56 <_mjones> All dists run postfix, nginx/httpd/lighttpd/darkhttpd, Samba/NFS, rsync. 2015-03-20 19:42:00 it is not explicitly about musl libc or openrc 2015-03-20 19:42:26 it just happens that we presently use those projects in the distribution at this time because they are aligned with our goals 2015-03-20 19:42:56 it also happens that pursuing simple, robust code, tends to result in higher code density than other distributions 2015-03-20 19:43:32 that it is small is a design goal, but that is a side effect of pursuing a simple and elegant approach to problem domains faced by distributions 2015-03-20 19:44:15 <_mjones> @kaniini: I think it's more informative to the grognard to say 'pax/grsec recent kernel, musl, busybox, ash, openRC, small-footprint' than to say 'prioritise simple and easy'. I mean, who wants to be obtuse and complicated? Besides Lennart. ;) 2015-03-20 19:44:33 but it sends the wrong message 2015-03-20 19:44:49 we use grsecurity because the alternatives are more complex and less robust 2015-03-20 19:45:08 we use musl because glibc and uclibc are both more complex, and less robust 2015-03-20 19:45:17 <_mjones> viz. selinux? AppArmour? 2015-03-20 19:45:30 right 2015-03-20 19:45:37 <_mjones> No argument on glibc and uclibc. 2015-03-20 19:45:39 i wrote pkgconf to replace pkg-config in alpine, because pkg-config was more complex, and less robust 2015-03-20 19:46:24 we use openrc because it exists, provides a good balance between complexity and usability, and is reasonable robust 2015-03-20 19:46:28 <_mjones> Alright, I take your point. "In the pursuit of security, Alpine has chosen grsec over AppArmour and the oft-ignored selinux.' 2015-03-20 19:47:18 <_mjones> I was just preferring brass tacks over marketing. 2015-03-20 19:47:19 security isn't the main point either, high security (grsecurity) is an option, but you do not have to use it if you do not want to 2015-03-20 19:47:52 the brass tack is that it's a well-designed distribution that is simple and easy to learn, which happens to be efficient due to goals of being simple and robust 2015-03-20 19:48:26 if something more aligned with our philosophy than grsecurity came along, we would use it 2015-03-20 19:48:37 same with musl, same with openrc 2015-03-20 19:48:59 so i do not think highlighting specific elements of the present stack matters 2015-03-20 19:49:10 we're not tied to those things in the future 2015-03-20 19:49:17 <_mjones> The thing is you can't start an elevator pitch by saying simple and easy, IMO. Because Ubuntu Unity would claim the same goal, but approach it from the opposite direction. 2015-03-20 19:49:32 we could in theory switch to something other than musl or openrc tomorrow 2015-03-20 19:49:45 it is not likely, because musl has been a good fit 2015-03-20 19:49:48 openrc... not so much 2015-03-20 19:50:08 we do eventually wish to replace openrc, although not with systemd 2015-03-20 19:50:43 :-p 2015-03-20 19:51:56 <_mjones> ;) 2015-03-20 19:52:55 <_mjones> simple and elegant can be subjective. upstart config is simpler than writing a proper init script; does that make Ubuntu simpler than SysV? 2015-03-20 19:57:26 <_mjones> How about: "Lightweight, up-to-date, minimalist by nature but optional functionality (viz. udev, dbus, avahi, bluetooth) easily added from repos." 2015-03-20 20:00:17 <_mjones> I just realised how many hours of my life have been spent stripping down full-fat Cent and RHEL hosts. bluez on a server? apm and cpuspeed and lm_sensors on a VM? Shameful. 2015-03-20 20:07:08 <_mjones> I see wiki.alpinelinux.org is on very, very recent mediawiki and postgres. Kudos! And with TLS, to boot. 2015-03-20 20:08:23 <_mjones> I think Arch has made great strides in copious and attractive documentation, and is an example to be followed. Not sure if that was a cause of Arch's increased marketshare, or a result, or merely correlative. 2015-03-20 20:21:51 _mjones, i think arch increased market share because too many people are sick and tired of the bloat comming from other distros 2015-03-20 20:22:18 _mjones, with arch they get to choose what they want how they want it really and not too much "cruft" comes with it 2015-03-20 20:22:35 _mjones, which is where alpine is going to wing big if you ask me 2015-03-20 20:23:21 <_mjones> Yet arch has chosen systemd, and uses udev by default. Alpine is in the same vein, but even more ascetic. 2015-03-20 20:24:05 <_mjones> Although my own use-cases are all server and no desktop, yet. 2015-03-20 20:57:56 <_mjones> busybox doesn't accept "tail -100f messages". tail -100 yes, tail -f yes, but not tail -100f. Ha. 2015-03-20 20:58:13 <_mjones> so.many.patches. 2015-03-20 21:02:25 <_mjones> `apk add dropbear-scp` 2015-03-20 22:59:35 thanks for those considerations 2015-03-20 23:00:52 I'm ready to learn about new command invocations. I have spent a lot of time on RHEL and AIX, I've used fedora for my private boxes for several years, now I'm on debian since two years ago 2015-03-20 23:01:17 I've never run my private server though which is what i'm trying to do now 2015-03-20 23:02:09 <_mjones> You should be fine then. 2015-03-20 23:02:24 <_mjones> busybox can trip one up occasionally... 2015-03-20 23:02:45 nothing of what I just read seems like a real road block. I'm still unsure about the virtualization though. I think running different servers is best done by also virtualizing network interfaces. 2015-03-20 23:03:26 <_mjones> With containers? Quite possibly. Doesn't seem to be a Docker strength, so they don't seem to talk about it much, in my experience. 2015-03-20 23:03:37 which would mean striking vserver off the short list. I like it bc I like it's concept and because it seems to be very performant 2015-03-20 23:03:39 <_mjones> That might just be my impression, though. 2015-03-20 23:04:08 <_mjones> I'm under the impression that vserver is verging on obsolescence, or at least dramatically out of favour. 2015-03-20 23:04:23 <_mjones> LXC can be hooked to OVS. 2015-03-20 23:04:28 ovs? 2015-03-20 23:04:37 <_mjones> OpenVSwitch 2015-03-20 23:04:55 <_mjones> Linux equivalent to VMware's vswitch 2015-03-20 23:04:57 so LXC is worth looking into, you say? 2015-03-20 23:05:18 <_mjones> If you want containers, then yes. Docker is just LXC with More Stuff. 2015-03-20 23:05:30 ok 2015-03-20 23:05:54 <_mjones> That stuff can be a value add to a lot of people, but it's a layer on LXC so knowing LXC couldn't be a waste. 2015-03-20 23:06:07 my other choice would have been xen, or kvm but they use a different approach. It seems less lightweight than container / os level virtualization 2015-03-20 23:06:14 <_mjones> I'll get around to spending some time with it sooner or later. 2015-03-20 23:06:20 <_mjones> Correct. 2015-03-20 23:06:36 <_mjones> However a lot of us have spent the better part of a decade with OS-level virt. 2015-03-20 23:06:46 <_mjones> it's a known and comfortable quantity. 2015-03-20 23:07:03 and it makes a lot of sense if you do linux on linux virt 2015-03-20 23:07:26 <_mjones> Imagine I have a workload that doesn't like PaX, ASLR, PIE kernel hardening 2015-03-20 23:07:55 <_mjones> if I'm running host on Alpine I'd have to switch to a vanilla kernel. With KVM or Xen there are guest kernels. 2015-03-20 23:08:13 <_mjones> Also, I don't think containers are built to live-migrate a workload. 2015-03-20 23:08:23 right, nothing I'll need though 2015-03-20 23:08:35 <_mjones> Which is fine; 'cloud' is best if your workload and situation support it. 2015-03-20 23:08:40 and my guests will not do anything that AL can't do 2015-03-20 23:08:56 <_mjones> Live migration is better than sliced bread. Don't knock it. ;) 2015-03-20 23:09:04 hehe 2015-03-20 23:09:15 sure, I'll start small though 2015-03-20 23:09:32 <_mjones> But yes, containers are extremely lightweight and efficienct, while also being hard-partitioned against changes and userland security issues. 2015-03-20 23:10:44 <_mjones> And a fully-featured, resource-ballooning KVM or Xen can be very flexible with resources. 2015-03-20 23:11:10 <_mjones> Ballooning; essentially this is reclaiming underutilised RAM from the guest. 2015-03-20 23:11:22 <_mjones> And if you want to go the other way, modern OSes can hot-add RAM and CPU. 2015-03-20 23:11:42 <_mjones> Just FYI. 2015-03-20 23:13:15 good to know 2015-03-20 23:13:36 so gdiks only found a mbr, no valid gpt 2015-03-20 23:13:52 <_mjones> I have 54 include files in Alpine /usr/include/xfs on Alpine, but only 10 on Debian. I can't handle this without some single-malt. 2015-03-20 23:14:20 ugh... 2015-03-20 23:18:35 <_mjones> If you like containers, be sure to check out CoreOS too. 2015-03-20 23:18:51 <_mjones> It's systemd, but etcd is intriguing. 2015-03-20 23:21:01 <_mjones> typedef __loff_t loff_t; 3541092 8 -rw-r--r-- 1 root root 6838 Feb 22 06:37 /usr/include/x86_64-linux-gnu/sys/types.h # <-- culprit for sure 2015-03-20 23:25:39 first sector 2048, the default value, should be a safe choice? or am I wasting space? 2015-03-20 23:44:41 <_mjones> 2048 should be great. What you want to avoid, for performance, is misalignment. 2015-03-20 23:44:50 <_mjones> You would never notice any wasted space. ;) 2015-03-20 23:45:14 <_mjones> Misalignment means you'll double all of your block reads for no good reason. 2015-03-20 23:45:34 <_mjones> Well maybe not all with 4k sectors now. Not sure how that propoagates through the stack. 2015-03-21 14:38:38 After installation upon reboot, seems network drivers are not loaded where should i look ? hwdrivers is correctly on sysinit 2015-03-21 14:45:40 <__mjones> network drivers are in the kernel. 2015-03-21 14:46:14 <__mjones> I mean they're largely LOadable Kernel Modules, but the point is it's quite rare you'd lose them on reboot. 2015-03-21 14:46:30 <__mjones> What are the symptoms? eth0 doesn't come up? 2015-03-21 14:46:36 yep 2015-03-21 14:46:43 it doesn't load up e1000e driver 2015-03-21 14:47:06 <__mjones> ifconfig shows lo and nothing else? 2015-03-21 14:47:14 <__mjones> dmesg | grep e1000 2015-03-21 14:47:19 <__mjones> dmesg | grep -i eth 2015-03-21 14:47:20 dunno much how openrc handles that, is there a way to force load some drivers at boot 2015-03-21 14:47:36 __mjones: clearly it fails on eth0 not existing 2015-03-21 14:47:42 <__mjones> init doesn't have anything to do with drivers (?) 2015-03-21 14:48:06 <__mjones> If eth0 doesn't exist, it won't come up, but that's not a driver issue, it's a hw issue. 2015-03-21 14:48:32 modprobe e1000e && service networking restart 2015-03-21 14:48:35 et voila 2015-03-21 14:48:43 there's no driver issue 2015-03-21 14:48:51 there's no hw issue 2015-03-21 14:49:00 a misdetection of it well maybe 2015-03-21 14:49:20 i'd just be happy to not have to load it by hand on reboot :) 2015-03-21 14:49:21 <__mjones> dmesg | grep e1000 2015-03-21 14:49:40 <__mjones> VM or hw? 2015-03-21 14:49:41 well it's empty before i hand modprobe it indeed 2015-03-21 14:49:45 hw 2015-03-21 14:50:07 <__mjones> 'apk add ethtool' 2015-03-21 14:50:41 mmmh does ethtool gets used during boot process ? 2015-03-21 14:50:48 <__mjones> I don't think ethtool will work until the driver is in. 2015-03-21 14:50:53 <__mjones> no, it's diagnostic. 2015-03-21 14:50:59 diag for what ? 2015-03-21 14:51:02 it works 2015-03-21 14:51:10 talking to you with my driver right now 2015-03-21 14:51:12 -_- 2015-03-21 14:51:22 there's no issue with the hw 2015-03-21 14:51:24 <__mjones> You keep asserting that, but you were asking a question. 2015-03-21 14:51:30 <__mjones> Why it doesn't come up. 2015-03-21 14:51:46 <__mjones> 'dmesg' is the way I would look into that. 2015-03-21 14:52:16 dmesg don't show nothing about e1000 as e1000 is not loaded 2015-03-21 14:52:20 <__mjones> /etc/network/interfaces has the config 2015-03-21 14:52:38 yep 2015-03-21 14:52:48 <__mjones> Oh look, I almost missed the 3.1.3 release message. 2015-03-21 14:52:50 that's why it fails on eth0 at boot 2015-03-21 14:53:02 oh yeah that's on 3.1.3 2015-03-21 14:53:07 <__mjones> what's why? 2015-03-21 14:53:24 because i got the eth0 config in networking/interfaces 2015-03-21 14:53:25 <__mjones> because it's not loaded? But the LKMs are loaded on demand. 2015-03-21 14:53:53 seems the detection misses it 2015-03-21 14:54:11 <__mjones> I have never seen that, IIRC. 2015-03-21 14:54:22 what's in the 3.1.3 release note ? 2015-03-21 14:54:23 <__mjones> The hardware must not be ready. 2015-03-21 14:54:43 <__mjones> It'd be pure kernel. 2015-03-21 14:56:11 <__mjones> Looks like nobody put openssh 6.8 in the release. 2015-03-21 14:56:46 <__mjones> Yesterday I thought it was a fix release, but I might have gotten the wrong impression. 2015-03-21 14:58:19 <__mjones> It's not. I saw the release headline on HN or somewhere and assumed it must be another sky is falling fix. 2015-03-21 14:58:55 <__mjones> In fact it's got refactoring and new features, so discretion was the better part of valor. 2015-03-21 14:59:24 <__mjones> coredumb: UEFI? Forgive me if I've asked on an earlier occassion. 2015-03-21 15:00:43 <__mjones> I can't ever recall an e1000 problem other than the PHY, which isn't the issue here presumably. 2015-03-21 15:02:02 <__mjones> FYI, always use e1000 for VMs too. Windows-heads want you to use vmxnet3 (vmware virtio) but you should never do that for Linux. 2015-03-21 15:14:37 I've partitioned my disk using gdisk, now how do I install AL? The setup script still is unhappy with the disk layout 2015-03-21 15:15:31 well, alpine-setup tries to install to the device rather than a particular partition 2015-03-21 15:17:00 <__mjones> really? 2015-03-21 15:17:11 <__mjones> wow, unexpected. 2015-03-21 15:17:38 <__mjones> When it prompts you for 'sda' 2015-03-21 15:18:08 <__mjones> No, I guess that makes sense in retrospect. :-/ 2015-03-21 15:18:42 <__mjones> It's going to want /boot on sda1 and / on sda3, and I guess it's just not setup to coexist with anything else. 2015-03-21 15:18:54 <__mjones> No setup for bootloaders and so forth. 2015-03-21 15:19:14 I have 3 partitions now, not using the whole disk 2015-03-21 15:19:42 1 -> 200m for /boot, 2 -> 25g for / and 3 -> 15g for /var 2015-03-21 15:19:44 <__mjones> When the livecd boots, what does 'dmesg' show as the storage detection? 2015-03-21 15:20:00 let me reboot 2015-03-21 15:20:49 <__mjones> I don't know how much work it is to do manually what the installer does automatically. 2015-03-21 15:21:01 I'm also not sure what to do about encryption 2015-03-21 15:21:09 <__mjones> We're kinda lazy these days, me especially. 2015-03-21 15:21:12 system encryption vs data encryption 2015-03-21 15:21:36 data encryption should be fine 2015-03-21 15:22:00 <__mjones> yeah. I think it was coredumb that had an encryption issue the other day, because she/he was using nonstandard dm-crypt/LUKS options. 2015-03-21 15:22:09 hm.. 2015-03-21 15:22:17 yeah, I'm not looking for more headache 2015-03-21 15:22:47 how do I safely implement automount of encrypted partitions? namely /home and /srv or /data? 2015-03-21 15:23:05 It's not going to be of much use when I store my keyfiles in the unencrypted / 2015-03-21 15:23:16 <__mjones> In 1996, installing openbsd meant doing your partitions by hand then untarring usr.tar.gz, boot.tar.gz, games.tar.gz..... ;) 2015-03-21 15:23:33 <__mjones> I don't know that you can do that. 2015-03-21 15:23:45 <__mjones> Overall, it's recommended to go whole-disk encrypt with LUKS. 2015-03-21 15:24:00 <__mjones> I run that, but I've only ever let installers do the lifting for me. 2015-03-21 15:24:16 <__mjones> On Lubuntu and Debian, to be specific. 2015-03-21 15:25:00 right, I have the same setup on this debian box 2015-03-21 15:25:52 <__mjones> I don't think there's a step by step HOWTO yet. 2015-03-21 15:25:55 <__mjones> for Alpine. 2015-03-21 15:26:05 \/ and /home are seperate volumes which are part of a volume group in a LUKS container 2015-03-21 15:26:31 <__mjones> The disk thing is more annoying. The installer doesn't want to deal with slices, just make its own, I guess. 2015-03-21 15:26:45 so I took a look at dmesg 2015-03-21 15:26:51 it can see sda1 to ..3 2015-03-21 15:27:04 should I try setup-alpine again? 2015-03-21 15:27:11 <__mjones> 3.1.3 was released earlier today. I doubt there's any change in sizes of storage handled. 2015-03-21 15:27:20 <__mjones> Might as well try. 2015-03-21 15:28:01 <__mjones> Probably have to do it manually. Probably setup-alpine is a dynamic language and it won't be too hard. 2015-03-21 15:28:08 <__mjones> I'd have to spin up another VM to look. 2015-03-21 15:28:30 <__mjones> Since I feel responsible for telling you that a simple partition would fix it, I will do that. 2015-03-21 15:29:40 nope, it still just sees sda (the installer) 2015-03-21 15:30:04 I appreciate your help 2015-03-21 15:30:06 <__mjones> That's what I was expecting, unfortunately. 2015-03-21 15:30:48 <__mjones> I have to pull down 3.1.3...fourth VM on this laptop. People ask why I won't buy any 8GB ultrabooks... :P 2015-03-21 15:31:20 hehe 2015-03-21 15:32:03 I'm still on 3.1.2 2015-03-21 15:32:48 <__mjones> Won't matter. ;) 2015-03-21 15:33:13 <__mjones> I guess I did have that 3.1.2 mini iso, but really I just needed to get 3.1.3. 2015-03-21 15:38:54 <__mjones> There's a fix listed for setup-disk but there's not much chance it's relevant. 2015-03-21 15:40:54 <__mjones> it's in the erasedisks routine. 2015-03-21 15:41:19 ok 2015-03-21 15:41:19 Hi there. according to the alpine-redmine it is planned to ship alpine 3.2 with mongodb 2015-03-21 15:42:00 how likely is it that this will happen? 2015-03-21 15:42:13 or is it more a kind of backlog task ? 2015-03-21 15:42:44 <__mjones> mirac: let me check something. 2015-03-21 15:43:02 the according ticket #1182 is quite old 2015-03-21 15:43:30 <__mjones> Yes, as I recalled. 2015-03-21 15:43:45 <__mjones> The mongodb port is in 'unmaintained', and is of 2.4.4. 2015-03-21 15:44:16 <__mjones> ncopa is maintainer. 2015-03-21 15:44:50 <__mjones> Why it's unmaintained category, and what 'shipped with' means, I'd have to check ticket. 2015-03-21 15:45:36 <__mjones> But absent further information, I would say it wouldn't be terribly difficult to update the aport and bring back the package. 2015-03-21 15:46:04 <__mjones> ACTION checks #1182 2015-03-21 15:47:14 <__mjones> mirac: ncopa changed that only 3 months ago to target 3.2.0, even though the ticket itself is old. 2015-03-21 15:47:45 <__mjones> That means he intends to resurrect that package in the near-future. I bet he wouldn't complain if someone else did it, though. 2015-03-21 15:48:09 yes.. 2015-03-21 15:48:33 but it looks quite complicate to me 2015-03-21 15:48:38 serveral patches ... 2015-03-21 15:49:20 <__mjones> One of them is for uclibc, which means the package predates musl which shipped in 3.0. 2015-03-21 15:49:26 <__mjones> May or may not be a big deal. 2015-03-21 15:50:07 <__mjones> I'm neck-deep in a ceph package, which turns out to be a big deal and it's not even done. 2015-03-21 15:50:22 :-) 2015-03-21 15:50:47 <__mjones> mirac: the bigger deal is probably that mongodb has probably released a lot of versions since 2.4.4. 2015-03-21 15:51:29 that too. but i´m realy not good maintainer... much to less skilled 2015-03-21 15:51:56 <__mjones> So, package has been made in the past. This greatly improves chances and timeline. MongoDB is not a trivial package, which makes things a bit harder. 2015-03-21 15:52:16 right now i run mongodb inside a lxc.debian but there are some troubles with the software that depends on mongo 2015-03-21 15:52:25 <__mjones> mirac: maybe, but the fact that you looked at the packages means something. 2015-03-21 15:52:32 __mjones: simply i was not setting it correctly :) - encryption 2015-03-21 15:52:39 <__mjones> s/packages/patches/ 2015-03-21 15:52:48 so about this e1000 issue 2015-03-21 15:52:56 just added it to /etc/modules 2015-03-21 15:52:57 <__mjones> coredumb: yes, ch077179 was asking about. 2015-03-21 15:53:29 <__mjones> coredumb: shouldn't even be necessary. I don't even. 2015-03-21 15:53:47 yeah well ... 2015-03-21 15:53:53 works like that here 2015-03-21 15:54:12 will finish reconfiguring my shit before looking into it 2015-03-21 15:54:22 __mjones: thank you... 2015-03-21 15:55:48 coredumb: how did you end up setting your system up? 2015-03-21 15:55:52 system encryption? 2015-03-21 15:55:55 <__mjones> mirac: I wouldn't mind taking a look at it myself, but not until I've done ceph or given up. 2015-03-21 15:56:14 ch077179: follow the lvm on luks wiki page 2015-03-21 15:56:21 what's your issue ? 2015-03-21 15:56:39 I was just pondering the different strategies 2015-03-21 15:56:44 <__mjones> monogodb just released 3.0.0 a couple weeks ago. 2015-03-21 15:56:50 __mjones: I´m not in a hurry. just planing to take care of my server in summertime. 2015-03-21 15:57:11 <__mjones> mirac: I assume you're using 2.x.x now, but how would you feel about 3.0.x being supported? 2015-03-21 15:57:19 so /boot + lvm with LUKS and /, /var and /home go into the lvm ? 2015-03-21 15:57:22 ch077179: fairly easy actually 2015-03-21 15:57:34 yes 2015-03-21 15:57:43 make a 100MB /boot 2015-03-21 15:57:48 the rest on luks + lvm 2015-03-21 15:57:56 <__mjones> Alright, so working on this partitioning thing. Let me see if I can create a qcow2 image with slices. 2015-03-21 15:58:01 or whatever floats your boat 2015-03-21 15:59:17 __mjones: have to check the depandency of the appliance that uses mongo 2015-03-21 15:59:43 <__mjones> appliance? Interesting. Software appliance, virtual appliance? 2015-03-21 16:00:04 __mjones: software 2015-03-21 16:00:28 <__mjones> Looks like 2.4.4 was pretty recent. Not sure of this history of that port being in 'unmaintained'; I would assume it was working/released at one time. 2015-03-21 16:00:29 __mjones: wifi-controler 2015-03-21 16:01:10 sounds good, now my only problem is how to install alpine. setup-alpine doesn't like gpt 2015-03-21 16:01:11 __mjones: it´s just a java-jar file but it needs a native mongoDB 2015-03-21 16:01:15 <__mjones> mirac: ok. I would say it's _probably_ safe to assume that Alpine's mongodb package will be released >= 3.0.0 2015-03-21 16:01:45 <__mjones> Ah. The Java uses JNDI for database connectivity. Well, for RDBMS, anyway. 2015-03-21 16:02:03 <__mjones> So the JNDI driver might be one determinant of compatibility. 2015-03-21 16:02:16 <__mjones> Interesting, interesting. 2015-03-21 16:02:34 __mjones: I´m not sure. I think they connect RESTful 2015-03-21 16:02:48 ch077179: setup-alpine 2015-03-21 16:02:53 up until disk 2015-03-21 16:02:56 say none 2015-03-21 16:03:00 <__mjones> ch077179: I'm setting up a testbed now, to see how practical it is to do a manual setup on your disks. 2015-03-21 16:03:05 validate everything else 2015-03-21 16:03:24 then install parted 2015-03-21 16:03:29 <__mjones> coredumb: you know, that might bypass his problem at the same time. 2015-03-21 16:03:30 configure your partitions 2015-03-21 16:03:52 luks 2015-03-21 16:03:54 lvm 2015-03-21 16:03:56 mount lvm 2015-03-21 16:04:05 setup-disk -m sys /mount 2015-03-21 16:04:07 __mjones: ubnt.com/unifi 2015-03-21 16:04:23 ch077179: check the GPT wiki page as well 2015-03-21 16:04:25 <__mjones> ah, ubiquitis! 2015-03-21 16:04:54 <__mjones> ch077179: I bet if you follow that procedure it will work, because you're already doing partitioning manually. 2015-03-21 16:04:56 __mjones: yes. great thing 2015-03-21 16:06:26 I'm on it 2015-03-21 16:08:28 where do i look for init scripts errors ? 2015-03-21 16:08:31 <__mjones> mirac: how do you like LXC on Alpine? 2015-03-21 16:08:40 <__mjones> /var/log/messages? 2015-03-21 16:08:51 <__mjones> dmesg is the kernel log circular buffer 2015-03-21 16:09:04 <__mjones> Not in the kernel log. 2015-03-21 16:09:18 <__mjones> init scripts is userland and log as they are configured. 2015-03-21 16:09:37 <__mjones> reminds me, I didn't see a syslog.conf when I went looking the other day. 2015-03-21 16:09:56 __mjones: in generall i like alpine very much and the integration of lxc with open-rc is great 2015-03-21 16:10:03 <__mjones> coredumb: if needed, one could add logger(1) statements to init scripts. 2015-03-21 16:10:56 <__mjones> mirac: the questions comes up frequently and I haven't yet done LXC, but I will pass along your feedback. 2015-03-21 16:11:02 so I removed partitions #2 and #3. __mjones do you think when I set up a LUKS container now for the unused disk space, create a lvm on it I'll be able to install in there? 2015-03-21 16:11:02 __mjones: ok 2015-03-21 16:11:28 ch077179: yes you will 2015-03-21 16:11:33 <__mjones> ch077179: likely, yes. 2015-03-21 16:11:46 kk 2015-03-21 16:11:50 you have to mount your lvm in say /mnt 2015-03-21 16:11:59 and run setup-disk -m sys /mnt 2015-03-21 16:12:20 ok, let's see :) 2015-03-21 16:13:42 __mjones: thank you for your time, but i have to leave now. looking forward to upgrade my server in summertimer. still useing alpine 2.7 2015-03-21 16:14:27 <__mjones> mirac: ok, bon voyage. 2015-03-21 16:15:52 any idea why when X starts i have no more display on tty ? 2015-03-21 16:16:26 <__mjones> not particularly. 2015-03-21 16:17:37 <__mjones> X is its own category of magic, about which I know probably no more than you. 2015-03-21 16:18:29 not so much a problem as long as you don't have an X issue though 2015-03-21 16:18:30 <__mjones> weyland/weston might be a good fit for a lightweight, uncomplicated distribution. 2015-03-21 16:18:39 <__mjones> coredumb: exactly. 2015-03-21 16:18:57 <__mjones> When I have an X problem, I bing it and see if one of the ubuntu folk has a fix. 2015-03-21 16:19:42 i have some urxvt wirdness as well 2015-03-21 16:19:58 have to finish configuring the WM first ^^ 2015-03-21 16:22:59 it's a brand new disk, do I still haveged -n 0 | dd=/dev/sda2 ? 2015-03-21 16:24:37 ch077179: depends of your time :) 2015-03-21 16:24:45 <__mjones> I keep my X machines separate from my non-X machines. At some point I'll give Alpine a whirl with X. 2015-03-21 16:25:27 coredumb: is it necessary from a cryptographic viewpoint? Do they come filled with zeros? 2015-03-21 16:25:51 it's not needed 2015-03-21 16:26:05 it's just to erase disk with random datas 2015-03-21 16:26:36 yeah.. I do wonder though what the pattern on new disks is. random? zeros? ones? 2015-03-21 16:27:13 i guess zeros but well you gonna format and put datas on ... 2015-03-21 16:29:05 <__mjones> it's random. 2015-03-21 16:29:39 <__mjones> I think. Read a brand-new disk and find out. Maybe Seagate has been shipping easter-eggs for years and nobody has noticed! 2015-03-21 16:29:41 did people test it? 2015-03-21 16:30:04 I'd agree, it'd be most comfortable for customers who want plausible deniability 2015-03-21 16:30:09 <__mjones> No person tested a $120 4TB disk, no. A machine tested it. 2015-03-21 16:30:12 and it woulnd't hinder anyone else 2015-03-21 16:30:37 yeah :) that's what I meant, a person telling a machine to test it 2015-03-21 16:30:51 <__mjones> dd if=/dev/urandom of=/dev/sdb bs=1M 2015-03-21 16:31:24 <__mjones> Do not try with /dev/random ;) 2015-03-21 16:31:26 but I can save that time if it's a new disk with no non-random data on it, no? 2015-03-21 16:31:46 <__mjones> ch077179: yes. 2015-03-21 16:32:11 <__mjones> You can probably save that time anyway. 2015-03-21 16:32:31 i'm the only one having ssh client unable to resolve my internal domain ? 2015-03-21 16:32:52 <__mjones> I don't expect any of my current storage crypto to withstand nation-state attackers. 2015-03-21 16:33:09 <__mjones> coredumb: reverse DNS or forward? Probably, yes. 2015-03-21 16:33:23 forward 2015-03-21 16:33:37 <__mjones> coredumb: are you familiar with tools like host, dig? 2015-03-21 16:33:39 mmmh actually it's not just ssh 2015-03-21 16:33:53 yeah i must find which pkg owns dig first 2015-03-21 16:33:59 <__mjones> I reckoned that. ;) 2015-03-21 16:34:04 <__mjones> binds-tools 2015-03-21 16:34:09 !! 2015-03-21 16:34:13 <__mjones> bind-tools. 2015-03-21 16:35:09 http://pastebin.com/Lyzgr77z 2015-03-21 16:35:10 <__mjones> dig is so choice. If you have the means, I highly recommend picking one up. 2015-03-21 16:35:15 did i miss something ? 2015-03-21 16:35:57 <__mjones> I think I see it. 2015-03-21 16:36:10 ok missing domain option in resolv 2015-03-21 16:36:17 search not sufficient 2015-03-21 16:36:18 <__mjones> First, using fake TLDs is not a good idea. Don't let me catch you doing that in an organisation. 2015-03-21 16:36:30 <__mjones> Second, the hostname is dismiss. Full stop. 2015-03-21 16:36:49 <__mjones> The successful lookup was of dismiss. 2015-03-21 16:37:02 <__mjones> "ping dismiss." 2015-03-21 16:37:38 nope 2015-03-21 16:37:38 <__mjones> musl resolv does not take domain nor search options! 2015-03-21 16:37:46 <__mjones> You shouldn't have relied on them anyway ;) 2015-03-21 16:37:51 yeah actually it worked once 2015-03-21 16:37:54 <__mjones> But they are deliberatelty unimplemented. 2015-03-21 16:37:59 then nothing 2015-03-21 16:38:06 ping dismiss.internal 2015-03-21 16:38:14 gives me the finger as well 2015-03-21 16:38:22 is that a musl limitation ? 2015-03-21 16:38:27 <__mjones> show us the zone. 2015-03-21 16:38:51 <__mjones> if you're using the fqdn there's no musl issue. 2015-03-21 16:39:23 <__mjones> If you must use a fake TLD, use something like example.com 2015-03-21 16:39:34 <__mjones> or another RFC reserved name. 2015-03-21 16:40:02 see dig works like a charm 2015-03-21 16:40:05 ping doesn't 2015-03-21 16:40:07 <__mjones> People using those in production got a rude awakening when the cert people were finally forced to stop handing them out like candy. 2015-03-21 16:40:16 never had an issue on other distros/OS 2015-03-21 16:40:44 <__mjones> Did you type exactly "ping dismiss." with the dot at the end? 2015-03-21 16:41:00 <__mjones> dig is adding it for you. Ping isn't. 2015-03-21 16:41:11 with, without, fqdn 2015-03-21 16:41:19 ping always says bad address 2015-03-21 16:41:26 <__mjones> Pastebin the zone file. 2015-03-21 16:42:31 there's no zones 2015-03-21 16:42:46 overrides in dnsmasq 2015-03-21 16:43:05 <__mjones> mmm. 2015-03-21 16:43:09 you ask him dismiss.internal it gives you an ip 2015-03-21 16:43:13 plain and simple 2015-03-21 16:43:39 <__mjones> ah. hosts file. 2015-03-21 16:43:57 <__mjones> dig does DNS only. Your resolver does things other than DNS, if so configured. 2015-03-21 16:44:10 <__mjones> stub resolver I mean. 2015-03-21 16:44:27 this is on my main dns 2015-03-21 16:44:32 dig is on the client 2015-03-21 16:44:37 dig resolves correctly 2015-03-21 16:44:41 ping doesn't 2015-03-21 16:44:48 <__mjones> host files on client with ping. 2015-03-21 16:45:03 <__mjones> dnsmasq is on a server? Separate from client? 2015-03-21 16:45:17 <__mjones> I don't normally use it. 'main dns' is vague. 2015-03-21 16:45:34 __mjones: dnsmasq is on a server yes 2015-03-21 16:45:38 <__mjones> ping is resolving your host file first, dig is not. 2015-03-21 16:45:40 separate from client 2015-03-21 16:45:51 <__mjones> dig goes straight to DNS. 2015-03-21 16:46:00 yes that's what i expect it to do 2015-03-21 16:46:06 <__mjones> ping goes to getaddinfo() which is a musl routine. 2015-03-21 16:46:10 there's nothing in my hosts file 2015-03-21 16:46:14 <__mjones> getaddrinfo() I mean. 2015-03-21 16:46:33 then it's musl giving me the finger 2015-03-21 16:46:45 <__mjones> sigh. 2015-03-21 16:46:58 <__mjones> you don't have 127.0.0.1 in your hosts file? 2015-03-21 16:47:36 coredumb: did you use a passphrase? 2015-03-21 16:47:41 ch077179: indeed 2015-03-21 16:47:49 I want to use a keyfile which I already generated 2015-03-21 16:47:56 __mjones: well nothing more than 127.0.0.1 indeed :) 2015-03-21 16:48:04 can I leave the --hash option out? 2015-03-21 16:48:10 <__mjones> actually, 'bad address' could mean other things. Blank space or null in response? 2015-03-21 16:48:54 <__mjones> Try 'host' just to see if anything odd shows up. 2015-03-21 16:49:02 <__mjones> 'host dismiss.' 2015-03-21 16:49:08 <__mjones> 'host dismiss.internal' 2015-03-21 16:49:35 <__mjones> I still think it's that trailing dot. 2015-03-21 16:49:50 # host dismiss 2015-03-21 16:49:52 dismiss.internal has address 10.60.60.1 2015-03-21 16:49:59 host works 2015-03-21 16:50:03 nslookup works 2015-03-21 16:50:13 dig works 2015-03-21 16:50:18 rest doesn't 2015-03-21 16:50:39 <__mjones> rest is using resolver routine getaddrinfo() 2015-03-21 16:51:35 yep 2015-03-21 16:51:59 so musl doing some validations or the like and not liking my .internal domain i guess 2015-03-21 16:52:04 or something like that 2015-03-21 16:52:09 <__mjones> the man page is from glibc :P 2015-03-21 16:52:21 <__mjones> something, but I doubt that. 2015-03-21 16:52:42 <__mjones> put it in the /etc/hosts for a moment and try ping. 2015-03-21 16:53:19 <__mjones> I'm trying to think of the best way to test the function output without writing/compiling code. 2015-03-21 16:53:27 it likes it in hosts 2015-03-21 16:53:38 mmmh 2015-03-21 16:53:55 <__mjones> I would say it's not musl, and specifically that it's not a bug. 2015-03-21 16:54:03 <__mjones> Something about your config. 2015-03-21 16:54:45 <__mjones> I'm pretty sure musl does not implement /etc/gai.conf, /etc/nsswitch.conf, nor /etc/host.conf 2015-03-21 16:54:57 <__mjones> does your resolv.conf have any lines except 'nameserver ' lines? 2015-03-21 16:55:14 yes search and domain 2015-03-21 16:55:23 search being set by alpine installer 2015-03-21 16:55:23 <__mjones> show the output for 'dig dismiss.internal' 2015-03-21 16:55:41 <__mjones> I think musl does not implement search. 2015-03-21 16:55:50 <__mjones> Rather sure. 2015-03-21 16:56:10 <__mjones> 'ping dismiss.internal' doesn't work (before hosts change) either? 