2016-09-13 15:55:20 is there an equivalent of limits.conf under alpine? I want to be able to change a non-root users ulimit settings 2016-09-13 17:37:30 boingolov: i think you can set ulimit in /etc/rc.conf 2016-09-13 17:37:38 with rc_ulimit="...." 2016-09-13 17:38:05 for example to enable core dumps: rc_ulimit="-c unlimited" 2016-09-13 17:38:28 you can also do that per service, in /etc/conf.d/ 2016-09-13 17:46:47 ncopa: thank you! 2016-09-14 00:08:58 I'm having troubles installing letsencrypt on v3.4. I get the following output: ERROR: unsatisfiable constraints: 2016-09-14 00:09:27 oops! ERROR: unsatisfiable constraints: \ letsencrypt (missing): \ required by: world[letsencrypt] 2016-09-14 00:09:52 the system is fully up-to-date 2016-09-14 03:23:21 nukke: that means it can't find the package. it's in the community repo, but it looks like for whatever reason it's missing from 3.4 2016-09-14 03:23:33 and edge for that matter 2016-09-14 03:27:04 looks like it was removed after 3.3 2016-09-14 03:30:47 nukke: looks like it was renamed to certbot 2016-09-14 03:31:14 still in the community repo 2016-09-14 07:27:07 hello 2016-09-14 07:27:23 could use some help on building custom iso image 2016-09-14 07:27:25 http://stackoverflow.com/questions/39484723/alpine-linux-makig-a-custom-iso-image 2016-09-14 07:28:00 I'm not sure if it's been reported already but today dl-cdn.alpinelinux.org is so slow it can't even download APKINDEX.tar.gz 2016-09-14 07:28:58 <_ikke_> 100 656k 100 656k 0 0 636k 0 0:00:01 0:00:01 --:--:-- 644k 2016-09-14 07:29:14 <_ikke_> omame: No issues here 2016-09-14 07:29:53 APKINDEX.tar.gz 6%[=======> ] 45.04K 3.31KB/s eta 3m 5s 2016-09-14 07:30:24 eventually: 2016-09-14 09:28:55 (687 B/s) - Connection closed at byte 11365. Retrying. 2016-09-14 07:30:34 and finally: 2016-09-14 09:28:58 ERROR 503: Connection timed out. 2016-09-14 07:31:46 this happens both on AWS's us-east-1 and on my laptop in europe 2016-09-14 07:39:20 <_ikke_> I'm in Europe and no issues 2016-09-14 07:39:31 <_ikke_> Where does dl-cdn.alpinelinux.org resolve to for you? 2016-09-14 07:39:55 dl-cdn.alpinelinux.org. 646 IN CNAME global.prod.fastly.net. global.prod.fastly.net. 436 IN CNAME prod.a.ssl.global.fastlylb.net. prod.a.ssl.global.fastlylb.net. 19 IN A 151.101.20.249 2016-09-14 07:41:14 <_ikke_> resolves to 151.101.36.249 for me 2016-09-14 07:42:22 if I add an entry to /etc/hosts with your ip address it works just fine 2016-09-14 07:42:38 rogue fastly edge node? 2016-09-14 07:42:40 <_ikke_> So probably a slow node then 2016-09-14 07:43:19 is there a way to report? 2016-09-14 07:46:34 <_ikke_> I don't know 2016-09-14 07:50:37 just dropped a message to fastly support. let's see if that helps. 2016-09-14 12:24:30 boingolov: that worked. didn't realize that I had to manually enable the community repos. thanks! 2016-09-14 14:16:48 hello 2016-09-14 14:17:27 can you guys try and install php7 in a docker container quickly? I get an error (unsatisfiable constraint) 2016-09-14 14:17:33 please :) 2016-09-14 14:18:20 like : docker run -it alpine:3.4 sh 2016-09-14 14:18:47 and : echo http://dl-4.alpinelinux.org/alpine/edge/testing/x86_64/ >> /etc/apk/repositories 2016-09-14 14:18:55 and apk add --update php7 2016-09-14 14:19:24 is there an issue currently with php7 ? 2016-09-14 14:19:25 <_ikke_> I don't see a plain php7 package there 2016-09-14 14:19:33 yes it's in community 2016-09-14 14:19:41 <_ikke_> Look at that dir listing 2016-09-14 14:19:44 but some extensions are in testing 2016-09-14 14:19:56 <_ikke_> Only thing I see is php7-xdebug 2016-09-14 14:20:02 <_ikke_> and extensions 2016-09-14 14:20:58 anyway, with or without this it's not possible to install php7 afaik 2016-09-14 14:21:10 <_ikke_> php7-xdebug should work 2016-09-14 14:21:26 nope 2016-09-14 14:21:50 <_ikke_> apk update && apk add php7-xdebug; does not work? 2016-09-14 14:22:28 nope 2016-09-14 14:23:16 Kooothor, are you trying to run the cli? or apache/nginx + fpm setup? 2016-09-14 14:23:50 gena01: I'm trying to install php7 and nginx in a docker container, with a Dockerfile that worked well 1 month ago 2016-09-14 14:24:18 i think they moved some packages to community from testing.. and some went to unmaintaned. any specific package not working for you? 2016-09-14 14:25:19 this used to work : http://pastebin.com/YikSAiKm 2016-09-14 14:25:49 well without even going into the extensions, just plain old php7 doesn't install 2016-09-14 14:26:03 then you do not use the correct repo 2016-09-14 14:26:07 but it is visible in community 2016-09-14 14:26:27 clandmeter: but the community repo is in the repositories files in etc/apk 2016-09-14 14:26:43 so how come apk doesn't see that php7 is there ? 2016-09-14 14:26:59 i'll take a quick look in a few mins. i tend to build against alpine:edge base and it works for me.. for stuff I need 2016-09-14 14:27:09 apk update 2016-09-14 14:27:18 gena01: yes, I'm using 3.4 because I want a fixed version 2016-09-14 14:28:11 clandmeter: done of course 2016-09-14 14:28:12 it's a docker container. you can tag it with version(s). no need to rebuild every time. but sure 2016-09-14 14:28:25 we have php7 in stable? 2016-09-14 14:28:35 i think i recently moved it to community 2016-09-14 14:28:44 so it should only be in edge 2016-09-14 14:28:57 clandmeter: yes it is in community 2016-09-14 14:29:08 let me try your Dockerfile.. 2 mins 2016-09-14 14:29:15 gena01: cheers :) 2016-09-14 14:31:15 so some php7 modules are ONLY in edge and not 3.4 2016-09-14 14:31:22 like php7-curl 2016-09-14 14:31:28 _ikke_: you were right, php7-xdebug works! oO (I had a typo in the repo url) 2016-09-14 14:33:03 http://pkgs.alpinelinux.org/packages?name=php7-curl&branch=&repo=&arch=&maintainer= 2016-09-14 14:33:32 so you might want to use edge base and community repo 2016-09-14 14:33:35 if you need it 2016-09-14 14:34:09 gena01: even with edge base, it doesn't work! 2016-09-14 14:34:17 actually looks like all of php7 is in edge 2016-09-14 14:34:35 gena01: no, a lot of it is in community 2016-09-14 14:35:27 wait, we're not talking about the same thing here... 2016-09-14 14:35:50 This works for me: http://pastebin.com/JQcWqTn8 2016-09-14 14:36:39 gena01: ahah 2016-09-14 14:36:49 that's exactly what I just tried, and yes it works 2016-09-14 14:36:59 removing the testing repo in edge 2016-09-14 14:38:04 clandmeter, was trying to ping some people in #alpine-devel, anything i can do to help get my aports/patchwork updates reviewed? 2016-09-14 14:38:06 ok so now at least I can build an image, thanks for your help everyone _ikke_ clandmeter gena01 :) 2016-09-14 14:38:25 too bad I'll need to go to edge for that :/ 2016-09-14 14:38:58 i am happy php7 is not in testing repo anymore 2016-09-14 14:39:52 gena01: wouldn't it be time for it to get out of edge ? 2016-09-14 14:40:16 gena01: wich ones? 2016-09-14 14:40:30 clandmeter, 1sec, let me find some of my quick stuff 2016-09-14 14:41:33 what is your pw username? 2016-09-14 14:41:45 submitter name 2016-09-14 14:42:14 gena01: and yes, i prefer github as it will use travis to verify users submissions. 2016-09-14 14:42:21 clandmeter, https://patchwork.alpinelinux.org/patch/2315/ 2016-09-14 14:42:30 i could convert it to PRs.. was following Wiki 2016-09-14 14:43:48 yes please if you dont mind. 2016-09-14 14:43:58 clandmeter, more of my stuff (that i've sent in so far. I have a few more lined up) https://patchwork.alpinelinux.org/project/aports/list/?submitter=187 2016-09-14 14:44:00 also use tabs not spaces to ident 2016-09-14 14:44:28 is there a style guide? (will do) 2016-09-14 14:45:31 Talking about spaces/tabs, did you guys ever heard of (un)expand ? (man 1 expand) 2016-09-14 14:45:37 yes, use tabs and try to wrap at 80 2016-09-14 14:45:38 i am new to this.. so will make mistakes 2016-09-14 14:45:51 join the club, we all do. 2016-09-14 14:46:27 so how do I resubmit? or should I leave those 3 as is? 2016-09-14 14:50:32 you mean as pr? 2016-09-14 14:50:32 <_ikke_> gena01: not sure if pw supports it, but normally you can do a reroll (git format-patch --reroll-count 2016-09-14 14:50:56 clandmeter, yeah. for stuff already in the patchwork 2016-09-14 14:51:52 PR's are created from a fork on github 2016-09-14 14:52:11 you create a new branch and then submit a pr from it 2016-09-14 14:52:13 i know.. i meant for stuff I already submitted. should I do PRs or it's fine? 2016-09-14 14:52:24 do pr's please 2016-09-14 14:52:49 so we know it builds 2016-09-14 14:52:55 I guess I can fork: https://github.com/alpinelinux/aports 2016-09-14 14:53:04 yes exactly 2016-09-14 14:53:07 can somebody update the wiki with GitHub URL and PRs suggestion? 2016-09-14 14:53:15 i think i recently did 2016-09-14 14:53:21 just roughlyh 2016-09-14 14:53:23 -h 2016-09-14 14:56:17 sorry, i can't find it :( so I looked here: https://wiki.alpinelinux.org/wiki/Alpine_Linux:Contribute and then here (after following link to patches): https://wiki.alpinelinux.org/wiki/Development_using_git 2016-09-14 14:56:57 gena01: https://wiki.alpinelinux.org/wiki/Creating_an_Alpine_package 2016-09-14 14:57:59 https://twitter.com/clandmeter/status/776068182574596098 :D 2016-09-14 14:58:36 it only mentions cloning.. anyway.. sorry.. i'll stop.. i'll try to send the PRs in a bit 2016-09-14 14:59:51 gena01: yes docmentation is limited. 