2018-04-01 03:46:58 hey! is there selinux support on alpine-linux by default ? package search didn't return anything either 2018-04-01 04:56:41 no 2018-04-01 05:04:00 so creating an alpine package for it is the only way, kaniini ? 2018-04-01 06:46:32 yes? 2018-04-01 06:54:01 <_ikke_> m00n_urn: There is a package in testing (edge only) 2018-04-01 06:54:19 <_ikke_> m00n_urn: libselinux and libsslinux-utils 2018-04-01 06:55:43 ah k but there isn't any difference? 2018-04-01 06:56:14 libselinux is used in writing application that make use of selinux right? 2018-04-01 06:59:02 <_ikke_> https://github.com/SELinuxProject/selinux/wiki 2018-04-01 08:49:49 i'm having a hard time building my kernel with abuild 2018-04-01 08:52:06 normally i'd manually abuild unpack prepare, build and package with -K to keep the temporary build files around and shorten build time for testing 2018-04-01 08:52:29 but with linux-vanilla, abuild package doesn't do the actual packaging, only the install step 2018-04-01 08:53:18 <_ikke_> strfry: abuild rootpkg 2018-04-01 09:00:40 _ikke_: yeah, i just found out by reading through abuild 2018-04-01 09:01:00 _ikke_: actually i was confused by this help description of package Create package in $REPODEST 2018-04-01 09:01:24 isn't REPODEST the ~/packages, where the finished pkg's go? 2018-04-01 09:01:42 *apk's 2018-04-01 09:07:06 hello 2018-04-01 09:07:41 i am megrating from debian to alpine on my server, but i am having problems with setting up lxc 2018-04-01 09:07:49 and the alpine wiki is not really helping 2018-04-01 09:08:27 is anybody willing to hold my hand while i try to set it up? 2018-04-01 09:14:13 nixi: I'm not expert in lxc, but I set it without problem in AL 2018-04-01 09:16:46 the thing is that i want unprivileged container 2018-04-01 09:16:54 which gives me a lot of errors 2018-04-01 09:17:13 and the wiki does not say mouch about how to configure it. 2018-04-01 09:17:54 it just magicaly works for them 2018-04-01 09:18:51 nixi: are you sure unpriv containers have worked for the authors of the wiki page? 2018-04-01 09:18:55 with hardened kernel (grsec) there could be some problems 2018-04-01 09:19:17 which kernel do you run 2018-04-01 09:19:31 just the default installation, 3.7 2018-04-01 09:19:56 jn__: https://wiki.alpinelinux.org/wiki/LXC#Unprivileged_LXC_images_.28Debian_.2F_Ubuntu_.2F_Centos_etc...29 2018-04-01 09:19:57 what 'uname -a' says 2018-04-01 09:20:19 mps: 4.9.65-1-hardened #2-Alpine SMP Mon Nov 27 15:36:10 GMT 2017 x86_64 Linux 2018-04-01 09:20:40 ah, ok then 2018-04-01 09:20:40 1i did do this though: https://wiki.alpinelinux.org/wiki/LXC#Grsecurity_restrictions 2018-04-01 09:20:41 it is grsec kernel 2018-04-01 09:21:01 so i will just install normal linux kernel and update grub? 2018-04-01 09:21:08 I installed vanilla kernel 2018-04-01 09:21:26 and after that lxc works fine 2018-04-01 09:21:36 so just ... apk add linux? 2018-04-01 09:21:56 linux-vanilla 2018-04-01 09:21:58 well, I added edge repository 2018-04-01 09:22:13 but, yes, linux-vanilla 2018-04-01 09:22:18 Does anyone know if nVidia official drivers can be run against musl (with gcompat, etc)? 2018-04-01 09:22:41 Right now I'm using nouveau which is good enough for my purposes 2018-04-01 09:23:11 thanks mps, i will try it and see how it goes 2018-04-01 09:23:26 will i need the grsecurity restrictions? not anymore i reckon 2018-04-01 09:23:50 no, vanilla does not have grsec patch 2018-04-01 09:24:00 oh, and do i need to get rid of the grsec kernel? 2018-04-01 09:24:38 not really, just but machine with vanilla (select in grub or syslinux menu) 2018-04-01 09:25:12 you can later revert to boot hardened if you need it for any reason 2018-04-01 10:40:56 this is very frustrating ... lxc refuses to work, lxd does not recognise that my users are in the lxd group ... 