2015-03-21 16:56:28 http://pastebin.com/6HKukFSL 2015-03-21 16:56:38 nope ping fqdn doesn't work 2015-03-21 16:58:40 <__mjones> authority 0, and returns the same A record for both dismiss. and dismiss.internal. 2015-03-21 16:58:46 <__mjones> Not sure I care for that at all. 2015-03-21 16:59:05 <__mjones> But I can't see the whole picture, so I'll let it alone for now. 2015-03-21 17:01:46 <__mjones> need dig options. Start with 'dig +trace dismiss.internal.' 2015-03-21 17:02:09 <__mjones> Making some espresso. brb. 2015-03-21 17:06:28 coredumb: what does this --hash option actually do if you use a key file? 2015-03-21 17:06:30 <__mjones> back. 2015-03-21 17:06:58 do I even need it? In the wiki the person used 'whirlpool' as an argument but it isn't documented. 2015-03-21 17:08:04 <__mjones> Can anyone recommend a haswell/avoton mini-itx board? A friend showed me a nice MSI one a little over a year ago but I don't want to search for hours. 2015-03-21 17:08:19 <__mjones> whirlpool is an algorithm, I think. 2015-03-21 17:09:14 <__mjones> Yes, it is. 2015-03-21 17:09:30 <__mjones> https://en.wikipedia.org/wiki/Whirlpool_%28cryptography%29 2015-03-21 17:09:36 <__mjones> Hence, hastype whirlpool. 2015-03-21 17:09:44 <__mjones> s/hastype/hashtype/ 2015-03-21 17:10:11 <__mjones> I guess AMD would be good too, if it has aes-ni and virt instructions. 2015-03-21 17:11:15 but man says it hashes the passphrase. When I use a keyfile, do I need --hash for cryptsetup? 2015-03-21 17:15:55 <__mjones> yes, I think so. 2015-03-21 17:16:17 <__mjones> Te man page implicitly says that the keyfile supplies the passphrase 2015-03-21 17:16:44 <__mjones> for instance: Changes an existing passphrase. The passphrase to be changed must be sup‐ plied interactively or via --key-file. The new passphrase can be supplied interactively or in a file given as positional argument. 2015-03-21 17:17:16 <__mjones> I know someone that's updating the wiki page after this! 2015-03-21 17:17:28 I read it differently 2015-03-21 17:17:38 under options to luksFormat --hash is not listed 2015-03-21 17:18:07 in the cryptsetup man page that is 2015-03-21 17:18:38 <__mjones> there would be a default in any event. So if you leave it out it'll just use the default. 2015-03-21 17:18:54 <__mjones> cryptographic hashes of passphrases are not optional. 2015-03-21 17:19:11 <__mjones> If the key was an x.509 I would say it's not a passphrase, but it's not that kind of key. 2015-03-21 17:19:27 and bc keyfile=~passphrase it remains mandatory 2015-03-21 17:19:29 <__mjones> You don' 2015-03-21 17:19:42 <__mjones> You don't need to overthink it the first time through. 2015-03-21 17:19:49 :) 2015-03-21 17:19:55 I just want to know what I'm doing 2015-03-21 17:19:56 <__mjones> The nice thing about software is you can do it over and over again. 2015-03-21 17:20:27 <__mjones> Passphrases are protected against brute-force and dictionary attacks by PBKDF2, which implements hash iteration and salting in one function. 2015-03-21 17:20:36 <__mjones> oh, pbkdf2 is nice. Only bested by bcrypt. 2015-03-21 17:20:44 alright, I'll go with whirlpool 2015-03-21 17:20:58 <__mjones> Use --hash to override the default hash function for passphrase hashing (otherwise it is detected according to key size). 2015-03-21 17:21:11 <__mjones> I'd use pbkdf2, or even better, bcrypt 2015-03-21 17:21:33 <__mjones> Values compatible with old version of cryptsetup are "ripemd160" for create and "sha1" for luksFormat. Use cryptsetup --help to show the defaults. 2015-03-21 17:22:20 <__mjones> plain: aes-cbc-essiv:sha256, Key: 256 bits, Password hashing: ripemd160 (this is from my Debian stable 7.8) 2015-03-21 17:23:19 <__mjones> /sbin/cryptsetup -tail 8 2015-03-21 17:23:37 <__mjones> I don't see whirlpool compiled into our binary. 2015-03-21 17:23:53 <__mjones> Alpine is showing the same as Debian. 2015-03-21 17:30:52 __mjones: funny thing 2015-03-21 17:30:57 when i'm on wlan 2015-03-21 17:31:05 it works as expected 2015-03-21 17:31:16 dismiss is resolved by everything 2015-03-21 17:31:18 :O 2015-03-21 17:31:49 <__mjones> yeah, not musl. 2015-03-21 17:31:59 <__mjones> It's not a tumour! 2015-03-21 17:32:12 well then we have more bugs imo 2015-03-21 17:32:16 <__mjones> My guess is quirks in your dnsmasq. 2015-03-21 17:32:18 yep not musl 2015-03-21 17:32:26 but what... -_- 2015-03-21 17:32:31 cryptsetup gave me a thumbs up after running my command with whirlpool 2015-03-21 17:32:42 but I couldn't luksOpen the device afterwars 2015-03-21 17:32:46 <__mjones> ch077179: what challenges await? 2015-03-21 17:32:51 it gave me an error with bcrypt 2015-03-21 17:33:19 <__mjones> what command-line did you end up giving it? 2015-03-21 17:33:36 command failed with code 22: requested luks hash bcrypt is not supported. I'd have expected the same with whirlpool 2015-03-21 17:33:39 <__mjones> he's the expert -> 2015-03-21 17:33:44 <__mjones> ACTION points at coredumb. 2015-03-21 17:34:03 ACTION lols 2015-03-21 17:34:05 <__mjones> Yes, it said so 2015-03-21 17:34:15 <__mjones> cryptsetup --help | tail -8 2015-03-21 17:34:25 cryptsetup -v -c serpent-xts -s 512 -d /path/to/key --hash whirlpool --iter-time 500 ---use-random luksFormat /dev/sda2 2015-03-21 17:34:32 <__mjones> depending how you read it, either ripemd160 or pbkdf2 2015-03-21 17:34:38 pretty much what the wiki said 2015-03-21 17:34:48 ch077179: -c NEEDS -plain64 2015-03-21 17:34:59 so in your case -c serpent-xts-plain64 2015-03-21 17:34:59 <__mjones> our version seems not to have whirlpool compiled in. 2015-03-21 17:35:09 <__mjones> Just leave out the --hash whirlpool and try again. 2015-03-21 17:35:10 made the same error yesterday ;) 2015-03-21 17:35:25 <__mjones> that too! 2015-03-21 17:35:29 but proc/crypto doesn't talk about -plain64 2015-03-21 17:35:35 <__mjones> I know two users who are updating the wiki page. 2015-03-21 17:35:51 ch077179: yes it doesn't 2015-03-21 17:35:53 :) 2015-03-21 17:36:01 else it wouldn't be fun would it ? 2015-03-21 17:36:09 lol 2015-03-21 17:36:16 __mjones: well wiki page is correct and states -plain64 in the example ;) 2015-03-21 17:36:19 <__mjones> I also volunteer you to write the new LUKS portion of setup-alpine 2015-03-21 17:36:34 __mjones: yeah was thinking about it actually 2015-03-21 17:37:11 coredumb: what happens if -plain64 is ommitted? 2015-03-21 17:38:21 <__mjones> the error 22 with the missing field. 2015-03-21 17:39:24 but 2015-03-21 17:39:35 cryptsetup -v -c serpent-xts -s 512 -d /path/to/key --hash sha1 --iter-time 500 ---use-random luksFormat /dev/sda2 2015-03-21 17:39:39 ran successfully 2015-03-21 17:40:01 note the lacking -plain64 2015-03-21 17:40:13 bug too? 2015-03-21 17:41:49 <__mjones> Good question. 2015-03-21 17:42:03 <__mjones> Maybe not, exactly. 2015-03-21 17:42:30 cryptsetup -v -c serpent-xts -s 512 -d /path/to/key --iter-time 5000 ---use-random luksFormat /dev/sda2 2015-03-21 17:42:36 ran successfully as well 2015-03-21 17:42:43 is sha1 the default hash? 2015-03-21 17:43:17 luksOpen fails now 2015-03-21 17:43:35 <__mjones> manpage says pbkdf2, which is superb 2015-03-21 17:44:17 <__mjones> ah, no. Had it backwards. This: 2015-03-21 17:44:41 ok, luksOpen def. won't work without -plain64 :) 2015-03-21 17:44:42 <__mjones> LUKS1: aes-xts-plain64, Key: 256 bits, LUKS header hashing: sha1, RNG: /dev/urandom 2015-03-21 17:44:46 <__mjones> No, sort-of. 2015-03-21 17:45:04 <__mjones> pbkdf2 for the passphrase/key, sha1 for the LUKS header on-disk. 2015-03-21 17:45:27 <__mjones> Look at the bottom of 'cryptsetup --help' 2015-03-21 17:45:33 yup 2015-03-21 17:46:17 <__mjones> I think taking 'serpent-xts' instead of 'serpent-xts-plain64' is likely a bug that should be caught in an exception. 2015-03-21 17:46:24 <__mjones> But I also think you should use the defaults. 2015-03-21 17:46:33 <__mjones> AES is excellent. 2015-03-21 17:47:33 <__mjones> 512 bits is likely overkill. 2015-03-21 17:47:42 as in I ommit -c and --hash ? 2015-03-21 17:47:52 and -s 2015-03-21 17:47:52 <__mjones> You would just get 'rubber-hose crypto' with that. 2015-03-21 17:48:17 <__mjones> ch077179: yes that would be my suggestion. 2015-03-21 17:48:31 <__mjones> There is one use-case though. 2015-03-21 17:48:52 <__mjones> Go through customs, machine taken for an hour, returned. One assumes it's been imaged and not broken. 2015-03-21 17:49:38 <__mjones> With 256 bits, you might have, let's say 5 or 8 years before someone could hypothetically choose to go back and brute-force it. Probably longer. 2015-03-21 17:49:54 <__mjones> 512 bits would stretch that timeline way out; I'd say at least 20 years. 2015-03-21 17:50:26 no no, I'm just doing encryption for the fun of it and to protect against nosey neighbors etc 2015-03-21 17:50:51 like if I'm on a vacation and someone reboots my home server with a boot stick to peek around 2015-03-21 17:51:16 <__mjones> The performance differences are different depending on the machine, but even minmal crypto keeps out almost everyone. 2015-03-21 17:51:25 right 2015-03-21 17:51:45 <__mjones> I'd do AES for sure, so modern cpus with aes-ni can do it fast, and 128 or 256 bits. 2015-03-21 17:52:01 <__mjones> you were specifying serpent at 512 bits. 2015-03-21 17:52:16 <__mjones> Likely a large storage performance hit. 2015-03-21 17:52:55 <__mjones> I don't know 128 vs. 256 on storage. In TLS we prefer aes-128 because 256 doesn't buy much worth paying the price. 2015-03-21 17:53:18 I just ran it one last time with no -c --hash and -s 2015-03-21 17:53:41 created the volume group now on to volumes 2015-03-21 17:56:05 lvcreate-L 25G vg0 -n root gives me 73dd...-37dd...f100000 r-xp 00000000 00:0f 4782 /lib/libdevmapper.so.1.02 mlock failed: out of memeroy 2015-03-21 17:56:22 and another line like that wrt -event.so.1.02 ? 2015-03-21 17:56:35 logical volume "root" created. though 2015-03-21 17:58:25 <__mjones> I wonder if it ran out of core because of the very large ('huge') disk. 2015-03-21 18:03:37 these errors were shown in all runs of lvcreate 2015-03-21 18:03:47 mkfs.ext4 ran without errors though 2015-03-21 18:09:41 <__mjones> They do different things. I've never had mkfs.ext4 fail, though. 2015-03-21 18:13:14 I could mount vg0-root and dd zeroes into a swapfile 2015-03-21 18:13:30 it's the one that I lvcreated first, 25G 2015-03-21 18:17:37 do I set the boot flag for /dev/sda or /dev/sda1? 2015-03-21 18:18:28 <__mjones> sda1 2015-03-21 18:18:46 thx 2015-03-21 18:18:59 <__mjones> doubt sda would work (nothing there to chain it?) but it wouldn't hurt to try. 2015-03-21 18:19:45 <__mjones> Nothing like random questions to remind a folk of what he doesn't know. 2015-03-21 18:22:22 ch077179: i noted the -plain64 being specified on ALL tutorials i found on internet 2015-03-21 18:22:40 so seems it formats successfully but cannot be opened back 2015-03-21 18:23:25 <__mjones> Either a passphrase/hash mismatch, or something breaking or not passint it correctly, would be my guess. 2015-03-21 18:23:37 <__mjones> s/passint/passing/ 2015-03-21 18:24:45 got a funny one 2015-03-21 18:24:57 % i3-config-wizard 2015-03-21 18:24:59 i3-config-wizard: mkdir(~/.i3) failed: No such file or directory 2015-03-21 18:25:01 :D 2015-03-21 18:25:48 <__mjones> i3 is a tiling window manager. Did you choose that? 2015-03-21 18:26:04 <__mjones> it can't "mkdir ~/.i3" 2015-03-21 18:26:16 <__mjones> no perms or no ~ mounted. 2015-03-21 18:26:30 come on ~/ is my home dir 2015-03-21 18:26:42 the error just doesn't make any sense 2015-03-21 18:26:57 mkdir ~/.i3 2015-03-21 18:27:01 then run it again 2015-03-21 18:27:04 same error 2015-03-21 18:27:12 <__mjones> is it writable? Does ~/.i3 already exist? Is it mounted 'noroot' and the thing running as root? 2015-03-21 18:27:38 <__mjones> maybe it's a misleading error saying it can't stat("~/.3"); 2015-03-21 18:27:49 <__mjones> or it could just be a dumb bug. 2015-03-21 18:28:02 in my home dir run by my user 2015-03-21 18:28:07 it is INDEED writable 2015-03-21 18:28:11 <__mjones> put strace on it, should be quick 2015-03-21 18:28:12 and i create it 2015-03-21 18:28:16 then same error 2015-03-21 18:28:45 <__mjones> did you change your homedir or uid recently, without logging out and in? 2015-03-21 18:29:23 <__mjones> I wanted to try i3 but I found the lack of any default configuration to be highly disconcerting, a barrier to entry, and a strategic mistake 2015-03-21 18:29:24 http://pastebin.com/btQtBcHg 2015-03-21 18:29:27 nope 2015-03-21 18:29:32 the thing's just on dope 2015-03-21 18:30:24 http://pastebin.com/fj9gwfKS 2015-03-21 18:30:37 <__mjones> touch ~/.i3/config and try it again 2015-03-21 18:30:52 <__mjones> this is i3 package on alpine right? 2015-03-21 18:31:54 <__mjones> dmesg or /var/log/message show anything? Using NFS? 2015-03-21 18:32:52 i just tell you the thing's on dope :D 2015-03-21 18:32:58 <__mjones> there are some things with 32-bit vs. 64-bit filehandles, especially on NFS, but if using alpine-native package on alpine they wouldn't apply. 2015-03-21 18:33:26 <__mjones> dyn linked to /usr/local/lib/rms-on-dope.so.1 for sure. 2015-03-21 18:33:53 not on nfs 2015-03-21 18:34:26 <__mjones> Come to think of it, that would explain a lot. 2015-03-21 18:35:56 so now I've installed alpine. How do I get the kernel to unlock the luks container and mount the volume group? 2015-03-21 18:36:24 <__mjones> coredumb: selinux would be a suspect if on a redhatty distro. 2015-03-21 18:36:46 the key should reside on a usb stick, so I need it to be reliably mounted to the same mount point, regardless of the usb slot 2015-03-21 18:36:51 <__mjones> Not in your homedir though. 2015-03-21 18:37:02 __mjones: exactly 2015-03-21 18:37:10 hence it's on dope :D 2015-03-21 18:37:16 nope, I just realised that :), neither etc bc that sits in the luks too 2015-03-21 18:37:36 <__mjones> ch077179: I don't know, but it's possible that to get the same mountpoint you might need to use udev, which is optional in alpine and not standard like it is on most distros. 2015-03-21 18:37:54 ok, and I need to mount it in /boot 2015-03-21 18:38:21 how do I do that if /etc is within the luks container? 2015-03-21 18:39:49 <__mjones> boot is different. 2015-03-21 18:40:14 <__mjones> Everything for boot has to be static, and why initramfs/initrd exist 2015-03-21 18:43:49 <__mjones> ch077179: not sure. I should read up on this. 2015-03-21 18:44:18 no worries 2015-03-21 18:44:24 I'm reading the arch wiki 2015-03-21 18:55:05 hm, they manipulate a file called /etc/mkinitcpio.conf. a) alpine-linux doesn't have it and b) it'd still sit in /etc 2015-03-21 18:57:21 <__mjones> cpio is tar; effectively legacy. 2015-03-21 18:58:35 I think I'll have to edit /etc/mkinitfs/mkinitfs.conf 2015-03-21 18:59:00 but how will the kernel get there... no this isn't going to work 2015-03-21 18:59:53 /boot is the only non-encrypted part of the system and it'll have to provide for the decryption of / 2015-03-21 19:00:22 <__mjones> ah, yes. mkinitfs is Alpine-specific. 2015-03-21 19:00:48 <__mjones> Check /etc/mkinitfs/features.d/cryptsetup.* 2015-03-21 19:01:06 <__mjones> I was messing with it a few months ago to get my root filesystem to mount with option discard. 2015-03-21 19:01:33 <__mjones> I'm 95% sure the root problem is a deficiency in busybox, probably lack of 'mount -n'. 2015-03-21 19:02:24 are you saying full system encryption isn't possible? 2015-03-21 19:03:05 <__mjones> No, I was speaking tangentially. 2015-03-21 19:03:14 <__mjones> Check /etc/mkinitfs/features.d/cryptsetup.* 2015-03-21 19:03:32 ok 2015-03-21 19:04:48 <__mjones> _My_ mount problem was 'fixed' by using mount from util-linux in lieu of busybox mount. 2015-03-21 19:05:24 I'm confused 2015-03-21 19:05:38 <__mjones> I was reminding myself to confirm this and try to get a fix in busybox, while I was pointing out a little bit of mkinitfs information to you. 2015-03-21 19:05:49 theres /boot/boot/etc/mkinitfs and /etc/mkinitfs 2015-03-21 19:05:55 <__mjones> mkinitfs is used to build the new initrd when you update kernels 2015-03-21 19:06:10 <__mjones> /boot/boot is a symlink to / 2015-03-21 19:06:15 <__mjones> cd /boot and 'ls -la' 2015-03-21 19:06:19 right 2015-03-21 19:06:28 <__mjones> Not quite sure why, but that explains all. 2015-03-21 19:06:54 <__mjones> So /boot/boot/etc/mkinitfs is the same as /etc/mkinitfs/. 2015-03-21 19:06:54 ok, so I mounted /dev/sda1 (/boot) in /mnt/boot for the purpose of running alpine-setup, which I did 2015-03-21 19:07:35 now I have the system that should boot mounted under /mnt/ (I'm still on the stick) 2015-03-21 19:08:31 <__mjones> ok 2015-03-21 19:08:50 I understand that I need to tell the kernel about the encrypted / (on /dev/sda2). the kernel needs to decrypt and luksOpen /dev/sda2, then add the volume group and then boot using / 2015-03-21 19:09:25 and I don't understand how that would work if I edit /etc/mkinitfs/some-file, as it sits in /dev/sda2, which is the luks container 2015-03-21 19:12:54 <__mjones> after you do that you run mkinitfs 2015-03-21 19:13:34 <__mjones> (it needs a manpage) 2015-03-21 19:13:46 <__mjones> then that should generate the initrd for you. 2015-03-21 19:13:50 <__mjones> (re)generate a new initrd. 2015-03-21 19:13:55 <__mjones> If I'm not mistaken. 2015-03-21 19:14:07 <__mjones> The initrd does what you need when you reboot. 2015-03-21 19:15:46 but how does it learn about the keyfile? 2015-03-21 19:16:44 the bootloader/kernel? It needs to reliably obtain it, even if the holding usb stick is removed between boot processes 2015-03-21 19:16:50 <__mjones> It's got to be configured when the initrd is built 2015-03-21 19:17:12 hm.. 2015-03-21 19:19:43 <__mjones> remember that mkinitfs is Alpine-specific 2015-03-21 19:20:01 right, do we have documentation about it? 2015-03-21 19:20:23 mkinitfs -L shows me that there's a cryptsetup feature to it 2015-03-21 19:20:43 <__mjones> 'man initrd' has the obvious 2015-03-21 19:20:51 <__mjones> there is no manpage for mkinitfs :( 2015-03-21 19:21:37 thank you. I'm sorry if I'm getting on your nerves with these newbie questions 2015-03-21 19:22:18 <__mjones> that just references the features enabled in /etc/mkinitfs/mkinitfs.conf 2015-03-21 19:22:42 <__mjones> which in turn reference the modules in /etc/mkinitfs/features.d/ 2015-03-21 19:22:52 <__mjones> No, they're not newbie questions. They're quite sophisticated. 2015-03-21 19:23:03 <__mjones> I just don't know many of the answers. 2015-03-21 19:27:53 <__mjones> I think LUKS is a use-case that hasn't been explored very much for Alpine. I know I haven't used it yet, because to date my Alpine use is for headless servers and JeOS VMs. 2015-03-21 19:44:25 ch077179: if you're not using default qwerty keymap remember to add "keymap" to your mkinitfs features 2015-03-21 19:44:37 else typing passphrase can be difficult :) 2015-03-21 19:49:17 <__mjones> I wonder if that's why she/he couldn't unlock it? 2015-03-21 19:49:36 got it coredumb 2015-03-21 19:49:51 who? 2015-03-21 19:50:19 <__mjones> you. Couldn't unlock the new LUKS volume, wasn't it? 2015-03-21 19:50:23 also, no passphrase 2015-03-21 19:50:34 i'm using a keyfile 2015-03-21 19:50:57 yeah but that was related to not having -plain64 2015-03-21 19:51:59 <__mjones> Oh I thought you solved that early. 2015-03-21 19:52:09 <__mjones> Because coredumb mentioned it, after having the exact same problem. 2015-03-21 19:52:45 well yeah, I just gave things a couple of tries, different combinations 2015-03-21 19:53:22 <__mjones> If it's any consolation I can't get any of the ceph crowd to acknowledge that they see my compilation question. I think I'm on my third irc channel, second IRC network. 2015-03-21 19:53:37 it's solved a long time ago, now I ate and came back to investigate further how to unlock automatically when booting with an inserted usb-stick with the keyfile 2015-03-21 19:53:48 hehe 2015-03-21 19:53:59 different questions same angst 2015-03-21 19:54:02 ;) 2015-03-21 19:54:39 <__mjones> I think not so much. I told you I didn't know the answer to a few things, and mentioned some parts of the puzzle. 2015-03-21 19:55:27 <__mjones> It's the nature of irc. It's just an awful lot of people idling in a -devel channel to not get a bite. 2015-03-21 19:57:02 <__mjones> Especially since there's likelihood I'm doing something silly. 2015-03-21 19:57:47 what is ceph good for? what is object storage? 2015-03-21 19:59:00 hm, it's basically a huge memory? 2015-03-21 19:59:43 I hope you get your answer soon 2015-03-21 20:00:22 <__mjones> object storage means you can't technically treat it as a filesystem. You can get, write, overwrite, or append to objects ('files') but you can't open them and change a bit in the middle and close them, like on block storage. 2015-03-21 20:01:08 <__mjones> I've recently been doing a lot of storage work, so I'm intrested in getting it working, but mostly it's an exercise in packaging/porting to refresh myself. 2015-03-21 20:01:25 nice 2015-03-21 20:01:30 <__mjones> Get into some contribution workflows. 2015-03-21 20:01:41 I want to do that too one day 2015-03-21 20:02:18 <__mjones> the wiki page on aports is quite thorough. 2015-03-21 20:02:21 I love coding with the linux tool chain. 2015-03-21 20:02:48 <__mjones> Kinda wish Alpine was using a web-based system for pull-requests instead of git-diffs to a mailing list, but that' 2015-03-21 20:02:50 <__mjones> s mostly an aesthetic preference. 2015-03-21 20:03:18 <__mjones> I've never coded on a non-posix toolchain. 2015-03-21 20:03:46 well i must reboot each time i restart my WM 2015-03-21 20:03:50 <__mjones> Oh, not technically true. I was taught a bit on DOS, and did a great assembly course on mainframe. 2015-03-21 20:03:58 we all have our issues :D 2015-03-21 20:04:23 <__mjones> coredumb: the mysteries of X. I'm fairly sure I understand women better than I understand X. 2015-03-21 20:05:03 sure yeah 2015-03-21 20:05:43 at work right now I code around .net 4 / 4.5 with c sharp and powershell 2015-03-21 20:06:00 poor you :( 2015-03-21 20:06:04 meh.. 2015-03-21 20:07:16 <__mjones> I'm still fairly amazed that with EDID my 4k monitor is automagically recognised, instead of huffing about with XF86.conf 2015-03-21 20:07:42 <__mjones> if someone likes coding .net clr and the whole environment, I don't judge. 2015-03-21 20:08:23 <__mjones> I can barely make heads or tails of it. I've ended up fixing people's C# code before, but that's not because I'm any good. 2015-03-21 20:09:55 <__mjones> Unless you're deep into the language(s), algorithms, and principles, even code for one is fairly worthless on the other, for what I do. Microsoft languages are all STLs and win32 calls and conventions and how visual studio does things. 2015-03-21 20:12:13 <__mjones> Even in Linux and startup land, I somehow sometimes get asked to consult for MIcrosoft shops. I will say the Microsoft people are coming to the devops, CI/CR/CD, fleet automation party,, if a few years behind. 2015-03-21 20:12:33 true... I happen to like algorithmic problems, so it doens't matter too much to me, and salary-wise it's not bad either to be familiar with windows development 2015-03-21 20:13:01 but I'd definitely throw it out any day if there were more and better linux development jobs 2015-03-21 20:14:33 IME learning computing coming from linux is just so much more teaching. It's easy to learn something while on linux and transferring it to windows. The other way around not so much. 2015-03-21 20:47:42 aynone using skype on alpine here ? 2015-03-21 21:15:35 urxvt: can't open display :0, aborting. 2015-03-21 21:15:37 urxvt: can't open display :0, aborting. 2015-03-21 21:15:39 urxvt: can't open display :0, aborting. 2015-03-21 21:15:42 oops 2015-03-21 21:15:54 lol can't open display where it's running -_- 2015-03-21 21:42:54 mkinitfs -c /mnt/etc/mkinitfs/mkinitfs.conf -b /mnt -> /mnt/lib/modules/3.14.30-0-grsec does not exist or is not a directory 2015-03-21 21:43:47 ls -l /mnt/lib/modules/ ->drwxr-xr-x 3 root root [...] 3.14.36-0-grsec 2015-03-21 21:44:04 version mismatch. Is there a workaround? 2015-03-21 21:45:02 so close... 2015-03-21 21:46:56 ch077179: your boot media is not 3.1.3 2015-03-21 21:47:03 no 2015-03-21 21:47:12 then redo it on 3.1.3 2015-03-21 21:47:14 :) 2015-03-21 21:47:18 no.. 2015-03-21 21:47:25 really?? 2015-03-21 21:47:49 or prevent network to fetch updates during install 2015-03-21 21:48:09 can't I downgrade grsec? 2015-03-21 21:48:16 well now you got everything setup you just need to redo setup-alpine and mount stuff 2015-03-21 21:48:20 not much work 2015-03-21 21:48:45 or chroot in /mnt and try messing with it 2015-03-21 21:48:49 your call 2015-03-21 21:48:51 :) 2015-03-21 21:48:55 the whole luks, lvm and mkinitfs config? 2015-03-21 21:49:15 you don't need 2015-03-21 21:49:27 just open your luks, mount your lvm parts 2015-03-21 21:49:38 they're all mounted right now 2015-03-21 21:49:39 in /mnt 2015-03-21 21:49:44 <__mjones> yes, coredumb has it. It's looking for modules for your current kernel, but the actual kernel is one step newer. 2015-03-21 21:50:05 <__mjones> s/actual/media, s/current/boot/ 2015-03-21 21:50:29 after you redo the media ch077179 2015-03-21 21:51:26 redo the media? what do you mean coredumb 2015-03-21 21:51:42 take 3.1.3 iso redo your usb key 2015-03-21 21:51:46 and reboot 2015-03-21 21:51:55 or burn it 2015-03-21 21:51:57 whatever 2015-03-21 21:52:16 I have internet, why do I need another iso? 2015-03-21 21:52:34 what exactly is the problem? grsec is too new, right? 2015-03-21 21:52:40 or mkinitfs too old 2015-03-21 21:52:52 can I not downgrade the first or upgrade the latter? 2015-03-21 21:54:21 <__mjones> Your kernel on storage is newer (from 3.1.3) while the kernel you have booted right now is from 3.1.2. 2015-03-21 21:54:52 <__mjones> mkinitfs doesn't like the disparity. In theory, it could be made to work, except the initrd has to match the kernel its booting. 2015-03-21 21:55:24 <__mjones> It's not clear to me how this mismatch happened in the first place. 2015-03-21 21:55:39 beats me too 2015-03-21 21:56:17 dd if=Downloads/new.iso of=/dev/usb-stick, right? I don't remember 2015-03-21 21:56:33 or did I create a vfat partition? 2015-03-21 21:57:18 unetbootin the quickest way i guess 2015-03-21 21:57:47 uhuh... nothing's faster than dd'ing stuff around 2015-03-21 21:58:39 dd directly doesn't work i think 2015-03-21 22:02:31 about to find out 2015-03-21 22:03:39 if not its fdisk ; mkfs.vfat; dd ... of=/dev/sdc1/ 2015-03-21 22:22:19 <__mjones> dd can work if the image is built for it. 2015-03-21 22:22:37 <__mjones> Not sure of details, but I guess an MBR starting at offset 0 or thereabouts. 2015-03-21 22:22:51 <__mjones> Traditionally most images wouldn't work that way. 2015-03-21 22:43:12 ended up with unetbootin, but I remember managing to put the 3.1.2 iso on the stick with some combination of dd and fdisk 2015-03-21 22:43:35 anyhoo, just now rebooting after redoing the install 2015-03-21 22:44:28 I'm very exciiite 2015-03-21 22:46:09 duh.. 2015-03-21 22:46:14 missing operating system 2015-03-21 22:47:04 \o/ 2015-03-21 23:03:31 anyone has a good idea why /dev/sda1 won't boot? boot flag is set, esp as well, start is at 1049 kb, filesystem is ext2 2015-03-21 23:05:50 the last instruction on http://wiki.alpinelinux.org/wiki/LVM_on_LUKS says re write the mbr. Do I do that eventhough my disk uses gpt?? 2015-03-21 23:06:02 I ommited it for that reason 2015-03-21 23:06:42 <__mjones> GPT means uid partition tables 2015-03-21 23:07:13 <__mjones> rather, the MBR is related but not the same as a partition table 2015-03-21 23:07:17 <__mjones> I think you need that MBR. 2015-03-21 23:07:25 <__mjones> I might have made the same mistake, though, if it was me. 2015-03-21 23:07:41 <__mjones> s/uid/guid/ 2015-03-21 23:08:14 <__mjones> GUID Partition Table (GPT) is a standard for the layout of the partition table on a physical hard disk, using globally unique identifiers (GUID). Although it forms a part of the Unified Extensible Firmware Interface (UEFI) standard (Unified EFI Forum proposed replacement for the PC BIOS), it is also used on some BIOS systems because of the limitations of master boot record (MBR) partition tables, which use 32 bits for storing 2015-03-21 23:08:53 <__mjones> BUt I think you still need a bootblock? Maybe I'm wrong. 2015-03-21 23:09:34 bootblock? 2015-03-21 23:09:50 <__mjones> One of the main limitations is the usage of 32 bits for storing block addresses and quantity information. For hard disks with 512-byte sectors, the MBR partition table entries allow up to a maximum of 2 TiB (232×512 Bytes).[1] 2015-03-21 23:10:02 <__mjones> That's the 2TB limit I assume you were hitting. 2015-03-21 23:10:59 ok so I write the mbr to sda1, instead of sda? 2015-03-21 23:11:09 sda1 is only 200m, it shouldn't be a problem 2015-03-21 23:11:19 <__mjones> No it should be sda 2015-03-21 23:11:32 <__mjones> might not even let you write it to sda1 2015-03-21 23:11:37 ok, and it won't destroy the gpt? 2015-03-21 23:11:39 <__mjones> I need a refresher in this. 2015-03-21 23:11:48 <__mjones> Not certain. ;-/ 2015-03-21 23:11:52 lol 2015-03-21 23:12:11 the wiki says sda but they're not on a big gpt disk... 2015-03-21 23:12:28 <__mjones> I did a lot of storage work in the last three years but it wasn't, you know, bootable. :P 2015-03-21 23:13:21 <__mjones> Incidentally, don't partition when you don't need to. Having no partition table on a LUN makes it easy to extend the LUN without taking it offline. 2015-03-21 23:13:50 <__mjones> If it has a partition table, it needs to go offline to extend (eh, mostly). x86-bootable stuff always needs a partition table. 2015-03-21 23:14:23 <__mjones> x86 won't boot straight off of sda, has to be sda1. But for additional disks, just newfs directly on sda. For fat32, put on a partition table because everything expects it, I think. 2015-03-21 23:21:51 no avail, even with the mbr.bin dd'd to /dev/sda 2015-03-21 23:22:05 bios says non-system disk 2015-03-21 23:22:55 seems like running citrix receiver and skype on alpine gonna be fun ... 2015-03-21 23:30:27 <__mjones> I know what you're going to say in response, but still, know this: skype is terrible both in practice and in principle. 2015-03-21 23:31:47 <__mjones> The experience was bad on Ubuntu 14.04. Google Hangouts is much less bad. 2015-03-21 23:32:06 <__mjones> However, Microsoft makes some excellent quality headsets for the price. And I adore their mice. 2015-03-21 23:32:32 <__mjones> I'd even buy a Surface RT if it wasn't boot-locked. 2015-03-22 00:13:16 skype experience on linux is by far the best than compared on win and mac 2015-03-22 00:13:32 ^^ 2015-03-22 00:13:40 at least on fedora16 2015-03-22 00:13:51 as it's the last fedora they support -_- 2015-03-22 00:14:35 and well i kinda need it to keep in touch with some ppl that won't ever have the idea to change :) 2015-03-22 00:14:57 and citrix, well my company doesn't give me the choice :) 2015-03-22 00:24:33 <__mjones> Funny how the people changed when Skype came along, but now they won't. Anyway, Skype's big tipping point was based on economic factors in the many places where traditional telecomms are government monopoly, scarce and expensive. 2015-03-22 00:25:15 <__mjones> I've never had a problem with RDP for remote logins, and VNC or SPICE work fine as well. 2015-03-22 00:31:34 hello 2015-03-22 00:31:46 <__mjones> helo 2015-03-22 00:31:57 I’m seeing the following error when I try to run iojs from testing: 2015-03-22 00:32:01 Error relocating /usr/bin/iojs: _ZSt24__throw_out_of_range_fmtPKcz: symbol not found 2015-03-22 00:32:24 <__mjones> Huh. 2015-03-22 00:32:36 <__mjones> Let me try it, before I have to leave. 2015-03-22 00:32:44 I think it’s to do with dso’s or something, but I’m woefully under equipped for debugging it 2015-03-22 00:33:27 <__mjones> I'm building it now. 2015-03-22 00:33:41 <__mjones> How are you invoking it? 2015-03-22 00:33:58 just `/usr/bin/iojs` 2015-03-22 00:34:55 gonna try running it in a virtualbox docker container instead of vmwarefusion 2015-03-22 00:37:45 <__mjones> Still compiling in a KVM. 2015-03-22 00:37:45 nah, same deal 2015-03-22 00:37:48 :/ 2015-03-22 00:38:50 <__mjones> Are you running edge or 3.1.3? 2015-03-22 00:39:24 3.1 docker image 2015-03-22 00:40:10 <__mjones> I don't think there's any compat issue here, but this dev instance is an edge. 2015-03-22 00:40:29 <__mjones> And 3.1.3 was released this morning, so you should consider updating: 'apk update && apk upgrade'. 2015-03-22 00:40:53 <__mjones> Still compiling. 2015-03-22 00:42:29 edge seems to fix it 2015-03-22 00:42:36 thanks for the tip 2015-03-22 00:43:56 trying just updating and upgrading too 2015-03-22 00:44:12 <__mjones> Glad it's working. I wouldn't think there would be many things with a compatibility issue, if you've compiled them. 2015-03-22 00:44:26 <__mjones> ...but I bet you just pulled it from 3.1/testing... 2015-03-22 00:44:47 still broken on an upgraded 3.1 2015-03-22 00:44:54 so only works on edge for me 2015-03-22 00:45:23 yep, I did say I pulled it from testing :P 2015-03-22 00:45:24 <__mjones> To confirm, you pulled the binary package, and didn't compile from aports? 2015-03-22 00:45:39 <__mjones> I read a bit into it, perhaps. 2015-03-22 00:46:15 <__mjones> I would have maybe expected a soname error from a dynamic lib. Anyway, we both learned something. 2015-03-22 00:46:22 does aports have a simple way to kick off compilation? 2015-03-22 00:46:32 <__mjones> (My compile out of aports is still going.) 