2016-09-14 15:00:04 we hope others can help us with it. 2016-09-14 15:01:45 hi, in alpine it seems that my folders have extra folders with the name [/] between each of them 2016-09-14 15:01:54 this is via gmail imap 2016-09-14 15:02:03 how / should i get rid of them? 2016-09-14 15:02:32 teksuport: you should first visit the correct channel :) 2016-09-14 15:02:41 oh whoops~~ 2016-09-14 15:02:43 my bad 2016-09-14 15:02:45 ahah 2016-09-14 15:02:48 sorry, have a nice day 2016-09-14 15:02:53 you too 2016-09-14 16:36:14 How do I configure an interface to obtain IP from dhcp, but use specified DNS servers? 2016-09-14 18:50:43 does alpine have a arm-none-eabi package, it doesn't seem so 2016-09-14 22:58:28 Hey, I've been writing a Dockerfile for some Python stuff and I noticed that the main repos have 'python' and 'python3', but only 'edge' has 'python2'. Is there a particular reason for that? 2016-09-14 23:02:58 tprobinson - in edge python is a dummy package that depends on python2 2016-09-14 23:03:49 @BitL0G1c That's what I thought, cool. Is that expected to migrate into main too? 2016-09-14 23:04:50 tprobinson: next version 2016-09-14 23:05:18 Great, then I can just leave a little temporary workaround in my Dockerfile and pull it out next version. Thanks! 2016-09-14 23:06:52 yes eventually - after all the python packages that support both py2 & py3 have been changed to include py3 versions 2016-09-15 03:16:23 anyone know how to shove additional kernel modules into the initrd? 2016-09-15 03:43:19 ah, got it 2016-09-15 03:43:28 then subsequently jacked up the wrong initrd >< 2016-09-15 08:13:22 Klowner: in /etc/mkinitfs/mkinitfs.conf and /etc/mkinitfs/features.d/ 2016-09-15 08:37:20 ncopa: https and ext3 2016-09-15 08:43:51 fnodeuser: hum 2016-09-15 08:43:53 what was that about? 2016-09-15 08:44:16 somethign with ext3 in installer 2016-09-15 08:44:22 how do i reproduce the problem? 2016-09-15 08:44:26 yes, setup-disk 2016-09-15 08:44:37 the initramfs stage 2016-09-15 08:45:04 it has to be changed to work with ext3 2016-09-15 08:45:20 how can i reproduce the problem? 2016-09-15 08:45:23 ext2, ext3, and ext4, all use the same kernel module 2016-09-15 08:45:26 ext4.ko 2016-09-15 08:45:48 i manually create rootfs as ext3, and setup-disk /mountpoint? 2016-09-15 08:45:58 or was it some other way to reproduce it? 2016-09-15 08:46:39 yes, you create one partition, you create the fs in that partition, then setup-disk /path 2016-09-15 08:46:50 to the mountpoint 2016-09-15 08:47:30 it will fail to boot 2016-09-15 08:47:32 "setup-disk does not add ext3 kernel module to initramfs" 2016-09-15 08:47:37 is that correct description? 2016-09-15 08:48:01 that is currently in the wiki? 2016-09-15 08:50:17 no 2016-09-15 08:50:19 to correct that, the user must chroot to the directory containing the installed rootfs files and directories 2016-09-15 08:50:25 https://bugs.alpinelinux.org/issues/6167 2016-09-15 08:50:31 is that correct description of the problem? 2016-09-15 08:50:40 to change the mkinitfs.conf 2016-09-15 08:50:47 i can't recall everything it has been many days 2016-09-15 08:50:50 let me see 2016-09-15 08:51:08 ERR_SSL_OBSOLETE_CIPHER 2016-09-15 08:51:31 what browser? 2016-09-15 08:51:35 you must enable the non-EC GCM cipher suites 2016-09-15 08:51:40 chromium 2016-09-15 08:52:39 with firefox i get: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 128 bit keys, TLS 1.2 2016-09-15 08:53:36 works for me in chromium too 2016-09-15 08:54:13 This page is secure (valid HTTPS). 2016-09-15 08:54:13 Valid Certificate 2016-09-15 08:54:13 The connection to this site is using a valid, trusted server certificate. 2016-09-15 08:54:13 View certificate 2016-09-15 08:54:13 Secure TLS connection 2016-09-15 08:54:14 The connection to this site is using a strong protocol version and cipher suite. 2016-09-15 08:54:16 Secure Resources 2016-09-15 08:54:18 All resources on this page are served securely. 2016-09-15 08:55:12 firefox still supports the DHE cipher suites, but support for those was removed from chromium, and chrome because chrome is based on chromium 2016-09-15 08:57:17 from firefox i can see to tell you, but this is something that must change in the configuration of the web servers 2016-09-15 08:57:53 that is correct 2016-09-15 08:58:44 works is chromium Version 53.0.2785.92 (64-bit) 2016-09-15 08:59:41 a new initramfs must be created by modifying first the mkinitfs.conf file and then to chroot to where the rootfs is mounted to run mkinitfs 2016-09-15 08:59:56 then it will boot after installing correctly the bootloader also 2016-09-15 09:00:07 because it uses the EC cipher suites 2016-09-15 09:00:17 without EC cipher suites it fails 2016-09-15 09:02:46 remember, use ext4 for ext2 and ext3, ext2 and ext3 are aliases for ext4 2016-09-15 09:03:13 also http must be redirected to https 2016-09-15 09:03:44 how do i fix the ciphersuites in nginx config? 2016-09-15 09:03:58 i'll check quickly 2016-09-15 09:05:21 ncopa, this is my nginx config for ssl ciphers: 2016-09-15 09:05:22 http://pastebin.com/2MBp42Y4 2016-09-15 09:06:22 allow also only tls 1.2 2016-09-15 09:06:52 fnodeuser, agreed 2016-09-15 09:07:54 AES128-GCM-SHA256 and AES256-GCM-SHA384 2016-09-15 09:08:46 :AESGCM: 2016-09-15 09:08:51 like that also 2016-09-15 09:09:49 fnodeuser: does it work now? 2016-09-15 09:10:13 let's see 2016-09-15 09:10:27 i cannot reproduce your problem here 2016-09-15 09:10:36 do i need to reconfig my chromium to reproduce it? 2016-09-15 09:10:47 on bugs.alpinelinux.org no 2016-09-15 09:11:06 alpinelinux.org not here 2016-09-15 09:11:21 lets do bugs.a.o first 2016-09-15 09:11:28 the wiki is ok 2016-09-15 09:11:53 chrome on osx does not complain 2016-09-15 09:11:54 no, that got away 2016-09-15 09:12:00 AES_256_CBC with HMAC-SHA1 2016-09-15 09:12:16 no CBC cipher suites, GCM ones only 2016-09-15 09:12:39 <^7heo> dang, should I read the whole log or would someone be kind enough to tell me what's the issue discussed? ;P 2016-09-15 09:13:18 ERR_SSL_OBSOLETE_CIPHER 2016-09-15 09:13:26 because it still uses the EC cipher suites, an order of preference is sent to the server 2016-09-15 09:13:28 <^7heo> ah 2016-09-15 09:13:29 <^7heo> thanks ncopa 2016-09-15 09:13:39 <^7heo> with what browser? 2016-09-15 09:13:51 <@ncopa> what browser? 2016-09-15 09:13:51 chromium 2016-09-15 09:13:56 <^7heo> danke 2016-09-15 09:14:08 unless if you disabled EC suites those will be used 2016-09-15 09:14:15 <^7heo> fnodeuser: afaik SSL uses a negociation so if a CIPHER isn't wished by the client, it will request another one. 2016-09-15 09:14:23 <^7heo> that ^ 2016-09-15 09:14:49 both send what is supported and enabled, then negotiation can follow 2016-09-15 09:14:55 <^7heo> yes. 2016-09-15 09:15:10 fnodeuser: i didnt disabled any cipher on any borwser 2016-09-15 09:15:12 <^7heo> and that error means: I, browser, declare that no available cipher is not obsolete. 2016-09-15 09:15:12 browser 2016-09-15 09:15:33 in this case it's the web server configuration that must be modified to enable connections with those cipher suites 2016-09-15 09:15:34 <^7heo> ncopa: care to share the nginx config? 2016-09-15 09:15:39 <^7heo> ncopa: at least the ssl conf part. 2016-09-15 09:16:03 <^7heo> ncopa: or was it done by someone else? 2016-09-15 09:16:09 <^7heo> fnodeuser: what server was it 2016-09-15 09:16:11 ncopa: i checked what is enabled, that is why i told you about it 2016-09-15 09:16:29 the alpinelinux.org web servers 2016-09-15 09:16:30 only "ssl on" + ssl_certificate* is set 2016-09-15 09:16:44 <^7heo> ncopa: in the nginx config? 2016-09-15 09:16:49 yes 2016-09-15 09:16:52 <^7heo> that's not good. 2016-09-15 09:16:55 http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ciphers 2016-09-15 09:17:26 http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_protocols 2016-09-15 09:17:26 <^7heo> it's best to explicitely disable some protocls and ciphers. 2016-09-15 09:17:28 <^7heo> yeah 2016-09-15 09:17:30 <^7heo> that ^ 2016-09-15 09:17:47 I should read openssl's man to decipher what this line means 2016-09-15 09:18:02 from here 2016-09-15 09:18:04 https://www.openssl.org/docs/manmaster/apps/ciphers.html 2016-09-15 09:18:15 so 2016-09-15 09:18:19 TLS_RSA_WITH_AES_128_GCM_SHA256 AES128-GCM-SHA256 2016-09-15 09:18:20 TLS_RSA_WITH_AES_256_GCM_SHA384 AES256-GCM-SHA384 2016-09-15 09:18:22 Most of the time, I try random string I found on the internet, and check if they're good with ssl labs (#yolosysadmin) 2016-09-15 09:18:43 ty fnodeuser :-) 2016-09-15 09:18:49 you use the second column names to configure the applications 2016-09-15 09:18:56 you're welcome 2016-09-15 09:19:00 <^7heo> for example 2016-09-15 09:19:03 why i'm sceptic to manually change it in nginx config 2016-09-15 09:19:05 <^7heo> it's important to disable SSLv2 2016-09-15 09:19:17 the first column has the names of the cipher suites as they are named in the RFCs 2016-09-15 09:19:21 then i manually need to maintain it 2016-09-15 09:19:37 <^7heo> ncopa: yes but there's no automatic way around security. 