2018-04-01 10:41:19 and documentation is very lacking 2018-04-01 10:46:31 Hi, I'm trying to persist some iptables rules. It appears that they are saved in /etc/iptables/rules-save correctly but that file is overridden on reboot 2018-04-01 10:46:36 Am I doing something wrong? 2018-04-01 10:46:57 <_ikke_> the_drow: what kind of install do you have? 2018-04-01 10:47:21 I'm running Alpine in LXC 2018-04-01 10:49:46 _ikke_, I'm provisioning the rules through ansible. This is the output I get when I run /etc/init.d/iptables save && cat /etc/iptables/rules-save http://dpaste.com/0XKQFNR 2018-04-01 10:50:35 mcabber (text mode XMMP client) in AL doesn't display colors on my machine. Anyone can confirm this? 2018-04-01 10:52:23 nixi: don't know about lxd, didn't tried it. But keep in mind that the AL is not for people who want easy or ready-made solution 2018-04-01 10:53:08 with AL you *have* to hack, which is good because it is one of the best learning method 2018-04-01 10:53:48 _ikke_, In fact, when I run iptables-save > /etc/iptables/rules-save and restart the file is not reset to default but the rules are not restored 2018-04-01 10:53:58 mps: that is great, but there should be documentation on this. i have no idea what those rror messages mean, alpine forums have no search so i can not look for possible answers 2018-04-01 10:54:15 Oh I think I figured it out 2018-04-01 10:54:45 <_ikke_> Well, we are working on better documentation 2018-04-01 10:54:52 <_ikke_> It just takes a lot of time 2018-04-01 10:55:19 i understands 2018-04-01 10:55:30 AL is community (mostly) based, so there is no much docs and wikis and other guides 2018-04-01 10:55:34 it is not just alpine, there is no good documentation on lxc anywhere 2018-04-01 10:56:58 but i really need to get it working as soon as possible 2018-04-01 10:57:09 and i have spent hours on this already 2018-04-01 10:57:48 nixi: you could fill a bug report about lxd in the bugs.a.o and wait a litlle to see if it could be solved 2018-04-01 10:58:37 cold you please show me you lxc configuration? 2018-04-01 10:58:42 since yours is working 2018-04-01 10:59:03 I have just lxc, not lxd 2018-04-01 10:59:23 i am fine with lxc ... i just trried lxd to see i could get that working instead 2018-04-01 10:59:28 i prefer lxc anyways 2018-04-01 11:00:03 what are your users wo use lxc, what are the guid mapping, network interfaces, lxc config, etc... 2018-04-01 11:00:04 where can I put conf file? tpaste maybe? 2018-04-01 11:00:20 pastebin, anywhere really 2018-04-01 11:00:27 <_ikke_> tpaste is alright 2018-04-01 11:00:39 I start containers 'by hand' 2018-04-01 11:01:24 _ikke_: how can I put file to tpaste from cli 2018-04-01 11:01:46 sorry, never used it before 2018-04-01 11:01:47 you said you have unprivileged containers, right? 2018-04-01 11:02:13 <_ikke_> mps pipe to 'curl tpaste.us -F tpaste=\<- 2018-04-01 11:02:15 <_ikke_> ' 2018-04-01 11:04:06 nixi: http://tpaste.us/ZP8Z 2018-04-01 11:05:09 _ikke_: tnx, but works without "'" character in tcsh 2018-04-01 11:07:10 thanks mps 2018-04-01 11:07:22 so those are not unprivileged? 