2015-03-22 00:46:36 (I just discovered this distro today) 2015-03-22 00:47:14 <__mjones> cd ~/aports/testing/iojs && abuild -R 2015-03-22 00:47:16 I don’t mind if the compile takes a while, should be something I run infrequently until it’s stable anyway 2015-03-22 00:47:55 <__mjones> abuild is what youw ant. By default it makes temporary working dirs and cleans up after itself, so check the options if you don't want to start from zero after hitting ^C, etc. 2015-03-22 00:48:50 <__mjones> There's a good article on the wiki, but if you just want to build for your own use, pull down the aports tree with git, 'apk add alpine-sdk openssl-dev' for dependencies, and 'abuild' in each package dir. 2015-03-22 00:49:11 <__mjones> It'll drop a .apk package in your ~/packages/.../ tree, which it creates. 2015-03-22 00:50:51 <__mjones> I guess the rule I've seen mentioned is that stuff in testing should be tested on edge. 2015-03-22 00:50:53 cool, seems a lot like freebsd’s ports 2015-03-22 00:51:03 ah, that makes sense 2015-03-22 00:51:43 <__mjones> Yes, except it builds packages. Maybe emerge does that too, I haven't used Gentoo. 2015-03-22 00:52:24 <__mjones> There's also #alpine-devel on freenode. 2015-03-22 00:54:17 <__mjones> kudos: so before I have to go, what was your motive for trying out Alpine, and were you already working with iojs? 2015-03-22 00:54:30 already working with iojs 2015-03-22 00:55:04 trying to see how small I can get a container that will still run it well 2015-03-22 00:55:44 <__mjones> Ah, good show. THat's a large part of my use-case also. Not always containers, but JeOS. 2015-03-22 00:56:20 <__mjones> x1.tiny 640MB, x86_64 or x32... 2015-03-22 00:56:43 hmm, what user are you using in your images? 2015-03-22 00:56:53 abuild is complaining abut me being root 2015-03-22 00:57:00 <__mjones> userland? 2015-03-22 00:57:03 <__mjones> oh, any user. 2015-03-22 00:57:09 fuck it 2015-03-22 00:57:12 ACTION passes -F 2015-03-22 00:57:14 <__mjones> any non-root user 2015-03-22 00:58:37 yeah, don’t think there are no other users on this image 2015-03-22 00:58:45 s/no// 2015-03-22 00:59:09 <__mjones> Right, you were asking if there were any other interactive accounts out of the box. No. 2015-03-22 00:59:40 lol yet another js implementation 2015-03-22 00:59:46 <__mjones> No, I was wrong: 2015-03-22 00:59:50 ..in c++ 2015-03-22 01:00:08 <__mjones> operator:x:11:0:operator:/root:/bin/sh postgres:x:70:70::/var/lib/postgresql:/bin/sh 2015-03-22 01:00:29 <__mjones> I'll check on postgres, but operator? 2015-03-22 01:00:41 <__mjones> In /root. 2015-03-22 01:00:42 nsz: it’s a fork of nodejs 2015-03-22 01:00:45 troll on, brother 2015-03-22 01:00:56 does alpine firefox supposed to support plugins ? 2015-03-22 01:01:01 ah.. nodejs 2015-03-22 01:01:35 <__mjones> A fork of node. What's the elevator pitch? 2015-03-22 01:01:58 node took 2 years to ship a major point release 2015-03-22 01:02:11 Joyent have been a shitty steward, so the community has stepped in 2015-03-22 01:03:02 (the project which thought it's a good idea to run clien side software on the server, and went on including a modified version of openssl in its source tree.. and countless other epic failures) 2015-03-22 01:03:46 soft target, tbh 2015-03-22 01:04:00 <__mjones> I've changed my thinking on client-side runtimes on the server. Not using established libs is very questionable. 2015-03-22 01:04:43 <__mjones> kudos: thanks, I managed to miss that drama. Was going to give V8/Node a go because I'm sitting out the python2/3 transition period, at least. 2015-03-22 01:05:15 <__mjones> Lots of frameworks, though. Who knows how to pick an enduring one? 2015-03-22 01:05:16 __mjones: it’s worth looking at imo 2015-03-22 01:05:36 koajs is forward thinking and embraces ES6 2015-03-22 01:05:56 <__mjones> An alternate fork that is? 2015-03-22 01:06:04 built by the same guy who made Express, which is node’s most popular web framework 2015-03-22 01:06:08 <__mjones> er, no, sorry. Framework. 2015-03-22 01:06:39 if you haven’t used generators in Javascript, they are quite nice, Koa makes liberal use of them 2015-03-22 01:07:12 <__mjones> My previous coding in js could fill a thimble. 2015-03-22 01:07:37 well if you do web stuff, it’ll sharpen your frontend abilities 2015-03-22 01:08:16 <__mjones> I haven't touched frontend in a long, long time. But the idea of having some competence there is captivating. 2015-03-22 01:08:46 <__mjones> And it's not like I'm doing non-web. I just back and middle-end (mostly not code). 2015-03-22 01:08:53 I evaluated Go as well for this project, it’s the npm ecosystem that shifted the balance 2015-03-22 01:09:04 <__mjones> I have to leave, but I'll be back later. 2015-03-22 01:09:20 cool, feel free to ping me if you have questions about it 2015-03-22 01:09:57 how can ppl take js seriously is beyond me.. 2015-03-22 01:10:01 <__mjones> Go is static only, which I find inelegant. OTOH, language repos are usually at war with system repos, so I can't count NPM as a positive in any way at this time. 2015-03-22 01:10:38 <__mjones> Go and Rust have no online lang repos right? Rust will compile dynamic. 2015-03-22 01:11:19 <__mjones> nsz: you can crosscompile to it. asm.js. emscripten. 2015-03-22 01:11:32 yes, that's ok 2015-03-22 01:11:34 <__mjones> nsz: Front-end wise, it's the indisputable lingua franca. 2015-03-22 01:12:12 it's just historical accident that js has monopoly there.. might change 2015-03-22 01:12:14 <__mjones> As for backend, different story. But potentially a good narrative there, too, if you're already using some dynamic-typed stuff. 2015-03-22 01:12:36 <__mjones> nsz: technically true (the best kind of true?). 2015-03-22 01:12:55 <__mjones> But really. Flash/Flex/SWF runtime? 2015-03-22 01:13:16 <__mjones> Binary blob written in asm with more holes than a collander. 2015-03-22 01:14:25 js has eval 2015-03-22 01:14:32 but i agree there are worse options 2015-03-22 01:14:44 <__mjones> I was just at a presentation of HHVM, which is essentially (today) PHP compiled down to asm/binary on the backend. 2015-03-22 01:15:22 <__mjones> The argument is that PHP has advantages, and compiling it can retain the advantages without being bitten by the disadvantages. 2015-03-22 01:15:46 <__mjones> I'll be back later. 2015-03-22 01:16:05 yeah i know about it.. the usual cobol thing (ppl still keep that alive php will die in the same way) 2015-03-22 01:16:35 nsz: its ubiquity is its strongest asset, tbh 2015-03-22 01:19:23 also, picking on stuff it did in its youth (bundling patched openssl) is a bit of a red herring 2015-03-22 01:39:12 i dont like that kind of retroactive reinterpretation of history 2015-03-22 01:40:11 when critics said valid issues they were shouted down.. latter it is silently admitted that they were right but we are not supposed to talk about it because it's a red herring 2015-03-22 01:41:46 so if current problems are never valid and past issues cannot be brought up then how do you expect issues to be discussed.. 2015-03-22 01:45:28 cool story 2015-03-22 01:46:30 feel free to start a discussion, opening with the shit you did is just lazy cynicism for the sake of feeling clever 2015-03-22 01:47:06 the idea that you were trying to have a dialog is a joke 2015-03-22 01:51:50 it's true i didnt want a dialog.. just point out the imposed pains of the js world (now with one more fork to maintain) 2015-03-22 01:53:59 thank you for descending from the horse 2015-03-22 03:49:17 35MB iojs docker image, nice 2015-03-22 03:49:29 could probably squeeze more out of it, but that’s already incredible 2015-03-22 09:25:53 I can't get my alpine install to boot, the bios says no operating system on disk 2015-03-22 09:26:03 I followed the lvm on luks guide in the wiki 2015-03-22 09:26:46 in #hardware they're suggesting to grub-install to /dev/sda1 (/boot). apk add grub fails. Is it even the correct way to solve that problem? 2015-03-22 09:27:55 * to /dev/sda 2015-03-22 09:41:59 what package provides grub install on alpine linux? 2015-03-22 09:45:44 why dont you use the (superior) syslinux? 2015-03-22 09:46:03 i think you need a new enough version of syslinux 2015-03-22 09:47:52 can you mount the boot partition? 2015-03-22 09:50:43 in fdisk you should see two partitions, the first is marked with boot 2015-03-22 09:51:23 that should be possible to mount simply with mount 2015-03-22 09:52:24 and it should have the extlinux.conf and linux kernel 2015-03-22 09:52:38 nsz: yes I see extlinux.conf 2015-03-22 09:52:54 and vmlinuz-grsec 2015-03-22 09:53:45 if you installed the mbr.bin the way described then i think the bios should be able to boot linux 2015-03-22 09:54:01 what do you mean by 'use syslinux' ? I followed the install instructions. dd'ing mbr.bin to dev/sda doesn't have an effect it seems 2015-03-22 09:54:10 the bios outright sas there's no os on that disk 2015-03-22 09:54:24 dd bs=440 count=1 conv=notrunc if=$MNT/usr/share/syslinux/mbr.bin of=/dev/vda 2015-03-22 09:54:46 that's the line in the wiki. s/vda/sda/ 2015-03-22 09:55:46 yes that should work i think 2015-03-22 09:56:17 I'll do it again 2015-03-22 09:56:21 but this is black magic because of various bios vendor bug workarounds 2015-03-22 09:56:24 is the 404 correct? 2015-03-22 09:56:29 440 i mean 2015-03-22 09:56:46 you may need to check some syslinux readme 2015-03-22 09:59:16 extlinux or syslinux? 2015-03-22 09:59:22 my boot is formatted with ext2 2015-03-22 09:59:32 then extlinux 2015-03-22 10:01:00 (i think syslinux is the name of the project as a whole but it's also the name of the msdos/fat variant because that was done first) 2015-03-22 10:02:18 I see 2015-03-22 10:04:38 fdisk /def/sda; a -> a: unknown command 2015-03-22 10:05:43 hm? 2015-03-22 10:06:00 you cannot set the boot flag on the first partition? 2015-03-22 10:06:25 it's a gpt disk 2015-03-22 10:06:31 aaah 2015-03-22 10:06:36 that's probably your problem 2015-03-22 10:06:42 it kept a dos partiton table around for protective reasons 2015-03-22 10:06:43 that needs a different mbr 2015-03-22 10:06:48 aha? 2015-03-22 10:06:55 i use 'legacy' msdos mode 2015-03-22 10:07:05 and then set the bios to accept that 2015-03-22 10:07:07 how do you do that? 2015-03-22 10:07:34 i dont remember the magic command for it in fdisk (maybe you need gnu parted?) 2015-03-22 10:07:40 I have parted 2015-03-22 10:07:52 the partition has boot and esp flags 2015-03-22 10:08:09 gdisk is the gpt equivalent of fdisk 2015-03-22 10:08:17 ok 2015-03-22 10:08:25 so you want gpt 2015-03-22 10:08:31 is that a hard requirement? 2015-03-22 10:08:40 then you need a different mbr.bin file 2015-03-22 10:08:44 I don't think my bios understands gpt 2015-03-22 10:08:53 I have bios, not uefi 2015-03-22 10:09:33 no, I don't care about how it boots, I just want it to boot 2015-03-22 10:10:19 parted has mklabel something command 2015-03-22 10:10:41 yes? 2015-03-22 10:10:53 choose msdos 2015-03-22 10:13:10 warning the existing disk label on /dev/sda will be destroed and all data on this disk will be lost. do you want to continue? 2015-03-22 10:13:17 is it going to erase my gpt? 2015-03-22 10:14:09 do you have anything on this disk ? 2015-03-22 10:14:23 data that you care about 2015-03-22 10:14:32 yes, a day's work of manually setting up alpine 2015-03-22 10:15:36 ok then maybe it's best if you try to do things the gpt way: you need different mbr.bin then, if that still does not work then i'm afraid you have to redo the setup 2015-03-22 10:16:03 souns acceptable 2015-03-22 10:16:09 which mbr.bin do I need? 2015-03-22 10:20:55 http://www.syslinux.org/wiki/index.php/Common_Problems#Missing_Operating_System_.28mbr.bin.29 tells me to use sgdiks to set the partion label correctly 2015-03-22 10:21:01 how do I obtain it in alpine? 2015-03-22 10:21:50 got it 2015-03-22 14:06:52 nsz: which mbr.bin do I take instead? 2015-03-22 14:07:38 i remember some syslinux docs talking about gptmbr.bin 2015-03-22 14:08:15 but i dont know how these things work 2015-03-22 14:09:28 ok, thanks for the hint 2015-03-22 14:34:43 did it!! lol 2015-03-22 14:35:01 I had to enter expert mode in gdisk and set dos legacy boot mode 2015-03-22 14:35:42 aye, now mounting root fails. yeah, inserting keyfile holding stick should fix that 2015-03-22 15:03:47 getting there, bootmanager is asking me for a passphrase 2015-03-22 15:04:09 now I need to teach the damn beast to get it from the key 2015-03-22 15:41:09 am i the online seeing virt-manager not saving the connections ? 2015-03-22 15:52:07 damn 2015-03-22 16:03:57 i see this error when installing giblib package: 2015-03-22 16:03:57 ERROR: giblib-1.2.4-r8: BAD signature 2015-03-22 16:04:12 how to debug such issue? 2015-03-22 16:38:43 so virt-manager doesn't save sessions 2015-03-22 16:39:02 and seems it used the ssh-agent key only on the first connection 2015-03-22 16:39:04 -_- 2015-03-22 22:06:58 I'm new to Alpine and am have a couple of questions. 2015-03-22 22:07:12 the big one is, how do I install a package from testing instead of main? 2015-03-22 22:11:05 edit /etc/apk/repositories and uncomment the testing line 2015-03-22 22:11:06 then apk update 2015-03-22 22:11:24 then when you search you should see the packages in testing 2015-03-22 22:25:52 <__number5__> Is it recommended to use apline-linux as docker host? 2015-03-22 22:30:00 https://twitter.com/LinuxJedi/status/579025867147460608 2015-03-22 22:38:22 <__number5__> kocka: that sounds legit XD 2015-03-22 22:39:33 <__number5__> even though vm-ception or docker-ception is inevitable 2015-03-22 22:40:12 esxi with alpine guest with docker running openstack with a windoes guest 2015-03-22 22:46:35 <__mjones> needs SLAT 2015-03-22 22:49:13 <__mjones> Maybe not 'needs': https://en.wikipedia.org/wiki/Second_Level_Address_Translation 2015-03-23 01:52:18 hi there 2015-03-23 01:52:55 when starting libvirtd, I have the following error in the log: 2015-03-23 01:53:06 error : virDriverLoadModule:73 : failed to load module /usr/lib/libvirt/connection-driver/libvirt_driver_interface.so Error relocating /usr/lib/libvirt/connection-driver/libvirt_driver_interface.so: udev_enumerate_unref: symbol not found 2015-03-23 01:54:36 do you know how to fix that ? 2015-03-23 01:54:48 s/ ?/?/ 2015-03-23 01:57:39 <__mjones> Hello. 2015-03-23 01:58:09 <__mjones> Are you running 3.1.3 or Edge, and in which way did you install libvirt? 2015-03-23 01:58:31 <__mjones> Do you have 'testing' repos enabled? 2015-03-23 01:58:56 <__mjones> And do you have package 'udev' installed? 2015-03-23 02:10:56 __mjones: I'm using 3.1, libvirt is installed using apk, I haven't testing enabled 2015-03-23 02:11:13 udev is installed 2015-03-23 02:19:51 btw, libvirt and virt-manager looks working well, just an error on vm creation which tell: Control groups not supported on this platform: No such device or address 2015-03-23 02:20:47 how can I unable cgroups on alpine? 2015-03-23 02:23:51 <__mjones> enable or un-enable? 2015-03-23 02:24:22 <__mjones> They're enabled by default. Type 'mount' and you'll see evidence of that. 2015-03-23 02:25:09 enable, sorry 2015-03-23 02:25:46 ok, I see the 'mount' output 2015-03-23 02:25:58 so, this is a strange error 2015-03-23 02:31:30 <__mjones> I'm looking at the libvirtd thing, but also trying to cook dinner without burning it. 2015-03-23 02:31:59 <__mjones> I think you might just need another of the libvirt packages installed. I thought it would be drivers, but it's not. 2015-03-23 02:32:49 thanks, __mjones, cook your dinner first :) I have time 2015-03-23 02:35:08 yes libvirt-common-drivers is installed 2015-03-23 02:38:31 ... how can I found which package provide /sbin/tc? 2015-03-23 02:44:00 well I sent out my libressl port for Alpine 2015-03-23 02:44:18 didn't have to do any hard work for it, like no weird patching and such 2015-03-23 02:44:50 I haven't done the level of automated testing I've wanted but been caught up with work and was sick for last week, and figured it would be better to just send it out 2015-03-23 02:46:52 <__mjones> It was a straightforward compile. 2015-03-23 02:47:28 <__mjones> Mo0O: I think there's an 'apk' command that shows what package provided, but I can't find it. 2015-03-23 02:48:08 <__mjones> systmkor: what did you do about binary names? Use all the defaults so it can't coexist with openssl? 2015-03-23 02:48:27 __mjones: looks `apk info -a pkgname` did the tricks, but need to search all pkg 2015-03-23 02:48:27 I didn't do anything to deal with co-existence of file path names 2015-03-23 02:48:46 <__mjones> systmkor: I asked ncopa about that and didn't hear back except that they wanted it to coexist. 2015-03-23 02:49:00 <__mjones> systmkor: and you put it in /usr/bin? 2015-03-23 02:49:44 <__mjones> Mo0O: could use a for-in-do loop for that. 2015-03-23 02:50:04 __mjones, yah its in '/usr/bin' 2015-03-23 02:50:34 well I understand the desire for co-existence and I agree that's were it should end up at 2015-03-23 02:50:52 __mjones: `apk info --who-owns /sbin/tc` did the trick, but unfortunatly return `ERROR: /sbin/tc: Could not find owner package` 2015-03-23 02:50:57 <__mjones> Mo0O: apk info | xargs apk info -a |grep -B 10 /sbin/tc 2015-03-23 02:51:19 <__mjones> I don't have an /sbin/tc 2015-03-23 02:51:20 but one apk doesn't make this easy (insert nix package manager plug here) and two I think at moment it's more important for people to spin up lxc instances 2015-03-23 02:51:43 with libressl to do their personal tests to make sure it works as if it's a direct swap 2015-03-23 02:51:46 __mjones: me too, just want to install it 2015-03-23 02:52:08 <__mjones> systmkor: it doesn't make it easy, no. I didn't send in my libressl because I didn't decide how to handle it. 2015-03-23 02:52:08 as people do that I'll work on co-existing packages 2015-03-23 02:52:24 libvirt log show the following error: libvirt: error : cannot execute binary /sbin/tc: No such file or directory 2015-03-23 02:52:27 __mjones, huh? 2015-03-23 02:52:38 <__mjones> systmkor: with apt-get, you can have two different packages satisfy the same dependency, and I don't think apk has that functionality yet 2015-03-23 02:52:49 https://twitter.com/bob_beck/status/579668058911821824 it doesn't have virtual packages? 2015-03-23 02:52:55 woops, mispaste of tweet. 2015-03-23 02:53:31 __mjones, I believe apk has meta packages, which is one way of solving this 2015-03-23 02:54:26 but that doesn't really adress co-existence of binaries and libraries on a host 2015-03-23 02:55:10 __mjones, also apk has little to no design spec which I'm also trying to work on when i get the chance 2015-03-23 02:56:29 __mjones, so yah co-existence is good, however I'll try go do that as people do test environments to see if things break 2015-03-23 02:57:20 oh also if people remember yet another OpenSSL exploit came out on the 19th 2015-03-23 02:57:27 ncopa, https://www.openssl.org/news/secadv_20150319.txt 2015-03-23 02:58:48 which doesn't apply to LibreSSL 2015-03-23 02:58:51 according to https://wiki.freebsd.org/LibreSSL 2015-03-23 03:01:16 <__mjones> systmkor: I saw your wiki article on reversing it. 2015-03-23 03:01:37 __mjones, which one is that? 2015-03-23 03:01:38 __mjones: fixed, looks root can't access tu iso files in user directory using virt-manager, iduno why 2015-03-23 03:02:16 <__mjones> systmkor: @fabled said 1.0.1k wasn't vulnerable, but pushed 1.0.1m the next morning anyway. 2015-03-23 03:02:45 <__mjones> systmkor: it was your article, wasn't it? On reversing the apk format, with an eye towards reimplementation in go. 2015-03-23 03:02:53 oh yah 2015-03-23 03:03:07 sorry been swamped with start-up 2015-03-23 03:03:15 <__mjones> Mo0O: probably a default security limit? 2015-03-23 03:03:28 <__mjones> start-up company? 2015-03-23 03:03:32 yah 2015-03-23 03:03:50 __mjones: I gess 2015-03-23 03:05:05 <__mjones> systmkor: your own start-up? 2015-03-23 03:05:16 me and a few other guys, yah :D 2015-03-23 03:05:54 <__mjones> systmkor: I have a similar venture. 2015-03-23 03:06:35 nice 2015-03-23 03:18:36 running alpine last iso in virt-manager -qemu,kvm- fail during `loading hardware drivers` 2015-03-23 03:18:50 ACTION try to download another distro iso 2015-03-23 03:20:37 <__mjones> Mo0O: I'm running Alpine in KVMs now. Works perfectly. 2015-03-23 03:21:01 <__mjones> Have to specify the emulated hardware differently, I guess. 2015-03-23 03:21:12 ok 2015-03-23 03:21:45 <__mjones> qemu-system-x86_64 --enable-kvm -m 640 \ -rtc base=utc \ -boot order=cd \ -vga std \ -drive file=${DISKIMG} \ -usbdevice tablet \ -netdev user,id=user.0 \ -device e1000,netdev=user.0 \ -redir tcp:23::22 \ -vnc localhost:0,share=allow-exclusive \ -spice addr=127.0.0.1,port=5931,disable-ticketing \ -drive file=${CDROM},media=cdrom \ 2015-03-23 03:22:34 <__mjones> That's straight qemu, but I think you should be able to easily translate it to libvirt config. 2015-03-23 03:26:36 thanks __mjones :) 2015-03-23 03:29:51 <__mjones> Mo0O: fwiw, I put all of my VMs in separate directories in /srv. /srv is part of the filesystem hierarchy standard for a long time. 2015-03-23 03:31:25 running archlinux iso failed also, I gess I have another error to fix 2015-03-23 03:39:25 <__mjones> I had no problems the first time. 2015-03-23 03:43:18 so it's strange that I have some 2015-03-23 03:46:49 <__mjones> Do you have virtualisation extensions turned on in the bios? 2015-03-23 03:46:55 <__mjones> What's your hardware? 2015-03-23 03:48:04 __mjones: yes, and virt-manager was working perfectly on my older funtoo install 2015-03-23 03:48:43 Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz 2015-03-23 04:04:39 <__mjones> Mo0O: kk 2015-03-23 07:12:12 morning 2015-03-23 07:12:28 Mo0O: libvirt_driver_interface.so: udev_enumerate_unref: symbol not found 2015-03-23 07:12:36 that sounds like an underlinking problem 2015-03-23 07:13:01 yes 2015-03-23 07:19:49 i created a dockerfile for running node.js (https://github.com/oren/alpine-node/blob/master/Dockerfile). how to restart my node.js server in case it crashes? in ubuntu i use 'forever' inside the container. i am not sure what is the approach when using alpine. 2015-03-23 07:20:10 (btw, i never used alpine before so any additional help would be greate) 2015-03-23 07:20:36 ncopa: got the same one in my libvirt logs 2015-03-23 07:21:13 how do i even explore stuff about my alpine container? i don't think it has bash so i can't bash into it like i do with other containers. 2015-03-23 07:21:40 ash is the default shell 2015-03-23 07:21:48 you still can install bash though 2015-03-23 07:25:14 ncopa, hey do you know when Timo is usually at the keyboard? 2015-03-23 07:25:27 systmkor, i'm here 2015-03-23 07:25:36 fabled, ah okay couldn't remember your handle 2015-03-23 07:26:05 fabled, so not sick anymore and wedged some free time to continue working on apk spec 2015-03-23 07:27:11 coredumb: i know what problem is but i bumped into other issue with fortify and gnulib... 2015-03-23 07:30:26 ncopa: ok 2015-03-23 07:31:54 i noted that virt-manager doesn't behave nicely as well 2015-03-23 07:32:04 doesn't save any connection 2015-03-23 07:32:27 doesn't use the ssh-agent registred key to connect to remote servers 2015-03-23 07:34:20 coredumb: i have virt-manager connected 2015-03-23 07:34:44 mmmh it connect 2015-03-23 07:35:05 but upon restarting it, it's empty :( 2015-03-23 07:35:16 and i have no problem starting win7 vm 2015-03-23 07:35:39 og once connected it starts behaves OK 2015-03-23 07:35:48 not saving connections is my concern 2015-03-23 07:35:58 as well as not using my ssh-agent key :( 2015-03-23 07:38:02 i see the connections in .gconf/apps/virt-manager/connections/%gconf.xml though 2015-03-23 07:38:23 but seems to be from my backup :) 2015-03-23 07:39:08 my current concern is that libvirt no longer builds 2015-03-23 07:39:21 due to something introduced with fortify source 2015-03-23 07:41:09 oh 2015-03-23 09:19:30 my xen host suddenly runs with a load of 4+ in dom0 2015-03-23 09:19:41 nothing to see in top except a lot of context switches 2015-03-23 09:19:48 any ideas where to look? 2015-03-23 09:20:24 ah, i guess it's because the backup vm is busy 2015-03-23 09:20:26 maybe. 2015-03-23 09:44:29 skype: error while loading shared libraries: cannot make segment writable for relocation: Permission denied 2015-03-23 09:44:48 when trying to run skype from a debian chroot 2015-03-23 09:45:46 ok paxctl is my friend 2015-03-23 10:16:28 Is there a FTP-url I can visit for finding all packages? I want to verify some packages exists before proceeding with an install 2015-03-23 10:17:49 wiki says I should go to http://alpinelinux.org/packages 2015-03-23 10:17:57 That page is not existing anymore 2015-03-23 10:23:56 I found something: http://dl-3.alpinelinux.org/alpine/latest-stable/main/x86_64/ 2015-03-23 10:24:09 Is that the right place? 2015-03-23 10:24:25 <_ikke_> That's one of the mirrors, yes 2015-03-23 10:24:36 Among the packages I can not find Libreoffice. Does this mean Alpine is not having Libreoffice? 2015-03-23 10:24:57 libreoffice it's in testing iirc 2015-03-23 10:25:40 <_ikke_> there is also git.alpinelinux.org/ 2015-03-23 10:26:27 <_ikke_> I dont see libreoffice in testing 2015-03-23 10:26:38 Neither could I find it... 2015-03-23 10:26:55 <_ikke_> It's in testing in master 2015-03-23 10:27:29 <_ikke_> http://git.alpinelinux.org/cgit/aports/tree/testing 2015-03-23 10:28:47 One critical question: Is systemd on the roadmap for Apline? 2015-03-23 10:30:54 unless poettering ports his crap to musl and then extorts the alpine devs, i think no 2015-03-23 10:31:08 That sounds good 2015-03-23 10:31:28 ACTION is a systemd refugee searching for a new distro 2015-03-23 10:31:33 welcome 2015-03-23 10:31:58 it's getting crowded here soon :) 2015-03-23 10:32:39 alpinelinux seem to have everything I use except for flightgear, which I anyway do not use more than about once a month at most. 2015-03-23 10:32:48 Alpine Linux could not send your confirmation mail. Please check your email address for invalid characters. 2015-03-23 10:32:49 Mailer returned: Unknown error in PHP's mail() function. 2015-03-23 10:32:51 :) 2015-03-23 10:35:46 Oh, and xmonad seems to be missing. But that one I could replace with dwm. 2015-03-23 10:36:22 or awesome or i3 :-) 2015-03-23 10:36:45 or just package xmonad for alpine :-) 2015-03-23 10:39:17 I have not coded anything in C, except for customizing dwm during the latest 10 years. I am too rusty in C for porting anything to musl.. 2015-03-23 10:41:24 Once (10+ years ago) I really liked both C and x86-asm. Nowadays I have forgotten almost all as I run away from lowlevel languages. 2015-03-23 10:48:28 for xmonad you need haskell. 2015-03-23 10:48:42 haskell is fucking huge, i doubt it has been packaged so far 2015-03-23 10:49:42 Yes, it is really huge... that is true. And it is a big trouble to maintain the boot-strap for ghc. 2015-03-23 10:51:08 Haskell itself is a very nice language, but the tools (ghc and cabal) are far from good. 2015-03-23 10:51:20 for reconfiguring xmonad i needed abouth 800MB of haskel deps on debian. lot's of precious diskspace that was liberated when migrating to i3 2015-03-23 10:53:04 If I find a good xlib for java/clojure, I would be tempted to rewrite dwm in clojure. 2015-03-23 11:51:06 <__number5__> engblom: someone tried it long time ago https://github.com/abrooks/prion 2015-03-23 11:51:57 __number5__: Interesting 2015-03-23 11:53:06 <__number5__> I'm not sure if he want to control xlib via python... 2015-03-23 12:00:27 Apparently there is an arm port of alpine... Is it compiled for original rpi (armv6) or rpi2 (armv7)? 2015-03-23 12:06:30 armv6 afaik 2015-03-23 12:18:55 engblom: welcome 2015-03-23 12:19:10 systemd is not on the roadmap 2015-03-23 12:19:21 in fact we cannot port it 2015-03-23 12:19:45 re xmonad, will probably not happen due to ghc 2015-03-23 12:26:04 someone posted this link on #musl today: https://marc.info/?l=openbsd-ports&m=136796351325773&w=2 2015-03-23 12:36:12 ncopa: Thanks 2015-03-23 12:43:53 http://wiki.alpinelinux.org/wiki/Alpine_setup_scripts <--- Reading this one, it looks like XFS is not supported. Is that right? For this test installation I had hoped to have sda1 / xfs, sda2 swap, sda3 /home xfs 2015-03-23 12:45:46 Also, if I want to make custom partitioning, does that mean I will have to run all the setup-* manually, instead of just running 'setup-alpine'? 2015-03-23 12:49:17 high level languages tend to have broken runtimes.. i'm not sure why this is.. so even if ghc fixes the build issues they have plenty of runtime fixes to do (eg define a stable abi between a posix libc and the haskell runtime) 2015-03-23 12:50:49 so whenever someone comes up with a cool new language or language feature ask them for the implementation first.. 2015-03-23 12:58:02 btw, does golang runtime work on musl? 2015-03-23 13:24:06 :/ xfs seem to really not be supported. I created my partitions and formated and mounted them under /mnt. setup-disk /mnt complains that xfs is not supported. 2015-03-23 13:24:48 It surprises me that even the unstable btrfs is supported but not old good xfs 2015-03-23 13:41:07 I can not find (u)xterm by doing 'apk search xterm'. How do I find out which package contains xterm? 2015-03-23 13:51:27 'apk search aterm' also returns nothing... 2015-03-23 13:51:54 Is there no good terminal for alpine-linux? 2015-03-23 13:52:15 I would prefer xterm 2015-03-23 13:55:04 rhapsodhy: it works here 2015-03-23 13:55:46 engblom: use the tty :3 2015-03-23 13:59:14 Diftraku: I anyway need to have X running for Firfox... Then it would be strange to not have the chance to run xterm tiled near (with a tiling vm) 2015-03-23 14:01:26 rxvt seem the "default" term for alpine :) 2015-03-23 14:04:44 Thanks 2015-03-23 14:05:07 What is the 'default' web browser. Firefox seem to be outdated 2015-03-23 14:05:29 .... sadly 2015-03-23 14:34:30 engblom: firefox it is. 2015-03-23 14:35:03 engblom: xfs should work as long as your /boot is ext* 2015-03-23 14:35:23 engblom: firefox seems to have issues with latest musl. 2015-03-23 15:55:33 we have a new packages db at: http://pkgs.alpinelinux.org any comment/issue let me know. 2015-03-23 16:02:19 i mentioned it for my 6 twitter friends :) 2015-03-23 16:02:23 is local service started anyway, or should it be added to a runlevel manually ? 2015-03-23 16:02:59 i suppose rc-status will tell you that 2015-03-23 16:03:10 i suspect you will have to add it 2015-03-23 16:03:34 rc-update i mean 2015-03-23 16:03:53 yeah rc-update doesn't show it so i was wondering if it were here by default and not shown or not 2015-03-23 16:04:06 about xfs, setup-disk will install on xfs if /boot is ext* but the xfs module is'nt in the default initramfs or hardlinked in the kernel (on vanilla at least)... need to manually add it to initramfs for booting :) 2015-03-23 16:04:59 NaNDude: you can probably add it to /etc/mkinitfs/mkinitfs.conf 2015-03-23 16:05:51 good to know, thx. 2015-03-23 16:11:43 clandmeter seems search doesn't work on partial terms 2015-03-23 16:12:04 add % 2015-03-23 16:12:30 oh ok 2015-03-23 16:12:45 there is no logic in the search 2015-03-23 16:12:47 hehe better 2015-03-23 17:24:17 16:35 < rpu3uO8PEVZZ> engblom: firefox seems to have issues with latest musl. 2015-03-23 17:24:38 What exatly will that mean for Alpine? 2015-03-23 17:25:28 I do not need the very latest of everything, but I do not like the idea to lag far behind with browser as that requires people to back-port patches (which probably does not happen). 2015-03-23 17:26:27 I am asking this because web browser is the easiest attack surface. 2015-03-23 17:36:04 engblom: there is a firefox 36.0.1 in testing 2015-03-23 17:36:55 engblom: And https://github.com/jomat/aports/blob/master/testing/dwb/APKBUILD works too, you just have to touch some empty file in your home dir, otherwise it won't start (strace to find out wich file…) 2015-03-23 17:57:27 jomat: Thanks, I found newer firefox in testing! 2015-03-23 17:58:13 What is the best way for installing from testing, if you just want a few packages from there and not having it as a default repository? 2015-03-23 18:01:02 engblom: repo pinning 2015-03-23 18:01:08 check our wiki 2015-03-23 18:01:18 engblom: add sth. like that to /etc/apk/repositories: 2015-03-23 18:01:19 @testing http://nl.alpinelinux.org/alpine/edge/testing 2015-03-23 18:01:28 and then apk add somepackage@testing 2015-03-23 18:01:45 Thanks! 2015-03-23 18:01:56 don't forget to apk update :-) 2015-03-23 18:02:24 apk policy somepkg <- shows different versions for somepkg 2015-03-23 19:22:35 did we get kicked? 2015-03-23 19:39:25 <__mjones> ScrumpyJack: netsplit. 2015-03-23 20:07:42 how to debug this issue: ERROR: giblib-1.2.4-r8: BAD signature 2015-03-23 20:08:10 apk add giblib prints it 2015-03-24 06:31:30 I'm trying to install io.js and experiencing a strange error. after grabbing the files from https://iojs.org/dist and copying them to /usr/local, I get "sh: iojs not found". the files are present as confirmed by ls or which, so I'm a bit stumped as to what's going on. 2015-03-24 06:32:13 assuming it's because alpine is missing something that iojs/node depends on, but given the unhelpful error, I have no idea what that could be. 2015-03-24 06:56:29 knite, we don't support binary only distributions 2015-03-24 06:56:39 it's probably built against glibc, and the ld.so does not exist 2015-03-24 07:01:52 fabled: good to know, I'll try building it myself. but why the strange error, then? 2015-03-24 07:02:00 How soon can I expect to find this one compiled: http://git.alpinelinux.org/cgit/amanison/aports/tree/testing/thunderbird ? 2015-03-24 07:02:19 knite, if program interpreter is missing, it'll probably say that 2015-03-24 07:02:22 though 2015-03-24 07:02:33 other reason is that /usr/local/bin is not in path, or you extracted it in wrong place 2015-03-24 07:03:05 fabled: not either of those. I can download it to /tmp/foo and run ./bin/iojs and it fails in the same way. 2015-03-24 07:03:43 then it's the program interpreter issue. it's built against glib, and the dynamic linker name does not exist 2015-03-24 07:04:03 <__number5__> knite: as fabled have explained, alpine using a different clib than debian/ubuntu/etc. linux 2015-03-24 07:04:32 <__number5__> so precompiled binaries won't work unless they compiled with musl 2015-03-24 07:04:41 engblom: we dont have thunderbird (yet) 2015-03-24 07:04:48 __number5__: gotcha. thanks. 