2016-09-15 09:19:39 <^7heo> ncopa: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html 2016-09-15 09:19:47 i woudl like to "apk upgrade" 2016-09-15 09:19:50 <^7heo> this is a good summary from what I've quickly reviewed. 2016-09-15 09:19:53 no, and TLS 1.3 is being worked on as we speak, at most you'll just add tls 1.3 and a cipher change 2016-09-15 09:19:58 <^7heo> ncopa: nah there's no such way. 2016-09-15 09:20:01 anyone knows how to fix this problem for custom live iso image? 2016-09-15 09:20:02 https://snag.gy/r3F7wP.jpg 2016-09-15 09:20:12 so what i'm thinking is to have a config file with the ciphers 2016-09-15 09:20:13 <^7heo> ncopa: I mean, we could enforce that, but different people have different security needs. 2016-09-15 09:20:21 in a package 2016-09-15 09:20:28 <^7heo> ncopa: for example some people would need to support older browsers with weaker protocols/ciphers. 2016-09-15 09:20:43 include file with the recommended ssl config 2016-09-15 09:20:56 <^7heo> ncopa: I would rather go for a tool that generates the optimal config based on what you need to support 2016-09-15 09:21:04 <^7heo> à la menu-config 2016-09-15 09:21:13 <^7heo> but that's too much handholding already 2016-09-15 09:21:17 then i can in my nginx config include the file 2016-09-15 09:21:23 <^7heo> and will make people dumber. 2016-09-15 09:21:46 <^7heo> ncopa: in that case, I can see one alternative 2016-09-15 09:21:46 i dont want edit the file in N locations 2016-09-15 09:21:57 <^7heo> ncopa: let's make N files with different configs 2016-09-15 09:22:04 and go and verify that they are a up to date 2016-09-15 09:22:10 manually 2016-09-15 09:22:13 <^7heo> ncopa: based on the configs required to work with different browsers 2016-09-15 09:22:15 manual work = human mistakes 2016-09-15 09:22:19 <^7heo> and people will include the one they need. 2016-09-15 09:22:22 <^7heo> how about that? 2016-09-15 09:22:53 it's impossible to make a mistake, you change two short lines :P 2016-09-15 09:22:56 <^7heo> the issue here is the exponential progression of the cardinality of sets from combinatory logic. 2016-09-15 09:23:17 <^7heo> fnodeuser: no it's NOT impossible to make a mistake, ncopa is right; but it's pretty safe to change, you're right. 2016-09-15 09:23:26 fnodeuser: mistake as in forget add those two lines in one of the servers 2016-09-15 09:23:29 only if you're caresless and unlucky 2016-09-15 09:23:37 <^7heo> fnodeuser: s/and/or/ 2016-09-15 09:23:38 careless 2016-09-15 09:23:42 the problem happens when those two lines needs to be modified in future 2016-09-15 09:23:46 and i have N servers 2016-09-15 09:23:53 <^7heo> ncopa: let's open a ticket in b.a.o? 2016-09-15 09:24:01 maybe i forgot one of the servers 2016-09-15 09:24:01 well, you would have to change those either way 2016-09-15 09:24:21 <^7heo> ncopa: I'd be up for generating the config includes if you want. 2016-09-15 09:24:22 so i want a shared config file 2016-09-15 09:24:27 i change it one place 2016-09-15 09:24:30 that's another solution 2016-09-15 09:24:43 if it's possible in your case 2016-09-15 09:24:56 http://pastebin.com/2MBp42Y4 2016-09-15 09:25:02 <^7heo> I mean, it's not like I have nothing to do already 2016-09-15 09:25:10 dont tell me its easy to get something wrong in those two lines 2016-09-15 09:25:10 <^7heo> but that seems like an interesting problem and evolution. 2016-09-15 09:25:32 <^7heo> ncopa: s/easy/hard/ 2016-09-15 09:25:42 <^7heo> (I suppose that is what you meant) 2016-09-15 09:25:57 i mean easy to make mistakes 2016-09-15 09:26:00 <^7heo> yeah 2016-09-15 09:26:02 that line can become short 2016-09-15 09:26:05 <^7heo> fnodeuser: +1 2016-09-15 09:26:13 AESGCM 2016-09-15 09:26:14 AES in Galois Counter Mode (GCM): these ciphersuites are only supported in TLS v1.2. 2016-09-15 09:26:15 <^7heo> that is unnecessary explicit. 2016-09-15 09:26:23 AESGCM: in the beginning 2016-09-15 09:26:31 <^7heo> anyway, got work to do. 2016-09-15 09:26:45 i have to work too 2016-09-15 09:26:47 <^7heo> but yeah, it'd be neat to have files to include, packaged in the nginx package 2016-09-15 09:26:57 woudl be nice to have it in a bug on bugs.a.o 2016-09-15 09:27:00 so i dont forget 2016-09-15 09:27:01 <^7heo> I'll open one. 2016-09-15 09:27:04 <^7heo> at once. 2016-09-15 09:27:07 thanks! 2016-09-15 09:27:13 <^7heo> don't mention it. 2016-09-15 09:27:19 thank you ^7heo 2016-09-15 09:27:40 <^7heo> and will review my other bugs in case I forgot something. 2016-09-15 09:27:46 <^7heo> ncopa: do you mind if I assign myself to it? 2016-09-15 09:28:27 ofc not 2016-09-15 09:28:42 <^7heo> ok 2016-09-15 09:29:00 <^7heo> do we have a CLI tool to manage the bugs? 2016-09-15 09:29:15 <^7heo> (I assume not) 2016-09-15 09:29:19 <^7heo> (I'd love one) 2016-09-15 09:29:26 <_ikke_> remine has an API 2016-09-15 09:29:28 <^7heo> (at least so I can dump my open tickets when I open a shell) 2016-09-15 09:29:30 <_ikke_> so it's possible 2016-09-15 09:29:32 <^7heo> yeah sure 2016-09-15 09:29:39 <^7heo> possible != we have it ;) 2016-09-15 09:29:42 <^7heo> everything's possible 2016-09-15 09:29:43 <^7heo> :D 2016-09-15 09:29:53 https://github.com/diasjorge/redmine-cli 2016-09-15 09:30:05 so: gem install redmine-cli 2016-09-15 09:30:07 and you have it 2016-09-15 09:30:27 <_ikke_> (And enable your API key in redmine) 2016-09-15 09:30:34 ssl_protocols TLSv1.2; 2016-09-15 09:31:31 <^7heo> got 2016-09-15 09:31:33 <^7heo> gem 2016-09-15 09:31:35 <^7heo> gott* 2016-09-15 09:31:39 <^7heo> WHY RUBY 2016-09-15 09:31:45 <^7heo> why not python or lua? 2016-09-15 09:31:48 <^7heo> people... 2016-09-15 09:31:57 :D 2016-09-15 09:32:11 ssl_ciphers 'AES256-GCM-SHA384:AES128-GCM-SHA256'; 2016-09-15 09:32:13 lol 2016-09-15 09:32:53 <^7heo> #6168 2016-09-15 09:32:57 but firefox doesn't have support for those 2016-09-15 09:32:58 <_ikke_> https://pypi.python.org/pypi/Redmine-CLI/0.0.4 2016-09-15 09:33:02 <^7heo> ncopa: ^ 2016-09-15 09:33:05 <_ikke_> ^7heo: ^^ 2016-09-15 09:33:14 <^7heo> _ikke_: <3 2016-09-15 09:33:28 so one or two more are needed 2016-09-15 09:33:39 <^7heo> fnodeuser: one or two more what? 2016-09-15 09:33:46 cipher suites 2016-09-15 09:34:09 maybe there will be some cipher suite changes for ff 49 2016-09-15 09:34:22 <^7heo> ah yeah 2016-09-15 09:34:28 <^7heo> there's no "reporter" field in redmine? 2016-09-15 09:34:35 <_ikke_> author 2016-09-15 09:34:45 <^7heo> ah thanks 2016-09-15 09:35:43 <^7heo> ncopa: can I have the rights to assign the issues to me in redmine please? 2016-09-15 09:35:51 <^7heo> ncopa: at least MY issues ;) 2016-09-15 09:36:23 seems like it already is assigned to you? 2016-09-15 09:36:28 <^7heo> not that one. 2016-09-15 09:36:31 <^7heo> some other 2016-09-15 09:36:37 <^7heo> #5981 2016-09-15 09:36:59 <^7heo> I have solved the problem at the source (upstream) for ipython, but we might still have a the segfault in python itself. 2016-09-15 09:37:18 <^7heo> ncopa: see https://github.com/jonathanslenders/python-prompt-toolkit/pull/364 for more info 2016-09-15 09:38:32 <^7heo> (the ioctl function that is called has a completely different code depending on the number of parameters) 2016-09-15 09:38:55 <^7heo> (so removing the last parameter changes the address of the jump and solves the symptom) 2016-09-15 09:39:18 <^7heo> https://github.com/jonathanslenders/python-prompt-toolkit/pull/364/files#diff-861f8ef3782cd6eb8cdc5abf3eab5cefL317 2016-09-15 09:41:16 ^7heo: try if you can edit your bug now 2016-09-15 09:41:53 <^7heo> thanks 2016-09-15 09:41:56 <^7heo> I'll try 2016-09-15 09:43:16 <^7heo> ncopa: you're awesome :D 2016-09-15 09:43:19 <^7heo> it works! 2016-09-15 09:43:21 <^7heo> thanks so much! 2016-09-15 09:43:53 <^7heo> now I can see stuff that's assigned to me because I can correct my reports ;) 2016-09-15 09:43:56 <^7heo> \o/ 2016-09-15 09:44:00 <^7heo> yeah algitbot ! :) 2016-09-15 09:44:14 :D 2016-09-15 09:44:18 <^7heo> ncopa: should I also assign #5961 to me? 2016-09-15 09:44:31 <^7heo> I plan to work on it asap, but "p" is getting farther away every evening. 