2018-04-01 11:09:00 I'm not sure, but if I understand, containers which I use are isolated (unprivileged) from the host OS 2018-04-01 11:10:18 though I have to start them with root privilege - with sudo 2018-04-01 11:11:02 from these containers host OS is unaccessible, AFAIK 2018-04-01 11:12:20 <^andrea^> hi, is there an easy way to install "nut" without enabling the testing repo? https://pkgs.alpinelinux.org/package/edge/testing/x86/nut 2018-04-01 11:12:44 <^andrea^> keep in mind that I'm just getting started with alpine ;-) 2018-04-01 11:15:50 there is not, sorry 2018-04-01 11:15:54 mps: ah, so you use privileged containers 2018-04-01 11:16:01 they are running under root 2018-04-01 11:16:15 so if something escapes the container, it has root access to host 2018-04-01 11:16:47 unprivileged containers are run under different uid and gid, so if something escapes the container, it has basically no permissions in the host 2018-04-01 11:17:00 afaik 2018-04-01 11:17:08 probably, but I do not need super secure containers 2018-04-01 11:19:39 but if someone can escape container (privileged or unprivileged) you are at the risk anyway, IMHO 2018-04-01 11:20:35 <_ikke_> containers are not deemed secure 2018-04-01 11:20:41 I don't see containers as secure isolation solution 2018-04-01 11:21:39 better solution could be KVM or XEN, but there is nothing 100% secure 2018-04-01 11:23:04 meltdown/spectre shows the state of computer security :( 2018-04-01 11:24:43 anyone using mcabber on AL? 2018-04-01 11:27:32 found bug and fix for mcabber, but want if someone could confirm bug with colors in mcabber before filling bug report 2018-04-01 11:31:14 i just use container to stay sane knowing that services are separated 2018-04-01 11:31:24 and since i can use unprivileged, i try to 2018-04-01 11:31:32 but i will just use privileged for now 2018-04-01 11:31:35 thank you mps 2018-04-01 11:31:50 nixi: you are welcome :) 2018-04-01 11:33:44 nixi: btw, if you just want service separation maybe you could consider firejail or something similar 2018-04-01 11:39:15 never heard of it, i will read about it :) 2018-04-01 11:44:22 firejail looks like it's been written by someone who shouldn't do any code interfacing with the user 2018-04-01 11:44:30 hence, bubblewrap 2018-04-01 11:48:46 yes, bubblewrap looks better but I didn't had time to 'play' with it 2018-04-01 12:33:21 What package contains the noto-font glyphs for japanese (katakana) glyphs? 2018-04-01 12:33:54 ... or are there any other fonts to provide those glyphs? font-ipa doesn't seem to work for me :/ 2018-04-01 13:21:16 Hi, how can i install mongodb in version 3.6 i get a dependency error? https://nopaste.xyz/?a8ed294271215e86#kWX/PqKoHM7LBN71PWuISGXxqNlq92mPayY4d2ZwBOU= 2018-04-01 13:22:24 <_ikke_> Bodenhaltung: mixing versions (stable + edge) is not supported 2018-04-01 13:23:31 hmm, how can i install version 3.6? 2018-04-01 13:25:39 <_ikke_> the 3.6/community repo has mongodb 2018-04-01 13:26:23 <_ikke_> https://pkgs.alpinelinux.org/packages?name=mongodb&branch=v3.6 2018-04-01 13:26:26 I have tried to install from community repo? 2018-04-01 13:27:18 But this is version 3.4.4-r0 2018-04-01 13:27:52 <_ikke_> that's the version that comes with 3.6 2018-04-01 13:28:18 <_ikke_> You'd have to backport it yourself if you want to have a newer version available 2018-04-01 13:30:55 How for example? 2018-04-01 13:35:17 <_ikke_> On a 3.6 alpine system, clone the aports repository, check out the 3.6 branch, update the APKBUILD / copy it from a later version, build the package 2018-04-01 13:35:26 <_ikke_> SOmething like that 2018-04-01 14:07:49 Hello 2018-04-01 14:08:35 Anybody here? 2018-04-01 15:09:28 is there a package for what arch calls i3blocks? 2018-04-01 15:09:31 for i3wm 2018-04-01 15:13:28 and i see everything in testing - why not community? 2018-04-01 15:13:49 ncopa: _ikke_: clandmeter: i know at least one of you run alpine as a daily driver, any tips? 2018-04-01 15:15:01 <_ikke_> 2018-04-01 15:15:03 <_ikke_> I don't 2018-04-01 15:16:21 <_ikke_> I'd use awesomewm :-) 2018-04-01 15:18:15 i use i3 on alpine 2018-04-01 15:18:29 but i never heard of i3blocks 2018-04-01 15:18:44 only using i3wm and i3lock 2018-04-01 15:18:53 gotcha 2018-04-01 15:18:54 is it stable? 