2015-03-24 07:05:05 musl does have partial compat with glibc. we might consider shipping symlink for that. 2015-03-24 07:05:12 though, not sure if it's good or bad. 2015-03-24 07:05:16 is there a link to setting up alpine to build things? I skimmed the wiki page about building your own packages, but that's a bit different. 2015-03-24 07:05:24 engblom: i tried to build it once with a shared xulrunner but gave it up 2015-03-24 07:05:26 as it might encourage running binary stuff, which is not recommended. 2015-03-24 07:06:03 if I have a source tarball of something typical and just want to ./configure && make, what prerequisite steps should I take? 2015-03-24 07:06:21 knite: maybe read INSTALL file? 2015-03-24 07:06:28 or README 2015-03-24 07:06:45 ncopa: I mean, what alpine specific steps should I take? 2015-03-24 07:07:05 knite: apk add build-base 2015-03-24 07:07:18 should pull in gcc, libc headers, gnu make 2015-03-24 07:07:35 then you need figure out the buildtime deps and apk add those 2015-03-24 07:07:41 and gcc will compile against(?) musl? 2015-03-24 07:07:56 yes 2015-03-24 07:08:23 excellent, will give it a shot with iojs as a test case. 2015-03-24 07:08:55 knite, ncopa : don't we have iojs packaged 2015-03-24 07:08:57 <__number5__> is there a dockerfile for building apk? 2015-03-24 07:08:58 just "apk add iojs" ? 2015-03-24 07:09:07 dunno :) 2015-03-24 07:09:09 oh 2015-03-24 07:09:11 in testing 2015-03-24 07:09:17 indeed 2015-03-24 07:09:19 we have it 2015-03-24 07:09:29 knite: apk add iojs 2015-03-24 07:09:40 it's in testing 2015-03-24 07:09:54 <__number5__> should put the packages site url in the topic 2015-03-24 07:09:54 http://git.alpinelinux.org/cgit/aports/tree/testing/iojs/APKBUILD 2015-03-24 07:11:04 good point. it's there, but version is slightly old. 2015-03-24 07:11:11 which I also noticed for nginx in main. 2015-03-24 07:11:23 Is there anything special to do to build xulrunner (newest)? I've been wanting to build that to use with conkeror but I had issues compiling xulrunner. I'll have to try it again to remember what it was 2015-03-24 07:11:35 is there a simple way to rebuild an existing package to bump the version? 2015-03-24 07:11:37 knite, nginx is latest -stable 2015-03-24 07:11:46 dunno if we should start to use mainline version or not 2015-03-24 07:12:00 fabled: I'm coming from Ubuntu, where I can add the nginx PPA. 2015-03-24 07:12:29 also, nginx under alpine needs /tmp/nginx/client-body to exist, which is not the case for ubuntu/deb. 2015-03-24 07:12:32 we also use extended support version of firefox; though in ff case the latest is available in @testing 2015-03-24 07:12:57 wonder if we should do same for nginx. put the mainline version in @testing 2015-03-24 07:13:07 fabled: consider this a +1. :-) 2015-03-24 07:13:30 ncopa: :/ Sad to hear that. That means I will have to postpone my plans on migrating my computers to alpine-linux for the moment. 2015-03-24 07:13:54 but in the interim, is there a simple workflow I can follow to grab, eg, the nginx build files, and rebuild it myself to a newer version? 2015-03-24 07:14:00 At this point I am just running alpine inside of a VM to test it out. 2015-03-24 07:14:02 engblom: sorry about that. we have claws-mail and sylpheed though 2015-03-24 07:14:28 might be i give thunderbird another try 2015-03-24 07:14:39 knite, re: /tmp/nginx/client-body, i don't need that. 2015-03-24 07:14:45 what happens if it's not here? 2015-03-24 07:14:46 ncopa: I have a huge thunderbird profile containing much needed mails and addresses. Would be too much work to switch at this moment 2015-03-24 07:14:54 ok 2015-03-24 07:15:05 fabled: nginx fails to run. hold on, let me verify on a clean alpine container... 2015-03-24 07:15:12 oh 2015-03-24 07:15:16 it's created automatic? 2015-03-24 07:15:28 i pushed iojs-1.6.2 btw 2015-03-24 07:16:03 fabled: no, which was the issue. will report back in a few min... 2015-03-24 07:16:25 init.d script creates it in configtest. that's not 2015-03-24 07:16:27 good 2015-03-24 07:17:06 ncopa: that's great. it's on testing, then? 2015-03-24 07:17:28 fabled: so you just verified that there's an issue? 2015-03-24 07:17:33 yes 2015-03-24 07:17:39 we'll fix it. thanks for the notify. 2015-03-24 07:17:54 you're welcome. didn't realize I was chatting with core committers. :-D 2015-03-24 07:21:22 seems it's been like that from the beginning. should have checked the contributed apkbuild better. 2015-03-24 07:36:40 fabled: so, just wanted to re-up my earlier question. let's say I want to bump the version of a package. what's the best workflow to do that? 2015-03-24 07:36:51 eg, nginx from stable to mainline, for my own use. 2015-03-24 07:50:25 knite: do you nkow if nginx's http-client-body-temp-path, http-proxy-temp-path and *-temp-path should be owned by nginx or root? 2015-03-24 07:53:45 ncopa: sorry, I don't. but take a look at https://launchpadlibrarian.net/192577260/buildlog_ubuntu-trusty-i386.nginx_1.6.2-5%2Btrusty0_UPLOADING.txt.gz 2015-03-24 07:54:00 it passes --http-client-body-temp-path=/var/lib/nginx/body 2015-03-24 07:56:02 also, I was a bit surprised that the nginx install under alpine provides neither sites-available nor sites-enabled, which are standard for most other installs. 2015-03-24 07:56:18 i am adding conf.d and default.d 2015-03-24 07:56:48 as said, we didnt check this good enough 2015-03-24 07:56:53 and nobody complained until now 2015-03-24 07:58:00 mistakes happen, but a bit surprised no one else mentioned it. I've been playing with alpine for under 48 hours, and nginx is probably one of the most installed packages for a distro like this. 2015-03-24 07:59:02 apparently not :) 2015-03-24 07:59:26 i suppose you use docker? 2015-03-24 07:59:26 I would suggest that a good rule of thumb is to assume that most users are coming in with Ubuntu/Debian/Red Hat/OS X experience, and to follow the principle of least surprise - alpine packages should be as much like big distro packages as possible. 2015-03-24 08:00:07 absolutely. I'd been trimming down my Ubuntu images, because the busybox image seemed like a poor choice given its focus on embedded systems. 2015-03-24 08:00:13 actually, i think most users comes from debian or arch linux 2015-03-24 08:00:18 then I discovered alpine via gliderlabs, which seems like a great fit. 2015-03-24 08:00:27 docker, right? 2015-03-24 08:00:35 yes. 2015-03-24 08:01:04 we got attention from docker ppl rather recently 2015-03-24 08:01:13 december 2015-03-24 08:01:16 2014 or 2015-03-24 08:01:17 we (docker users) want our containers to be small, light, fast, etc. the vast majority of images are built off of Ubuntu, which is overkill. 2015-03-24 08:01:22 yes 2015-03-24 08:01:36 alpine makes sense there 2015-03-24 08:01:40 yeah, I think that coincides with a Tutum blog post, as well as the gliderlabs change from a busybox image to alpine. 2015-03-24 08:02:07 but we have existed long before that 2015-03-24 08:02:10 gliderlabs is responsible for several images that are very popular amonst devops folk. 2015-03-24 08:02:19 sure, I'm just sharing how I got here. :-) 2015-03-24 08:03:35 the other thing that's caught me by surprise and is making my life a bit more difficult is the lack of wildcard support in the shell. one of the busybox pages says that there's a a build flag for this. has alpine considered making that change? 2015-03-24 08:04:24 wildcard support? 2015-03-24 08:04:39 we have wildcard support? 2015-03-24 08:04:57 yes, I'm unable to do things like rm -r /some/folder/{foo,bar}.ext 2015-03-24 08:05:07 knite: apk add bash 2015-03-24 08:05:09 ;) 2015-03-24 08:05:14 busybox *can* have wildcard support, but does not by default. 2015-03-24 08:05:18 it will cost you 800kb 2015-03-24 08:05:20 according to their docs. 2015-03-24 08:05:24 800 ain't bad. :-) 2015-03-24 08:05:40 considering what 800kb busybox code gives you... 2015-03-24 08:06:11 unrelated, but ncopa, fabled, check out https://github.com/gliderlabs/docker-alpine/issues . it's the main docker image for alpine, and 4/4 open issues are marked as upstream problems in alpine. 2015-03-24 08:06:35 the issue with Java 8 seems like an especially big deal, though it's not relevant to me personally. 2015-03-24 08:06:48 busybox ash configs: http://sprunge.us/IgWO 2015-03-24 08:13:34 knite, yes, java is not polished; java8 is not packaged, and the ca-certificates-java is not there 2015-03-24 08:14:23 #10 is not really issue as ncopa commented 2015-03-24 08:14:43 like I said, not directly to me. just wanted to pass it on to you guys so that you can jump in with comments on behalf of alpine. 2015-03-24 08:14:44 back later 2015-03-24 08:14:49 not directly related* 2015-03-24 08:15:45 i should go back figthing fortify and firefox 2015-03-24 08:15:49 knite: thanks for your feedback 2015-03-24 08:16:09 please test nginx from edge and let me know if it fixes the path issues you had 2015-03-24 08:41:02 ncopa: just tested iojs from edge and it fails. 2015-03-24 08:41:08 Error relocating /usr/bin/iojs: _ZSt24__throw_out_of_range_fmtPKcz: symbol not found 2015-03-24 08:42:46 check if libstdc++ has the symbol 2015-03-24 08:42:59 (it's from the std:: namespace) 2015-03-24 08:44:01 how might I do that? sorry, been quite a few years since I've messed with compiled binaries like this. 2015-03-24 08:44:40 nm -D /usr/lib/libstdc++.so |grep ... 2015-03-24 08:45:01 readelf -lhd /usr/bin/iojs to see if it 2015-03-24 08:45:19 ..is in the dt_needed list 2015-03-24 08:45:22 nm not found, not available for installation by apk-install 2015-03-24 08:45:37 apk add binutils 2015-03-24 08:46:10 nm: '/usr/lib/libstdc++.so': No such file 2015-03-24 08:46:24 there is your problem i guess 2015-03-24 08:46:36 all I did was apk-install iojs from edge? 2015-03-24 08:46:52 it's probably a missing dep 2015-03-24 08:47:09 try to add libstdc++ 2015-03-24 08:47:24 knite: did you mix edge repo with stable? 2015-03-24 08:47:47 $ iojs --version 2015-03-24 08:47:47 v1.6.2 2015-03-24 08:47:58 ncopa: I assume so? based on the wiki, I ran apk add -U -X http://nl.alpinelinux.org/alpine/edge/testing/ --allow-untrusted iojs 2015-03-24 08:48:23 why do you need --allow-untrusted? 2015-03-24 08:48:35 nsz: just used it verbatim from the wiki. 2015-03-24 08:48:38 i don tthink you need the --allow-untrusted 2015-03-24 08:48:51 noted. but either way, my install failed? 2015-03-24 08:49:13 try to install libstdc++ 2015-03-24 08:49:13 you will probably need run all from edge 2015-03-24 08:50:06 I did apk del ios && apk-install libstdc++ && (long install line from above for iojs) and it still fails. 2015-03-24 08:50:30 ok so go back to the nm 2015-03-24 08:50:35 and continue from there 2015-03-24 08:50:36 apk-install? 2015-03-24 08:50:44 ncopa: how do I do that? this is for a container, so I'm using alpine 3.1 and then only installing things I need. in this case, I've installed only s6 (also from edge), and now iojs. 2015-03-24 08:50:52 i never heard of apk-install 2015-03-24 08:51:03 it's a thin wrapper. basically just does add -U 2015-03-24 08:51:10 sounds like a wrapper yes 2015-03-24 08:51:15 and deletes the apk cache after. 2015-03-24 08:51:38 can you enter the container? 2015-03-24 08:51:44 and edit /etc/apk/repositories 2015-03-24 08:51:52 so, let's work this out. starting from a clean container, my goal is to install iojs from edge. what should I run? 2015-03-24 08:51:54 change v3.1 to edge 2015-03-24 08:52:13 why dont you do the nm? 2015-03-24 08:52:21 and then we can know what the problem is 2015-03-24 08:52:22 also add http://nl.alpinelinux.org/alpine/edge/testing to /etc/apk/repositories 2015-03-24 08:52:30 (or any other kind of debugging) 2015-03-24 08:52:47 nsz: i believe we have upgraded gcc since v3.1 2015-03-24 08:52:55 including libstdc++ 2015-03-24 08:53:26 okay, will follow ncopa's instructionns, and then nsz's suggestion. 2015-03-24 08:53:26 so v3.1 is built with gcc 4.8.3 2015-03-24 08:53:39 and edge is built with gcc 4.9 something 2015-03-24 08:53:50 should be good enough 2015-03-24 08:54:25 maybe libstdc++ from gcc 4.9 introduced symbols? 2015-03-24 08:55:09 okay, I added edge to /etc/apk/repositories in a clean 3.1 container. I then installed iojs. it still fails. here's what iojs installed as deps: 2015-03-24 08:55:27 (1/3) Installing libgcc (4.8.3-r0) 2015-03-24 08:55:28 (2/3) Installing libstdc++ (4.8.3-r0) 2015-03-24 08:55:29 (3/3) Installing iojs (1.6.2-r0) 2015-03-24 08:55:31 Executing busybox-1.22.1-r14.trigger 2015-03-24 08:55:32 knite: how does your /etc/apk/repositores look like? 2015-03-24 08:55:32 OK: 25 MiB in 18 packages 2015-03-24 08:55:34 Error relocating /usr/bin/iojs: _ZSt24__throw_out_of_range_fmtPKcz: symbol not found 2015-03-24 08:55:48 two lines, the default, followed by the edge URL you shared. 2015-03-24 08:56:08 replace v3.1 with edge 2015-03-24 08:56:20 sed -i -e 's/v3.1/edge/g' /etc/apk/repositories 2015-03-24 08:56:25 ah, okay. you said add earlier, not replace. :-) 2015-03-24 08:56:25 and apk upgrade -U -a 2015-03-24 08:57:20 mixing repos works sometimes, and sometimes it does not 2015-03-24 08:57:24 confirmed, works. :-) 2015-03-24 08:57:41 good :) 2015-03-24 08:57:49 is there any way for packages to test that and throw a warning? 2015-03-24 08:57:58 ? 2015-03-24 08:59:04 I wasn't expecting that I needed to bump an entire system to edge to run one package from edge. so I installed that one package from edge per apk add -U -X, and it then failed in a non-obvious way that I was unable to troubleshoot due to being unfamiliar with alpine. 2015-03-24 08:59:20 sometimes it works, sometimes it doesnt 2015-03-24 09:00:07 it fails if the edge package is built against a lib that is updated in edge (but not in stable) 2015-03-24 09:00:10 so if the package itself, or the package manager could throw a warning when a package is unlikely to run (eg, checking certain core dependency versions), it would be helpful. 2015-03-24 09:00:13 and the new lib has new symbols 2015-03-24 09:00:29 and the package itself uses some of the new symbols 2015-03-24 09:00:43 like iojs did with libstdc++ 2015-03-24 09:00:52 in that case you need upgrade that lib 2015-03-24 09:01:17 we talked about tracking symbols in libs and require minimum version of a lib 2015-03-24 09:02:06 but its kinda non-trivial to fix without having a huge db with all symbols for eah version 2015-03-24 09:02:40 yeah, that could work. and it does sound like a lot of work. but consider me your test case - I have general familiarity with administering Linux systems, but zero experience with alpine. so any hiccups I encounter will probably be encountered by others. 2015-03-24 09:02:50 true 2015-03-24 09:02:58 debian etc. do track symbols 2015-03-24 09:03:14 i think they keep the symbol file with each package source tree 2015-03-24 09:03:22 so my expectation is that any package which successfully installs, will work. 2015-03-24 09:03:24 we could do it for the few packages that need it 2015-03-24 09:03:32 most notable libc 2015-03-24 09:03:45 fabled: i confirm skype is working on linux-vanilla :) 2015-03-24 09:03:49 cool 2015-03-24 09:03:55 video works 2015-03-24 09:03:58 sound doesn't 2015-03-24 09:04:04 i'll try to get done with the xattr stuff later today 2015-03-24 09:04:05 as it needs pulseaudio -_- 2015-03-24 09:04:11 ew 2015-03-24 09:04:59 fabled: libc and libc++ 2015-03-24 09:05:01 yeah a bit nasty but well... i'm more using it to chat than audio/video calls anyway 2015-03-24 09:23:57 There is existing a pulse to alsa "converter" made for getting skype to work on system without pulseaudio. It could probably be compiled for Alpine 2015-03-24 09:34:51 engblom: link ? 2015-03-24 09:40:03 coredumb: https://github.com/i-rinat/apulse 2015-03-24 09:40:19 apulse will only work with Skype... it is not a general pulse to alsa wrapper 2015-03-24 09:41:20 engblom: yep i see 2015-03-24 09:41:25 It will emulate those parts of pulseaudio api that skype is using 2015-03-24 09:41:27 thx maybe gonjnqa try that 2015-03-24 10:09:30 what should i install to get gcc and other build utils? 2015-03-24 10:19:49 got it 2015-03-24 11:17:30 alpine-sdk 2015-03-24 11:17:31 ah 2015-03-24 11:17:33 sory :) 2015-03-24 11:25:27 engblom: there's also mutt 2015-03-24 12:10:34 hum... multi ruby version support should be awesome :( 2015-03-24 12:16:03 packaging ruby-* is a nightmare 2015-03-24 12:16:54 i think someone posted apkbuild for apulse on the mailing list not too long ago 2015-03-24 12:17:10 iirc it didtn work and i didnt have time to fix it 2015-03-24 12:18:29 i know that... i'm maintaining rubygems for opensuse/sles 8) 2015-03-24 12:18:58 https://build.opensuse.org/project/show/devel:languages:ruby:extensions 1384 rubygems -.- 2015-03-24 12:19:54 i think i will build my docker containers with ruby-build to support different ruby versions 2015-03-24 12:20:11 mosez: you are a brave man... :) 2015-03-24 12:20:34 haha 2015-03-24 12:20:41 hm there is a gem2rpm script 2015-03-24 12:21:03 yes, and it's used quite often :) 2015-03-24 12:21:32 now it includes a gem2rpm.yml as well to prevent manual editing of the spec files. 2015-03-24 12:22:11 do you support concurrent versions for rubygem-* packages? 2015-03-24 12:22:21 https://build.opensuse.org/package/view_file/devel:languages:ruby:extensions/rubygem-i18n-0_5/gem2rpm.yml?expand=1 2015-03-24 12:22:24 yes 2015-03-24 12:22:31 multi interpreter and multi gem version 2015-03-24 12:23:00 the gem packages get and version suffix, e.g. rubygem-rails-4_2 2015-03-24 12:23:53 do you have multiple different .spec files for that 2015-03-24 12:24:12 or does a single .spec file spit out multiple .rpms in different versions 2015-03-24 12:24:14 no, a single one. but some macro magic to convert it at buildtime 2015-03-24 12:24:32 so you need rerun the build for each version 2015-03-24 12:24:43 or? 2015-03-24 12:25:19 good question 2015-03-24 12:25:24 rvm! 2015-03-24 12:25:31 diftraku: rvm sucks 2015-03-24 12:26:03 ncopa: i'm not totally sure how this gets handled by the build service 2015-03-24 12:26:22 ncopa: even for local test builds we are using the build service client 2015-03-24 12:26:53 i wish gem devs would have used semantic versioning 2015-03-24 12:27:16 i wish the same for go devs... or all npm devs :D 2015-03-24 12:27:32 yeah 2015-03-24 12:27:34 sigh 2015-03-24 12:29:12 mh, rubygems.org got problems? or is it just me? ping rubygems.org doesnt work from my container and from my host as well oO 2015-03-24 12:29:50 seems to be an rubygems issue. my screen session on a server cant ping as well 2015-03-24 12:39:28 rpu3uO8PEVZZ: I am also using text mail clients, but thunderbird is the best tool at my work. Among the text mail clients, alpine is my favorite mail client... 2015-03-24 12:40:02 i find thunderbird to be the worst GUI mail client actually 2015-03-24 12:40:28 i wish firefox and thunderbird could share xulrunner 2015-03-24 12:40:48 Yes, that would be great. 2015-03-24 12:41:00 they worked against that some years ago 2015-03-24 12:41:09 is actually TB still actively developped ? 2015-03-24 12:41:20 and we built firefox with a shared xulrunner while waiting for thunderbird to catch up 2015-03-24 12:41:26 which never happened 2015-03-24 12:41:33 and strange bugs in firefox started to appear 2015-03-24 12:41:48 so i gave up shared xulrunner 2015-03-24 12:50:30 mozilla is such a traitor nowadays 2015-03-24 12:50:49 i wish they would be still my heroes like they were in the browser wars. 2015-03-24 12:51:24 I wish they would have been continuing in the same spirit as when they were still 'phoenix' 2015-03-24 12:51:43 yeah 2015-03-24 12:53:47 Sadly it is almost the only non-webkit alternative. 2015-03-24 12:54:20 would be time for history repeating itself when netscape communicator has been debloated into firefox. time, bitrot, and featurecreep make the same necessary for firefox 2015-03-24 12:56:40 Yes, definitely 2015-03-24 12:59:21 but the good people all have left mozilla. no jwz anymore 2015-03-24 12:59:23 <__number5__> unfortunately chrome is bloated as hell too 2015-03-24 12:59:56 My rpi2 is shipped. Maybe tomorrow I get it. I would definitely be interested in running Alpine Linux on it. Is the rpi image for rpi1 or rpi2? 2015-03-24 13:00:19 __number5__: Yes, and it lacks essential feautes, like control over cache. 2015-03-24 13:00:32 <__number5__> engblom: those two have different ARM architecure? 2015-03-24 13:01:16 they have, but they are compatible 2015-03-24 13:01:42 __number5__: rpi1 is armv6 and rp2 armv7. It is jump from a bad single core processor up to a quad core. 2015-03-24 13:02:29 <__number5__> engblom: what do you mean by 'control over cache'? if you mean disable cache for development stuff, Developer Tools/Console is really good 2015-03-24 13:03:36 <__number5__> engblom: sounds like you need to build from scratch then 2015-03-24 13:03:50 no 2015-03-24 13:03:57 __number5__: You can not configure how big the cache is, among other things. This is a problem as the cache is filling the disks. You can also not have it to automatically delete the cache upon exit. You can through arguments force it to run in private mode, but that is not always desired. 2015-03-24 13:03:59 it's compatible the two arms 2015-03-24 13:05:35 yeah firefox getting money from google makes them support the google tentacles more. 2015-03-24 13:05:46 On this particular rpi2 I am going to run jvm. Yes, I dislike jvm, but it is the only way to run Clojure. Because of this I want all the extra juice I can get out of the rpi. I want it to use the extra features added in armv7- 2015-03-24 13:07:27 talking about firefox bloat brings up the other bloat... 2015-03-24 13:08:13 apparently there is no openjdk package for armhf port of alpine linux :/ 2015-03-24 13:08:37 That means that even if I would run alpine linux on it, I would not be able to use it for what I want 2015-03-24 13:09:57 rpu3uO8PEVZZ: Yes, I hate java. That I truely do. Still no other programming language makes me the same productive as Clojure, so I need a JVM. I so wish they would have picked LLVM instead of JVM as target for Clojure. 2015-03-24 13:12:33 <__number5__> you know llvm is not really a VM right? 2015-03-24 13:12:34 well, maybe it's time to learn a new language then that comes with much less bloat? 2015-03-24 13:12:55 <__number5__> engblom: chrome did have cache size control http://peter.sh/experiments/chromium-command-line-switches/#disk-cache-size 2015-03-24 13:14:07 Lua is the language with less bloat ;) 2015-03-24 13:14:11 i mean toolusage seperates us from the animals, but tool usage can be done like people with hammers, and people who use the correct tool for the task they want to solve. 2015-03-24 13:14:18 ncopa: absolutely 2015-03-24 13:14:40 i've been also impressed by julia. very fast, very small, and very easy c-library bindings 2015-03-24 13:14:51 rpu3uO8PEVZZ: Feel free to suggest. I want it to encourage functional programming style rather than imperative, but not forcing me. I also want it to have the same powerful macros as Clojure, and depency handling build system like Leiningen. 2015-03-24 13:15:28 hmm, so you stick to your tools despite the task not being quite aligned with those 2015-03-24 13:15:59 rpu3uO8PEVZZ: No, that I am not. Not all my projects are in Clojure. Most are, because that is the right tool for the domain of problems I am solving. 2015-03-24 13:16:15 maybe the raspi2 is the wrong tool then? 2015-03-24 13:16:58 should be possible to run the java vm on rpi2 2015-03-24 13:17:06 rpu3uO8PEVZZ: I have a lot of sensors I need to hook up with it. The program will calculate stuff from the inputs... 2015-03-24 13:17:22 i think we had openjdk on arm at some point 2015-03-24 13:17:24 rpu3uO8PEVZZ: rpi2 has a lot of gpio, exaclty what is needed. 2015-03-24 13:17:31 that can be done in better suited tools than clojure 2015-03-24 13:17:45 rpu3uO8PEVZZ: Sure, python could be used among other... 2015-03-24 13:17:48 probably not had the needed time to fix arm + java 2015-03-24 13:17:54 <__number5__> the worst case you can run a VM on rpi2 to run Java VM :P 2015-03-24 13:17:56 even shellscript 2015-03-24 13:18:39 <__number5__> you can try Rust if you prefer functional style 2015-03-24 13:19:06 <__number5__> python not really a functional programming language 2015-03-24 13:19:20 Lua has some functional style features too 2015-03-24 13:19:24 well rust is quite immature 2015-03-24 13:19:35 Rust is on my list of languages to learn. However, it is still in way to heavy development. There is a huge risk I will have to rewrite stuff with each upgrade of rust. 2015-03-24 13:19:36 julia also is quite functional 2015-03-24 13:20:06 in any case, i think i'd like openjdk run on arm 2015-03-24 13:21:39 How is Alpine Linux built? Would it be trivial to cross build it for armv7 on x86-64? 2015-03-24 13:30:38 it's not really necessary for the raspi2. but would be interesting for other archs like mips 2015-03-24 13:40:26 ncopa: are there any plans to integrate jruby or mruby packages? :) 2015-03-24 13:40:46 engblom, native build. cross build is not possible in simple way (we can cross build only core packages when bootstrapping new architecture) 2015-03-24 13:41:33 __number5__, engblom : Rust looked nice, though now i'm more interested in Nimrod. there's way too many new language popping up... 2015-03-24 13:42:14 nimrod was fun 2015-03-24 13:42:59 ncopa: or did you welcome contributions for that? :) 2015-03-24 13:43:23 mosez: i dont have any specific ruby plans 2015-03-24 13:43:40 not more than try to fix the dep breakages 2015-03-24 13:43:45 and maybe upgrade to ruby 2.2 2015-03-24 13:43:50 if you say no chance to accept packages for that than i wont invest the time 2015-03-24 13:44:06 i might accept those packages 2015-03-24 13:44:11 fabled: Thanks, it looks like a bit more than trivial to build for rpi2 then... 2015-03-24 13:44:13 specially if someone else are willing to maintain them 2015-03-24 13:44:20 engblom, we have armhf build 2015-03-24 13:44:31 the userland works just fine on armv7 2015-03-24 13:44:37 i'm using it on wandboard/armv7 2015-03-24 13:44:48 you only need kernel for rpi2, and it'll work 2015-03-24 13:44:53 so i think i will investigate some time to build packages for that 2015-03-24 13:45:08 maybe i need a real dev environment based on vagrant or something like that 2015-03-24 13:45:18 time to build an alpine linux vagrant box :D 2015-03-24 13:45:36 i use lxc containers as dev boxes 2015-03-24 13:45:37 <__number5__> not docker buiild? ;) 2015-03-24 13:46:57 <__number5__> btw, can I run oracle jdk on alpine? 2015-03-24 13:47:35 or even docker... 2015-03-24 13:51:30 hey i'm new to alpine. i tried to run java applets from within the browser and i do not have 5.1 channel sound as it used to work on windows. how do i shot web? 2015-03-24 13:52:38 also this is window #99 for the record 2015-03-24 14:00:46 do you have 5.1 channel sound outside the browser? 2015-03-24 14:01:13 i think there are some tests in alsa utils 2015-03-24 15:17:07 are there any guesses as to when(/if) kernel 3.18 will be packaged? 2015-03-24 15:18:01 depends on if grsecurity maintainers wants maintain that kernel 2015-03-24 15:21:32 they wont 2015-03-24 15:21:33 hmmm.... it appears not :( 2015-03-24 15:21:45 just 3.14 for a while 2015-03-24 15:21:55 (and an actual testing) 2015-03-24 15:50:17 ncopa: the ruby gem packages are built wrong :( 2015-03-24 15:50:28 ok? 2015-03-24 15:50:54 i must admit that its tricky to get them right... 2015-03-24 15:51:02 gem environment says EXECUTABLE DIRECTORY: /usr/bin 2015-03-24 15:51:09 s/tricky/impossible/ 2015-03-24 15:51:12 bundle gets installed to /usr/lib/ruby/gems/2.1.0/bin/bundle 2015-03-24 15:51:45 should bundle be installed in default $PATH? 2015-03-24 15:51:49 the binaries should be linked to /usr/bin :) 2015-03-24 15:51:49 unless a ruby lib is used as a dependency for an app, it's just pain and misery and fail to package gems. 2015-03-24 15:52:06 a developer is going to be using rbenv or chruby or rvm, not system ruby 2015-03-24 15:52:22 ncopa: for current distros i know it's installed in a default path like /usr/bin 2015-03-24 15:52:33 bougyman: you are wrong :) 2015-03-24 15:53:07 bougyman: i am a ruby developer and since i'm working for suse i use only packaged ruby or in worst case ruby installed through ruby-build. 2015-03-24 15:53:47 and some kind of dependency manager like bundler should be available in default path instead of manipulating the default path to prepend /usr/lib/ruby/gems/2.1.0/bin 2015-03-24 15:53:48 mosez: that's gotta be kind of a nightmare without a lot of vms, no? 2015-03-24 15:53:58 bougyman: docker ;) 2015-03-24 15:54:09 how do you test your ruby on 1.9.3, 2.0, 2.1, jruby, rubinius all on the same box? 2015-03-24 15:54:30 so basically: for i in "usr/lib/ruby/gems/*/bin/*; do ln -s $i "$pkgdir"/usr/bin/; done 2015-03-24 15:54:53 mosez: does that affect all/many ruby-* packages or only bundler? 2015-03-24 15:55:08 bougyman: with luck this have to be done only for the oss projects. and they are tested on travisci or within vagrant or docker 2015-03-24 15:55:16 ncopa: let me check 2015-03-24 15:55:27 ncopa: mosez it gets real messy when users start using gem and bundle mixed with pkgbuilds. 2015-03-24 15:55:38 just like if you use pip and packaged python libs together. 2015-03-24 15:55:41 stuff goes bad. 2015-03-24 15:55:47 just hapend to me with buildbot last week. 2015-03-24 15:56:19 sqlalchemy-migrate was fighting between package and pip installed (i accidentally pip installed as root) 2015-03-24 15:56:38 ncopa: /usr/lib/ruby/gems/2.1.0/bin/rails rails is only in this path as well 2015-03-24 15:57:09 bougyman: virtualenv ftw? :P 2015-03-24 15:57:26 mosez: yeah, i'm virtualenv'd now 2015-03-24 15:57:43 just like I don't run ruby with system ruby anymore, i'm moving to only using python in virtualenvs. 2015-03-24 15:58:04 I stopped using ruby with system ruby when debian released crazy ruby sauce back around sarge 2015-03-24 15:58:19 ncopa: i think all rubygems are affected where we have a bin file :( 2015-03-24 15:58:35 i do omnibus chef, which is Enough Ruby to do most things. 2015-03-24 15:58:48 then rvm for apps 2015-03-24 15:59:00 ncopa: except the core gems that get build with ruby itself like rake 2015-03-24 15:59:13 rvm sucks like hell 2015-03-24 15:59:36 and as i'm working for a linux distro i really dislike the omnibus stuff :) 2015-03-24 16:01:09 i already really like the rubygem packaging on suse. if we would get multi version support for ruby and the gems on alpine i would love it even more for docker environments :) 2015-03-24 16:01:15 I also work for a linux distro, definitely don't hate portable apps, though. 2015-03-24 16:01:18 and if we build a tool like gem2rpm :P 2015-03-24 16:02:14 bougyman: and with tools like open buildservice it's quite easy to build good packages for various distros :) 2015-03-24 16:02:31 without the damn omnibus behavior 2015-03-24 16:02:34 buildservice is quite nice, sure. 2015-03-24 16:03:04 and there are other alternatives for the buildservice as well. like packager.io or mandriva got an own deb based service as well 2015-03-24 16:03:26 we have xbps which does it on void. 2015-03-24 16:03:34 just for distros like alpine linux there are no automated tools :) 2015-03-24 16:03:37 it's not that packaing gems is hard, at all. 2015-03-24 16:04:08 it's that you can't possibly have a library packaged that's going to be right for everyone. 2015-03-24 16:04:09 mosez: i need to go home now, will try look at symlinks in ruby-* packages tomorrow 2015-03-24 16:04:14 we should also upgrade ruby-* 2015-03-24 16:04:17 it's much work to keep versions up to date :) 2015-03-24 16:04:32 we need automate it somehow 2015-03-24 16:04:36 which version of this gem should we use? 1.7.8 has breaking changes but 1.8.1 is stable (and also breaks compat with pre-1.7.8) 2015-03-24 16:04:41 ncopa: thx, in the meantime i have wxtended the path within my container. 2015-03-24 16:04:47 ACTION likes the simplicity of Clojure. No-one need to add Clojure to a distro. Everybody (almost) is just downloading a small shell script that takes care of everything. 2015-03-24 16:04:48 these are problems packages just can't solve. 2015-03-24 16:04:48 have a nice evening? :) 2015-03-24 16:05:12 engblom: that's what some ruby people do, too. and python. and lisp (quicklisp). 2015-03-24 16:05:37 the maven eco system is even more worse than ruby :D 2015-03-24 16:05:46 bougyman: With clojure, you download depenencies per project, so you never end up with two conflicting versions... 2015-03-24 16:06:14 you can do that with ruby as well, but it's a mess for security updates, hm? :) 2015-03-24 16:06:25 or with nodejs... or python... or whatever 2015-03-24 16:06:51 engblom: same with virtualenv and ruby (with bundler, rvm, others), and quicklisp. 2015-03-24 16:07:14 mosez: chef handles security updates of all our rubies. 2015-03-24 16:07:49 mosez: try and find a package manager that could meet http://sprunge.us/iFfJ those reqs. 2015-03-24 16:08:02 (other than the ruby-specific ones) 2015-03-24 16:08:37 a gem from makandra.de :D 2015-03-24 16:09:35 luckily this is the small list i have to take care about for my project 8) https://build.opensuse.org/project/show/systemsmanagement:crowbar:shared 2015-03-24 16:09:58 150 gems packaged as rpms 2015-03-24 16:11:01 damn, i need to sync them again -.