2016-09-15 09:44:41 <^7heo> hopefully I will do it this week 2016-09-15 09:45:52 re https https://www.ssllabs.com/ssltest/analyze.html?d=bugs.alpinelinux.org 2016-09-15 09:47:56 TLS_DHE_RSA_WITH_AES_128_CBC_SHA DHE-RSA-AES128-SHA 2016-09-15 09:47:57 TLS_DHE_RSA_WITH_AES_256_CBC_SHA DHE-RSA-AES256-SHA 2016-09-15 09:48:02 these cover firefox 2016-09-15 09:48:40 we'll see with ff49 if it will have non-EC GCM cipher suite support 2016-09-15 09:53:02 ssl_ciphers 'AES256-GCM-SHA384:AES128-GCM-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA'; 2016-09-15 09:54:45 and by excluding all the weak, broken, and unsuitable for security ones, downgrade attacks become impossible 2016-09-15 09:55:33 and other attacks 2016-09-15 10:00:52 <^7heo> "one minute, I'm starting firefox. My machine is just a core i5 with 4 threads and 16GB of ram, it's not a 384 threads with 2TB of ram. So give me a minute" 2016-09-15 10:00:57 <^7heo> Welcome to 2016 ™ 2016-09-15 10:01:09 <^7heo> oh sorry, that was meant for #alpine-offtopic 2016-09-15 11:01:13 hello folks 2016-09-15 12:14:19 ncopa, i just saw the analysis, i missed that message, no non-DHE non-EC cipher suites are currently enabled 2016-09-15 12:15:47 non-EC DHE cipher suites are deprecated from 53+ in the case of chromium and up-to-date chromium-based web browsers, like chrome 2016-09-15 14:54:24 ncopa, fnodeuser helped me confirm that the kernel in raspberry pi port is not patched with grsecurity. Is there a reason why it doesn't have it? 2016-09-15 14:57:51 Trying to install linux-grsec within rpi fails, because firmware directory is a symlink to a read-only squashfs mount. 2016-09-15 15:01:28 i think rpi kernel needs special patch 2016-09-15 15:02:04 i dont know how intrusive it is, but it will likely not work with grsecurity 2016-09-15 15:02:15 and we dont want the rpi specific stuff in the default kernel 2016-09-15 15:19:50 ncopa: I think the raspi is getting more support in mainline, so at some point you probably don't need a separate kernel tree anymore 2016-09-15 15:19:58 but yeah, the current way seems sensible for now 2016-09-15 15:31:47 Thanks, ncopa 2016-09-15 15:34:02 trying to set up zfs root is a pain the butt 2016-09-15 16:19:37 Klowner: i'd rather have a super-static and simple /bin,/sbin,/lib so it's always there even if problems arise 2016-09-15 16:19:59 at least while it's still like that 2016-09-15 16:21:11 Klowner: could you please let me know if you succeed? 2016-09-15 16:42:06 kahiru: ya, I'm trying to document everything 2016-09-15 16:42:25 I've gotten everything working except for the mounting at boot portion 2016-09-15 16:42:30 nice 2016-09-15 16:42:47 from the initrd shell I have to touch /etc/mtab, import the zpool, and then mount it 2016-09-15 16:42:54 so it's close 2016-09-15 16:44:28 uhmm, why does the mtab need to be touched? 2016-09-15 16:44:48 good question! 2016-09-15 16:45:11 zpool import complains about /dev/zfs not existing, when it clearly does 2016-09-15 16:45:27 apparently the actual issue is that it freaks out if there's no /etc/mtab 2016-09-15 16:45:42 well it's a bug if there's none 2016-09-15 16:45:55 just make the normal symlink to /proc/mounts? 2016-09-15 16:46:23 oh good idea 2016-09-15 16:46:31 it's just missing in the initrd, right? 2016-09-15 16:46:36 yep 2016-09-15 16:46:47 I'm not sure how to get that into the initrd 2016-09-15 16:46:47 hmm, I remember running into that /dev/zfs not existing, but I'd never guess it could be solved by having an mtab -.- 2016-09-15 16:47:41 ya, totally unhelpful error. Only after googling a bit did I find the mtab hint 2016-09-15 16:47:45 which arc stats script should i best use on linux? 2016-09-16 13:38:38 update-kernel uses /tmp to create all the files it seems, this happend to work on a fresh install of alpine but if things are installed there would not be enough space, surely the files should just be created at the destination? 2016-09-16 18:09:09 does anyone know of a firewall gui (web managed) similiar to pfsense but for alpine linux 2016-09-16 18:11:09 I see that the ca-certificates package uses the upstream debian source for the certs and has a process that builds the ca bundle but didn't find any documentation on adding your own certs to the bundle 2016-09-16 18:11:32 is that just a matter of ading the crt, updating the ca-certificates.conf and re-running the update.d script? 2016-09-16 18:11:43 or is there another more approved method? 2016-09-16 18:30:26 hi 2016-09-16 18:30:36 <_ikke_> ohai 2016-09-16 18:30:41 is there some bigger problem with alpine on virtualbox? 2016-09-16 18:32:49 for me it just shows black screen when i run startx 2016-09-16 18:35:33 and Xorg -configure gives "No devices to configure" error 2016-09-16 18:36:52 I spent enough time with Alpine + VirtualBox to make me switch the virtualization product 2016-09-16 18:37:03 ok 2016-09-16 18:42:00 the problem isn't VirtualBox tho, the problem lies solely with Alpine, I don't know where exactly, but it doesn't work much better under any virtualization 2016-09-16 18:42:14 as far as using X is required 2016-09-16 18:42:34 could be if you ditch the grsec kernel it might, but that's just a guess 2016-09-16 19:09:02 i'm still in search of a router web gui for alpine 2016-09-16 19:09:17 i want to run alpine as a replacement for pfsense in my homestack 2016-09-16 19:13:24 not sure about what exactly is available but I think I've seen shorewall in the repositories 2016-09-16 19:16:10 i'm working on building one but it's still a long ways out from release 2016-09-16 20:43:23 alazare619: you could use awall and ACF 2016-09-16 20:43:46 run 'setup-acf' and 'apk add acf-awall' 2016-09-16 20:43:55 more info in the wiki 2016-09-16 20:44:10 yea i seen shorewall in the repo's and awall i looked into but it didnt appear to be a web gui either just like shorewall 2016-09-16 20:44:27 i did come across that openwrt is based on alpine linux and its x86 able 2016-09-16 20:44:34 ACF is the web gui 2016-09-16 20:45:07 if you have questions, I'll be back in 15-30 minutes 2016-09-16 20:45:18 1 question 2016-09-16 20:45:28 will ACF do routing/subnetting besides just firewall 2016-09-16 20:45:35 i.e. can it replace pfsense in a whole 2016-09-16 20:45:53 i'm just not a BSD guy... 2016-09-16 20:50:36 what little information I could find quickly, yes 2016-09-16 21:15:58 alazare619: ACF has modules for a bunch of networking services/tools, but is purposely simple 2016-09-16 21:16:06 in line with Alpine's motto 2016-09-16 21:16:16 it looks like webmin but for alpine? 2016-09-16 21:16:23 i mean from what i' reading 2016-09-16 21:16:37 you could explain it that way 2016-09-16 21:17:11 i installed it but only have a vm atm that i cant bridge so installing xfce4 atm 2016-09-16 21:17:36 i'm really diggitng alpine tho this is my first real dable with it 2016-09-16 21:17:46 feels faster then arch even 2016-09-16 21:19:55 available ACF modules can be seen here: https://pkgs.alpinelinux.org/packages?name=acf-*&branch=edge&repo=main&arch=x86_64&maintainer= 2016-09-16 21:20:28 acf-alpine-baselayout includes /etc/network/interfaces management 2016-09-16 21:20:56 hmm cant get x11 to boot in virtualbx... 2016-09-16 21:21:48 ACTION is not experienced with X, just console 2016-09-16 21:23:54 looks to be known 2016-09-16 21:39:19 ok x11 is working got firefox and i'm in the acf framework 2016-09-16 21:41:39 tdtrask: getting a message stating firewal isnt enabled in the kernel 2016-09-16 21:41:50 i'm not seeing anything regarding a modprobe 2016-09-16 21:41:55 https://wiki.alpinelinux.org/wiki/How-To_Alpine_Wall 2016-09-16 21:55:25 alazare619: there are modprobe instructions in the document you linked to 2016-09-16 21:55:38 yea i got it 2016-09-16 21:55:44 the interface isnt what i was hoping for 2016-09-16 21:55:54 i was hoping for something similiar to like dd-wrt or the likes 2016-09-16 21:56:15 yeah, you can build pages on top of what's there (and hide what's there) 2016-09-16 21:56:30 but, the provided interface is pretty basic 2016-09-16 21:59:01 yea its just a textpad 2016-09-16 21:59:12 that you can use the scripts to do what you want... 2016-09-17 01:30:42 hmm, ifdown not working. no /run/network/ifstate. howto restart interface with new config from etc/interfaces? 2016-09-17 05:12:15 great ;P openconnect for arm but not x86_64. 2016-09-17 10:35:54 alice_wl: Hmm, ifdown/ifup should work… did you "service networking start"? 2016-09-17 11:16:15 hi folks 2016-09-17 11:17:01 Can I run apk.static on mac os x? 2016-09-17 13:38:32 jomat: nope, fell asleep :), didnt want to kill the interface i m on. 2016-09-17 13:52:45 hi, all 2016-09-17 13:52:50 <^7heo> hi. 2016-09-17 13:52:54 Is there a cscope package for alpine? 2016-09-17 13:53:01 helps to mount /boot before generating a new initrd >< 2016-09-17 13:53:09 <^7heo> yes. yes it does. 2016-09-17 13:53:53 <^7heo> t0vig: https://release-monitoring.org/project/367/ ? 2016-09-17 13:54:54 <^7heo> hmm, sounds possibly interesting. 2016-09-17 13:54:58 that would be it 2016-09-17 13:55:18 <^7heo> no package for it. 2016-09-17 13:55:28 <^7heo> you're welcome to make one || wait for someone to do it 2016-09-17 13:55:48 Okay, thanks. I might take a look at building it, then. 2016-09-17 13:56:00 <^7heo> I could also do it, if it's easy to build. 2016-09-17 13:56:11 <^7heo> I don't mind, if it's just make && make install 2016-09-17 13:56:17 <^7heo> and no horrific other stuff. 2016-09-17 13:56:42 <^7heo> also if you want help regarding building packages and maintaining in general, I'd recommend to /join #alpine-devel 2016-09-17 13:58:23 Thanks for the info. I'll look into it, since I think it's using autotools; might be an easy way to get familiar with alpine's packaging. 