2018-04-01 15:18:57 i see it's still in testing 2018-04-01 15:19:13 man, i got a FAT24 file i have to read 2018-04-01 15:19:44 danieli: i3wm is in community 2018-04-01 15:19:53 running v3.7 here.. 2018-04-01 15:33:33 oh 2018-04-01 15:33:36 i looked at the wrong goddamn field 2018-04-01 15:33:37 my bad 2018-04-01 16:45:16 i lost my buffer ... who was the one with containers working? mps? 2018-04-01 16:45:31 i am unable to get even the unprivileged containers to work 2018-04-01 16:45:37 with linux-vanilla 2018-04-01 16:45:48 is there any other configurartion necessary? 2018-04-01 16:46:47 nixi: I posted my config with which I run Debian on AL host 2018-04-01 16:47:31 I forgot to tell that I confugured ethernet bridge on the host 2018-04-01 16:48:46 it could work without bridge but you'll have to set some other kind of network to access container 2018-04-01 16:49:09 without network you only have lxc-console 2018-04-01 16:49:32 i think i have bridge set, let me send over my /etc/network/interfaces 2018-04-01 16:49:58 'ip link show' is enough 2018-04-01 16:50:10 https://pastebin.com/raw/Hz55sm9e 2018-04-01 16:50:16 eh? 2018-04-01 16:51:20 does it work? I mean you can ping other machines from that host 2018-04-01 16:53:10 i am unable to even start a container 2018-04-01 16:54:45 sorry for stupid question, but did you installed it successfully 2018-04-01 16:54:59 what do you mean? 2018-04-01 16:55:31 i am trying to install a debian container 2018-04-01 16:55:50 lxc-create is finnished without error 2018-04-01 17:10:37 well, debian guest works 2018-04-01 17:10:41 alpine image does not 2018-04-01 17:10:47 wtf 2018-04-01 17:11:51 good news, you succeded :) 2018-04-01 17:15:07 well, sort of 2018-04-01 17:15:30 is it normal for the guest to be "installing" for several minutes? 2018-04-01 17:15:39 i also want alpine images 2018-04-01 17:18:05 probabbly depends of the link speed and maybe disk speed 2018-04-01 18:30:07 would anyone be interested in nethack package? 2018-04-01 18:54:03 how can I add patch file to APKBUILD in aports, to be applied with abuild 2018-04-01 18:55:52 mps: add it to #sources 2018-04-01 18:55:57 mps: add it to the source variable; either as a local file or a URL 2018-04-01 18:56:08 then run abuild checksum to compute the checksum 2018-04-01 18:57:21 markweston: jn__: just did it looking in another APKBUILD file. tnx anyway 2018-04-01 18:58:03 that would have been my next suggestion :) 2018-04-01 19:00:03 after building, how can I send changes (APKBUILD and patch file) to Alpine repository 2018-04-01 19:00:39 see https://github.com/alpinelinux/aports/blob/master/.github/CONTRIBUTING.md 2018-04-01 19:01:13 i.e. either will a pull request or i think patch mails are also accepted 2018-04-01 19:01:54 jn__: huh, need github account, but I don't have it 2018-04-01 19:03:18 >If you want to contribute, please read the contributor guide and feel free to either submit a git patch on the Alpine aports mailing list (alpine-aports@lists.alpinelinux.org), or to submit a pull request on GitHub. 2018-04-01 19:03:27 (from the top-level README.md) 2018-04-01 19:03:48 no, you don't need a github account, you can also send a patch to the mailing list, AFAIUI 2018-04-01 19:05:21 good to know, I will read how to send to ML. tnx 2018-04-01 19:09:15 jn__: hmm, patch is not applied with 'abuild build' but it is APKBUILD file 2018-04-01 19:10:18 mps: didy ou add it to source="..."? 2018-04-01 19:10:33 ah, I need to run 'abuild prepare' first, right? 