- 2015-03-24 16:11:33 you're my Exhibit A :) 2015-03-24 16:11:47 a packager, someone who does this stuff all day every day, and you still get behind on deps :) 2015-03-24 16:12:47 a package manager _could_ do this, if it repeated every bit of the logic of gem/bundler. (and virtualenv, for python, etc). 2015-03-24 16:14:05 bougyman: i just need to sync it from time to time if some conflicts in the merge system happens :) 2015-03-24 16:14:25 and it doesnt take much time 2015-03-24 16:16:46 but whatever... everybody got his own opinion :) 2015-03-24 16:17:07 if i need to run multiple ruby versions i prefer ruby-build and chruby :) 2015-03-24 16:17:39 i dont' mind chruby or rbenv, but last I checked they didn't suport gemsets. 2015-03-24 16:18:06 gemsets are pretty vital to our deployment strategy. we deploy dozens of ruby apps to hundreds of servers, mostly automated. 2015-03-24 16:19:43 rbenv supports gemsets with a plugin 2015-03-24 16:20:20 didnt know about voidlinux before... sounds interesting 2015-03-24 16:41:01 <__number5__> bougyman: why not use bundler, much better than gemset IMO 2015-03-24 16:52:36 __number5__: bundler and gemsets play well together. 2015-03-24 16:52:49 rvm use 2.2.1@my_gemset && bundle install 2015-03-24 16:52:56 installs that bundle to just that gemset & ruby vers. 2015-03-24 16:57:50 is it common practice to use alpine in its livecd/liveusb form with a luks-encrypted persistence volume? usecase: theft-resistant travel system for old netbook with documents, dotfiles 2015-03-24 16:58:42 in the past I have used many different livesystems in this niche 2015-03-24 16:59:26 i guess some people are doing it. some even said to document this on the wiki recently, but no real docs on this afaik. 2015-03-24 17:02:20 rpu3uO8PEVZZ: nod. it does seem like it should be feasible, just implemented differently than elsewhere 2015-03-24 17:02:45 fortunately I have two instances of said old netbook, so I can play around a bit. :-P 2015-03-24 17:02:54 absolutely feasible. everything is posssible, the question is always the costs 2015-03-24 17:04:15 i created a dockerfile for running node.js (https://github.com/oren/alpine-node/blob/master/Dockerfile). how to restart my node.js server in case it crashes? in ubuntu i use 'forever' inside the container. i am not sure what is the approach when using alpine. 2015-03-24 17:04:20 how do i even explore stuff about my alpine container? i don't think it has bash so i can't bash into it like i do with other containers. 2015-03-24 17:04:26 (btw, i never used alpine before so any additional help would be greate) 2015-03-24 17:05:03 rpu3uO8PEVZZ: would the "lbu" tool be the thing I'm likely using for this selective livesystem persistence, or is there another mode that wouldn't involve polling "lbu commit" from time to time? 2015-03-24 17:06:12 no idea. never used it myself like this 2015-03-24 17:06:18 nod 2015-03-24 17:06:22 just observed others playing with this here 2015-03-24 17:06:53 thanks, I'll lurk and see what I hear. there are some good clues in various pieces of the wiki, just not sure yet what would be the optimal way to put it all together 2015-03-24 17:16:48 hmm, I guess as an alternative to LBUs, I could use "data" mode and keep my travel-netbook data inside one or more LXCs 2015-03-24 17:17:08 as data mode persists /var/ and LXCs live there 2015-03-24 19:02:27 hi there, I'm trying to run X application in a chrooted archlinux env, so I've wrote this bash function and this alias to run firefox: http://sprunge.us/DVUF?sh 2015-03-24 19:02:46 but it return: Error: cannot open display: :0 2015-03-24 19:02:56 any idea? 2015-03-24 21:16:07 can someone help me with open-iscsi? I keep getting iscsiadm: unrecognized character 'm' 2015-03-24 21:26:14 someone know if musl-libc regexp syntax is "specific" ? i got the following bug in bash (4.3.30 and 4.3.33) which look musl-libc related: http://pastebin.com/hiCCr9X6 2015-03-24 21:30:24 owen1: sh/ash 2015-03-24 21:49:19 a{2}+ is not valid regex 2015-03-24 21:49:44 i think musl translates it to (a{2})+ 2015-03-24 21:49:59 (the later is valid) 2015-03-24 21:57:01 hm even then the matching looks odd 2015-03-24 21:58:42 will have to check, but i think you only get weird behaviour because of the nonstandard a{n}+ 2015-03-24 22:00:59 seems easier as (aa)+ 2015-03-24 22:04:50 hm replacing [[:blank:]] with ' ' changes the outcome 2015-03-24 22:05:50 so i think the char class in [] is the culprit 2015-03-24 22:09:32 yes same result here... {X}+ as quantifier seem to work cleanly, ([[:blank:]]{2})+ give even stranger result :) 2015-03-24 23:01:44 knite: so it comes with ash instead of sh? never heard of that one! thanks. 2015-03-24 23:02:04 owen1: they're both symlinked to busybox. 2015-03-24 23:02:13 do an ls -l /bin 2015-03-24 23:02:54 knite: i guess my issue is how to 'productionize' an app that running inside alpine. can i use a tool like forever? 2015-03-24 23:03:06 or maybe systemd? i am cluesless about alpine. 2015-03-24 23:04:02 owen1: big ole it-depends. I'd been using runit in phusion/baseimage for my containers, I'm transitioning to alpine because it's much smaller than baseimage (which is built on Ubuntu), and will probably swap runit out for s6. 2015-03-24 23:06:46 knite: interesting. you should document it somewhere. i am sure other people are intersted. 2015-03-24 23:06:57 not sure what's the best place to share this stuff. 2015-03-24 23:07:07 owen1: I need to build it out first before I can share it. :-) 2015-03-24 23:07:24 http://skarnet.org/software/s6/ 2015-03-24 23:07:30 ahah yup 2015-03-24 23:07:55 I just posted some of my questions and concerns to the supervision mailing list at http://skarnet.org/lists/ 2015-03-24 23:08:14 the s6 author just added an overview page that's worth reading: http://skarnet.org/software/s6/overview.html 2015-03-24 23:08:26 knite: can u guide me about alpine? where do i start? do i have to put it on some laptop to play with it? or can i test it simply by 'docker run' and ash into it? 2015-03-24 23:08:31 definitely a lot more work than using forever, but better in the long run. 2015-03-24 23:08:47 docker run --rm -it alpine sh 2015-03-24 23:09:30 oh. perfect. i know it got nginx and node.js packages already. anything else i should look into? 2015-03-24 23:09:40 (similar to the process monitoring aspect) 2015-03-24 23:12:42 really depends on what you want to do. apk add -U to install stuff. 2015-03-24 23:15:18 i guess the process monitoring is the most critical component for me. also chosing different version of node would be nice as well. maybe iojs. i guess it means i need to learn how to install stuff into that OS. maybe it means that i need to create a package? i am not sure. 2015-03-25 00:10:50 ncopa: I forgot to save the logs from our chat yesterday, do you have a moment? 2015-03-25 00:17:57 or for anyone else who's listening. :-) short version: libstdc++ is version 4.8.3 on my system. I want version 4.9.2. 4.9.2 is listed at http://forum.alpinelinux.org/apk/main/x86_64/libstdc%2B%2B, but apk version -U libstdc++ doesn't show any updates, and http://nl.alpinelinux.org/alpine/v3.1/main/x86_64/ lists 4.8.3 as most recent. 2015-03-25 00:18:10 this is all on main, libstdc++ isn't in edge/testing. 2015-03-25 02:04:22 NaNDude: found the bug, will fix it in musl.. 2015-03-25 07:51:24 morning 2015-03-25 08:08:10 ncopa: just tried your nginx build from yesterday. it fails with a couple of missing symbols. 2015-03-25 08:09:49 it succeeds if I run an apk upgrade against edge/main. so I guess this is another example that packages should only install if all of their dependencies are at the versions they require. 2015-03-25 08:30:37 knite: yes, we dont attempt support mixed stable+edge repos 2015-03-25 08:30:55 but we always try that the repos itself work 2015-03-25 08:31:57 hm...that's a bit tricky. if I upgrade everything, I'll be running some packages that are in an alpha state (eg, alpine-base just now). that's bad in a prod environment for obvious reasons. 2015-03-25 08:32:21 and my other options is upgrading packages until things work and hoping they don't break later, which is also bad. 2015-03-25 08:32:31 other option is* 2015-03-25 08:58:56 well, anything in edge is considered 'alpha stage' 2015-03-25 09:00:35 edge/testing means developer has checked that it compiles, but it might not ever run 2015-03-25 09:00:57 once we get feedback that it runs and is okish, we move it to edge/main 2015-03-25 09:01:14 every 6 motnhs we make a snapshot of edge/main and ship stable release of that 2015-03-25 09:03:07 if we dont get feedback on things in testing, its never moved to main - and thus never available in stable release 2015-03-25 09:04:45 nsz: thanx, cool. i'm relatively new with alpine/musl so i have hard times finding my way to sources/builds/tests :) 2015-03-25 11:53:06 hmm, all the setup- scripts have gone 2015-03-25 11:54:09 my alpine-conf package contains nothing 2015-03-25 11:56:55 apk fix alpine-conf fixed that 2015-03-25 11:56:59 wierd 2015-03-25 12:23:51 ncopa: thx for these informations :) 2015-03-25 12:34:40 was actually looking for that :) 2015-03-25 12:37:47 anyone familiar with https://shibboleth.net, if it requires java / 2015-03-25 13:53:53 nice list, https://notabug.org/koz.ross/awesome-c 2015-03-25 14:21:33 vkrishn: musl libc is missing on that list 2015-03-25 14:22:54 its there 2015-03-25 14:23:03 "Standard Libraries" 2015-03-25 14:25:46 nice, it says it compatible with "C11" 2015-03-25 16:41:17 Hello Alpine Linux users. I did not find any mention of this on the homepage, perhaps because it is (for most part) obvious, nevertheless I wanted to be sure. The packages used are stable right? (as oppososed to say, Arch Linux) Also, are any testing/patching done by the Alpine maintainers or are packages compiled directly from upstream? 2015-03-25 16:43:50 <__mjones> The 3.1.3 release is stable; the unstable release is called 'edge'. 2015-03-25 16:44:47 <__mjones> Packaging is done by maintainers and volunteers. Some or many packages are packaged unpatched, but larger and more complicated software needs minor patching. 2015-03-25 16:45:27 <__mjones> The minor patching in my experience is related to header files -- glibc has a legacy mess, and musl seeks to be clean-sheet and not replicate the mess. 2015-03-25 16:46:02 <__mjones> Rarely is a package specifically security patched, except for changes necessary for grsec (and now FORTIFY_SOURCE, if I'm not mistaken). 2015-03-25 16:46:40 <__mjones> There is rarely a need for a security patch or security backport because the packages are mostly of the latest stable release, and therefore already patched. 2015-03-25 16:47:06 I see. Thank you. My primary concern was the stable vs unstable and how heavily patched the packages would be. I am currently planning out a home server and had Alpine in mind as the OS. I just don't want to deal with unstable packages, even though they may work perfectly fine... 2015-03-25 16:47:59 <__mjones> The upstream packages are those considered stable by upstream. 2015-03-25 16:48:40 <__mjones> However, the packages in Alpine stable (currently 3.1.3) do get upgraded. It's conceivable that an upgrade could have a backward compatibility problem. 2015-03-25 16:50:11 I do not plan on upgrading too often though. Maybe a couple of times a month 2015-03-25 16:51:43 <__mjones> My understanding is that there haven't been any real breaking changes to date. But there aren't elaborate test rigs absolutely preventing it, either. 2015-03-25 16:52:08 <__mjones> Packages are in testing repo for a while before going to stable, but there's no guaranteed test coverage that I know about. 2015-03-25 16:52:20 I remember having a server some years ago (well, technically just an old computer) and for some reason I can't remember whether it was running Alpine or Crux Linux (I don't know if you've heard of it). It's very weird since their names are completely different. I just remember loving to use and maintain the system :) 2015-03-25 16:52:40 <__mjones> Alpine is a fairly new fork, so I'd say it wasn't Alpine. 2015-03-25 16:53:03 Anyway, it sounds alright for me. Nothing really critical would be handled 2015-03-25 16:53:07 Oh 2015-03-25 16:55:16 Thank you for your clarifications. I'm off to download Alpine now. Bye bye! 2015-03-25 17:07:04 __mjones: you say fork, fork of which one ? 2015-03-25 17:08:13 i can definitely see the roots and inspiration 2015-03-25 17:08:27 but is that a fork or a freshly made distro ? 2015-03-25 17:09:00 <__mjones> Wikipedia says a fork of..can't remember. 2015-03-25 17:09:18 <__mjones> Not a fork of one of the majors. 2015-03-25 17:09:37 <__mjones> Also read at some point, "fork of Gentoo with Arch-like package management." 2015-03-25 17:10:14 package building may ressemble arch but i find the package manager more debian-like 2015-03-25 17:11:17 __mjones: ok LEAF fork apparently :) 2015-03-25 17:18:38 eh didn't even know it :) 2015-03-25 17:23:08 <__mjones> I might have a module here that gcc won't compile with only 640mb core. Let's hot-add some ram and find out. 2015-03-25 17:47:08 <__mjones> 4G did it. Haven't had that happen in a while. I blame C++, as usual. 2015-03-25 21:01:15 does alpine use busyboxs mdev or udev? 2015-03-25 21:02:09 udev it seems 2015-03-25 21:04:57 <_mjones> udev isn't in the default dist. It uses mdev. 2015-03-25 21:05:18 <_mjones> busyboxconfig:CONFIG_MDEV=y 2015-03-25 21:05:29 oh, great 2015-03-25 21:05:46 <_mjones> udev is a package, but not in the base dist. 2015-03-25 21:09:04 <_mjones> why great? 2015-03-25 21:09:40 <_mjones> udev not being in base is just fine with me, but I've needed it plenty of times. And when you need it, you need it. 2015-03-25 21:11:13 for what did you need it? 2015-03-25 21:11:53 <_mjones> Ownership and permissions to raw devices used by Sybase RDBMS in a cluster config, for one. 2015-03-25 21:12:16 <_mjones> (although raw devices are mostly a bad legacy solution to the problem.) 2015-03-25 21:12:46 <_mjones> Something else recently with permissions and ownership to devices, having to do with virtualisation. 2015-03-25 21:16:12 oh 2015-03-25 21:19:48 btw does anybody use alpine on desktops/laptops? 2015-03-25 21:20:34 <_mjones> not yet, no. VMs and servers. 2015-03-25 21:21:23 <_mjones> I mean, those are my use-cases. Some people run them on desktops, and there are quite a few desktop packages, but I haven't used any of them. 2015-03-25 21:22:11 nmeum, yes i do 2015-03-25 21:22:38 first thing you need to do is switch to vanilla kernel tho. grsec+pax breaks too much 2015-03-25 21:26:37 raw devices enable userspace drivers 2015-03-25 21:26:47 which is nice when the drivers are poorly written 2015-03-25 21:27:11 alpine on a laptop is fine 2015-03-25 21:27:20 I mean... depends on how you use your laptop, I guess 2015-03-25 21:29:40 <_mjones> ahills: you will not find me defending use of raw filesystems by DBAs following best practises written in 2008 based on info from 2004 that assumes the RDBMS vendor won't trust the OS and is promising certain reliability and performance across diverse (and legacy) platforms. 2015-03-25 21:30:29 which vendor is this? 2015-03-25 21:30:42 oratroll 2015-03-25 21:30:42 obviously 2015-03-25 21:31:11 :) 2015-03-25 21:31:11 :'( 2015-03-25 21:31:22 <_mjones> I've done it for both Oracle and Sybase. You won't do it for Sybase because their cluster product is very rare, was/is based on old code, and they won't sell it to many people except those desperately afraid of certain kinds of risk. 2015-03-25 21:31:33 <_mjones> Not including risk from their RDBMS vendor, obviously. 2015-03-25 21:31:38 haha 2015-03-25 21:32:08 <_mjones> Note that even Microsoft doesn't do this for their own product or other. 2015-03-25 21:32:50 <_mjones> MySQL can technically run its own filesystem on raws, but nobody ever does it because even the crazies have better things on which to craze. 2015-03-25 21:33:19 <_mjones> PostgreSQL doesn't know what you're talking about at all. Yet another reason for <3. 2015-03-25 21:33:45 I've exclusively used PostgresQL 2015-03-25 21:34:03 but I've never had to deal with any serious scale, running all my services out of my appartment :) 2015-03-25 21:34:51 <_mjones> I'm not much of a dba, but I strongly prefer postgres for relational. Lots of shops already have mysql in house, have a lot of comfort and expertise on staff, and don't want to dragment, and that's ok too. 2015-03-25 21:35:08 <_mjones> s/dragment/fragment/ 2015-03-25 21:35:26 every time I deal with mysql at work, it's to deal with one reliability problem or another 2015-03-25 21:37:33 <_mjones> That reminds me there was an totally incompatible change in hinting syntax between mysql 5.0 and 5.1 and the installer for jfrog artifactory managed to use and require the new syntax. 2015-03-25 21:38:18 <_mjones> jfrog seemed totally oblivious to the problem, and I could find no channel to send in a bugreport. In their defense I was using old mysql _because_centos_, but still. 2015-03-25 21:39:48 <_mjones> Can't recall any significant reliability problems. We didn't go-live with the really big implementation, though, due to something like a hostile takeover. 2015-03-25 21:41:12 haha 2015-03-25 21:41:15 oh, business 2015-03-25 21:43:20 <_mjones> I haven't had an opportunity to run big postgres yet, ironically. 2015-03-25 23:35:19 nmeum: I've run grsecurity with PaX on a laptop and would again, it wasn't a problem for me. 2015-03-26 01:00:04 are man pages and additional documentation always shipped in -doc packages? 2015-03-26 01:26:04 nmeum: yes 2015-03-26 01:26:18 is it possible to somehow always install them by default? 2015-03-26 01:37:50 not that i know of 2015-03-26 03:00:01 Anybody know how to get fts.h since musl doesn't have it? I've heard to use gnulib but I'm totally unfamiliar with that. Trying to build xulrunner. Any easier way? 2015-03-26 03:14:24 Nevermind, I found the fts-dev package! 2015-03-26 08:57:18 some lxc tools, https://github.com/lxc/lxcfs 2015-03-26 08:57:19 https://github.com/lxc/cgmanager 2015-03-26 09:51:19 Hi, does anyone use NFS shares (as client) from LXC? 2015-03-26 09:55:22 nmeum: I have a script that just adds "-doc" to each argument and installs it all ;) 2015-03-26 09:55:36 I also do it for -dev 2015-03-26 13:33:13 how stron is Sircbot? 2015-03-26 13:33:17 strong? 2015-03-26 13:34:53 anyone here using Sircbot? 2015-03-26 13:45:55 has anyone made a base alpine rkt image? 2015-03-26 13:46:04 well... aci anway 2015-03-26 18:17:46 <_mjones> pandoc. is written in haskell. #runtimeproliferation 2015-03-26 21:38:30 _mjones: any news about ceph? 2015-03-27 00:15:09 hi, how should we name python3 package in testing? for example I'm trying to create a package for lxml, is py3-lxml is correct? 2015-03-27 01:46:00 I've made 3 pkg for python3: py3-{lxml,pillow,psycopg2} 2015-03-27 01:46:18 they are available here: http://repo.chaahk.com/alpine/testing/ 2015-03-27 01:47:56 let me know if py3- is the good way to name python3 package, and I will send patches on alpine-devel 2015-03-27 03:02:16 Hello world; just discovered that we can install pacman - is this only available so that people can use the lxc-template for archlinux? I don't see any other reason for why pacman would be required in the repositores. 2015-03-27 03:02:29 algitbot: Damn you sir, are very fast. :P 2015-03-27 03:09:23 When attempting to setup xorg (I've tried a few times on different hardware). `X -configure` always returns no devices to configure - implying that it can't detect the video card. (Which I know is Intel and via HDMI) lspci doesn't mention any detail - I can only guess that alpine doesn't come with _more standard_ lists that define what pci device is what. This shouldn't get in the way of xorg should 2015-03-27 03:09:29 it? 2015-03-27 03:20:00 DarkFox: it's a musl "issue" 2015-03-27 03:20:31 but you can install xf86-video-intel 2015-03-27 03:20:57 Mo0O: I did :) 2015-03-27 03:21:41 Mo0O: I don't know why - but on this exact hardware, startx wants to work... On the others it has only lead to a hung system (haven't ssh'd in for logs yet on those hardware however) 2015-03-27 03:21:55 I will debug them another time. :) 2015-03-27 03:26:15 ;) 2015-03-27 03:31:00 Tip to anyone who wants to try out alpine; install diskless to an sd card and configure your boot to use UUID instead of sdX. Sooo portable :D 2015-03-27 03:44:55 what do you mean 'diskless' ? 2015-03-27 03:50:38 bougyman: Diskless install. :) 2015-03-27 03:51:08 but an sd is a disk so I don't get it. 2015-03-27 03:51:30 Diskless means that it will boot from the disk and load everything into ram - just like the installer does. 2015-03-27 03:51:39 From there onwards, it doesn't write to the disk at all 2015-03-27 03:51:47 Hence; I'm not killing my SD card :D 2015-03-27 03:52:20 It does however, write if you enable an apkcache and download things... But that is just adding to teh cache so you don't need to download it again 2015-03-27 03:53:07 Or write if you run `lbu commit` which will save your configs to disk for the next boot. :-) 2015-03-27 03:58:23 bougyman: Follow? 2015-03-27 03:59:27 gotcha 2015-03-27 03:59:30 like morphix used to do 2015-03-27 04:00:22 Not familiar with this nix 2015-03-27 04:00:30 But; possibly :) 2015-03-27 04:36:55 morphix was a build kits. 2015-03-27 04:37:12 looseled deb based, but made for making domain specific distros. 2015-03-27 04:37:18 *loosely 2015-03-27 04:37:55 http://www.morphix.org/ 2015-03-27 06:08:31 why sdl support is disabled for qemu? 2015-03-27 07:03:11 ziac: http://lists.alpinelinux.org/alpine-devel/4431.html 2015-03-27 07:04:09 someone asked to remove x11 deps from qemu for use on headless boxes 2015-03-27 07:04:33 the idea was to add qemu-gtk package for x86/x86_64 only 2015-03-27 07:04:44 and/or sdl 2015-03-27 07:05:15 i also talked with qemu devs and asked them to implement the qemu gui as plugin 2015-03-27 07:05:25 which they said will not happen til after they have migrated to sdl2 2015-03-27 07:08:06 Mo0O: I am not sure how we should do py3-* packages 2015-03-27 07:08:13 we have some alternatives 2015-03-27 07:08:43 1) keep python+python3 packages, and just add py3-* packages 2015-03-27 07:09:32 2) rename python to python2, rename python3 to python (ala arch linux) and rebuild all py-* against python 3 + add needed py2-* modules 2015-03-27 07:10:02 3) rename python to python2 and all py-* to py2-* and keep python3 + py3-* 2015-03-27 07:10:39 one of the things I want to avoid is having double set of APKBUILDs 2015-03-27 07:10:56 so i want avoid py2-foo apkbuild + py3-foo apkbuild 2015-03-27 07:11:15 we could have py-foo apkbuild whith 2 subpackages py2-foo and py3-foo 2015-03-27 07:11:34 and if you apk add py-foo you get both. this is what we do with lua5.1 + 5.2 2015-03-27 07:12:01 I am mostly intersted in whatever that causes less maintenance work 2015-03-27 07:12:21 and i would like something that helps us remove python2 support 2015-03-27 07:12:54 alternative 1 does that i think 2015-03-27 07:13:08 sorry alternative 2. 2015-03-27 07:13:19 alternative 1 makes upgrades easier 2015-03-27 07:13:28 but adds maintenance work 2015-03-27 07:16:11 ncopa: thanks, at-least now I know the reason 2015-03-27 07:16:59 so, if I want to enable sdl for qemu, the only way is to compile from source? 2015-03-27 07:18:03 ziac: currently yes 2015-03-27 07:18:15 you prefer sdl over gtk interface? 2015-03-27 07:18:20 also 2015-03-27 07:18:34 i wanted upgrade qemu, but there is one unresolved issue with musl libc 2015-03-27 07:18:39 which i dont know how to fix 2015-03-27 07:19:21 ncopa: I haven't used gtk interface for qemu, I don't know how it works 2015-03-27 07:19:23 i was thinking of do the -gtk subpackage together with upgrade 2015-03-27 07:19:35 ziac: i think its nicer than sdl 2015-03-27 07:19:56 I was using SPICE until now, but it's solw 2015-03-27 07:20:01 *slow! 2015-03-27 07:20:14 I'll look into gtk 2015-03-27 07:20:15 i use spice with a windows 7 vm 2015-03-27 07:20:24 how does it work? 2015-03-27 07:20:27 works good for me 2015-03-27 07:20:34 flawless more or less 2015-03-27 07:20:46 hmm, maybe I'm doing something wrong? 2015-03-27 07:20:46 i havent got the webcam working properly 2015-03-27 07:20:51 i have an i7 2015-03-27 07:21:12 ah, mine is i5 :P 2015-03-27 07:21:14 i use virt-manager 2015-03-27 07:21:20 i5 should be good enough 2015-03-27 07:21:33 also, install the spice driver in windows 2015-03-27 07:21:55 I've also used virt-manager until now 2015-03-27 07:22:03 my vm uses raw lvm partition 2015-03-27 07:22:16 spice driver, hmm, I haven't done that! 2015-03-27 07:22:19 and i have given windows 4GB ram (iirc) 2015-03-27 07:22:24 spice driver helps 2015-03-27 07:22:42 there is an io driver and there is gfx driver 2015-03-27 07:23:21 the only thing i am not 100% happy with is that virt-manager consumes *lots* memory 2015-03-27 07:23:55 yeah, that's why I'm thinking about switchilng from vrt-manager! 2015-03-27 07:24:21 on my i5 laptop i did use qemu-gtk once in a while 2015-03-27 07:24:31 ziac: also, make sure that you use kvm 2015-03-27 07:24:46 I use kvm alright! :) 2015-03-27 07:25:34 but, I've come to notice that gui-linux as guest is more slower that windows 2015-03-27 07:25:45 *than 2015-03-27 07:26:20 I was digging into it why that may be 2015-03-27 07:26:24 gui-linux? 2015-03-27 07:26:44 I mean linux os with all the gui stuffs 2015-03-27 07:27:32 could be 2015-03-27 07:27:39 I think the culprit is most likely Xserver 2015-03-27 07:32:27 anyways thanks ncopa 2015-03-27 07:36:53 https://bugs.alpinelinux.org/issues/3949 - Should there be any reason to why rust would not compile / run on alpine? How difficult should it be to add to aports? (I'm interested in porting rust-alpha to alpine) 2015-03-27 07:37:59 One thing I do know is that it uses glibc - not musl and may not play friendly with PIE for that factor. 2015-03-27 07:59:54 there's another thing that I cannot run virt-manager directly using .xinitrc, and if I try to start it from terminal, it throws a lot of errors 2015-03-27 08:21:29 DarkFox: only reason is not enought time... 2015-03-27 08:29:53 ncopa: A couple of day ago you mentioned you would like to see openjdk on armhf. How high up on the priority list is this? 2015-03-27 08:31:42 below apk xattr support 2015-03-27 08:32:54 we are upgrading parts of the alpine infra 2015-03-27 08:33:44 www, rsync, bugs, forums, etc will be down for an hour or so 2015-03-27 10:14:01 is there any other spice-client in alpine other than the default one? 2015-03-27 10:32:04 spicec can't send key combinations! 2015-03-27 10:59:12 why virt-viewer is not included in alpine repository? 2015-03-27 11:02:12 <_mjones> ziac: I use ssh or spice or vnc. 2015-03-27 11:02:22 <_mjones> ziac: what benefit does virt-viewer offer? 2015-03-27 11:02:56 but which spice client can I use on alpine? 2015-03-27 11:17:07 any ideas? 2015-03-27 11:33:10 <_mjones> ziac: good point. I don't run Alpine for virt-host yet. 2015-03-27 11:33:50 I see 2015-03-27 11:33:53 <_mjones> When I start VMs I call qemu-system directly, and I redirect a port for SSH, thus: 2015-03-27 11:34:26 <_mjones> qemu-system-x86_64 --enable-kvm -m 4096 \ -rtc base=utc -drive file=${DISKIMG} -netdev user,id=user.0 \ -device e1000,netdev=user.0 \ -redir tcp:23::22 \ 2015-03-27 11:35:03 <_mjones> then: ssh -p 23 localhost 2015-03-27 11:35:28 <_mjones> While SPICE and VNC both work well, I prefer to be able to cut-and-paste, and SSH is much better for that. 2015-03-27 11:36:05 <_mjones> Most people using Alpine for VM-host are using it for servers, and use other machines for clients, I think. 2015-03-27 11:36:48 <_mjones> I don't run X on my vm-servers (in general). I run VMs on laptops but the laptops are still running Debian and Mint for just now. 2015-03-27 11:37:26 yeah, that's the case for most alpine hosts 2015-03-27 11:38:19 but, I'm trying to run it stand alone and there I see I can't fing spice clients 2015-03-27 11:38:27 <_mjones> Alpine already has packages for spice client. 2015-03-27 11:38:35 the only one is spicec 2015-03-27 11:39:01 but I don't know how to send special key combinations with cpicec 2015-03-27 11:39:14 <_mjones> spice-client-0.12.5-r2 2015-03-27 11:39:18 eg. ctrl+alt+f1 2015-03-27 11:39:23 <_mjones> That's the only one I use. ;) 2015-03-27 11:39:44 yeah, but how do you send key combinations? 2015-03-27 11:39:52 <_mjones> I assumed keypresses like those would be passed through. 2015-03-27 11:39:58 <_mjones> Have you tried vnc also? 2015-03-27 11:40:14 vnc is too slow for my purpose! 2015-03-27 11:40:15 <_mjones> I do vastly prefer SSH for this though (for Linux VMs). 2015-03-27 11:40:23 <_mjones> ziac: oh. hmm. 2015-03-27 11:41:18 :'( 2015-03-27 11:42:23 <_mjones> While looking I happened to find a win32 spice client: http://vcl.drupal.ncsu.edu/help/connecting-vcl/installing-spice-client-for-windows 2015-03-27 11:44:07 <_mjones> Looks like ctrl-alt-del is mapped to crtrl-alt-ins, like VMware (IIRC) 2015-03-27 11:45:32 but, I tried that and it didn't work in alpine 2015-03-27 11:46:39 <_mjones> "Also, I found that with the windows client version 0.6.3, if you click on the top left corner with the spice icon you get the option to send Ctrl+Alt+Del Ctrl+Alt+End combination... well done here too..." 2015-03-27 11:47:41 it didn't work either! 2015-03-27 11:48:06 <_mjones> Yes, same for me. Maybe that means the win32 client. 2015-03-27 11:48:20 <_mjones> I don't know how to advise you. What needs ctrl-alt-f1? 2015-03-27 11:48:31 :D 2015-03-27 11:49:23 actually if I'm running a linux guest, it will have severe need! 2015-03-27 11:49:29 <_mjones> Can't do it from another machine, huh? 2015-03-27 11:49:37 <_mjones> oh! 2015-03-27 11:49:42 <_mjones> virt-consoles. 2015-03-27 11:49:48 <_mjones> I use tmux (like gnu screen). 2015-03-27 11:50:02 <_mjones> Are you familiar with that? 2015-03-27 11:50:54 <_mjones> install tmux and run it 2015-03-27 11:51:12 let me see. 2015-03-27 11:51:14 <_mjones> make new sessions with 'ctrl-B, c' 2015-03-27 11:51:27 <_mjones> rotate through sessions with 'ctrl-b, n' 2015-03-27 11:51:51 <_mjones> Very powerful. GNU Screen is older version, same except ctrl-A for hotkey instead of ctrl-b 2015-03-27 11:52:20 <_mjones> It takes a minute to become accustomed, but is very powerful. 2015-03-27 11:52:37 <_mjones> You can detach sessions, log out, and reattach them when you log back in. 2015-03-27 11:53:11 It seems interesting, thanks _mjones 2015-03-27 11:54:30 <_mjones> I find I can't cut-and-paste from spice or vnc, but if I ssh in and run tmux I can cut-and-paste, so I much prefer it. 2015-03-27 11:54:45 <_mjones> If you learn anything new about the other stuff, I wouldn't mind knowing. 2015-03-27 11:55:18 <_mjones> (it helps to have a tmux or screen cheat-sheet handy at first, but you'll use it a lot.) 2015-03-27 11:56:01 but, in the end, I'd love if ncopa and other developers consider adding more spice clients in alpine repository 2015-03-27 11:56:23 I'll try tmux on the go 2015-03-27 11:56:41 <_mjones> I don't know of any others for Linux, frankly. 2015-03-27 11:56:47 <_mjones> I didn't see one when I binged. 2015-03-27 11:57:43 why? remote-viewer is one 2015-03-27 11:58:40 I think virt-viewer works standalone too or maybe only with virt-manager? idk! 2015-03-27 11:58:47 <_mjones> That's part of virt-manager maybe? 2015-03-27 11:58:52 <_mjones> Yeah, I don't know. 2015-03-27 11:59:30 but, I don't see any virt-viewer package with virt-manager in alpine repository! 2015-03-27 11:59:47 so, my guess is it's different? 2015-03-27 12:05:55 <_mjones> I don't know. Might it be possible that it's part of virt-viewer package? 2015-03-27 12:06:18 apk info -L 2015-03-27 12:08:24 <_mjones> $ man apk No manual entry for apk 2015-03-27 13:24:00 ncopa: Not enough time as in to port to musl or simply lacking developer_count*available_hours/effort_required*compilation_hours ? :P 2015-03-27 13:25:40 there is also 'xpra' (screen for X) - works on windows / mac / bsd / android 2015-03-27 13:26:41 & linux 2015-03-27 13:27:01 + solaris 2015-03-27 13:29:13 ncopa: I was waiting for rust to download; now I'm making my attempt to build on an i5 (haven't attempted prior due to only working on an atom ...) 2015-03-27 13:29:41 forums are down 2015-03-27 13:29:43 I expect that it will build when I cover dependancies... but won't be musl/PIE safe. 2015-03-27 13:29:50 ncopa: bugs too 2015-03-27 13:29:55 i dont know if we bother bring them up again 2015-03-27 13:30:05 bugs login is broke yes 2015-03-27 13:30:08 ncopa: What? 2015-03-27 13:30:12 you can read them though 2015-03-27 13:30:23 I definatly can't access bugs. :) 2015-03-27 13:30:32 http://bugs.alpinelinux.org works here 2015-03-27 13:30:32 Okay; you can't with SSL 2015-03-27 13:30:39 https is bokre 2015-03-27 13:30:46 Right 2015-03-27 13:30:51 Forums require ssl? 2015-03-27 13:30:51 and thats out of my control 2015-03-27 13:30:59 :( 2015-03-27 13:31:11 no, but current forum was done in drupal 2015-03-27 13:31:17 Eh 2015-03-27 13:31:34 ACTION tempted to write one in lua and just make the forum an acf module... \o/ 2015-03-27 13:31:34 and we have cut out drupa for main site 2015-03-27 13:31:54 so if we do forum, we should probably use somthing else 2015-03-27 13:31:58 like fluxbb 2015-03-27 13:32:02 ^ LUA :P 2015-03-27 13:32:17 are there any forum software in lua? 2015-03-27 13:32:27 As for a serious suggestion : in rust if we write from scratch. 2015-03-27 13:32:42 *we* will not write anything from scratch 2015-03-27 13:32:54 ncopa: Possibly, haven't checked - I was just thinking along the theme of the alpine site being compiled from lua scripts and the acf being written in lua 2015-03-27 13:33:10 yup 2015-03-27 13:33:13 I was refering we as anyone interested; apparently not you :D 2015-03-27 13:33:24 too much other things to code before that... 2015-03-27 13:35:30 ACTION has a _semi_ large project that involves p2p decentralised platforms (namely no servers, just applications and protocols sharing the same transport and storage). A private message looks no different to reading an article (as far as the p2p network is concerned) 2015-03-27 13:35:46 Point: a forum type is a trivial application for that project. 