2016-09-17 13:59:11 <^7heo> alpine has one of the best packaging systems I've seen to date. 2016-09-17 13:59:20 <^7heo> also, simple. 2016-09-17 14:01:15 Yeah, after using the major distros, along with Gentoo, then Arch, I'm quickly learning to love Alpine 2016-09-17 14:07:30 <^7heo> Gentoo is really cool 2016-09-17 14:07:38 <^7heo> but it's also a giant time sink 2016-09-17 14:10:47 Yes, I stopped using it because I got tired of always fixing my computer 2016-09-17 14:11:06 <^7heo> yeah, that's how it works 2016-09-17 14:11:48 putting together something like xorg or gcc was a bit of a pain 2016-09-17 14:12:13 xorg took hours on my old setup 2016-09-17 14:12:16 <^7heo> Disrupt: in Alpine? 2016-09-17 14:12:18 the first time i gentoo'd i think xorg alone ate up a whole afternoon 2016-09-17 14:12:31 nah 7heo, gentoo i mean 2016-09-17 14:12:53 <^7heo> ah ok 2016-09-17 14:19:46 who -HERE * 2016-09-17 14:21:51 gentoo was my first loonix, i have a bit of a soft spot for it 2016-09-17 14:48:20 sl0wlaris: timesink depends on how you see it - I spend a lot of time setting up everything I need with other distros because they 1) don't present it or 2) present a messed up build/config 2016-09-17 14:48:40 e.g. in alpine pcsc-lite doesn't work with gnupg unless you make some symlinks, and that requires some debugging 2016-09-17 14:50:27 <^7heo> Disrupt: Gentoo is like a good looking young girl that lets you do whatever you want to her. 2016-09-17 14:50:34 <^7heo> Disrupt: of course you have a soft spot for that ;) 2016-09-17 14:50:41 lol 2016-09-17 14:51:02 <^7heo> Disrupt: but like any good looking young girl, gentoo takes all your free time, prevents you from seeing your friends, and turns you into a mindless zombie that follows its will. 2016-09-17 15:17:45 so irritating, I put a zpool import in mkinitramfs-init but it says "no pool found", but then when it drops me to the rescue prompt, zpool import is successful >:[ 2016-09-17 15:20:08 <^7heo> Klowner: what are you trying to achieve? I don't know zpool 2016-09-17 15:20:16 oh, zfs root 2016-09-17 15:20:37 maybe I can strace the zpool call and see if there's something it's failing to find 2016-09-17 15:24:22 <^7heo> Klowner: the thing is 2016-09-17 15:24:32 <^7heo> Klowner: I have no clue about a zfs root pool 2016-09-17 15:24:39 <^7heo> Klowner: but I'm currently working on the nlplug-findfs 2016-09-17 15:24:58 <^7heo> Klowner: which is the tool alpine uses to mount the necessary volumes before booting into them. 2016-09-17 15:25:03 ah-ha 2016-09-17 15:25:12 I should be looking at that then 2016-09-17 15:25:18 <^7heo> well, depends 2016-09-17 15:26:35 <^7heo> but you might want to have a look at the mkinitfs repo anyway 2016-09-17 15:26:45 <^7heo> like 2016-09-17 15:26:57 <^7heo> I see features.d/ext3.modules, features.d/ext4.modules, etc. 2016-09-17 15:27:02 <^7heo> but I don't see any features.d/zfs.modules 2016-09-17 15:27:07 <^7heo> so that might explain something already. 2016-09-17 15:27:27 oh yah, I had to make all those 2016-09-17 15:27:47 I see, nlplug-findfs is responsible for mdadm and stuff 2016-09-17 15:27:52 <^7heo> and cryptfs 2016-09-17 15:27:58 <^7heo> I just fixed the deported LUKS header 2016-09-17 15:28:04 gotcha 2016-09-17 15:28:11 <^7heo> so if all goes well, soon, alpine users will be able to use a LUKS deported header 2016-09-17 15:28:17 niiiice 2016-09-17 15:28:24 <^7heo> i.e. to have all the sensitive information on a DIFFERENT drive 2016-09-17 15:28:29 <^7heo> such as a removable drive ;) 2016-09-17 15:28:33 that's super cool 2016-09-17 15:28:36 <^7heo> isn't it? 2016-09-17 15:28:37 <^7heo> :D 2016-09-17 15:28:47 <^7heo> and I got myself a padlock 2 for that very reason 2016-09-17 15:28:56 <^7heo> so now I'll be able to finally USE it for something relevant. 2016-09-17 15:29:09 oh neat 2016-09-17 15:29:12 <^7heo> (and yes, good luck booting my computer if I don't want you to, then ;D) 2016-09-17 15:29:16 encrypted thumbdrive? 2016-09-17 15:29:20 <^7heo> yes. 2016-09-17 15:29:25 nifty, I have not seen those 2016-09-17 15:29:25 <^7heo> hardware encryption with hardware pin. 2016-09-17 15:29:36 <^7heo> (at least that's what's advertized) 2016-09-17 15:29:42 <^7heo> (I didn't bother to check that part yet) 2016-09-17 15:30:11 thanks for the point over to nlplug-findfs 2016-09-17 15:30:25 the zpool stuff is much like mdadm, seems like an appropriate place to dabble 2016-09-17 15:30:26 <^7heo> no worries. 2016-09-17 15:30:33 <^7heo> well, depends what it does 2016-09-17 15:30:39 <^7heo> if it's just a kernel module 2016-09-17 15:31:07 it's a few modules plus a couple binaries (zfs and zpool) 2016-09-17 15:31:14 <^7heo> you might get it working only by: $ echo "kernel/fs/zfs" > features.d/zfs.modules 2016-09-17 15:31:28 <^7heo> and adding 'features.d/zfs.modules' to the Makefile. 2016-09-17 15:31:35 <^7heo> (in the mkinitfs project) 2016-09-17 15:31:44 <^7heo> Klowner: also 2016-09-17 15:31:49 <^7heo> Klowner: if you plan to implement that 2016-09-17 15:31:56 <^7heo> Klowner: please wait a little to send the PR 2016-09-17 15:32:03 <^7heo> Klowner: I just implemented automated testing of mkinitfs 2016-09-17 15:32:13 heh, sure thing 2016-09-17 15:32:22 <^7heo> Klowner: so when that is in, you'll be able to write tests to ensure it doesn't break from now on ;) 2016-09-17 15:32:34 very important! 2016-09-17 15:32:38 <^7heo> indeed. 2016-09-17 15:32:48 <^7heo> someone introduced a segfault in it recently 2016-09-17 15:32:53 <^7heo> in the nlplug-findfs 2016-09-17 15:32:57 <^7heo> I was able to fix it but... 2016-09-17 15:33:15 <^7heo> it'd have been good to have the automated testing when the segfault was introduced, or even before. 2016-09-17 15:33:19 <^7heo> so we would have seen it 2016-09-17 15:54:48 alpine's number of packages is really impressive 2016-09-17 15:55:40 added bspwm and it just werks 2016-09-17 15:57:49 <^7heo> Disrupt: we're trying to keep it simple and automate what we can. 2016-09-17 15:57:54 <^7heo> Disrupt: so I hope it pays off ;) 2016-09-17 16:03:32 HA! it worked 2016-09-17 16:03:39 ACTION does zfs root dance 2016-09-17 16:07:23 <^7heo> Klowner: what did you do? 2016-09-17 16:07:37 <^7heo> Klowner: addded the module in the file and the makefile? 2016-09-17 16:07:53 Hi, I'm kinda new to Alpine, just a question... what's the point of busybox on a desktop (not portable) system? 2016-09-17 16:07:59 does it really increase performance? 2016-09-17 16:08:18 <^7heo> judge by yourself: I have a fully booted desktop using 200MB of ram. 2016-09-17 16:08:28 <^7heo> with X and zsh 2016-09-17 16:08:34 <^7heo> in a virtual terminal 2016-09-17 16:08:43 <^7heo> I can see movies, listen to music, etc. 2016-09-17 16:08:57 <^7heo> if I browse the web tho, it's gonna be MUCH more then, because firefox is another OS. 2016-09-17 16:09:31 ^7heo: I'll write it all up, but I added all the required modules to the mkinitrd features stuff, then I added zpool stuff to nlplug-findfs 2016-09-17 16:09:47 although right now it seems to be importing every pool rather than just the one I'm specifying as root 2016-09-17 16:10:17 <^7heo> Klowner: if you wanna use github to make a PR, you can "github fork" the mkinitfs project there. 2016-09-17 16:10:23 <^7heo> Klowner: so I can see your stuff :) 2016-09-17 16:12:14 oh ya, it's up there 2016-09-17 16:12:15 https://github.com/Klowner/mkinitfs 2016-09-17 16:13:18 Hi, I'm kinda new to Alpine, just a question... what's the point of busybox on a desktop (not portable) system? 2016-09-17 16:17:11 I just want to understand its benefits on a desktop system 2016-09-17 16:17:20 <^7heo> Klowner: noice 2016-09-17 16:17:49 <^7heo> LuMint: dude, if you want to make friends on IRC, try not to ignore the answers people give you 2016-09-17 16:19:35 busybox is nice, what's the point to use something other on a desktop system? 2016-09-17 16:20:13 ^7heo: ok, but I didn't ignore the answers. I thought "judge by yourself:" was a nickname xD 2016-09-17 16:21:47 ^7heo: so do I without busybox 2016-09-17 16:22:01 ^7heo: my system eats around 200MBs as well upon boot 2016-09-17 16:23:40 jomat: the possible downside is someone's scripts not working because the utilities from busybox lack arguments 2016-09-17 16:24:30 congratulations, you now depend on GNU coreutils. 2016-09-17 16:26:40 :D 2016-09-17 16:29:10 Back when Solaris was a thing I maintained coreutils alongside the sunos base system. We had /usr/ucb userland to emulate BSD as well. 2016-09-17 16:29:42 So there is prior art maintaining multiple working environments (universes). 2016-09-17 16:31:07 and since busybox is sufficient to get you to the party it's a reasonable choice of base systems if you're doing dependency minimization or targeting disk-conscious users. 2016-09-17 16:55:12 very close.. seems like maybe the blkid_get_tag_value is failing to get the UUID or something 2016-09-17 17:32:04 ah, I suspect I need a "zpool export" on shutdown or something 2016-09-17 17:41:06 works, yusss 2016-09-17 18:48:16 <^7heo> Klowner: I'm looking forward to adding tests for that 2016-09-17 18:49:26 hopefully tonight or tomorrow I can write up a little guide 2016-09-17 18:49:37 hit me up when you get your testing stuff all merged 2016-09-17 18:49:41 <^7heo> I will 2016-09-17 18:49:48 <^7heo> I'm glad you're adding zsh support 2016-09-17 18:49:55 <^7heo> LUKS + LVM + zsh 2016-09-17 18:50:00 <^7heo> that can be really cool 2016-09-17 18:50:09 <^7heo> esp. with deported header 2016-09-17 18:50:23 <^7heo> you can get more secure, but it costs a lot more ;) 2016-09-17 18:50:23 s/zsh/zfs :D 2016-09-17 18:50:29 <^7heo> yeah sorry 2016-09-17 18:50:30 <^7heo> tired. 2016-09-17 18:50:41 heheh, I knew what you meant 2016-09-17 18:50:53 <^7heo> I have like minus 10h on my sleep schedule over last week 2016-09-17 18:51:01 <^7heo> I walked 10km this morning 2016-09-17 18:51:02 uggh, that's terrible 2016-09-17 18:51:08 <^7heo> I have that every week 2016-09-17 18:51:10 <^7heo> so yeah 2016-09-17 18:51:17 <^7heo> I'm starting to have physical issues now 2016-09-17 18:51:29 <^7heo> like involuntary facial contractions and shit 2016-09-17 18:51:39 <^7heo> but anyway 2016-09-17 18:51:42 <^7heo> woke up at 8 something 2016-09-17 18:51:52 <^7heo> then worked on nlplug-findfs half of the day 2016-09-17 18:52:01 <^7heo> and the other half on my floor 2016-09-17 18:52:13 <^7heo> I am drained. 2016-09-17 18:52:21 <^7heo> I feel like shutting down 2016-09-17 18:52:59 the face twitches are bad, I've had that 2016-09-17 18:53:03 <^7heo> yeah right? 2016-09-17 18:53:04 try to avoid that 2016-09-17 18:53:11 <^7heo> I try my best ;) 2016-09-17 18:53:27 <^7heo> but the point is 2016-09-17 18:53:33 <^7heo> I live alone, I have a flat that unfinished 2016-09-17 18:53:44 <^7heo> and as long as it's unfinished, my comfort is HIGHLY diminished 2016-09-17 18:53:52 <^7heo> so even if I'm half dying, I have to finish it 2016-09-17 18:53:57 <^7heo> or I won't be able to rest - at all. 2016-09-17 18:54:38 I know that feeling, although probably not as strongly 2016-09-17 18:54:47 that wears you down after a while 2016-09-17 18:54:52 <^7heo> yeha 2016-09-17 18:54:54 <^7heo> yeah* 2016-09-17 18:55:14 <^7heo> it's not easy to move in a foreign country in which you don't have anything, no friends, no contacts, no nothing 2016-09-17 18:55:17 <^7heo> and get a job 2016-09-17 18:55:18 <^7heo> get a flat 2016-09-17 18:55:21 <^7heo> get all the shit you need 2016-09-17 18:55:30 where'd you move from/to? 2016-09-17 18:55:37 <^7heo> .fr -> .de 2016-09-17 18:55:55 <^7heo> the only constant is the currency 2016-09-17 18:55:59 that's gotta be tough 2016-09-17 18:56:01 where in de? 2016-09-17 18:56:09 <^7heo> Bln 2016-09-17 18:56:46 oh cool, I've not been there 2016-09-17 18:58:02 <^7heo> Well 2016-09-17 18:58:05 <^7heo> should you need a sofa 2016-09-17 18:58:08 <^7heo> hit me up ;) 2016-09-17 18:58:12 hah, awesome 2016-09-17 18:58:26 ^7heo: hast du schon Deutsch gelernt? 2016-09-17 18:58:32 <^7heo> not yet no. 2016-09-17 18:58:35 <^7heo> I mean, I understand 2016-09-17 18:58:37 moving to a totally new place is hard, I've not done that in my lifetime 2016-09-17 18:58:40 ist schon gut 2016-09-17 18:58:41 <^7heo> but it's hard for me to answer 2016-09-17 18:58:55 <^7heo> yeah it's hard. 2016-09-17 18:58:56 ^7heo: you can answer in English, I think everybody in Berlin understand it 2016-09-17 18:59:00 my gf moved out to the west coast like a year ago, it's hard to make friends 2016-09-17 18:59:07 <^7heo> it's like making your own distro I think 2016-09-17 18:59:11 <^7heo> you have to select and fix components 2016-09-17 18:59:13 I have one internet friend that moved to Berlin fairly recently 2016-09-17 18:59:20 <^7heo> LuMint: true dat 2016-09-17 18:59:39 ^7heo: why Berlin though? 2016-09-17 18:59:47 <^7heo> Klowner: yeah but at least you have the same currency and the same language. 2016-09-17 18:59:54 <^7heo> Klowner: here we only have the same currency 2016-09-17 19:00:00 <^7heo> Klowner: language is plaguing europe 2016-09-17 19:00:09 <^7heo> Klowner: fortunately, English is easy to learn. 2016-09-17 19:00:19 <^7heo> LuMint: long story 'cause of my ex. 2016-09-17 19:00:47 ya, having a language barrier would be rough 2016-09-17 19:01:50 <^7heo> it's also a cultural one 2016-09-17 19:01:55 <^7heo> but the language isn't helping ;P 2016-09-17 19:02:17 <^7heo> LuMint: lebst Du in Berlin? 2016-09-17 19:03:36 ^7heo: nein 2016-09-17 19:03:41 <^7heo> LuMint: Wo dann? 2016-09-17 19:03:46 denn :) 2016-09-17 19:03:54 Moskau 2016-09-17 19:03:55 <^7heo> sorry, I'm learning German in Berlin. 2016-09-17 19:03:59 <^7heo> oh ok 2016-09-17 19:04:14 <^7heo> I also say "Milk" auf Deutsch 2016-09-17 19:04:17 <^7heo> 'cause, Berlin. 2016-09-17 19:04:31 <^7heo> Or "Sontach" 2016-09-17 19:04:34 und du? 2016-09-17 19:04:38 <^7heo> which sounds weird. 2016-09-17 19:04:41 ursprünglich, meine ich 2016-09-17 19:05:11 <^7heo> ok 2016-09-17 19:05:18 <^7heo> Ich lebe in Berlin ja 2016-09-17 19:05:29 <^7heo> aber ursprünglich ich come aus Frankreich. 2016-09-17 19:05:34 <^7heo> (as stated above) 2016-09-17 19:05:46 <^7heo> s/ich/Ich/ 2016-09-18 06:33:00 Hi guys, I want to ask what kind of license that alpine is? Apache? MIT? GPL? 2016-09-18 06:42:35 hello 2016-09-18 06:43:23 good by 2016-09-18 11:18:36 Hi! I'm new to alpine and wanna try to install it. Can someone point me to a link which explain the differences between the standard/extended/vanilla iso ? I cannot find explanations of the differences in the wiki. 2016-09-18 11:20:19 <^7heo> standard: patched with grsec/PaX. 2016-09-18 11:20:26 <^7heo> extended: more bloat included. 2016-09-18 11:20:37 <^7heo> vanilla: without the grsec/PaX patches. 2016-09-18 11:20:41 <^7heo> you're welcome. 2016-09-18 11:21:55 Ok, thanks ! :) 2016-09-18 11:46:30 Hello. 2016-09-18 11:47:05 I'm right trying to use setup-alpine, but it fails with "no space left on device". Is there a way to teach setup-alpine not to do any swap partition? 2016-09-18 11:47:28 Or is 512Mb in total really too less for alpine? 2016-09-18 12:01:30 Any chance for a manual setup? The instructions for 2.2.2 or earlier don't work. 2016-09-18 12:01:51 apk add --root=/mnt --initdb $(cat /etc/apk/world); WARNING: Ignoring APKINDEX.e782c3b4.tar.gz: No such file or directory; ERROR: unsatisfiable constraints: 2016-09-18 12:02:30 .setup-apkrepos (missing):; required by: world[.setup-apkrepos]; e2fsprogs (missing): required by: world[e2fsprogs] 2016-09-18 12:10:33 hargut: this worked for me yesterday: apk --initdb -U -X https://nl.alpinelinux.org/alpine/latest-stable/main --root chroot --allow-untrusted add alpine-base --arch x86 2016-09-18 12:11:03 don't forget to add a kernel, bootloader and so on 2016-09-18 12:11:22 but that's my usual way of installing alpine, never used setup-alpine 2016-09-18 12:11:42 jomat, Thanks. Sounds good. 2016-09-18 12:11:50 Let' see if my way works as well. 2016-09-18 12:12:17 hargut: There is also a apk-static if you want to initialize your rootfs from within another os 2016-09-18 12:12:31 No, Still fiddling with getting the .setup-apkrepos missing. 2016-09-18 12:12:56 does the directory specified after --root exist? 2016-09-18 12:12:58 jomat, I've already booted the live system, and I'm connected via ssh. So I guess I try the above mentioned command. 2016-09-18 12:13:22 jomat, yes, it exists, sdb1 is mounted there 2016-09-18 12:13:29 ok, good 2016-09-18 12:15:03 Is there some short command to see which apks are installed? 2016-09-18 12:15:27 jomat, Thanks this worked: apk --initdb -U -X https://nl.alpinelinux.org/alpine/latest-stable/main --root /mnt/ --allow-untrusted add alpine-base --arch x86_64 2016-09-18 12:16:43 nice :-) 2016-09-18 12:17:35 from this point on you can chroot there and add more packages… don't forget to mount /dev, /sys, /proc 2016-09-18 12:18:43 data-box:/# ping google.at PING google.at (172.217.20.131): 56 data bytes ping: permission denied (are you root?) 2016-09-18 12:19:12 dd if=/usr/share/syslinux/mbr.bin of=/dev/sdb installs syslinux… i forgot that on my last server :-) 2016-09-18 12:19:22 ping needs to open a raw socket 2016-09-18 12:19:46 seems I'm not allowed to get data from web, and setup-apkrepos fails. 2016-09-18 12:19:47 thats why it needs extra permissions… perhaps the grsec kernel forbids that in the chroot 2016-09-18 12:20:31 but wget or anything using normal tcp/ip should work 2016-09-18 12:20:34 but how to install something if I can't add the mirror, and have no package list. 2016-09-18 12:21:03 cp /etc/apk/world your/chroot/etc/apk/world 2016-09-18 12:22:23 cp /etc/apk/repositories /mnt/etc/apk/ 2016-09-18 12:22:29 chroot & apk update worked 2016-09-18 12:23:22 ahh sorry, yes of course repositories, not world… my bad 2016-09-18 12:24:07 Good, mooving forward. openssh & co is just installing. 2016-09-18 12:24:20 MBR is already there, just need to find the right name for the kernel., 2016-09-18 12:25:16 linux-grsec or linux-vanilla 2016-09-18 12:25:51 Seen that, I'll start with vanilla. 