2015-03-27 13:36:11 Design I have for that sub-section is kinda like influenced by reddit. 2015-03-27 13:36:31 First: I must get rust working... :D 2015-03-27 13:37:01 ncopa: Are you _the_ original creator of alpine? 2015-03-27 13:37:14 I see your name in a fair amount of the docs. 2015-03-27 13:37:32 i guess thats me yes 2015-03-27 13:37:45 Cool; nice to [virtually] meet you. 2015-03-27 13:38:27 nice to meet too you DarkFox :) 2015-03-27 13:38:36 ^,^ 2015-03-27 13:39:01 ACTION is on holidays now - so code time for the next 2 weeks. :D 2015-03-27 13:39:17 Combined with homework time - sadly.. But more code <3 2015-03-27 13:40:44 ACTION will either get rust in aports by the end of this holiday or have docs on the wiki for installing archlinux in an LXC (currently broken templates for that purpose) and maybe install and run rust in there... IF not - XEN! I will get rust :P 2015-03-27 13:41:11 At least; that is my plan 2015-03-27 13:52:58 ncopa: Is there anything that I should look out for or keep in mind while porting rust to alpine? 2015-03-27 13:53:18 Ex. musl related 2015-03-27 13:56:36 glibc extensions 2015-03-27 13:56:41 it normally just works 2015-03-27 13:58:12 So - if it just works I just need an APKBUILD containing the link to the alpha-src; ./configure and make ? (Or whatever other build steps required) Separate out doc and maybe other sections to subpackages ... 2015-03-27 13:59:58 Well; this is downloading at 100KiB/s and is only at 30% of one of the sections... I'm gonna call it a night. 2015-03-27 14:00:25 ncopa: Good luck with the infrastructure upgrades. Take care. o/ 2015-03-27 14:14:02 <_mjones> My guess would be that rust wouldn't be a big deal to package. 2015-03-27 14:14:42 <_mjones> mongodb and some other big things with lots of dependencies, though: different story. 2015-03-27 14:51:30 What's the difference between the standard and mini iso files? I take it that more packages are available on the standard, but will the same ammount of packages be installed as the base system? 2015-03-27 14:56:25 kkci: correct 2015-03-27 14:56:55 <_mjones> mini needs to pull more from the network. 2015-03-27 14:56:56 the standard iso are for like firewalls etc 2015-03-27 14:57:01 correct 2015-03-27 14:57:11 What practical advantage does this have? To me it seems that it would only save the user downloading the extra packages? It would most likely be updated (and thus downloaded) anyway 2015-03-27 14:57:21 it is if you run diskless 2015-03-27 14:57:46 then you have more packages offline from start 2015-03-27 14:57:49 thats the only difference 2015-03-27 14:58:01 and it might save you if you get problems with apk cache 2015-03-27 14:58:26 I see. That might actually be useful for me. I plan on using it as a file server. I could do it without a drive for the operating system then 2015-03-27 14:58:46 yup 2015-03-27 14:59:06 Cool, thanks guys! 2015-03-27 14:59:10 <_mjones> @ncopa: what timezone are you in usually? 2015-03-27 14:59:27 Europe/Oslo 2015-03-27 16:27:30 setup-disk exits with an ERROR: unsatisfiable constraints: \ 2015-03-27 16:27:42 .setup-apkrepos (missing) 2015-03-27 16:28:04 required by: world[.setup-apkrepos] 2015-03-27 16:28:24 any thought on how that may be?? 2015-03-27 16:32:00 <_mjones> 3.1.3? mini iso or regular? 2015-03-27 16:32:24 regular 3.1.3 2015-03-27 16:34:17 <_mjones> it's looking for a package that isn't in the manifest. 2015-03-27 16:34:42 <_mjones> But why setup would do that. Try again with different options (.e.g dropbear instead of openssh, maybe, like that) 2015-03-27 16:36:14 <_mjones> Well it's looking for setup-apkrepos 2015-03-27 16:37:31 <_mjones> Guessing: slightly corrupt media? Alpine doesn't have an option to test its own media or do a memtest86+ 2015-03-27 16:42:17 I'm executing '#setup-disk /mnt' 2015-03-27 16:42:42 <_mjones> it's trying to run ".setup-apkrepos"; maybe that should be "setup-apkrepos" 2015-03-27 16:43:34 <_mjones> ziac: let me book another vm here and try it..... 2015-03-27 16:43:38 yeah, but I can't find anything related to 'setup-apkrepos' or '.setup-apkrepos' inside the script! 2015-03-27 16:44:13 The media is probably not crrupted 2015-03-27 16:44:25 /sbin/setup-apkrepos is part of alpine-conf 2015-03-27 16:44:30 I checked the checksum 2015-03-27 16:47:06 <_mjones> You can just run "setup-alpine" and it will let you do a sys, disk or diskless install. 2015-03-27 16:47:18 <_mjones> You don't need to run "setup-disk" specifically. 2015-03-27 16:47:27 <_mjones> I'm checking it though. 2015-03-27 16:47:42 actually I'm trying to do custom partitioning! 2015-03-27 16:47:43 <_mjones> You're running this from the 3.1.3 livecd or from an existing install? 2015-03-27 16:47:54 <_mjones> I see. 2015-03-27 16:48:09 no, from livecd, trying to install it into hd 2015-03-27 16:48:20 with custom partitioning 2015-03-27 16:49:02 <_mjones> Then how can you be installing to /mnt if it's not already got a filesystem on it? 2015-03-27 16:49:51 I have created the partitions and file systems on them and finally mounted root filesystem on /mnt 2015-03-27 16:49:54 custom installations http://it-offshore.co.uk/linux/21-linux/alpine-linux/25-alpine-linux-luks-encrypted-installations - lvm or luks or lvm on luks 2015-03-27 16:49:57 <_mjones> ok. 2015-03-27 16:50:28 <_mjones> or >2GB apparently. 2015-03-27 16:50:37 <_mjones> s/2GB/2TB/ 2015-03-27 16:51:43 <_mjones> what was that link again B1t? 2015-03-27 16:51:58 http://it-offshore.co.uk/linux/21-linux/alpine-linux/25-alpine-linux-luks-encrypted-installations 2015-03-27 16:52:20 i also added a link to the lvm on luks page on the wiki for future reference 2015-03-27 16:54:52 what is the partition layout for that script? 2015-03-27 16:55:18 you choose 2015-03-27 16:55:36 <_mjones> Normally sda1 is /boot, sda2 is swap, and sda3 is / 2015-03-27 16:55:54 any customization is available? 2015-03-27 16:56:19 you create as you wish - there is no set format 2015-03-27 16:57:06 vda = kvm with virtio drivers 2015-03-27 16:57:54 <_mjones> Hold on, I'm setting up a test case with fdisk. 2015-03-27 16:58:08 <_mjones> I don't do this very often by hand. It's hilarious. 2015-03-27 17:02:23 <_mjones> Not the partitioning, but the x86-specific stuff. primary and extended partitions. It's like the 1980s all over again. 2015-03-27 17:02:36 <_mjones> damnit, livecd busybox doesn't have mkfs.ext4 :( 2015-03-27 17:03:03 apk add e2fsprogs 2015-03-27 17:03:20 <_mjones> I can do that on live? eh. 2015-03-27 17:03:32 yes 2015-03-27 17:03:33 <_mjones> So one can. 2015-03-27 17:04:10 it's essentially running from ram when live! 2015-03-27 17:04:37 <_mjones> yerp. 2015-03-27 17:04:50 <_mjones> ayuh, so I have /dev/sda3 on /mnt, formatted 2015-03-27 17:05:05 <_mjones> /dev/sda1 on /mnt/boot, formatted. Same as you, right, ziac? 2015-03-27 17:05:26 yup! 2015-03-27 17:05:57 then sda2 as pv for lvm vg 2015-03-27 17:06:12 <_mjones> I didn't do lvm. I don't give lvm too much love. 2015-03-27 17:06:26 <_mjones> Used to do all my thin provisioning on the arrays. ;) 2015-03-27 17:06:36 <_mjones> anyway, it worked with no problem without lvm. 2015-03-27 17:06:48 really? 2015-03-27 17:07:18 what is your partition layout again? 2015-03-27 17:07:19 <_mjones> yeah, no error. Progress bar. OS seems to be layed down ok. I haven't booted it yet. 2015-03-27 17:07:39 <_mjones> /boot on sda1, swap on sda2, / on sda3 (also Alpine default) 2015-03-27 17:08:06 <_mjones> it says I may need to twiddle the MBR, but I think fdisk handled that when I marked sda1 bootable. 2015-03-27 17:08:09 <_mjones> Let's find out. 2015-03-27 17:08:44 <_mjones> Yeah, nope. 2015-03-27 17:08:55 <_mjones> otoh, I have SeaBIOS now. I thought I had installed that a long time ago. 2015-03-27 17:09:56 ~brb~dinner~ 2015-03-27 17:11:41 <_mjones> marvelously unintuitive -boot syntax in qemu. "-boot=cd" doesn't mean boot the cdrom, it means boot the first hard disk then the cdrom. 2015-03-27 17:12:08 <_mjones> Anyone know the linux command to lay down an MBR? 2015-03-27 17:15:52 dd bs=440 count=1 conv=notrunc if=$MNT/usr/share/syslinux/mbr.bin of=/dev/sda 2015-03-27 17:21:26 <_mjones> Bit: muchos gracias. 2015-03-27 17:21:45 <_mjones> I'd hate to walks someone through that on chat or voice. 2015-03-27 17:22:08 <_mjones> Anyway, my fresh install of 3.1.3 on handmade partitions works fine. 2015-03-27 17:22:50 <_mjones> I didn't use lvm though. I wonder if I can get ziac to do it without lvm. 2015-03-27 17:26:15 <_mjones> The installer probably needs to handle luks and lvm and whatnot, very soon, though. 2015-03-27 17:27:35 i patched the installer to support luks 2015-03-27 17:27:55 http://it-offshore.co.uk/downloads/setup-disk.new 2015-03-27 17:28:05 & lvm on luks 2015-03-27 17:28:20 <_mjones> I saw; any interest from upstream? 2015-03-27 17:28:28 for multiple luks partitions it gives the option to create keys for auto mounting 2015-03-27 17:29:12 not so far - but it works without issue 2015-03-27 17:29:43 <_mjones> I feel that the default installer needs to have that functionality, soon. 2015-03-27 17:30:30 please test it - I've tested it a lot & it s/be bug free now 2015-03-27 17:31:24 ~back~ 2015-03-27 17:31:31 thanks _mjones 2015-03-27 17:31:51 I think I'll try it without lvm if that works 2015-03-27 17:32:24 BitLOG1c: I'll give your modified script a try later! 2015-03-27 17:32:31 <_mjones> BitL0G1c: I guess I should. I usually only do LUKS on laptops, and I don't think I have any spare hardware. 2015-03-27 17:32:49 ;-) 2015-03-27 17:32:57 <_mjones> I do have a 256GB msata samsung I got a few months ago that I haven't bother to use yet, in the t420. 2015-03-27 17:33:32 <_mjones> As nice as SSD is, you don't notice spinning-rust access times nearly so much when you have gobs of ram. 2015-03-27 17:34:06 <_mjones> ram is always the answer. 2015-03-27 17:34:50 <_mjones> I was going to put a freebsd 10.1 install on the msata actually, but hadn't gotten 'round to it. 2015-03-27 17:35:04 "mandos" needs to be ported eventually to manage booting luks encrypted machines 2015-03-27 17:35:29 <_mjones> I don't know that one. 2015-03-27 17:35:36 <_mjones> Someone told me about this last night: http://rancher.com/rancher-os/ 2015-03-27 17:35:58 <_mjones> "n RancherOS, the Docker daemon runs as PID 1, the first process the kernel starts. We call this instance of Docker “System Docker,” as it is responsible for initiating system services, such as udev, DHCP and the console. System Docker takes the place of the init system, such as sysvinit or systemd, in other Linux distributions. System Docker manages all of the system services as Docker containers." 2015-03-27 17:37:11 <_mjones> "At 20MB, RancherOS is two orders of magnitude smaller than a typical Linux distribution, and an order of magnitude smaller than even other minimalist Linux distributions. Small distribution results in smaller trusted code base and better security. RancherOS achieves minimal size because it runs everything as Docker containers." 2015-03-27 17:37:32 <_mjones> The thing is, ~100mb of the ~256mb default Alpine install is loadable kernel modules. 2015-03-27 17:37:48 alpine lxc is 5 meg or so - & persistence is easier than in docker 2015-03-27 17:38:01 <_mjones> Are they counting only userland in the 20mb, or running only virtio drivers?! 2015-03-27 17:39:18 <_mjones> Yeah, I understand the value-add of docker, but I think lxc itself is likely the way to go, especially for production. 2015-03-27 17:39:47 dockers don't persist by default 2015-03-27 17:41:00 <_mjones> persist in which way? 2015-03-27 17:41:16 <_mjones> I haven't done much of anything with docker. 2015-03-27 17:41:54 when a docker container is destroyed - it resets to it's initial state 2015-03-27 17:42:02 <_mjones> AFAIK, it's just union filesystem and healthy repos on top of LXC, with some other cgroups settings by default. 2015-03-27 17:42:17 yes - with no persistence 2015-03-27 17:42:49 <_mjones> By destoyred you mean terminated, and by persistence you mean on-storage persistence. I see. 2015-03-27 17:43:22 <_mjones> Just like loading VMs from an image store and not using any block storage. 2015-03-27 17:43:23 yes http://stackoverflow.com/questions/18496940/how-to-deal-with-persistent-storage-e-g-databases-in-docker 2015-03-27 17:43:28 yes 2015-03-27 17:43:51 <_mjones> You have to persist outside the container, just like if you're loading AMIs into EC2 and not attaching any EBS volume, like in the beginning. 2015-03-27 17:44:19 ncopa: ok so, if I understand we just make subpackage named p3-* in py-* APKBUILD, I think it's a good solution 2015-03-27 17:44:52 <_mjones> Mo0O: actually the names are python3-* 2015-03-27 17:45:04 <_mjones> If I understand you correctly. 2015-03-27 17:46:18 _mjones: which package|sub-package is named like that, I can't find an example 2015-03-27 17:47:18 there's uwsgi-python3-2.0.9-r1, which imho is wrongly named, not? 2015-03-27 17:52:14 <_mjones> Mo0O: no, that one seems fine. 2015-03-27 17:52:17 <_mjones> # apk search python3 python3-3.4.2-r0 python3-dev-3.4.2-r0 python3-tests-3.4.2-r0 python3-doc-3.4.2-r0 python3-3.4.2-r0 uwsgi-python3-2.0.9-r1 python3-3.4.2-r0 2015-03-27 17:53:06 <_mjones> the whole rancheros iso is 20MB. I'm going to mount it and see what's up with this kernel. 2015-03-27 17:55:44 <_mjones> 17mb initrd. No discrete LKMs. Not sure what's going on, there. 2015-03-27 17:56:41 _mjones: python3-* are python3 subpackage, like python-* are python2 subpackage, py-* are python2 modules -like py-lxml-, my question is related to python3 modules not python3 subpackage ;) 2015-03-27 17:59:46 uwsgi is an "exception" imho, because it's a plugin for uwgsi more than a python module, correct me if I'm wrong 2015-03-27 18:00:13 s/uwsgi/uwsgi-python3/ 2015-03-27 18:01:58 <_mjones> I see. I don't know about the modules, either. 2015-03-27 18:02:26 <_mjones> Some or many of them might work with python3 as well as python2? 2015-03-27 18:03:21 yes, they just need to be installed with `python3 setup.py install` 2015-03-27 18:03:39 nor than `python setup.py install` 2015-03-27 18:04:01 <_mjones> ziac: with my hand-installed 3.1.3, I have a /etc/apk/repositories without any hostnames in it. 2015-03-27 18:04:14 <_mjones> ziac: easy enough to fix if you know what goes in there, but still. Interesting. 2015-03-27 18:04:37 <_mjones> Mo0O: but then it comes out of language repos instead of distro repos. Sigh. 2015-03-27 18:05:39 <_mjones> Mo0O: this is problematic for reasons of conflict, consistency, repeatability, and support 2015-03-27 18:05:43 _mjones: for pure python module yes 2015-03-27 18:08:05 ncopa: let me know when we find a good naming convention, after that we could update the wiki http://wiki.alpinelinux.org/wiki/APKBUILD_examples:Python 2015-03-27 18:08:07 thanks 2015-03-27 18:11:29 _mjones: maybe I can just copy it from livecd? 2015-03-27 18:12:04 <_mjones> ziac: yes! 2015-03-27 18:12:54 <_mjones> is setup-apkrepositories the last step? if so we never had to worry about it. 2015-03-27 18:16:16 setup-interfaces && setup-apkrepos 2015-03-27 18:17:14 & maybe ifup eth0 2015-03-27 18:17:27 then setup-apkrepos 2015-03-27 18:17:52 BitLOG1c: think somebody should do a walk-through? 2015-03-27 18:18:42 <_mjones> if you type setup- and it tab it will show you all of the options. 2015-03-27 18:18:52 <_mjones> run any of those that you need. 2015-03-27 18:19:16 <_mjones> probably setup-hostname, setup-ssh as well. they can be run any time. 2015-03-27 18:20:24 the lvm on luks wiki page shows you how to do everything manually - most of it applies to a custom LVM installation 2015-03-27 18:21:10 the scripts make it a lot easier - just watch the video - it takes just under 3 minutes to get everything created & mounted 2015-03-27 18:21:36 just skip the LUKS if you only want lvm 2015-03-27 18:21:56 <_mjones> Quite straightforward when you have the right info. 2015-03-27 18:22:33 <_mjones> Albeit a bit old-fashioned to do it this way in 2015, compared to huge polished ubuntu installers. 2015-03-27 18:23:05 I got a bit fed up of doing it all manually - so I wrote setup-lvm 2015-03-27 18:32:46 <_mjones> you know I'm seeing similar errors to ziac. All correctable. 2015-03-27 19:55:25 _mjones: I get boot failed when trying to boot from the hdd, any idea? 2015-03-27 19:57:26 <_mjones> yeah I had to dd the bootblock on, with help from BitL0G1c 2015-03-27 19:57:48 <_mjones> dd bs=440 count=1 conv=notrunc if=$MNT/usr/share/syslinux/mbr.bin of=/dev/sda 2015-03-27 19:58:07 <_mjones> boot from livecd. mount / again on sda3, then 2015-03-27 19:58:15 <_mjones> dd bs=440 count=1 conv=notrunc if=/mnt/usr/share/syslinux/mbr.bin of=/dev/sda 2015-03-27 20:01:15 I did that but still can't boot! 2015-03-27 20:02:49 _mjones: did you set /dev/sda1 to active partition anywhere along the way? 2015-03-27 20:03:02 make sure you marked sda1 as bootable 2015-03-27 20:03:37 BitLOG1c: how do I do that specifically? 2015-03-27 20:04:01 fdisk /dev/sda 2015-03-27 20:04:05 a 2015-03-27 20:04:07 1 2015-03-27 20:04:34 w 2015-03-27 20:05:10 bat tell me, fdisk comes after the kernel has been loaded, right? but here the booting fails even before that! 2015-03-27 20:06:03 no - you are just marking the first partition as bootable 2015-03-27 20:07:18 if fdisk /dev/sda does not show a "*" in the boot column next to /dev/sda1 - this is your problem 2015-03-27 20:28:35 <_mjones> ziac: it will work as Bit says, I tested on brand new vm. 2015-03-27 20:48:03 _mjones, BitL0G1c: I feel like a complete idiot! I was trying to write the mbr on GPT partition table! :0 2015-03-27 20:49:12 anyways, I'll go rest for today, been working on this for 7 hours or so......... 2015-03-27 20:49:36 bye guys :) 2015-03-27 20:50:07 and thanks a bunch for everything! :D 2015-03-27 20:50:17 ;-) np 2015-03-27 20:51:17 <_mjones> that's right, you're gpt. 2015-03-28 01:48:03 Is there any reason that alpine still uses the _older_ PT_PAX instead of the newer XATTR_PAX and to why we only have paxctl and not paxctl-ng and revdep-pax 2015-03-28 01:48:09 ? 2015-03-28 01:57:47 XATTR_PAX *WILL* eventually replace PT_PAX entirely. 2015-03-28 01:58:01 > According to https://wiki.gentoo.org/wiki/Hardened/PaX_flag_migration_from_PT_PAX_to_XATTR_PAX 2015-03-28 02:27:09 #linux-grsec 2015-03-28 02:27:22 ^ Ignore that; was looking for channels 2015-03-28 02:27:42 oh a couple other questions i had 2015-03-28 02:28:02 why is alpine using sha512 instead of bcrypt, and why /etc/shadow instead of tcb shadow? :) 2015-03-28 04:39:40 ncopa: Update: I can't get rust to compile on alpine (build fails at llvm-git, possible musl patches required?), nightly builds don't work (glibc, in a chroot with archlinux packages; same deal for archlinux's copy of rust's package) due to not supportin the now legacy pax via ELF headers - it conflicts as it depends on the GNU headers that PAX replaces. 2015-03-28 04:39:48 :( 2015-03-28 04:41:03 DarkFox, we are hoping to migrate to xattr pax flagging in few weeks time 2015-03-28 04:42:09 fabled: Awesome. That should *REALLY* help. I do however, doubt that rust will work with musl; is a glibc chroot the only solution for this issue? 2015-03-28 04:42:44 (Other than porting as required to musl) 2015-03-28 04:43:00 dunno. it might require some fixing. 2015-03-28 04:43:19 we have llvm patches for musl; to get correct ld.so name 2015-03-28 04:44:17 does it need llvm-git? could you not use system llvm? 2015-03-28 04:45:14 rust-git installs everything that it needs; using the newest versions that it can get - it will attempt for llvm-git; I'm not sure how easy it is to tell it to use system... Possibly an easy option - possibly lots of editing... 2015-03-28 04:45:23 I can only hope for the former ;-) 2015-03-28 04:47:04 http://git.alpinelinux.org/cgit/aports/tree/main/llvm 2015-03-28 04:47:51 ^^ for llvm patches. they are not too intrusive, but are very essential to get anything building, or producing working stuff 2015-03-28 04:49:55 + if (1 /*!T.isGlibc()*/) { 2015-03-28 04:49:56 Heh 2015-03-28 04:50:10 I don't think it is very portable to just skip if's :D 2015-03-28 04:51:11 These patches look small but tedious. 2015-03-28 04:51:23 yes 2015-03-28 04:51:41 oh, and there's at least one bug in them now that i look them over again 2015-03-28 04:51:44 arm related 2015-03-28 04:52:00 i think llvm thinks we are glibc... 2015-03-28 04:52:34 oh 2015-03-28 04:52:35 no 2015-03-28 04:52:37 now i remember 2015-03-28 04:52:41 :) 2015-03-28 04:52:41 they just check linux 2015-03-28 04:52:48 while they should check for glibc 2015-03-28 04:52:57 i added that !T.isGlibc() as comment 2015-03-28 04:52:59 it should be that 2015-03-28 04:53:05 but that function does not exist 2015-03-28 04:53:32 Right 2015-03-28 04:53:48 good morning! 2015-03-28 04:53:51 I also read it the way that you did :D 2015-03-28 04:53:57 Evening Anaphaxeton 2015-03-28 04:54:07 it is a globe indeed :D 2015-03-28 04:55:02 i have a fresh raspi SD. boots fine (i know) 2015-03-28 04:55:16 the problem is that i cannor access it 2015-03-28 04:55:19 You know... What? 2015-03-28 04:55:31 it needs network kai ssh 2015-03-28 04:55:43 or serial console which atm i dont have 2015-03-28 04:55:56 You don't have HDMI ? 2015-03-28 04:56:13 DarkFox, i plugged my monitor and saw it at getty 2015-03-28 04:56:18 so all is fine 2015-03-28 04:56:26 but i dont have input 2015-03-28 04:57:03 my special keyb is recognised by everything but the linux kernel 2015-03-28 04:57:13 I have an alpine SD for my pi too. Fine indeed; pitty it has only 256MiB ram (Model B; ethernet + 256MiB; not to be mistakened with the B+ with 512MiB) 2015-03-28 04:57:56 Anaphaxeton: Looks like you need to play with some drivers :D 2015-03-28 04:58:08 so i need to modify the SD on my PC 2015-03-28 04:58:39 as i said i need an ip and ssh 2015-03-28 04:59:25 where do i start from 2015-03-28 04:59:30 the initramfs? 2015-03-28 04:59:53 You can start in many places... What install mode are you using? 2015-03-28 04:59:56 Is this the livecd? 2015-03-28 05:00:23 Anaphaxeton, maybe take my overlay from http://wiki.alpinelinux.org/wiki/RPI_Video_Receiver ? 2015-03-28 05:00:25 it enables ssh 2015-03-28 05:00:48 i am using the image which i untared 2015-03-28 05:02:17 RPI Video Receiver 2015-03-28 05:02:35 enables everything i need and a copy suffices :D 2015-03-28 05:02:36 Anaphaxeton: Looks like you are at fabled 's step 3 now. 2015-03-28 05:02:45 yes 2015-03-28 05:02:58 i believe i will soon access my pi :D 2015-03-28 05:03:22 :D 2015-03-28 05:04:03 ~tteras? are you greek maybe fabled ? 2015-03-28 05:04:18 no. i am not a monster ;) 2015-03-28 05:04:25 from finland 2015-03-28 05:04:51 (teras apparently means monster in greek?) 2015-03-28 05:04:52 he 2015-03-28 05:04:56 nice to meet you all 2015-03-28 05:05:05 i am greek and i fear terata 2015-03-28 05:05:07 ACTION o/ 2015-03-28 05:05:45 ACTION 's name in greek = Dimitri (If I'm not mistakened) 2015-03-28 05:06:17 James, Dmitri? 2015-03-28 05:06:21 That :P 2015-03-28 05:06:29 1 or 2 2015-03-28 05:06:40 English, greek. 2015-03-28 05:07:07 ACTION is not greek; however, a greek friend translated the name :P 2015-03-28 05:07:35 Dmitri is slavic Dimitris is ordinary greek. Dimitrios is the real name 2015-03-28 05:07:46 anyway 2015-03-28 05:07:50 o.0 2015-03-28 05:07:58 Sounds cooler :D 2015-03-28 05:08:01 back to cold blooded artificially named machines 2015-03-28 05:08:14 like my name 2015-03-28 05:08:16 George 2015-03-28 05:08:19 Georgios 2015-03-28 05:08:37 means "of the land" 2015-03-28 05:08:41 Anaphaxeton: Good luck with the pi. Which model you happen to have, may I ask? 2015-03-28 05:08:54 of course you may 2015-03-28 05:09:04 it is a gift and i think it is B 2015-03-28 05:09:20 So... Ethernet and 256MiB of ram? 2015-03-28 05:09:23 yes 2015-03-28 05:09:33 We both fell unlucky there. :P 2015-03-28 05:09:40 (B vs B+ successor) 2015-03-28 05:09:48 i took a look at the chips datasheet 2015-03-28 05:09:54 it doesnt look awful 2015-03-28 05:10:31 whats more in B+ ? 2015-03-28 05:11:06 ACTION wonders what Anaphaxeton thinks of the "USB armory", "Pi2", and ... others... Overo (Gustix) 2015-03-28 05:11:10 GumStix* 2015-03-28 05:11:16 Anaphaxeton: B+ has 512MiB ram 2015-03-28 05:11:21 i envy gumstix 2015-03-28 05:11:25 A has no ethernet and has 512MiB ram. 2015-03-28 05:11:33 pi2 i recently found out it exists 2015-03-28 05:11:41 never heard of the 1st 2015-03-28 05:11:52 B eth and 256; B+ eth and 512. pi2 eth and 1G and quad core 900Mhz 2015-03-28 05:12:05 which it badly needed..... 2015-03-28 05:12:07 A and B are the "first" 2015-03-28 05:12:12 price? 2015-03-28 05:12:17 for the pi2? 2015-03-28 05:12:19 Not sure 2015-03-28 05:12:34 but gumstix is the next level 2015-03-28 05:12:35 You'd have to check their site. 2015-03-28 05:13:20 Gumstix - I WANT; usb armory is also very nice - "secure" hardware tiny and is literally a USB computer (not just usb-sized as the gumstix) 2015-03-28 05:13:39 The gumstix has radios.... Kinda really crazy :D 2015-03-28 05:13:54 i love it 2015-03-28 05:14:04 but i am a begginer 2015-03-28 05:14:16 gumstix doesnt look like that 2015-03-28 05:15:01 ACTION thinks if he had the gumstix; then he would use it as a wireless and portable gpg wallet :P 2015-03-28 05:15:03 and it costs... 2015-03-28 05:15:16 Or at least for cryptography.. 2015-03-28 05:15:21 feasible 2015-03-28 05:15:57 ok i applied fabled's tarball 2015-03-28 05:15:59 Tiny enclosure and a little GPIO and you can do some basic authentication too. :P 2015-03-28 05:16:26 Anaphaxeton: SSH working as expected? :) 2015-03-28 05:16:36 my next google (after the price of pi2) is the GPIO of NM10 2015-03-28 05:16:38 If you don't know it's IP... Just nmap localnet :P 2015-03-28 05:16:49 NM10? 2015-03-28 05:17:14 probably. no avahi 2015-03-28 05:17:34 NM10 is the typcal chip of nan Atom mobo 2015-03-28 05:17:40 Or if you have DHCP and associated DNS; you could ping it's hostname :) 2015-03-28 05:17:57 or see the lease list 2015-03-28 05:18:01 lets see 2015-03-28 05:18:37 ncopa, hey 2015-03-28 05:19:06 hi dalias 2015-03-28 05:19:12 Anaphaxeton: http://opencores.org/ - might interest you to see some GPL licensed processors 2015-03-28 05:19:12 somehow i lost access to my bugtracker account, but i have a small bug report 2015-03-28 05:19:16 you are one reason i am here :p 2015-03-28 05:19:43 DarkFox, i donated for openrisc! 2015-03-28 05:20:05 Anaphaxeton: :O 2015-03-28 05:20:16 Anaphaxeton: I will one day - do the same :P 2015-03-28 05:20:25 they still accept? 2015-03-28 05:20:26 :( 2015-03-28 05:20:49 i want the ASIC L( 2015-03-28 05:20:53 :( 2015-03-28 05:21:01 (too much sadness lol) 2015-03-28 05:21:05 Anaphaxeton: Yea they do. 2015-03-28 05:21:17 http://opencores.org/donation 2015-03-28 05:21:45 Sadly; you can't visually see the progress bar... kinda broken there - you can set a background colour on it manually... It is 40-something % 2015-03-28 05:21:54 45.484% 2015-03-28 05:22:16 > Not even 50% D: 2015-03-28 05:22:31 i wish i had a lot of money 2015-03-28 05:22:41 and sponsor the right projects 2015-03-28 05:22:45 but 2015-03-28 05:22:51 Would be amazing indeed 2015-03-28 05:22:56 we have mips 2015-03-28 05:23:09 and above all we have opensparc 2015-03-28 05:23:30 My honest view - Intel should donate at least half a million dollars to opencores.org's openrisc/asic project 2015-03-28 05:23:42 i think they dont back it because it is GPLed 2015-03-28 05:23:45 s/view/opinion/ 2015-03-28 05:24:02 and wht should they dig their grave? 2015-03-28 05:24:30 I generally avoid GPL; but this is damn expensive process to make hardware - kinda want those efforts kept open as possible. *I accept GPL for hardware; preferr BSD for software anyday however. 2015-03-28 05:24:59 Anaphaxeton: Not dig their grave; it is simply external research that is worth funding regardless on competition. 2015-03-28 05:25:09 M$ has worked with and for the Linux kernel's advancements. 2015-03-28 05:26:02 Helping competition that doesn't seek financial gain is just redistribution of knowldge and improves well... everything. 2015-03-28 05:26:19 Killing Intel... Good luck with that... 2015-03-28 05:26:24 i didnt know the later 2015-03-28 05:26:49 Which latter M$ work for Linux? 2015-03-28 05:27:06 i am a GLPv3 for software and GPLv2 for silicon 2015-03-28 05:27:10 yes 2015-03-28 05:27:14 that one 2015-03-28 05:27:30 IIRC; it was related to vitualisation to improve performance for windows hosts or guests. 2015-03-28 05:27:46 Or for standardizing efforts as a collaboration 2015-03-28 05:27:58 Something along the lines 2015-03-28 05:28:17 oh and if i ever produce virtual silicon i will release it as GPLv3. so that it be impossibe to turn into solicon :D 2015-03-28 05:28:36 sounds good whatever it was 2015-03-28 05:29:05 Again.. Intel -> community request to donate half a million to opencores? :D 2015-03-28 05:29:19 Avaaz? 2015-03-28 05:29:31 What? 2015-03-28 05:29:51 international internet activist group 2015-03-28 05:30:05 they have made quite some achievements 2015-03-28 05:30:09 That sounds interesting 2015-03-28 05:30:25 Why haven't I heard of this group... o.0 2015-03-28 05:31:09 every week or so they save some individual or make companies compensate for dead workers etc 2015-03-28 05:31:18 also climate 2015-03-28 05:31:23 well everything 2015-03-28 05:31:39 (i dont back them for the climate but that is a different atory) 2015-03-28 05:32:17 the thing is thet CAN go to intel and say uoi know 2.5 million people want you to donate opencores 2015-03-28 05:32:52 Indeed 2015-03-28 05:33:13 It does help to raise awareness and proove interest in a subject matter 2015-03-28 05:33:44 ACTION personally won't back anything directly on such service; but do approve of it's existance. 2015-03-28 05:33:59 change.org is one that I am more familiar with; same deal as ^ 2015-03-28 05:34:39 This group is however, much more international than change.org 2015-03-28 05:34:53 And this is inheritly offtopic. :) 2015-03-28 05:34:56 Anaphaxeton: /query? :D 2015-03-28 05:35:15 do it :) 2015-03-28 05:35:41 what is the default pass for rpi? 2015-03-28 05:36:06 Anaphaxeton: fabled said it was rpi 2015-03-28 05:36:11 user was root 2015-03-28 05:36:19 This is in that wiki document 2015-03-28 05:36:42 and yes i am logged into my alpine-pi 2015-03-28 05:36:43 :D 2015-03-28 05:37:15 :) 2015-03-28 08:21:21 alpine xfce desktop freezes after startx command, no keyboard or mouse seems to work! 2015-03-28 08:25:46 well, not only xfce, xdm also freezes. maybe problem with the video driver? 2015-03-28 08:26:18 I'm using xf86-video-intel 2015-03-28 12:00:48 morning 2015-03-28 14:45:29 Jean-Scotch: i added nbd, let me know if it needs work. 2015-03-28 17:12:51 /lib/modules/3.14.30-0-rpi/kernel/drivers/ata/*.ko: No such file or directory. Skipped 2015-03-28 17:12:51 /lib/modules/3.14.30-0-rpi/kernel/drivers/block/loop.ko: No such file or directory. Skipped 2015-03-28 17:12:54 etc etc 2015-03-28 17:12:56 why? 2015-03-28 17:13:13 i suppose theyreside in the initramfs 2015-03-28 17:13:34 but shouldnt they be in the modules fit at the same time? 2015-03-28 17:13:48 dir 2015-03-28 17:13:51 * 2015-03-28 20:41:45 *sigh* bugs.alpinelinux.org is not responding to my password-reset requests 2015-03-28 20:42:31 <_mjones> Known issue, I think. Big problem yesterday morning (U.S. time). 2015-03-28 20:43:01 <_mjones> afaik it's probably waiting until monday for a fix. 2015-03-28 20:43:39 oh? is the inability to login also caused by this? 2015-03-28 20:43:48 i thought i knew my password but it's not working so i tried to reset 2015-03-28 20:44:26 <_mjones> I'm under the impression that your inability to login is probably related to this, yes. 2015-03-28 20:44:31 ah ok 2015-03-28 20:50:04 <_mjones> Hopefully I'm not conflating different things. ncopa was talking about needing host key reset, iirc, and about the bugtracker. 2015-03-29 00:37:52 how to search a packages? cat /etc/apk/repositories => http://dl-4.alpinelinux.org/alpine/v3.1/main && apk search iojs => WARNING: Ignoring APKINDEX.689bb31a.tar.gz: No such file or directory 2015-03-29 00:38:22 i am interested in io.js and would be happy to create one if it's not available already. 2015-03-29 00:39:02 i am currently running alpine in a container (docker run --rm -it alpine sh) 2015-03-29 00:41:34 maybe try "apk update" first 2015-03-29 00:56:17 <_mjones> iojs runs already. 2015-03-29 00:56:23 <_mjones> I compiled it the other day.. 2015-03-29 00:57:48 <_mjones> iojs is in the 'testing' repository. You can enable that in your /etc/apk/repositories file. 2015-03-29 01:06:23 NaNDude: let me try 2015-03-29 01:06:30 _mjones: sweet! 2015-03-29 01:10:00 <_mjones> owen1: if you encounter any trouble let me know. It should be very straightforward. 2015-03-29 01:10:27 _mjones: apk add cherokee --update-cache --repository http://dl-4.alpinelinux.org/alpine/edge/testing/ --allow-untrusted => ERROR: unsatisfiable constraints: so:libavcodec.so.56 (missing): 2015-03-29 01:10:47 <_mjones> Are you running edge or 3.1.x? 2015-03-29 01:11:18 <_mjones> ACTION doesn't know if iojs is in 3.1/testing, and is checking 2015-03-29 01:11:23 _mjones: FROM alpine:3.1 2015-03-29 01:11:54 <_mjones> ok, so there is no testing repo for 3.1. 2015-03-29 01:12:13 <_mjones> You'll need to change to edge (like beta) Alpine to install iojs from repos. 