2016-09-18 12:27:22 Just some small steps, and then the QNAP is Alpine powered. 2016-09-18 12:27:24 :) 2016-09-18 12:28:34 :-D 2016-09-18 12:31:17 I really didn't want to do that, but they forced me. The Qnap init & process management system is such a crappy pile of goodness, I had to get rid of that. 2016-09-18 12:47:55 mhh… usually i add veth devices like this: ip link add vethb type veth peer name vetha 2016-09-18 12:48:07 this time not, because: ip: RTNETLINK answers: File exists 2016-09-18 12:48:34 and no, there aren't already devices with these names… 2016-09-18 12:49:04 veth kernel module is loaded 2016-09-18 12:53:19 hmpf… that works: ip link add type veth; ip link set veth0 name vetha; ip link set veth1 name vethb 2016-09-18 12:55:04 Aaaah busybox <3 apk add iproute2 did it :-D 2016-09-18 13:14:28 <^7heo> what are veth devices? 2016-09-18 13:15:08 like loopback but in a pair 2016-09-18 13:15:16 <^7heo> ah ok 2016-09-18 13:15:26 everything that goes to veth0 drops out of veth1 and vice versa 2016-09-18 13:15:42 or a tunnel on the same machine 2016-09-18 13:15:48 i use them for lxc containers 2016-09-18 13:16:48 i have one routing container that has eth0 and then veth "tunnels" to the other containers and the pysical machine 2016-09-18 17:41:54 Hi everyone, I am considering buying a RPI and installing Alpine on it. Is there anything I should know before I purchase it? 2016-09-18 17:42:33 casual_pleb__: The PI is cheap hardware, and you should be aware of that. It has many drawbacks, but depends what you're planning to do with it. 2016-09-18 17:45:39 hargut: most notably no SATA slots, which makes it basically useless without a usb drive 2016-09-18 17:47:27 Not only that, its a usb-bus powered device, the network card is flanged via usb onto the cpu. Forget everything that is UDP based traffic with that device. You for a very long time one couldn't use hardware accelerated video playback and handing the sound to an external alsa device, and so on and so forth.... 2016-09-18 17:48:36 Its simply said cheap hardware, very useful for many applications where cheap hardware is enough but at the same time it stays cheap hardware for many other purposes. 2016-09-18 17:49:21 If you know what you're dealing with, it will be fine, but don't expect it to meet in performance with any x86 J1900 or something like that. ;-) 2016-09-18 17:49:56 I have not run Alpine Linux on them, but I use a good number of Intel NUCs. They're roughly laptops without keyboards and screens, comparable to the Mac Mini. 2016-09-18 17:50:27 Intel provides other computers between the NUC and something as small as the RPI. Minnowboard and the like. No experience with any of those. 2016-09-18 17:51:54 price wise the NUC's are much more expensive than an PI, and maybe often a overkill in terms of performance. So both of them have their field of application. 2016-09-18 17:52:09 As a desktop computer I'd rather go for a NUC. 2016-09-18 17:52:37 Aye. 2016-09-18 17:54:17 So, the QNap is up and running Alpine now. I'm just thinking of restructuring the install to have a ro rootfs... and configs on the raid. 2016-09-18 17:54:35 I plan to host an Apache web server. I here a RPI is more than enough for that. 2016-09-18 17:54:59 *hear 2016-09-18 17:55:20 casual_pleb__: Depends on the amount of users & traffic. 2016-09-18 17:55:43 If you have serveral k connections an it might be ways too less. 2016-09-18 18:00:09 hargut: alynpost what would you recommend for a silent and energy-efficient home server? 2016-09-18 18:00:28 with raid 1 2016-09-18 18:00:38 LuMint: The one drawback to the NUC is you get only one drive, no other expansion. 2016-09-18 18:00:48 alynpost: no way 2016-09-18 18:00:51 so I'd recommend going up to mini-ATX or something where you can have a proper disk controller. 2016-09-18 18:01:18 alynpost: something with an integrated CPU 2016-09-18 18:01:27 unless somehow you want to sync between a couple NUCs. But really at that point you're working against the design and paying for it. 2016-09-18 18:01:46 ideally i'd like it to be fanless or with just a couple very silent fans 2016-09-18 18:01:56 I read on reddit that there is some problems installing Alpine on an RPI, is this true? 2016-09-18 18:01:57 LuMint: I'd probably go for something like MSI N3150I or MSI J1800I 2016-09-18 18:02:39 PicuPSU attached, and good to go. 2016-09-18 18:03:25 Not as cheap as RPI, BananaPI or any of those, but x86 and most likely painless in all aspects. 2016-09-18 18:10:58 Does alpine install properly on an RPI? 2016-09-18 18:24:23 casual_pleb__: dunno what you mean by "install properly", but I've been running it for some time without any issues 2016-09-18 18:28:47 kahiru: I read on reddit there was issues, I guess there fixed now, thanks alot! 2016-09-18 18:57:44 >install gentoo 2016-09-18 18:58:08 I wonder what gentoo is like nowadays, I haven't used gentoo in forever 2016-09-18 21:13:10 Hmmm… is there a graphical jabber client for alpine linux? 2016-09-18 21:18:38 <^7heo> jomat: yeah, firefox. 2016-09-18 21:19:31 hmm… what? 2016-09-18 21:19:43 <^7heo> It's an XML based tech 2016-09-18 21:20:00 <^7heo> use firefox, it's super effective 2016-09-18 21:20:15 f***fox ._. 2016-09-18 21:21:04 <^7heo> Hey I'm not the one asking for XML based bs 2016-09-18 21:21:30 usually i don't use it either… 2016-09-18 21:21:38 <^7heo> so what's the use case? 2016-09-18 21:21:43 <^7heo> does it at least involve a girl? 2016-09-18 21:21:45 and for what i use it i use it with bitlbee 2016-09-18 21:22:52 i see pidgin in the repo 2016-09-18 21:23:04 <^7heo> yes there's pidgin 2016-09-18 21:23:12 <^7heo> it doesn't support much protocols in this version 2016-09-18 21:23:13 but right now i stumbled across updating jabber.hackerspaces.org and somehow wanted to test it with something like a mainstream client 2016-09-18 21:23:15 <^7heo> but XMPP should be there 2016-09-18 21:23:30 pidgin doesn't support xmpp for me 2016-09-18 21:23:38 don't see any of the other jabber clients i know 2016-09-18 21:23:47 <^7heo> jomat: checked for an additional plugin/something? 2016-09-18 21:24:00 libpurple-xmpp ? 2016-09-18 21:24:18 oh, just checked http://pkgs.alpinelinux.org/packages?page=2&name=pidgin* 2016-09-18 21:24:31 <^7heo> yeah libpurple-xmpp should do it 2016-09-18 21:24:51 chris2: thanks! 2016-09-18 21:24:57 yw 2016-09-18 21:43:06 hey 2016-09-18 21:43:10 how do I get abuild to install static libs 2016-09-18 21:43:44 also, it's often useful to examine the build dir post-build (i.e. to see if static libs were even built), where does it go? 2016-09-18 21:45:27 basically right now I want libcurl.a to exist. In the future I will have similar wants from other libs 2016-09-18 22:29:09 SirCmpwn: hi 2016-09-18 22:29:19 SirCmpwn: i replied to your pkgconf ticket on github 2016-09-18 22:29:19 kaniini: hi 2016-09-18 22:29:22 ah, cool 2016-09-18 22:38:43 SirCmpwn: in terms of 'why not SSL', the main reason is because the server in question is so old it is vulnerable to basically every TLS attack in the book 2016-09-18 22:39:09 how about a new server? 2016-09-18 22:39:26 that requires installing a new server ^_^ 2016-09-18 22:39:30 it doesn't matter if you start publishing sigs, though 2016-09-18 22:39:51 takes what, 10 minutes to set up debian with an ftp server and nginx? 2016-09-18 22:39:55 fair point, though 2016-09-18 22:40:04 if my options are 'install a new server' or 'go to strip club', which do you think i am choosing? 2016-09-18 22:40:34 what time is it? 2016-09-18 22:40:41 Sun Sep 18 17:40:41 CDT 2016 2016-09-18 22:40:52 enough time for both, I'd say 2016-09-18 22:41:05 yeah true, the high class strippers don't show up until night time 2016-09-18 22:41:35 maybe i should deploy at linode, do they support freebsd or alpine yet 2016-09-18 22:41:37 ACTION ducks 2016-09-18 22:41:43 yes 2016-09-18 22:41:57 what about credit card security 2016-09-18 22:41:59 :P 2016-09-18 22:42:03 ACTION shrugs 2016-09-18 22:42:23 ironically, the server hosting the files now started off as a linode image 2016-09-18 22:42:36 then that lovely zeekill person hacked linode and i decided to move elsewhere 2016-09-18 22:42:59 i'll install a new server in a bit 2016-09-18 22:43:03 I couldn't care less where you host it 2016-09-18 22:43:07 with TLS 2016-09-18 22:43:21 sure, i am just giving you an idea of how old that image is 2016-09-18 22:43:25 like 4 or 5 years 2016-09-18 22:43:35 and it's not really upgradable to a newer alpine hahahah 2016-09-18 22:43:44 don't you have upgrade thursdays or something 2016-09-18 22:43:53 I log into and update like 14 servers every thursday 2016-09-18 22:44:04 no, i have "drink beer and lets see what happens when i run 'apk upgrade --available'" 2016-09-18 22:44:30 anyway, do you know how I can get abuild to install static libs 2016-09-18 22:44:32 it's a pretty good system 2016-09-18 22:44:34 hmm 2016-09-18 22:44:36 yes 2016-09-18 22:44:40 how? 2016-09-18 22:44:43 there is an options= for it 2016-09-18 22:44:46 let me check the source 2016-09-18 22:45:55 hmm 2016-09-18 22:45:58 try 2016-09-18 22:46:07 options="!strip libtool" 2016-09-18 22:46:11 it may help 2016-09-18 22:46:15 otherwise 2016-09-18 22:46:19 in the APKGBUILD? 2016-09-18 22:46:19 it splits it into a -dev package 2016-09-18 22:46:21 i guess 2016-09-18 22:46:26 what are you trying to do exactly 2016-09-18 22:46:37 >basically right now I want libcurl.a to exist. In the future I will have similar wants from other libs 2016-09-18 22:47:23 should be as easy as passing --enable-static to ./configure 2016-09-18 22:47:26 I'm trying to statically build pacman at the moment 2016-09-18 22:47:27 and then it will be in -dev 2016-09-18 22:47:30 I see 2016-09-18 22:47:37 where are the packages like that output? 2016-09-18 22:48:04 $HOME/packages is the default 2016-09-18 22:48:10 (1) git clone aports (2) cd aports/main/curl (3) add --enable-static (4) abuild -r 2016-09-18 22:48:23 aha 2016-09-18 22:49:06 and now I have libcurl.a, thanks! 2016-09-18 22:49:42 ACTION sends CSR to internal CA 2016-09-18 22:50:17 it's cross-signed by Commode, should be good right? :P 2016-09-18 22:50:24 err, i mean COMODO 2016-09-18 22:53:20 now libarchive needs fixing 2016-09-18 22:53:24 <^7heo> wait 2016-09-18 22:53:29 <^7heo> is that arschlinux now? 2016-09-18 22:53:39 <^7heo> or are we talking about pacman, the game? 2016-09-18 22:53:44 pacman the package manager 2016-09-18 22:53:50 <^7heo> why? 2016-09-18 22:53:55 he is presumably doing the same thing i did with alpine when i did hosting :P 2016-09-18 22:53:57 I'm just using alpine as a build environment 2016-09-18 22:54:01 yeppppp 2016-09-18 22:54:03 :D 2016-09-18 22:54:07 to make a static pacman with musl 2016-09-18 22:54:08 <^7heo> ah 2016-09-18 22:54:19 kaniini: link? 2016-09-18 22:54:23 <^7heo> so you have no interest whatsoever in alpine aside from using it to build static binaries? 2016-09-18 22:54:31 static binaries with musl, yes 2016-09-18 22:54:36 though I think the distro itself is kind of cool 2016-09-18 22:54:37 <^7heo> good for me. 2016-09-18 22:54:40 <^7heo> yeah 2016-09-18 22:54:43 <^7heo> it's cool 2016-09-18 22:54:45 I don't really have an application for it atm 2016-09-18 22:54:52 <^7heo> nah but don't make one up 2016-09-18 22:54:52 aside from bootstrapping this other system 2016-09-18 22:55:04 <^7heo> arschlinux people should stay with arsch 2016-09-18 22:55:08 <^7heo> everybody in their castle 2016-09-18 22:55:11 <^7heo> we're much happier that wya 2016-09-18 22:55:13 I just like pacman 2016-09-18 22:55:14 <^7heo> s/ya/ay/ 2016-09-18 22:55:43 <^7heo> to each their own I presume 2016-09-18 22:55:44 SirCmpwn: i used to boot a VM into alpine and have it build an OS image 2016-09-18 23:05:55 ACTION waits patiently on mkjail.sh to finish 2016-09-18 23:31:18 does alpine not build packages in a fakeroot? 2016-09-18 23:44:15 it does 2016-09-18 23:47:55 interesting 2016-09-18 23:48:00 I wonder why makepkg has issues with that 2016-09-18 23:50:15 ACTION patiently drums fingers waiting on SSL certificate 2016-09-19 00:08:59 kaniini: you get one of two SSL certificates. One is available the moment you order it. The other is available three or some hours from now. It's a surprise which one you get. >_< 2016-09-19 00:09:16 in this case 2016-09-19 00:09:28 i am literally waiting on someone to get back to their computer and insert a smartcard 2016-09-19 00:09:30 it is quite boring 2016-09-19 00:09:53 ACTION nods 2016-09-19 00:10:36 ACTION signs CN=* for $9.95 2016-09-19 00:19:17 wait, but who 2016-09-19 00:19:45 internal pki? or 2016-09-19 00:25:32 ammunta: yes, cross-signed by commode 2016-09-19 00:25:35 er, comodo 2016-09-19 00:39:20 First one, then the other. ;-p 2016-09-19 11:18:55 any suggestions regarding how to make pcscd from the pcsc-lite package actually run as a non-root user? I see its init script runs the daemon as an unprivileged user, but it only has access to an USB CCID device when run as root 2016-09-19 11:30:49 Shouldn't you run the daemon in root, and the client with an unprivileged user ? 2016-09-19 11:32:48 for comparison, yes, that's how it's done in some other distros 2016-09-19 11:33:16 the way it's packaged on Alpine it runs as user pcscd group pcscd 2016-09-19 11:58:08 TBB: there's a bug open for this with a proposal for a fix i believe 2016-09-19 13:39:05 hey guys .. new to alpine here, I'd like to get alpine working on a cortexA17 rk3288 chromebook. Where do I start? Thanks in advance folks! 2016-09-19 13:41:03 Strictly just an image that supports the architecture .. not installation, etc. 2016-09-19 13:41:21 hi Guest36300! sounds like a cool project 2016-09-19 13:41:54 its armv7, right? 2016-09-19 13:42:35 hey ncopa! yess 2016-09-19 13:42:41 i think the alpline-uboot-*-armhf.tar.gz might work 2016-09-19 13:42:48 https://alpinelinux.org/downloads/ 2016-09-19 13:43:10 gotcha, thanks so much I'll give it a shot later 2016-09-19 13:43:14 i dont know if the chromebook uses uboot or uefi to boot? 2016-09-19 13:43:23 i think there are a README in that tarball 2016-09-19 13:43:29 thats a start at least 2016-09-19 13:43:52 i dont think anyone done it before though... 2016-09-19 13:51:26 Thanks, great! Coreboot, but they assimilated uboot to support the ARM instruction set, SO i'll work from there .. 2016-09-19 13:53:05 Ah ok, well if I'm lucky I'll try and add to the alpine wiki 2016-09-19 13:53:09 We'll see :D 2016-09-19 14:12:51 hey ncopa, sorry comp rebooted .. you suggested I should take a look at the generic arm image? 2016-09-19 18:58:39 Should it matter whether i'm using ARM vs x86 when using the alpine docker images? I can't find documentation anywhere on what architectures they support 2016-09-19 19:09:49 <_ikke_> It should matter 2016-09-19 19:10:07 <_ikke_> the binaries and libraries are compiled for a specific architecture 2016-09-19 19:18:05 _ikke_: https://hub.docker.com/_/alpine/ doesn't mention arch at all :-/ 2016-09-19 19:56:20 csd_: i think if you want to be able to run multiarch things in parallel you best rebuild in-house, and otherwise it's enough to try and see if you suddenly get an 'exec error' 2016-09-19 21:22:14 how do i figure out what version of alpine linux im running? (i know its 3.4, but im not sure what 3.4.?) it is 2016-09-19 21:24:05 <^7heo> cat /etc/alpine-release 2016-09-19 21:27:13 biax: 'cat /etc/alpine-release' 2016-09-19 21:27:47 and 'apk version --index' gets info on repo 2016-09-19 21:28:23 ah 2016-09-19 21:28:25 im on 3.4.0 2016-09-19 21:28:48 any recommendations to get the latest docker base image (3.4.3)? 2016-09-19 21:29:00 the official docker alpine base is 3.4.0 as it seems 2016-09-19 21:29:25 Could grab the latest rootfs and dump it into a scratch container. 2016-09-19 21:30:19 biax: which docker image/tag you pulling? 2016-09-19 21:31:24 gena01: https://github.com/Evild67/docker-alpine-base/blob/master/Dockerfile 2016-09-19 21:32:50 https://github.com/gliderlabs/docker-alpine/tree/master/builder 2016-09-19 21:32:52 will this help? 2016-09-19 21:33:56 Hmm.. looks like alpine:3.4 hasn't been updated with minor releases 2016-09-19 21:34:56 in github , they just bumped it 2 hours ago 2016-09-19 21:35:06 but still, 3 minor versions skipped 2016-09-19 21:35:09 maybe ill just build my own 2016-09-19 21:44:17 i wanna build my own docker alpine base image. looking at this: https://github.com/gliderlabs/docker-alpine/blob/master/builder/Dockerfile 2016-09-19 21:44:25 why is : FROM alpine:3.2 necessary? 2016-09-19 21:44:45 since we're building a -base- image, shouldnt we do FROM scratch instead? 2016-09-19 21:51:42 nevermind 2016-09-19 21:52:31 <^7heo> Sorry, I won't answer, for you to ignore my answer, and read what someone else copy pasted 3 minutes later 2016-09-19 22:24:08 how do i force the default repo to be edge? 2016-09-19 22:25:02 i have this apk --no-cache add ${build_pkgs} ${runtime_pkgs} 2016-09-19 22:25:09 i want all the packages to be of edge repo 2016-09-19 22:26:42 *waves* 2016-09-19 22:28:50 ACTION waves back 2016-09-20 01:14:34 is there anything I can do to make alpine (edge) work smoother in virtualbox? 2016-09-20 01:14:46 moving windows around is sluggish and stuttering randomly 2016-09-20 01:15:20 running xfce4. in debian it's 110% smooth with no stutters 2016-09-20 01:17:21 Redfoxmoon: have enough memory dedicated to your alpine vs. debian vbox? 2016-09-20 01:17:46 yes 2016-09-20 01:17:50 4 gigabytes in both 2016-09-20 01:18:06 4 cores allocated, too, same vbox hardware configuration 2016-09-20 01:20:23 well, at least I've gotten further than last time, jee, with stable X won't start at all 2016-09-20 07:01:06 Hi. A quick question about the repo list: Can I use a user/password url for ftp? like "ftp:ftp@myftxb"? 2016-09-20 07:47:36 rofda: apk uses libfetch 2016-09-20 07:47:53 some of the envv vars here might work: https://www.freebsd.org/cgi/man.cgi?query=fetch&sektion=3 2016-09-20 07:48:30 thank you ncopa 2016-09-20 07:48:51 this one is likely closer: http://netbsd.gw.com/cgi-bin/man-cgi?fetch+3+NetBSD-current