2015-03-29 01:12:14 ACTION looking for docker images with edge 2015-03-29 01:12:23 <_mjones> You can upgrade. 2015-03-29 01:12:30 <_mjones> But that only matters if your docker is persistent. 2015-03-29 01:12:49 i see edge here: https://registry.hub.docker.com/_/alpine/ 2015-03-29 01:12:52 1 sec 2015-03-29 01:14:13 <_mjones> I just installed the package I compiled the other day. 2015-03-29 01:14:29 trying it now (RUN apk add --update iojs && rm -rf /var/cache/apk/*) 2015-03-29 01:15:12 i also added this line right before the 'add' - RUN apk add cherokee --update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted 2015-03-29 01:15:17 (in dockerfile) 2015-03-29 01:17:28 _mjones: 'apk search iojs' shows nothing 2015-03-29 01:18:03 here is my dockerfile - https://github.com/oren/alpine-node/blob/master/Dockerfile 2015-03-29 01:18:50 <_mjones> ok, let me check 2015-03-29 01:19:08 <_mjones> I don't have my machine running Docker 1.2 here, so I won't try to install it. 2015-03-29 01:20:02 <_mjones> how about just 'apk update && apk add iojs'? Try that. 2015-03-29 01:20:10 sure. 1 sec 2015-03-29 01:20:52 <_mjones> Your sytax is probably right, but I don't normally need all those options because I'm using a persistent /etc/apk/repositories file on a KVM VM. 2015-03-29 01:24:05 _mjones: how come that even after i run 'apk add cherokee --update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted' i don't see 2 lines in /etc/apk/repositories 2015-03-29 01:25:20 <_mjones> It isn't adding that repo, it's adding the cherokee webserver from that repo and doing the equivalent of an 'apk update' also. 2015-03-29 01:26:02 _mjones: ERROR: unsatisfiable constraints: iojs (missing): equired by: world[iojs] 2015-03-29 01:26:16 <_mjones> hmmm. 2015-03-29 01:26:36 <_mjones> Let me look at something. 2015-03-29 01:27:06 <_mjones> I think this is related to docker and how you're invoking apk, but I'm trying to figure out how to test without installing Docker. 2015-03-29 01:27:27 <_mjones> My Mint machine has 1.2, but I don't have that here right now, and 1.2 is a pain to put on Debian 7.8. 2015-03-29 01:28:31 <_mjones> makedepends="$depends_dev gcc make python openssl-dev zlib-dev paxctl linux-headers" 2015-03-29 01:29:14 <_mjones> I know you're making a script, but let's just do it interactively for now to make sure everything works. 2015-03-29 01:29:43 <_mjones> Log into the container and edit /etc/apk/repositories so edge/main and edge/testing are both uncommented. 2015-03-29 01:30:28 <_mjones> Then do "apk update && apk add iojs" 2015-03-29 01:31:04 <_mjones> I just uninstalled and reinstalled iojs on edge and everything is as expected in my dev vm. 2015-03-29 01:31:11 _mjones: is there a text editor i can use? 2015-03-29 01:31:40 <_mjones> I dunno, is there a text editor you can use? ;) 2015-03-29 01:31:42 <_mjones> vi. 2015-03-29 01:31:58 ok 2015-03-29 01:32:06 <_mjones> _lingua_franca_ 2015-03-29 01:32:28 _mjones: i only have 1 line in this file: http://dl-4.alpinelinux.org/alpine/edge/main 2015-03-29 01:33:51 <_mjones> echo "http://dl-4.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories && apk update && apk add iojs 2015-03-29 01:34:11 <_mjones> That _should_ be everything. 2015-03-29 01:35:00 _mjones: BOOM! works 2015-03-29 01:35:30 <_mjones> excellent. 2015-03-29 01:35:49 _mjones: should i just add those lines to my dockerfile? 2015-03-29 01:35:52 <_mjones> Now, I am unfamiliar with those command-line options to apk; I've never used them to date. 2015-03-29 01:35:55 echo etc 2015-03-29 01:36:16 <_mjones> owen1: I think so. The other way might be a little better but you can change it later, right? 2015-03-29 01:36:51 _mjones: yup. i'll lurke on this channel and maybe someone knows. what other good places should i go to learn about alpine? 2015-03-29 01:37:27 i don't thinks there is a google group 2015-03-29 01:37:34 gentoo wiki as alpine uses their init system 2015-03-29 01:38:31 <_mjones> Alpine is growing in popularity but the wiki definitely isn't up to gentoo or arch standards yet. 2015-03-29 01:38:50 https://wiki.gentoo.org/wiki/Project:OpenRC 2015-03-29 01:39:10 https://wiki.gentoo.org/wiki/OpenRC 2015-03-29 01:40:47 https://wiki.gentoo.org/wiki/Handbook:X86/Working/Initscripts 2015-03-29 01:41:34 thanks _mjones. looks good: https://github.com/oren/alpine-node/blob/master/Dockerfile 2015-03-29 01:41:53 22 MB! 2015-03-29 01:42:00 <_mjones> ;) 2015-03-29 01:42:27 my nginx image is 6 2015-03-29 01:42:42 <_mjones> iojs is not tiny. 2015-03-29 01:44:09 _mjones: the only barrier for me before i can use it in production is some process monitoring. something like forever. knite on this channel told me he is looking into http://skarnet.org/software/s6/ but it's not ready yet. 2015-03-29 01:44:41 is there a guide for creating apk packages? maybe i can give it a try 2015-03-29 01:45:03 if my node process is dead, i need to respawn it 2015-03-29 01:46:04 http://wiki.alpinelinux.org/wiki/Developer_Documentation - LXC containers (also on the wiki) - make very good build environments 2015-03-29 01:46:51 BitL0G1c: thanks for that link! 2015-03-29 01:47:08 ;-) 2015-03-29 01:47:28 is it possible to install alpine on a laptop and use it instead of ubuntu? 2015-03-29 01:48:36 since i use docker for most of my development recently, it might not be a crazy idea 2015-03-29 01:49:11 <_mjones> owen1: some people are running on laptops and desktops, yes. Mine are VMs and servers, so far. 2015-03-29 01:50:00 <_mjones> owen1: the repos have quite a few X11 packages, but not as many as you'll get on Debian or Ubuntu. 2015-03-29 01:50:45 this will get a desktop up http://wiki.alpinelinux.org/wiki/XFCE_Setup 2015-03-29 01:51:00 <_mjones> It's around 3300 packages in main and testing combined, compared to ~30,000 in Debian. 2015-03-29 01:51:08 xfce runs amazingly fast compared to debian 2015-03-29 01:53:25 <_mjones> It's not slow on debian. 2015-03-29 01:54:16 <_mjones> What would you guess is a comfortable amount of dram for the alpine-desktop? 512? 2015-03-29 01:54:17 BitL0G1c: i have ubuntu, but i use i3 instead of unity, so as long as i can find i3 (or create it), i should be ok. 2015-03-29 01:54:44 <_mjones> owen1: i3wm is in testing repo. 2015-03-29 01:55:30 <_mjones> I went to give i3 a whirl a few months ago and found out there's no default meta/super key. Having no default config is a mistake, I feel, and it put me off from my intended extended trial. 2015-03-29 01:56:16 <_mjones> Having setups that are so customised that one can't use another's machine/desktop, or give useful advice, seems a mighty big oversight. 2015-03-29 01:57:50 _mjones: omg. i..can't..resist 2015-03-29 01:58:19 _mjones: the default is window key, i think 2015-03-29 02:18:05 <_mjones> owen1: maybe I need to check again. 2015-03-29 02:38:12 is there wireless support? what about bluetooth headset? 2015-03-29 02:40:48 i got a wireless card working with http://linuxcommando.blogspot.de/2013/10/how-to-connect-to-wpawpa2-wifi-network.html + comment further down from "Emerson Prado" 2015-03-29 02:41:19 http://wiki.alpinelinux.org/wiki/Connecting_to_a_wireless_access_point 2015-03-29 02:41:58 apk search blue 2015-03-29 02:42:25 gotcha 2015-03-29 04:31:52 morning alpine 2015-03-29 04:32:08 i have a question regarding -rpi 2015-03-29 04:32:17 and how it boots 2015-03-29 04:33:39 <_mjones> I doubt I can help you. Maybe someone else is awake. 2015-03-29 04:33:58 more psecifially, i would like to boot from mmc0p1 but mount as Root a partition on an external HDD 2015-03-29 04:34:02 <_mjones> I know a tiny bit about u-boot and hardware discovery, maybe. 2015-03-29 04:34:35 well _mjones your presence and only is very welcome 2015-03-29 04:34:43 <_mjones> normally you can specify a "root=" argument on your kernel command line. 2015-03-29 04:34:57 here is one: that alpine_dev parametre is what? 2015-03-29 04:35:02 i did 2015-03-29 04:35:03 <_mjones> I have only done it on x86 family 2015-03-29 04:35:19 <_mjones> does rpi use syslinux as a bootloader? 2015-03-29 04:37:03 <_mjones> Anaphaxeton: I am checking the alpine_dev on the wiki for a moment 2015-03-29 04:37:46 <_mjones> So you already know about 'sys', 'disk', and 'diskless' modes of install? 2015-03-29 04:38:39 <_mjones> http://wiki.alpinelinux.org/wiki/Installation#Installation_Handbook 2015-03-29 04:39:30 <_mjones> While your question isn't exactly the same as 'diskless', I think 'diskless' is probably another way to do what you want. 2015-03-29 04:40:06 <_mjones> I'm sorry, 'data' mode. 2015-03-29 04:40:20 i did an sys installation on the hdd 2015-03-29 04:40:32 syslinux for rpi doesnt exist 2015-03-29 04:41:14 what i only was add a root= parametre 2015-03-29 04:41:44 and isnce the only parametre i dot understand is alpine_dev i was hoping you knew 2015-03-29 04:41:57 because it exists on x86as well 2015-03-29 04:42:38 gear, the morning typos. the worst of the day :p 2015-03-29 04:42:40 <_mjones> APPEND root=UUID=4cf65e2a-8e9d-47b4-baf8-9988352ff05e modules=sd-mod,usb-storage,ext4 quiet 2015-03-29 04:42:42 great* 2015-03-29 04:42:53 <_mjones> ;) 2015-03-29 04:42:59 aha! 2015-03-29 04:43:06 one moment 2015-03-29 04:43:31 <_mjones> http://wiki.alpinelinux.org/wiki/PXE_boot#Guide_to_options 2015-03-29 04:43:54 where does that UUID belong to? 2015-03-29 04:45:08 nice link! thanks 2015-03-29 04:45:17 <_mjones> My /dev/sda3, which is my / on my hdd. 2015-03-29 04:45:36 <_mjones> Normally /dev/sda1 is /boot and /dev/sda3 is / 2015-03-29 04:46:17 ok 2015-03-29 04:46:35 so i should change it and you should have told me :p 2015-03-29 04:46:53 <_mjones> Should have told you which thing? 2015-03-29 04:47:05 <_mjones> I'm not sure what I've just told you. 2015-03-29 04:47:08 that UUID is arbitrary 2015-03-29 04:47:15 <_mjones> UUID is always arbitrary. 2015-03-29 04:47:26 <_mjones> UUID is a generic serial number, invented not too many years ago. 2015-03-29 04:47:41 <_mjones> It's designed to be randomly generated and applied to all sorts of things. 2015-03-29 04:47:57 but you gave me a specific oe and often embedded comes with prebuilt images. so lots of same UUIDs ;) 2015-03-29 04:48:01 <_mjones> Hardware can have a uuid, filesystems, disks, software config files. 2015-03-29 04:48:09 i knoow 2015-03-29 04:49:23 <_mjones> From alpine-setup sda1 is /boot and sda2 is swap and sda3 is /. 2015-03-29 04:49:48 <_mjones> When you make a new filesystem with mkfs.ext4 a UUID will be randomly generated. 2015-03-29 04:50:16 <_mjones> We use UUIDs for mounting in fstab and so forth because device enumeration can change, like if you move disks around or unplug USB. 2015-03-29 04:53:46 i think the modules parametre will make a difference 2015-03-29 04:53:49 lets see 2015-03-29 04:54:39 doesn't udev map devices to uuids 2015-03-29 04:55:10 <_mjones> it's not necessary. 2015-03-29 04:55:14 <_mjones> Alpine base doesn't include udev. 2015-03-29 04:55:19 <_mjones> busybox has mdev. 2015-03-29 04:55:32 <_mjones> udev can be installed if you want or need it. 2015-03-29 04:55:49 <_mjones> 'blkid' will show you the uuid of a device. 2015-03-29 04:56:07 <_mjones> Also 'tune2fs' will show you all parameters including uuid for any ext{2,3,4} filesystem. 2015-03-29 04:56:16 <_mjones> s/device/block device/ 2015-03-29 10:26:25 Hi all ! Has anyone a process to install alpine on a raspberry ? 2015-03-29 10:26:59 how sould i format the sd card for example ? ^^ 2015-03-29 10:42:47 hey 2015-03-29 11:48:19 Please scuse me if anyone has replied, i had a connection problem and i don't have the list of messages :/ 2015-03-29 11:49:14 So, is there a process to install alpine on the raspberry ? ^^ Thanks ! 2015-03-29 11:50:12 <_ikke_> usually it's enough to use something like unetbootin to write the image to the sd card 2015-03-29 11:51:38 Thanks ! The system is load in RAM and the sd card is accessible to be writed by alpine-setup ? 2015-03-29 11:54:07 <_ikke_> hmm, not sure 2015-03-29 11:55:44 In fact, i am accustomed to this way http://archlinuxarm.org/platforms/armv6/raspberry-pi#qt-platform_tabs-ui-tabs2 2015-03-29 11:55:55 I'm going to test, i will see ^ 2015-03-29 11:56:39 <_ikke_> for the PI, you actually already want an installed system on the sdcard 2015-03-29 11:57:31 Yep, it will be great 2015-03-29 12:26:38 Alpine-RPI: I did that just today, if you have questions, feel free to ask me 2015-03-29 12:37:13 Ahh thanks :p So how did you format and put the files on the sd card ? 2015-03-29 12:37:31 And how did you install the system after ? ^ 2015-03-29 13:03:39 I manage to boot on the sd card but i don't know how to install it after :( 2015-03-29 13:03:48 Alpine-RPI: i formated the sdcard to have around 128MB vfat partition and large (4GB) partition formatted as f2fs (testing it out). extracted the tar.gz to the vfat one, added "ovl_dev=mmcblk0p2" to cmdline.txt and voila 2015-03-29 13:04:21 it boots into ram and loads config from the second partition, i use lbu to save the configs across reboots 2015-03-29 13:04:28 imo its better than installing it directly 2015-03-29 13:06:32 Thanks ! 2015-03-29 13:07:08 I want to make a server, isn't be better to install direcly than to use lbu ? 2015-03-29 13:07:28 what sort of server? 2015-03-29 13:07:45 Web server (HTTP + PHP) 2015-03-29 13:09:06 if the system loads into ram, i should write on the sd card no ? 2015-03-29 13:09:46 what do you mean? 2015-03-29 13:10:45 I just don't know if i can format the sd card while alpine linux is running in ram ^^ 2015-03-29 13:12:22 theoretically you could, but why would want to do that? 2015-03-29 13:14:47 Cause i don't want to use alpine into ram (sorry for my bad english, i'm french) 2015-03-29 13:15:17 I prefer the sys mode 2015-03-29 13:18:10 oh, i see 2015-03-29 13:18:23 guess you wont know unless you try it ;/ 2015-03-29 13:21:55 setup-disk doesn't find any disk :O 2015-03-29 13:22:59 i'm going to try this old method 2015-03-29 13:23:00 http://wiki.alpinelinux.org/wiki/Install_to_disk 2015-03-29 13:25:02 good luck 2015-03-29 13:25:48 thanks ^^ 2015-03-29 13:46:10 Alpine-RPI: you can also boot from ram and mount var to your sd (or more if you like) 2015-03-29 13:46:51 you can also use lxc and mount /var on sd. then your containers will run from disk. 2015-03-29 13:55:59 btw anyone knows which grsec settings to tweak to be able to run docker properly? 2015-03-29 18:23:31 why forum is not working? 2015-03-29 18:46:58 <_mjones> b0SKE: there was a problem on Friday morning, AFAIK. 2015-03-30 02:53:03 _mjones: IIRC ncopa was leaning towards not bringing the forum back - or potentially migrating it 2015-03-30 02:56:04 <_mjones> Darkfox: yes I saw that, but I didn't want to give out information that might not be accurate or current. 2015-03-30 02:56:38 <_mjones> It sounded to me like he was leaning toward starting fresh. 2015-03-30 02:57:28 <_mjones> I think something other than email is necessary. Is there anything else? Apache Wave? :) 2015-03-30 02:59:06 <_mjones> oh, oh, I know: Sharepoint. :P 2015-03-30 03:01:27 _mjones: Wave still exists ?! o.0 2015-03-30 03:01:43 I thought it died with Google's decision to can it... 2015-03-30 03:01:54 I guess like etherpad; it remains! 2015-03-30 03:02:12 <_mjones> DarkFox: I'd been meaning to check on it. It's still alive, but it's still Apache Incubator and it doesn't look like it's going to be leaving soon. 2015-03-30 03:02:47 Fair enough 2015-03-30 03:02:54 I sure hope they have stripped it down... 2015-03-30 03:03:06 I do remember wave taking 30 times longer than gmail :D 2015-03-30 03:04:22 Written in java? o.0 2015-03-30 03:04:50 _mjones: Anyhow; when/if the forum does restart - I'm sure people will be happy 2015-03-30 03:05:07 I suggested write one in lua to go with the lua theme (acf, alpine's site, etc) 2015-03-30 03:05:18 <_mjones> I didn't actually see what was the cause of all that happened. 2015-03-30 03:06:10 Neither did I. (Or at least, I don't recall if such) 2015-03-30 03:06:54 <_mjones> Relaunch of forum isn't a bad time to start a new community evangelist effort either. guessing maybe fb group, g+ group, tweets, who knows. 2015-03-30 03:08:30 _mjones: Of your suggestsions... I must suggest something at least sane.... Reddit :P 2015-03-30 03:08:43 Tweets maybe; but no forum :D 2015-03-30 03:13:26 <_mjones> I just installed cherokee and it pulled in 49 dependencies on my devbox. how is that even possible? 2015-03-30 03:16:37 <_mjones> 33 for ffmpeg-del and twenty-some for rrdtool! 2015-03-30 03:16:52 <_mjones> s/ffmpeg-del/ffmpeg-dev/ 2015-03-30 03:22:05 <_mjones> I'm looking through the open-source distributed social packages to see if there's anything there that looks suitable. 2015-03-30 03:29:09 a secure php framework with a forum http://www.banshee-php.org/ (written by the author of the hiawatha webserver) 2015-03-30 03:29:43 it probably uses polar ssl like hiawatha 2015-03-30 03:30:06 <_mjones> polarssl->mbedssl :) 2015-03-30 03:30:16 yes just noticed that 2015-03-30 03:30:51 http://www.arm.com/about/newsroom/arm-buys-leading-iot-security-company-offspark-as-it-expands-its-mbed-platform.php 2015-03-30 03:31:11 http://community.arm.com/groups/internet-of-things/blog/2015/02/09/polarssl-is-dead-long-live-mbed-tls 2015-03-30 03:35:11 <_mjones> Read 'em the other day when I pulled the git commit with the rename. 2015-03-30 03:35:47 http://mbed.org/ - learn something new every day 2015-03-30 04:01:16 <_mjones> I accidentally posted a response to your comment in #musl instead of here, about how there was a fork of the last bsd-licensed version of polarssl called tropicssl. 2015-03-30 04:02:11 <_mjones> And it was pointed out to me that mbedtls (I posted the wrong name above) is going to be under the Apache license. 2015-03-30 04:06:03 "Let's Connect Everything" 2015-03-30 04:06:05 please no 2015-03-30 04:06:33 IoS is bad as it is already with no regards to security 2015-03-30 04:41:39 hi there 2015-03-30 04:42:24 `modprobe snd-pcm-oss` return `modprobe: can't change directory to '3.14.36': No such file or directory` 2015-03-30 04:42:31 any idea? 2015-03-30 04:43:28 3.14.36 looks to be the kernel version 2015-03-30 04:43:56 <_mjones> hey Mo0O! 2015-03-30 04:44:07 <_mjones> Yes, it's the kernel version. 2015-03-30 04:44:26 <_mjones> Go to /lib/modules and see what dir is there. 2015-03-30 04:45:16 <_mjones> Both 3.1.3 and Edge are on 3.14.37 now 2015-03-30 04:45:41 hi _mjones :) 2015-03-30 04:46:09 ok I going to update that 2015-03-30 04:46:13 <_mjones> Your loadable kernel modules live in /lib/modules/ 2015-03-30 04:48:42 <_mjones> -rw-r--r-- 1 root root 60032 Mar 29 09:14 /lib/modules/3.14.37-1-grsec/kernel/sound/core/oss/snd-pcm-oss.ko 2015-03-30 04:49:27 <_mjones> .37-1 is current on Edge, 37-0 on 3.1.3. 2015-03-30 04:53:39 _mjones: it looks like I wasn't reboot after my last kernel update ^^ 2015-03-30 04:53:46 _mjones: thanks 2015-03-30 04:56:42 <_mjones> I thought that might be the problem. 2015-03-30 04:57:15 <_mjones> I wonder how practical it is to keep the old kernel modules around until the reboot happens. 2015-03-30 08:37:11 i fixed bugs.alpinelinux.org mailer 2015-03-30 08:37:18 password reset should work again 2015-03-30 08:37:45 dalias: sorry about that bugs.a.o password reset issue. should work now. 2015-03-30 13:10:13 ncopa, i'm also trying to figure out why abuild & alpine-sdk are forcing me to have sudo installed :( 2015-03-30 13:10:47 i think thats a leftover 2015-03-30 13:11:29 just trying to eliminate as many suids as i can 2015-03-30 13:11:34 understand 2015-03-30 13:11:36 and it wouldn't let me uninstall sudo which i never asked for 2015-03-30 13:11:39 :-p 2015-03-30 13:12:21 hum 2015-03-30 13:12:35 i doner what pulls it in? 2015-03-30 13:12:39 wonder* 2015-03-30 13:12:51 its abuild 2015-03-30 13:13:07 abuild -R/r ? 2015-03-30 13:13:11 due to abuild -r yes 2015-03-30 13:13:30 i do have a workaround thats even worse 2015-03-30 13:13:59 imo it doesn't make sense to have this as a dependency since just pulling it in automatically doesn't even work 2015-03-30 13:14:06 you'd have to write a sudo config file to make it useful 2015-03-30 13:14:34 yes, the idea is that the user who uses it needs to be allowed by sudo 2015-03-30 13:15:01 i think i wrote an abuild-apk wrapper with suid permissions 2015-03-30 13:15:13 so it is enough that you are in the abuild group 2015-03-30 13:15:18 but i think that is worse 2015-03-30 13:15:40 because that means that you are root if you are in abuild group 2015-03-30 13:15:58 *nod* 2015-03-30 13:16:19 so su - apk ... might be an option? 2015-03-30 13:16:25 ideally it would work with a container and overlay filesystems instead :) 2015-03-30 13:16:32 yes 2015-03-30 13:16:52 but doing that as non-root is non-trivial too 2015-03-30 13:17:00 i don't think having the sudo command in there is so awful, but it should be up to the user whether they want to use it 2015-03-30 13:17:10 we talked about do build in a chroot 2015-03-30 13:17:15 rather than forcing it to get installed 2015-03-30 13:17:45 chroot is rather backwards; container would work a lot better 2015-03-30 13:17:52 yes 2015-03-30 13:18:01 and chroot still requires root :( 2015-03-30 13:18:03 my main build env are in a container already 2015-03-30 13:18:14 so it would require nested containers 2015-03-30 13:18:21 despite linux adding the prctl for "make it so this process and its descendants can never use suid again" 2015-03-30 13:18:28 user containers 2015-03-30 13:18:37 *nod* 2015-03-30 13:18:56 i tried docker this weekend 2015-03-30 13:19:00 its kinda nice 2015-03-30 13:19:06 how about minijail? 2015-03-30 13:19:19 might be we could use docker for build env 2015-03-30 13:19:28 http://www.chromium.org/chromium-os/chromiumos-design-docs/system-hardening 2015-03-30 13:19:29 hmm i see how having sudo there makes sense if you only install abuild in a build container 2015-03-30 13:20:37 minijail? 2015-03-30 13:21:09 docker seems to be pretty close what we are after for building 2015-03-30 13:21:39 minijail for compartmentalizing and all your least-privilege needs. 2015-03-30 13:21:55 dalias: there is a SUDO_APK env var for abuild 2015-03-30 13:22:10 the thing that the chromeos people even managed to make run X11 without root. 2015-03-30 13:22:52 what would happen if you run 'rm -rf /' as root on alpine (provided --no-preserve-root esque flags are given) 2015-03-30 13:22:52 if you do: export SUDO_APK="wrapper-that-lets-you-run-apk-as-normal-user" 2015-03-30 13:23:10 Diftraku: try and see! :D 2015-03-30 13:23:19 (no dont!) 2015-03-30 13:23:31 i think it would blow your system away 2015-03-30 13:23:31 I'm honestly curious how modern systems react to it 2015-03-30 13:23:41 you can try in a vm 2015-03-30 13:23:46 i think it will just remove it all 2015-03-30 13:23:50 might do for science 2015-03-30 13:24:17 Just wait... given enough of time you will partly do it by mistake 2015-03-30 13:24:39 dalias: do you need a quick fix for sudo dep? 2015-03-30 13:24:41 rm -rf .* 2015-03-30 13:25:23 or rm -rf / tmp/directory or similar 2015-03-30 13:25:53 ncopa: old repo: https://chromium.googlesource.com/chromiumos/platform/minijail/ newer github fork: https://github.com/omegaup/minijail 2015-03-30 13:25:53 or: tmpdir=/tmp/dir; rm -rf $tempdir 2015-03-30 13:26:06 i have a apkbuild for this cooking 2015-03-30 13:26:26 or 'rm -rf *' when you meant to type 'rm -rf *tmp' (Swedish keyboard has * next to Enter) 2015-03-30 13:26:27 its bsd licensed 2015-03-30 13:26:51 engblom: norwegian needs shift for * 2015-03-30 13:26:56 engblom: same issue with finnish ones (basically thr same) 2015-03-30 13:26:58 ha 2015-03-30 13:27:05 *the 2015-03-30 13:27:16 ncopa: Swedish too... 2015-03-30 13:27:49 reminds of a slacky friday i had some year(s?) ago 2015-03-30 13:28:04 i was thinking to add a funny easter egg to apk 2015-03-30 13:28:06 you're told to never run stuff as sudo, you default to it after typing your pw for sudo five times 2015-03-30 13:28:14 ACTION is maybe getting his rpi2 at Wednesday. It would get installed with alpine if openjdk existed for armhf port. 2015-03-30 13:28:14 *stuff as root 2015-03-30 13:28:27 apk del --russian-roulette or similar 2015-03-30 13:28:32 haha 2015-03-30 13:28:43 it would give your 1/6 change to wipe your system 2015-03-30 13:28:50 while working on it... 2015-03-30 13:29:03 you're told to force interactive on destructive commands, but you add -f because 200 new-lines... 2015-03-30 13:29:18 i think the -f was required 2015-03-30 13:29:36 f just ignores read-only and such 2015-03-30 13:29:39 or i had some flag that was needed to make it actually commit the chage (wipe it all) 2015-03-30 13:29:51 i think i had --simulate or something 2015-03-30 13:29:52 interactive asks if it's ok 2015-03-30 13:30:04 or maybe i had interactive, i dont remember 2015-03-30 13:30:21 but while working on it, i made a bug that disabled my saftyfeature 2015-03-30 13:30:28 so suddenly... 2015-03-30 13:30:30 i won.. 2015-03-30 13:30:47 haha :) 2015-03-30 13:30:56 it was pretty fun actually 2015-03-30 13:30:57 updating your arch install is a bit like thay easter egg, tbh 2015-03-30 13:31:04 without reading changelogs 2015-03-30 13:31:25 i spent a half day restoring the system afterwards 2015-03-30 13:31:29 my `rm -rf /` incident immediately succeeds some drinking, and preceeds my setup of a diligent backup procedure. 2015-03-30 13:31:50 i pressed c-c in time, and was able to recover the system without booting. 2015-03-30 13:34:27 On my OpenBSD box at home I have made a few times some stupid mistakes. With OpenBSD the base system is separate from the "ports". The base system is just a bunch of tgz which you extract to /. I would always wget *.tgz. Then I extracted them all with a 'for'. I sometimes forgot to move away etcXX.tgz and xetcXX.tgz and got all of my customizations overwritten. 2015-03-30 13:34:50 ha 2015-03-30 13:36:23 I guess it's safer than having release upgrade die on you 2015-03-30 13:38:01 Now I noticed one thing more not having a package: wxmaxima. So my list of wished additional packages is: thunderbid, openjdk (for armhf) and wxmaxima. 2015-03-30 13:38:24 Before that I can only run test system of alpine in VM, but not any serious installation. 2015-03-30 13:40:15 dalias: how bad do you need this abuild without sudo? 2015-03-30 13:40:50 i suppose a quick workaround would be: rm /usr/bin/sudo 2015-03-30 13:41:04 and if you need it again: apk fix sudo 2015-03-30 13:41:45 not terribly 2015-03-30 13:41:51 or just chmod -s it :) 2015-03-30 13:41:58 yeah 2015-03-30 13:42:14 apk fix sudo should reset that too for you if you need sudo 2015-03-30 13:52:21 my whichlist of packages is w3m, patchelf, xsel, mupdf, geeqie, gifsicle, dict (with wordnet and mobi thesaurus) 2015-03-30 13:52:45 (i already created packages for these for myself but they are probably not upstreamable) 2015-03-30 13:53:33 *whishlist 2015-03-30 13:56:48 w3m and mupdf is in alpine, i'm using them happily. what was needed for them to build for you nsz? 2015-03-30 14:01:50 wxmaxima is really nice for doing quick maths without having to grab paper and pen to solve difficult equation and such. I used it latest to day in order to calculate some probability. 2015-03-30 14:09:50 when i started using alpine i didnt find them 2015-03-30 14:16:45 nsz: if you send me the APKBUILDs i'll have a look at what can be upstreamed into alpine 2015-03-30 14:17:27 reminds me 2015-03-30 14:17:37 i should flush the aports patch queue.. 2015-03-30 14:49:41 whereis w3m package? 2015-03-30 15:03:31 ncopa: ooops. w3m never got into alpine git? i thought i shared the apkbuild here long ago. 2015-03-30 15:03:37 wtf 2015-03-30 15:04:06 i cannot find it... 2015-03-30 15:04:12 email it to me and i'll add it 2015-03-30 15:04:22 i saw it in the unmaintained apkbuilds 2015-03-30 15:04:23 i think 2015-03-30 15:04:56 aports* 2015-03-30 15:05:02 ok, i'll do, i want to clean up my repos anyway. lot's of unshared stuff in there i believe. at least i saw the s6 stuff got merged 2015-03-30 15:05:37 or maybe i didn't 2015-03-30 15:05:45 rpu3uO8PEVZZ: it would be great if you could clean up your repo and let me git pull it 2015-03-30 15:05:59 /o\ i know. i hate my gitrepo, it's such a mess 2015-03-30 15:06:36 ok, send me the cherry-pick for w3m then :) 2015-03-30 15:06:44 the patch 2015-03-30 15:06:57 gotta go now though 2015-03-30 15:07:10 me too, will send a cleaned up repo later tonite 2015-03-30 15:11:00 ncopa: can you maybe take 5 minutes and make a wiki page that descibes some "release process" for aport patches? 2015-03-30 15:11:43 it would be encouraging to know what to do to get something into main etc. 2015-03-30 15:43:18 <_mjones> openjdk is full of asm, so an armhf port is a big deal. 2015-03-30 16:29:28 engblom: Did you know how to build kernel for pi2? did try it with kernel from github and alpine-rootfs for arm, wich boots, but strange bugs like freezing tty and there was no ssh to it possible :( 2015-03-30 17:33:59 is anyone here using alpine as an rsyslog server? after a recent update it seems that rsyslog is core dumping whenever it receives a TCP connection 2015-03-30 17:34:14 xen_roger: I do not have yet my rpi2. I will probably get it at wednesday. As I do not have it yet, I have not had a chance to try to compile anything. 2015-03-30 17:36:32 <_mjones> buckley310: interesting. 2015-03-30 17:36:50 xen_roger1: I do not have yet my rpi2. I will probably get it at wednesday. As I do not have it yet, I have not had a chance to try to compile anything. 2015-03-30 17:37:27 im currently using alpine 3.0 for rsyslog 2015-03-30 17:39:18 <_mjones> buckley310: I'm checking on a 3.1.3 vm 2015-03-30 17:39:28 <_mjones> busybox lsof is primitive like a neanderthal. 2015-03-30 17:39:58 <_mjones> actualy, 'primitive' is being charitable, I think. 2015-03-30 17:40:37 <_mjones> buckley310: other than the core, do you have any log in messages or in the kernel log (dmesg)? 2015-03-30 17:41:05 segfault 2015-03-30 17:41:14 the dmesg is just segfault and coredump 2015-03-30 17:41:55 in messages the only entry i have is the "syslog has started" message 2015-03-30 17:42:02 <_mjones> and rsyslog, not bbsyslog? 2015-03-30 17:42:49 i think so, ive never typed bbsyslog as far as i know 2015-03-30 17:43:02 `apk add rsyslog` `rc-update add rsyslog boot` 2015-03-30 17:46:43 <_mjones> busybox syslog is just 'syslogd', so you definitely have rsyslogd. 2015-03-30 17:46:54 right. 2015-03-30 17:47:22 <_mjones> what version of musl is 3.0? 2015-03-30 17:47:39 <_mjones> did you do a final upgrade, like 'apk update && apk upgrade' on 3.0? 2015-03-30 17:47:43 musl-1.1.4-r4 2015-03-30 17:48:05 i did `apk update ; apk upgrade --available` 2015-03-30 17:49:58 _mjones, 1.1.4-r4, patches can be seen at http://git.alpinelinux.org/cgit/aports/tree/main/musl?h=3.0-stable 2015-03-30 17:50:05 <_mjones> ok. 1.1.4 is recent. 2015-03-30 17:50:10 it includes the recent cve fix 2015-03-30 17:50:45 <_mjones> I was trawling the commit log since 1.0.4 for highlights to incorporate into 1.0.5, so I'm pretty familiar with 1.1.4, but thanks for the -r4 cite. 2015-03-30 17:51:37 <_mjones> Yeah those are mostly backports from musl master branch. 2015-03-30 17:51:46 yup 2015-03-30 17:52:11 <_mjones> Nice to see inet_pton. I didn't know alpine did backports to that extent. huzzah! 2015-03-30 17:52:31 <_mjones> so, rsyslogd then. 2015-03-30 17:54:03 <_mjones> I'm looking at it. 2015-03-30 17:56:34 as a side note, i currently have it running in UDP mode and its working fine 2015-03-30 17:57:39 <_mjones> do you have an rsyslog-tls package? 2015-03-30 17:57:53 <_mjones> tls issues were definitely cause this. 2015-03-30 17:57:58 <_mjones> s/were/would/ 2015-03-30 17:58:14 its not installed 2015-03-30 18:01:26 and actually the way i was recreating this in testing was connecting with telnet and just pressing enter. that was triggering the crash 2015-03-30 18:02:23 <_mjones> while anything should be tolerant of that, it still might be related to tls (openssl, etc.) libraries I think. 2015-03-30 18:25:24 <_mjones> buckley310: I'm getting a segmentation fault with rsyslogd right after I install it on 3.1.3 :( 2015-03-30 18:25:29 <_mjones> when I start it, that is. 2015-03-30 18:30:42 iojs guys are interested in this experiment. any help would be appreciated: https://github.com/oren/alpine-iojs/issues/1 2015-03-30 18:33:34 <_mjones> owen1: alpine is beginning to support python3. Because of compatibility issues, would be nice to use py3 for any new iojs thing I'd think. 2015-03-30 18:35:14 _mjones: im glad to see that it's not just me :) 2015-03-30 18:36:40 <_mjones> buckley310: survey^Wstrace says: 2015-03-30 18:36:54 <_mjones> futex(0570.978148690:6fae4a70ba88: set thread name to 'in:imklog' 0x90bc218ff74, FUTEX_WAIT_PRIVATE, -2147482066, NULL +++ killed by SIGSEGV +++ Segmentation fault 2015-03-30 18:37:07 <_mjones> bang bang, mmu shot my baby down. 2015-03-30 18:39:03 _mjones: feel free to join #io.js 2015-03-30 18:41:02 <_mjones> owen1: we'll see. I have a bunch of things to work on today. 2015-03-30 18:42:26 <_mjones> buckley310: turning off debug mode means it doesn't segfault right away. 2015-03-30 18:45:27 _mjones: me too (: thanks 2015-03-30 18:47:11 engblom: feel free to report to me, I am really interrested in alpine on pi2 ty 2015-03-30 18:47:41 <_mjones> buckley310: I see at least one fix that needs to go upstream, but it's not your problem I don't think, 2015-03-30 18:47:55 <_mjones> buckley310: what are your rsyslog options in /etc/conf.d/rsyslog ? 2015-03-30 18:51:20 CONFIGFILE="/etc/rsyslog.conf" PIDFILE="/var/run/rsyslogd.pid" RSYSLOG_OPTS="" 2015-03-30 18:56:49 <_mjones> buckley310: good. Looks like default opts of "-c5" were crashing me. Haven't absolutely confirmed that, have to switch over to another project so I can do a turnup in a couple hours. 2015-03-30 18:57:05 yeah, -c5 caused mine to crash too 2015-03-30 18:58:02 <_mjones> they finally stopped handling it in backward-compat mode. :P 2015-03-30 18:58:07 lol 2015-03-30 18:58:14 <_mjones> Still, I'll update the APKBUILD 2015-03-30 18:58:18 <_mjones> later. 2015-03-30 18:58:45 <_mjones> I want to look at the TCP problem, but I'll have to do it later. 2015-03-30 18:59:23 <_mjones> As Alpine sees more users, there are more people encountering bugs in less-popular codepaths, which is good. 2015-03-30 18:59:44 :) 2015-03-30 19:00:13 <_mjones> rsyslog should be popular, because busybox syslog is yeah. But some use-cases are more popular at first than others. 2015-03-30 19:00:20 in my case UDP should be fine since the data only runs on virtual networks, cables 2015-03-30 19:00:37 *no cables 2015-03-30 19:02:29 <_mjones> my use will eventually need syslog on tls on tcp, so I'd like to make sure everything is solid. 2015-03-30 19:07:24 https://github.com/iojs/docker-iojs/issues/44 2015-03-30 19:22:15 <_mjones> owen1: interesting. I need to work on a network turnup now, but it seems like the iojs community is looking for some lightweight userland containers on which to concentrate, and is looking at alpine? 2015-03-30 19:22:58 _mjones: yup! 2015-03-30 19:24:23 i created an image but on some io.js projects you also need 'native modules'. and they require compilation so the image should also have python 2.7, c/c++ compiler and make/cmake. 2015-03-30 19:24:54 i think we should create 2 images. one for projects that don't require native modules and another one, a bit bigger, that do require them. 2015-03-30 19:25:13 so the developer can choose depends on her requirements. 2015-03-30 19:31:46 <_mjones> you mean docker images? sounds fine. 2015-03-30 19:32:50 <_mjones> I've been planning on working with node and I suspect you've just roped me into targeting iojs instead (not that there's much difference yet, I assume.) 2015-03-30 19:33:28 _mjones: yup, docker images 2015-03-30 19:34:14 io.js is using newer version of V8, stuff like Promises that makes the async flow nicer than plain callbacks - https://iojs.org/en/es6.html 2015-03-30 19:35:06 or '=>' instead of the 'function' keyword 2015-03-30 19:35:45 <_mjones> owen1: for me there's a lot of attraction to skill/language transfer to front-end work. How does this square with front-end js/es5/es6 etc. etc.? 2015-03-30 19:36:11 just got alpine to compile and run skydns 2015-03-30 19:36:28 just made me happy 2015-03-30 19:36:34 thought i would share 2015-03-30 19:38:44 <_mjones> I have't heard of skydns until now, but as a DNS's number one fan (and user of it as a key-value store) this seems exciting. 2015-03-30 19:50:48 newbie question... I installed the 64-bit OS, is it possible with "apk" to install 32-bit libraries? 2015-03-30 20:19:50 <_mjones> rfs613: good question. not that I know. 2015-03-30 20:22:24 _mjones: okay. FYI, I tried "apk --arch x86 add libgcc" but it did not install anything (already have the x86_64 version of libgcc) 2015-03-30 20:27:12 <_mjones> if it worked, that's how it would have worked. Did you try the force flag? 2015-03-30 20:29:41 _mjones: no difference, it just prints "OK: 501 MiB..." without having installed anything new. 2015-03-30 21:20:17 rfs613: the closest you could do is run a 32 bit alpine lxc container on a 64bit host 2015-03-30 22:23:33 or simply a chroot 2015-03-31 00:16:01 https://github.com/iojs/docker-iojs/issues/44#issuecomment-87881298 2015-03-31 00:16:09 The image should properly verify during build the GPG signatures of the downloaded binaries (assuming they are used at all), like the other variants do. I doubt the Alpine base image includes GnuPG, so it may need to be added, this increasing the image size (unless GnuPG is deleted before a layer is committed, of course). 2015-03-31 00:40:51 <_mjones> No, gnupg is not in base. It's in repos. 2015-03-31 00:49:08 i don't know the context, but it seems unnecessary that you'd need to gpg verify downloads 2015-03-31 00:49:29 instead you could just deploy a list of known-good hashes and check those 2015-03-31 00:49:32 MUCH lighter than gpg 2015-03-31 00:51:03 <_mjones> as long as you have a trusted chain for the hashes. 2015-03-31 00:51:45 <_mjones> I'd much prefer that over gpg. Although obviously I also want https repos as an option. Kills shared client-side caching, but that era is mostly over anyway. 2015-03-31 00:52:18 <_mjones> (caveat: yes, client-side shared without inserting a new CA, of course.) 2015-03-31 00:56:33 <_mjones> has anyone looked at the ubuntu cloud prng stuff? pollen/pollinate. Our cloud future is a weird place. 2015-03-31 01:20:09 hi there 2015-03-31 01:20:36 do you think it's possible to install flash player? 2015-03-31 01:21:02 at the moment I chroot in an arch chroot to do that 2015-03-31 01:21:39 but have some issue with my external screen and the full screen video 2015-03-31 01:25:39 <_mjones> are you trying to access something specific? amazon prime shouldnt work because of drm. 2015-03-31 01:25:55 <_mjones> I guess anything that works under arch should work though. 2015-03-31 01:26:04 <_mjones> (without hal I mean.) 2015-03-31 01:26:22 <_mjones> I really don't know if flash will run under musl. I wouldn't bet on it. 2015-03-31 01:29:10 I wouldn't bet too 2015-03-31 01:29:19 will test for fun 2015-03-31 01:35:13 <_mjones> Let us know. 2015-03-31 01:36:04 it does, but it may require some very minor patching or LD_PRELOAD 2015-03-31 01:36:14 i haven't used it but others have reported success 2015-03-31 01:37:37 nice, dalias I realy interrested about this patch, in case you remember someone who's having it :) 2015-03-31 01:38:11 i'll see if i can dig that up 2015-03-31 01:38:24 thanks 2015-03-31 05:17:24 _mjones: how do i run the io.js test suite on my alpine-based image? 2015-03-31 05:18:41 <_mjones> let me take a look and see. 2015-03-31 05:19:18 <_mjones> the normal build process uses temporary workspace to do most of the work, so if it's park of the build suite and not part of the package... 2015-03-31 05:20:47 also, why do we need iojs and also iojs:onbuild? what does the :build add that iojs don't? what's the usecase? 2015-03-31 05:21:19 <_mjones> I'm not sure what that is. 2015-03-31 05:21:29 <_mjones> How do you normally call the test suite? 2015-03-31 05:21:47 _mjones: i have never done that. i just asked on #iojs 2015-03-31 05:22:36 <_mjones> I have the iojs-dev package installed. Checking... 2015-03-31 05:22:58 _mjones: i am curios to try running the tests as well. 2015-03-31 05:23:12 but don't know where to start 2015-03-31 05:23:46 <_mjones> I see unit tests down in /usr/lib/node_modules 2015-03-31 05:24:01 _mjones: so you sh into the image and git clone the repo? 2015-03-31 05:25:11 <_mjones> I have a few running VMs into which I ssh -- not docker, KVM. 2015-03-31 05:25:34 _mjones: https://github.com/iojs/io.js - make test 2015-03-31 05:26:10 <_mjones> Alpine has a 'pkgsrc' like build setup called abuild. I have a git tree of the current dev tree. Pretty much you go into ~/abuild/testing/iojs and run 'abuild -R' 2015-03-31 05:26:29 <_mjones> Except it cleans up when it's done compiling. So, I have to make a fresh one I guess. 2015-03-31 05:27:38 <_mjones> Are you asking because you suspect something may be off, or because you just want a warm feeling that it isn't? 2015-03-31 05:27:47 _mjones: unless you are in a rush, would u mind guiding me? i am on ubuntu laptop with docker installed. what do i need to do in order to run io.js test suite using alpine image? 2015-03-31 05:28:00 <_mjones> It won't take me long to do, or you either I guess, but the compile will take a long time. 2015-03-31 05:28:04 i just want to learn how to do that. for fun and for educatiing myself 2015-03-31 05:28:11 _mjones: Yesterday, you commented that openjdk is difficult to get running on armhf because of asm. I would say the incompatibilities between musl and other libc implementations is the most difficult part. The asm part you can find patches for from any distro shipping openjdk for arm. 2015-03-31 05:28:59 what libc issues do you hit? 2015-03-31 05:29:13 <_mjones> engblom: when I made that comment I had assumed armhf wasn't supported by openjdk period, which is evidently not the case. 2015-03-31 05:30:13 <_mjones> owen1: it woul dbe most straightforward to pull down the archive, extract, do a build ("make"), then run the tests immediately after. 2015-03-31 05:31:08 _mjones: do i need to put the archive INSIDE the alpine image with io.js? 2015-03-31 05:31:18 sorry if this is a stupid question 2015-03-31 05:31:43 not really sure what i am doing (: 2015-03-31 05:32:20 we are testing if the tests run INSIDE the image, i assume. 2015-03-31 05:32:45 <_mjones> owen1: yes. I was thinking http pull the archive down once the docker image is running. 2015-03-31 05:32:52 <_mjones> I don't use docker much to date. 2015-03-31 05:33:37 _mjones: ok. and i assume i'll need to make sure i do: RUN apk update && \ 2015-03-31 05:33:39 apk add --update iojs make g++ git gnupg python bash && rm -rf /var/cache/apk/* 2015-03-31 05:33:46 <_mjones> engblom: openjdk is supposed to be a hard build on alpine/musl anyway. I just spun one up with openjdk7 icedtea 2.5.4, mostly because I wanted to do an update to 2.5.5 or 2.6.0 anyway 2015-03-31 05:33:52 per https://github.com/iojs/docker-iojs/issues/44#issuecomment-87935350 2015-03-31 05:34:06 <_mjones> owen1: so no. 2015-03-31 05:34:13 <_mjones> owen1: that installs the binary package. 2015-03-31 05:34:24 _mjones: oh right, 2015-03-31 05:34:37 <_mjones> owen1: in order to run the test suite, which is normally only done after you compile from source code, you pretty much need to compile from source code. 2015-03-31 05:35:07 _mjones: ok, so i'll need to have make g++ git gnupg python bash 2015-03-31 05:35:14 (everything BUT the iojs) 2015-03-31 05:35:43 <_mjones> pulling from git is slightly more straightforward than pulling and extracting iojs-v1.6.2.tar.xz 2015-03-31 05:36:03 <_mjones> iojs builds super clean though -- not a single patch or weirdness. Uncommon for such a large project. 2015-03-31 05:36:05 awesome, i'll try it now 2015-03-31 05:36:33 <_mjones> you'll need these too, owen1: makedepends="$depends_dev gcc make python openssl-dev zlib-dev paxctl linux-headers" 2015-03-31 05:36:54 anyone tried alpine on http://copy.sh/v86/ ? 2015-03-31 05:36:55 <_mjones> so first do: "apk update && apk add gcc make python openssl-dev zlib-dev paxctl linux-headers" 2015-03-31 05:37:07 seems to hang during boot for me :( 2015-03-31 05:37:51 _mjones: ok. 1 sec 2015-03-31 05:38:52 <_mjones> dalias: I'm pretty sure I saw some hypervisor running in asm.js the other day... 2015-03-31 05:46:01 <_mjones> owen1: build is this: 2015-03-31 05:46:34 <_mjones> ./configure --prefix=/usr --shared-openssl --shared-zlib 2015-03-31 05:46:35 _mjones: from some reason i don't have python. 1 sec 2015-03-31 05:46:41 <_mjones> then "make" then "make test" 2015-03-31 05:47:42 <_mjones> blimey, it's 10M of code when packed with xz. 2015-03-31 05:50:32 _mjones: from some reason 'docker-compose build' doesn't install python - https://github.com/oren/alpine-node-tests/blob/master/Dockerfile 2015-03-31 05:52:54 <_mjones> RUN apk add ... ? 2015-03-31 05:53:03 oh 2015-03-31 05:56:16 <_mjones> xz isn't on that dependencies list. Should fix that... 2015-03-31 05:57:05 _mjones: http://paste.ubuntu.com/10710640/ 2015-03-31 05:57:12 i'll add xz. thanks 2015-03-31 05:57:26 <__number5__> can apk auto-install deps? 2015-03-31 05:57:34 <_mjones> yes. 2015-03-31 05:57:53 <_mjones> it even auto-uninstalls them once the manually-installed one is "apk del" 2015-03-31 05:58:16 <_mjones> it doesn't ask. This is the equivalent of "apt-get autoremove" on Debian, except it's not automatic on Debian. 2015-03-31 05:59:24 <_mjones> it's just that I was talking about an abuild package, which means that's the dependencies for building the package, whereas apk handles installing existing packages from repos. 2015-03-31 06:00:22 <_mjones> iojs is pulled down as a .xz file so needs xz to uncompress, which my devbox didn't have. Odd, because this was the same box where I built iojs previously. 2015-03-31 06:00:24 _mjones: i just run it with xz as well. got the same error 2015-03-31 06:00:35 <_mjones> error? 2015-03-31 06:00:42 <_mjones> I mean, paste error. 2015-03-31 06:00:44 _mjones: http://paste.ubuntu.com/10710640/ 2015-03-31 06:01:25 <_mjones> did you do the ./configure line first? 2015-03-31 06:01:33 yup 2015-03-31 06:01:33 <_mjones> ./configure --prefix=/usr --shared-openssl --shared-zlib 2015-03-31 06:01:44 <_mjones> one second, I was doing it manually myself. 2015-03-31 06:02:23 <_mjones> ok, it doesn't do a bunch of work before that error, huh? 2015-03-31 06:02:36 i am documenting my steps here btw - https://github.com/oren/alpine-node-tests 2015-03-31 06:02:39 <_mjones> 'cause mine is compiling perfectly now. Man, that configure script is brutally fast. 2015-03-31 06:06:20 <_mjones> oren1: mine: http://paste.ubuntu.com/10710653/ 2015-03-31 06:06:28 ../deps/cares/src/ares_setup.h:79:43: fatal error: errno.h: No such file or directory 2015-03-31 06:06:38 <_mjones> How did you get the iojs code? I'm using 1.6.2. 2015-03-31 06:06:51 <_mjones> missing headers I think. 2015-03-31 06:06:56 <_mjones> do this: 2015-03-31 06:07:01 <_mjones> apk info | grep headers 2015-03-31 06:08:17 <_mjones> fortify-headers linux-headers bsd-compat-headers 2015-03-31 06:08:32 git clone git@github.com:iojs/io.js.git 2015-03-31 06:08:42 but maybe i need to be on specific branch? 2015-03-31 06:09:19 i only have linux-headers 2015-03-31 06:09:32 <_mjones> yeah, you don't need bsd-compat-headers 2015-03-31 06:09:46 <_mjones> and fortify is from edge (unstable, not 3.1.3) so don't worry. 2015-03-31 06:09:56 <_mjones> try to clone 1.6.2 release ;) 2015-03-31 06:10:16 <_mjones> I was just giving huge praise for the clean compile too, but that was based on 1.6.2. What's current stable? 2015-03-31 06:10:22 <_mjones> looking. 2015-03-31 06:10:23 _mjones: do i need to switch to a branch? 2015-03-31 06:11:33 git branch -a doesn't show me 1.6.2 2015-03-31 06:11:41 <_mjones> try v1.6.2 2015-03-31 06:11:59 <_mjones> 1.6.2 is latest, barely came out a week ago. 2015-03-31 06:12:19 <_mjones> hopefully nobody broke their build. 2015-03-31 06:12:35 _mjones: that's all i see: http://paste.ubuntu.com/10710666/ 2015-03-31 06:13:41 <_mjones> I guess they didnt branch it at release. 2015-03-31 06:13:47 <_mjones> oh, check for tag? 2015-03-31 06:14:45 1 sec 2015-03-31 06:15:10 v1.6.2 2015-03-31 06:15:26 git checkout v1.6.2 2015-03-31 06:16:48 _mjones: i am getting the same error 2015-03-31 06:16:59 ACTION googling 2015-03-31 06:17:28 <_mjones> try git tag -l 2015-03-31 06:17:48 <_mjones> i'm not pulling from git. but i will. 2015-03-31 06:19:00 _mjones: 'git tag -l' gives me the same output as just 'git tag' 2015-03-31 06:20:00 <_mjones> the git is cloning for me. It's big and I'm on wireless. 2015-03-31 06:20:47 _mjones: should i try the tar file instead? 2015-03-31 06:21:11 https://iojs.org/dist/v1.6.2/ 2015-03-31 06:21:56 <_mjones> yes, that will work. 2015-03-31 06:21:58 maybe this one? iojs-v1.6.2-linux-x64.tar.gz 2015-03-31 06:22:06 <_mjones> no, that's already compiled. 2015-03-31 06:22:08 <_mjones> this one: 2015-03-31 06:23:02 <_mjones> https://iojs.org/dist/v1.6.2/iojs-v1.6.2.tar.xz 2015-03-31 06:23:08 <_mjones> then the commands: 2015-03-31 06:23:17 wget https://iojs.org/dist/v1.6.2/iojs-v1.6.2.tar.xz 2015-03-31 06:23:25 <_mjones> xz -cd iojs-v1.6.2.tar.xz | tar -xvf 2015-03-31 06:23:49 <_mjones> cd iojs-v1.6.2 2015-03-31 06:24:18 <_mjones> then the ./configure 2015-03-31 06:24:19 tar: option requires an argument -- 'f' 2015-03-31 06:24:35 <_mjones> xz -cd iojs-v1.6.2.tar.xz | tar -xvf - 2015-03-31 06:24:58 <_mjones> I forgot the trailing hyphen. 2015-03-31 06:26:13 _mjones: the same error 2015-03-31 06:27:12 <_mjones> after the -xvf there's a space hyphen. 2015-03-31 06:28:03 _mjones: yup. i am already 'inside' the image, make => ../deps/cares/src/ares_setup.h:79:43: fatal error: errno.h: No such file or directory 2015-03-31 06:28:11 the same exact error 2015-03-31 06:29:12 <_mjones> there's an undocumented dependency then. Checking that header file. 2015-03-31 06:30:15 someone on #io.js linux-libc-dev 2015-03-31 06:30:28 " there's probably a list of packages if you google build nodejs ubuntu or something" 2015-03-31 06:30:33 <_mjones> #include /* needed on windows */ 2015-03-31 06:31:03 <_mjones> he'd be right, except we have much more specific information, having the exact package recipe 2015-03-31 06:31:24 <_mjones> ok, run the ./configure line again and pastebin me the output. 2015-03-31 06:31:34 <_mjones> it shouldn't be looking for that header on any linux. 2015-03-31 06:31:53 _mjones: the output of ./configure --prefix=/usr --shared-openssl --shared-zlib ? 2015-03-31 06:32:06 <_mjones> yes. It should be about one page. 2015-03-31 06:32:48 _mjones: http://paste.ubuntu.com/10710714/ 2015-03-31 06:34:05 <_mjones> 'apk add g++' 2015-03-31 06:34:11 ok 2015-03-31 06:34:14 <_mjones> I hope that's not it, it would be really silly 2015-03-31 06:34:23 why 2015-03-31 06:35:02 ACTION building the image 2015-03-31 06:35:36 /bin/sh: rm: not found 2015-03-31 06:35:52 RUN apk add gcc make python openssl-dev zlib-dev paxctl linux-headers xz g++ && rm -rf /var/cache/apk/* 2015-03-31 06:35:59 probably something to do with the ++ 2015-03-31 06:36:38 <_mjones> --- CRASHED --- [00:26|% 100|+ 0|- 835]: Done Makefile:76: recipe for target 'test' failed 2015-03-31 06:36:45 <_mjones> the tests fail. hmmm. 2015-03-31 06:37:17 _mjones: do i need g\+\+ or something funny? 2015-03-31 06:39:46 <_mjones> I don't think so. 2015-03-31 06:39:59 <_mjones> I don't know why these tests are failing. 2015-03-31 06:40:41 _mjones: i can't build my image because of the ++ 2015-03-31 06:42:03 (in g++) 2015-03-31 06:42:12 <_mjones> oh my, I found it, I think 2015-03-31 06:42:33 <_mjones> Starting program: /home/mjones/aports/testing/iojs/src/iojs-v1.6.2/out/Release/iojs warning: Cannot call inferior functions, Linux kernel PaX protection forbids return to non-executable pages! warning: no loadable sections found in added symbol-file system-supplied DSO at 0x690852550000 Program received signal SIGSEGV, Segmentation fault. 2015-03-31 06:44:24 that's what you mean by 'found it'... omg 2015-03-31 06:44:26 i am lost 2015-03-31 06:44:27 <_mjones> ok, there's a paxctl step in the install. 2015-03-31 06:44:38 _mjones: wait, how to install g++? 2015-03-31 06:44:52 <_mjones> Alpine has some hardened security features, and my test ran afoul of it ;) 2015-03-31 06:44:53 the build command fails on me 2015-03-31 06:45:32 <_mjones> put the g++ before the last item on the list. 2015-03-31 06:46:54 /bin/sh: rm: not found 2015-03-31 06:47:02 <_mjones> $ paxctl -cm out/Release/iojs file out/Release/iojs had a PT_GNU_STACK program header, converted 2015-03-31 06:47:17 <_mjones> remove that && and everything after it 2015-03-31 06:47:26 <_mjones> that's just manually cleaning your cache, saving some storage. 2015-03-31 06:47:30 <_mjones> it's not necessary 2015-03-31 06:47:33 <_mjones> premature optimisation. 2015-03-31 06:47:39 ahahah sure 2015-03-31 06:47:51 <_mjones> ok now the tests are working. 2015-03-31 06:47:59 wow awesome 2015-03-31 06:48:08 <_mjones> I'm glad I did that myself. it would have taken me much longer to figure out why yours were breaking. 2015-03-31 06:48:20 so u are on kvm? 2015-03-31 06:48:32 mac -> kvm -> docker 2015-03-31 06:48:33 <_mjones> this thing: https://en.wikipedia.org/wiki/PaX 2015-03-31 06:48:42 <_mjones> yes, raw kvm+qemu. 2015-03-31 06:48:59 <_mjones> on debian on thinkpad. 2015-03-31 06:49:18 thinkpad here as well 2015-03-31 06:49:25 ubuntu + i3 2015-03-31 06:49:45 why would i want to use pax or kvm or qemu? 2015-03-31 06:49:53 i got docker on ubuntu 2015-03-31 06:50:02 <_mjones> pax is a feature of the default alpine kernel, for security. 2015-03-31 06:50:24 <_mjones> if you're using docker images, you presumably aren't using the alpine kernel. 2015-03-31 06:50:58 _mjones: why do i need the alpine kernel? i use ubuntu and created an alpine image 2015-03-31 06:51:12 the kernel in docker is my laptop's kernel 2015-03-31 06:51:32 <_mjones> You don't, really. But the hardening of the alpine kernel also won't give you extra security. 2015-03-31 06:51:50 btw ,i get the same error 2015-03-31 06:51:56 <_mjones> since your main use-case is lightweight, that's not a problem. 2015-03-31 06:53:00 <_mjones> the test suite isn't going to run perfectly, because it's testing assertions. 2015-03-31 06:53:30 should i paste the output of ./configure 2015-03-31 06:53:31 <_mjones> all good things to know. 2015-03-31 06:53:40 <_mjones> I saw it; it was fine. 2015-03-31 06:53:55 <_mjones> I have to go to bed soon. 2015-03-31 06:54:24 _mjones: so what's the conclusion? 2015-03-31 06:54:35 _mjones: how come it works on yours? what is the diference? 2015-03-31 06:54:50 <_mjones> test suite 7 minutes in. 2015-03-31 06:55:07 _mjones: does it crash on yours after 7 minutes? 2015-03-31 06:55:21 <_mjones> it won't technically pass because musl libc doesnt support asserts. 2015-03-31 06:55:34 <_mjones> no, it's still going. 2015-03-31 06:55:55 <_mjones> [07:27|% 100|+ 828|- 7]: Done Makefile:76: recipe for target 'test' failed 2015-03-31 06:55:57 asserts are some c or c++ functions? 2015-03-31 06:56:11 <_mjones> looks like 828 tests passed, 7 tests failed. 2015-03-31 06:56:30 and we can't replace musl libc? 2015-03-31 06:56:33 <_mjones> yes, it's a c/c++ erroring mechanism. 2015-03-31 06:56:47 <_mjones> no, it means iojs runs fine. 2015-03-31 06:56:49 or augment it 2015-03-31 06:57:03 <_mjones> It just errors out differently than the test suite expects. 2015-03-31 06:57:18 ok. so the output is a bit funny 2015-03-31 06:57:24 but the tests pass so far 2015-03-31 06:57:47 <_mjones> more or less. the error output is different for a few errors. 2015-03-31 06:57:51 i'll update that ticket on github and link to my test project, tell them about the error i get 2015-03-31 06:57:56 <_mjones> the sucessful tests output fine. 2015-03-31 06:58:10 sweet 2015-03-31 06:58:45 <_mjones> presumably the only difference in production use would be that some errors might not output the same if you're expecting certain output. 2015-03-31 06:58:47 just so i'll know what i am talking about, can u describe your test environment? (kvm etc) 2015-03-31 06:58:52 <_mjones> this is a deliberate musl libc design decision. 2015-03-31 06:59:35 <_mjones> "alpine edge on kvm full virtualisation" I guess 2015-03-31 06:59:36 also what's your github username? i'll mention you 2015-03-31 06:59:40 ahaah ok 2015-03-31 06:59:44 <_mjones> I don't have one yet. 2015-03-31 06:59:46 how excotic 2015-03-31 07:00:04 <_mjones> I have a very common name. 2015-03-31 07:00:17 <_mjones> namespace collisions everywhere. It gets old. 2015-03-31 07:00:29 (: 2015-03-31 07:01:08 ok. bottom line, on kvm the tests passes with some differnces in the output that is a result of musl libc. 2015-03-31 07:01:57 <_mjones> yes. Looks like 7 tests fail, 828 tests pass, if I read this right. 2015-03-31 07:02:15 can you pastebin it pleas? 2015-03-31 07:02:24 <_mjones> Tentatively assumed to be because of deliberate behaviour of musl libc; will investigate later. 2015-03-31 07:02:26 i'll paste it in the ticket 2015-03-31 07:06:48 <_mjones> http://paste.ubuntu.com/10710793/ 2015-03-31 07:06:58 <_mjones> the last error it because of 'busybox' 2015-03-31 07:07:13 <_mjones> Error: Command failed: /bin/sh -c ps -p 21841 -o args= ps: unrecognized option: p 2015-03-31 07:09:15 <_mjones> ugh, that paste got some mistaken stuff in it. 2015-03-31 07:09:33 _ahah 2015-03-31 07:10:02 _mjones: do u want to paste another one? 2015-03-31 07:11:05 <_mjones> I'm quite tired. It'll have to wait. 2015-03-31 07:11:25 _mjones: no worries. i'll paste everything we got. 2015-03-31 07:11:35 (including your pastebin, if you think it's valuable) 2015-03-31 07:11:54 <_mjones> I think I can do another one real quick, from the first one. 2015-03-31 07:12:06 sure. i'll wait 2015-03-31 07:12:58 <_mjones> http://paste.ubuntu.com/10710805/ seems good. 2015-03-31 07:13:33 <_mjones> I was using tmux on the original session, and didn't record it, so it was a bit of work to make a dump. 2015-03-31 07:13:51 _mjones: thanks! 2015-03-31 07:14:07 <_mjones> ttyl. 2015-03-31 07:14:15 yup 2015-03-31 07:58:21 this line RUN apk add gcc make python openssl-dev zlib-dev paxctl linux-headers g++ xz 2015-03-31 07:58:34 couses me trouble. i get: Cannot start container 4bee150161c7f3f49548aac2ae2358a09ae85417d2ca5c707ce3de17678ec370: no such file or directory 2015-03-31 07:59:04 when i run docker-compose run web sh. can someone try reproducing it? https://github.com/oren/test-iojs-docker-alpine 2015-03-31 08:00:36 i suspect it has something to do with g++ 2015-03-31 08:01:02 when i remove the g++ from that line i's installing stuff. i'll try to put it on it's own line 2015-03-31 08:22:46 it didn't help. even on it's own line 2015-03-31 08:22:54 RUN apk add g++ 2015-03-31 08:22:58 HALP (: 2015-03-31 08:27:37 which is the exat error message? 2015-03-31 08:28:40 try replace gcc, g++ and make with 'build-base' 2015-03-31 08:31:18 docker-compose build && docker-compose run web sh => Cannot start container 5dcc70eb5ddaa4ee2b49e701b5bc4c6269eb072e21e57c0b43f628aa1a1e9236: no such file or directory 2015-03-31 08:31:22 https://github.com/oren/test-iojs-docker-alpine 2015-03-31 08:31:28 ncopa: ^ 2015-03-31 08:32:11 i have RUN apk add gcc make python openssl-dev zlib-dev paxctl linux-headers xz 2015-03-31 08:32:24 and if i try to add RUN apk add g++ i get that error. 2015-03-31 13:43:42 ncopa: i'd apperciate it if you had rss feed for the releases and maybe other updates too 2015-03-31 13:49:05 Tsutsukakushi: i have that on my list 2015-03-31 13:49:10 great 2015-03-31 14:42:20 anyone tried spotify on musl? 2015-03-31 16:33:24 Mo0O: I have flashplayer on Alpine (but taken from Arch) 2015-03-31 16:33:56 <_mjones> amatcoder: I'm sure people would be interested in the procedure. 2015-03-31 16:34:38 just let flash die already 2015-03-31 16:36:04 _mjones: I will try to explain step by step... 2015-03-31 16:37:21 1) download flashplugin and glibc packages from some Arch mirror 2015-03-31 16:39:53 <_mjones> oh, this involves installing glibc also? 2015-03-31 16:40:22 <_mjones> I assumed something different. 2015-03-31 16:40:38 mjones: Only two files 2015-03-31 16:41:07 <_mjones> I gather that gnash is good enough for youtube. But of course youtube is html5 now, and the use-case is things like amazon prime. Netflix is still silverlight? 2015-03-31 16:41:25 ld-2.21.so and ld-linux-x86-64.so.2 2015-03-31 16:41:29 <_mjones> this is why I despise binaries. 2015-03-31 16:41:35 <_mjones> yeah, the linker of course. 2015-03-31 16:41:53 <_mjones> one of those is a symlink to the other, no? 2015-03-31 16:41:59 yes 2015-03-31 16:42:20 I install those on /usr/local/lib 2015-03-31 16:45:46 summarizing: you need 'libflashplayer.so' on "/usr/lib/mozilla/plugins/" 2015-03-31 16:45:52 and 'ld-2.21.so' and 'ld-linux-x86-64.so.2' both on "/usr/local/lib" 2015-03-31 16:46:59 <_mjones> that's all? 2015-03-31 16:47:27 yes 2015-03-31 16:49:59 ah, if you use grsec kernel, you need "paxctl -c -m -p /usr/lib/firefox-36.0.4/plugin-container" 2015-03-31 16:50:30 <_mjones> This would make a good short article for wiki.alpinelinux.org. 2015-03-31 16:51:08 My english is not good enough 2015-03-31 16:52:09 AmatCoder: it's plenty good :o 2015-03-31 16:52:21 :) 2015-03-31 16:52:41 and someone can fix the grammer if there are any mistakes 2015-03-31 16:52:46 <_mjones> AmatCoder: what you said is more than sufficient for the page. 2015-03-31 16:53:21 <_mjones> although again for the record, I agree with Tsutsukakushi - let flash die. ;) 2015-03-31 16:54:03 well I use it only for pr0n ;) 2015-03-31 16:54:10 <_mjones> I have a great story about how I was burned by flash in 1997 and I can't believe everyone else let it thrive. This threatens my faith in humanity. 2015-03-31 16:54:57 <_mjones> streaming is not a good user experience because of problems and variable quality. And it's wasteful if you download more than once. So I don't stream. 2015-03-31 16:55:43 <_mjones> even wine and bins aren't the answer, as I used to deal with all risc machines. Only open source is viable in the broadly and long-term. 2015-03-31 16:56:59 some streams are nice 2015-03-31 16:57:13 for real time discussion with the hosts and other viewers 2015-03-31 16:57:18 but rtsp is enough for that 2015-03-31 16:57:23 no need for silly flash players 2015-03-31 16:58:16 <_mjones> "curl -OL - https://the.url | mplayer" is great for real-time streaming of conferences and such. html5 too. webrtc now. 2015-03-31 16:58:47 <_mjones> I spent years dealing professionally with streaming and adobe flash, and adobe flash's native streaming protocol rtmp which is a travesty of architecture. 2015-03-31 16:59:53 <_mjones> I'm only interested in open standards that can be implemented by unencumbered code. This does not stem from ideology, it stems from decades of experience. 2015-03-31 17:03:32 <_mjones> the tide has largely turned now that so many people run macs, since apple rejected flash soundly, and so many people share code by default. But do not take it for granted. 2015-03-31 18:18:20 __number5__: i use mpv instead of mplayer, i wonder if i can do curl -OL - https://the.url | mpv 2015-03-31 18:19:58 mpv https://www.youtube.com/watch?v=H-fwxUeFZdQ works! 2015-03-31 18:31:19 owen1: that works because mpv ships with a lua plugin for youtube by default 2015-03-31 18:31:44 nmeum: gotcha 2015-03-31 22:07:55 apk search python => WARNING: Ignoring APKINDEX.ed54c246.tar.gz: No such file or directory. WARNING: Ignoring APKINDEX.24c95890.tar.gz: No such file or directory 2015-03-31 22:08:08 cat /etc/apk/repositories => http://dl-4.alpinelinux.org/alpine/edge/main http://dl-4.alpinelinux.org/alpine/edge/testing 2015-03-31 22:11:49 <_mjones> 'apk update' then do it again. 2015-03-31 22:11:57 _mjones (: 2015-03-31 22:13:41 <_mjones> That file is the cache of the last time you pulled the package list, with its hash (the ed54c246). 2015-03-31 23:23:48 ACTION is learning about sh vs bash 2015-03-31 23:24:23 so sh is a specification. 2015-03-31 23:34:46 owen1: sh is not a specfication. sh is a shell which fully implements the POSIX shell command language. See: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html 2015-03-31 23:34:48 <_mjones> sorta. 2015-03-31 23:35:16 <_mjones> Linux as a distribution made a huge error in the early 1990s when it used bash as its /bin/sh (technically 'Bourne shell') 2015-03-31 23:35:32 and bash is also an implementation of the POSIX shell command language, but it adds all kind of fancy features 2015-03-31 23:35:39 <_mjones> first, bash is much bigger and slower than sh, which hurt performance and memory usage. 2015-03-31 23:36:18 <_mjones> second, bash is a superset of sh functionality, which means people wrote most scripts calling #!/bin/sh but then wrote them with bash extensions, making them unportable. 2015-03-31 23:36:37 exactly 2015-03-31 23:36:45 <_mjones> It would have been trivial or easy to make bash act as sh when called by the name "/bin/sh" but they didn't do that. 2015-03-31 23:37:10 well…calling bash as sh does disable some feature but not all of them 2015-03-31 23:37:21 <_mjones> It was one of the problems I had with Linux distributions for years. Finally, a few years ago Debian did the right thing and made /bin/sh to be 'dash' (a sh clone). 2015-03-31 23:38:04 <_mjones> Alpine's /bin/sh is called 'ash', the original clone. However this is actually part of /bin/busybox (another story). 2015-03-31 23:38:58 <_mjones> busybox is a way to bundle all of the command programs into one for reduced disk usage, with all of the commands being the same. (busybox is not perfectly the same, also another story). 2015-03-31 23:39:52 <_mjones> The command shell on windows is changeable too, but it was never popular to do so and it's especially rare today. 2015-03-31 23:42:37 <_mjones> unix is modular in general; Linux is particularly modular. However until recently, most Linux distributions used the same major parts, and differed (mostly-ish) in the minor parts. 2015-03-31 23:42:59 <_mjones> That's changed in the last couple of years for a variety of reasons, largest of which is something called 'systemd' which Alpine does not use. 2015-03-31 23:43:49 <_mjones> Alpine is pushing the modularity envelope pretty far, but is still a general-purpose distribution. 2015-03-31 23:45:26 <_mjones> I had thought that the iojs tests failed because Alpine uses musl libc instead of the traditional and overwhelming choice gnu glibc, but that seems not to be the case. 2015-03-31 23:45:42 <_mjones> One of the tests fails because busybox imperfectly replicates the functionality of 'ps'. 2015-03-31 23:46:00 <_mjones> The other ones fail on TLS (formerly known as SSL), but I haven't tracked it down yet. 2015-03-31 23:46:37 copy pasting this conversation. great stuff 2015-03-31 23:48:25 <_mjones> My ways of knowing technical details is greatly helped by understanding the history. It's all a bit Santayana... 2015-03-31 23:49:39 <_mjones> Many of these details are rather lower down the stack than webdevs typically need to know. The libc and kernel stuff is way, way down on the metal. 2015-03-31 23:51:11 <_mjones> I try to be familiar with the whole stack in an ops and dev capacity, but that's an aspiration hard for anyone to truly fulfill. I haven't done any front-end to speak of since CSS1 was current.....