2018-04-01 19:11:08 if your source code is still unpacked, maybe 2018-04-01 19:11:08 will see in seconds 2018-04-01 19:11:20 you could also try "abuild clean" and then "abuild" again 2018-04-01 19:11:41 that is, prepare is solution 2018-04-01 19:11:50 fortunately abuild will have manpages soon :) 2018-04-01 19:12:06 abuild -h helps :) 2018-04-01 19:12:31 right, that's already quite helpful 2018-04-01 19:13:02 never-mind, but I think it will apply patch with build also, but I'm not sure about this 2018-04-01 19:13:51 maybe I should add prepare function in APKBUILD? 2018-04-01 19:14:05 is "build" what happens when you invoke abuild without parameters? 2018-04-01 19:14:36 mps: patches are already applied by the default prepare function 2018-04-01 19:15:39 well, mcabber APKBUILD (with what I work now) doesn't have prepare function in 2018-04-01 19:16:56 abuild provides a default prepare function if none is given in the APKBUILD files 2018-04-01 19:16:59 s/files/file/ 2018-04-01 19:18:20 looks like it does, but I have to run 'abuild prepare' to do that 2018-04-01 19:19:01 what did you do before to unpack the tarball? 2018-04-01 19:19:48 normally, if the the tarball isn't unpacked, "abuild" or "abuild unpack" should also apply patches 2018-04-01 19:21:46 I did 'abuild unpack', 'abuild prepare 2018-04-01 19:21:51 'sorry 2018-04-01 19:22:10 'abuild unpack', 'abuild prepare' and 'abuild build' 2018-04-01 19:22:16 that way it works 2018-04-01 19:22:48 ok, if you start from scratch (run abuild clean) abuild [build] should be enough 2018-04-01 19:24:40 huh, I will carefully walk this path to see what happens 2018-04-01 19:25:28 but, for now I built mcabber package with color support 2018-04-01 19:25:58 what does color support imply? 2018-04-01 19:26:08 obviously I have to learn more about APKBUILD 2018-04-01 19:26:34 stock mcabber in AL doesn't support colors 2018-04-01 19:26:50 ok, and your patch adds colors? 2018-04-01 19:27:11 I filled a bug report, https://bugs.alpinelinux.org/issues/8757 2018-04-01 22:09:47 how do i add users to a group? i'm used to gpasswd or usermod, but those don't exist on alpine 2018-04-01 22:11:18 strfry: i think adduser can do this 2018-04-01 22:11:23 strfry: i have been manually editing /etc/group 2018-04-01 22:11:32 adduser is the way 2018-04-01 22:11:33 good midnight xD 2018-04-01 22:11:59 ACTION has edited /etc/group way too much, because frankly, it's quite convenient 2018-04-01 22:12:06 true 2018-04-01 22:12:11 jn__: thanks, that worked 2018-04-01 22:12:28 liwakura: i've done that the same way so far, but now i need it in a pre-install script ;) 2018-04-01 22:13:04 it looks like adduser is indeed the way to go 2018-04-01 22:13:08 Finally I was able to set Alpine Linux up as I wanted 2018-04-01 22:13:17 for gods sake it took me weeks 2018-04-01 22:18:08 I ordered a HP EliteBook 8570w (3720QM) (Quadro K2000M, i know nVIDIA...) for my next Linux Laptop, but well as i am only going to use it in console, it wont matter too much 2018-04-01 22:18:41 important thing here is build quality and cpu speed 2018-04-01 22:41:44 addgroup user group 2018-04-01 22:42:09 the busybox way 2018-04-02 00:49:01 2:h JOIN,QUIT,MODE,NICK,PART 2018-04-02 00:49:20 sorry 2018-04-02 01:09:17 Good morning, everyone 2018-04-02 01:55:48 can we customize the splitter if say, we have some 100 pkgs in a particular port? 2018-04-02 02:11:57 I want to spread alpine in china, I create a qq group 558299436 , anyone in china, please join 2018-04-02 10:31:20 wiki at https://wiki.alpinelinux.org/wiki/Creating_patches says how to send patches by mail but 'git send-email' says: 'git: 'send-email' is not a git command. See 'git --help'. 2018-04-02 10:31:54 what must be installed to have send-email git subcommand 2018-04-02 10:32:28 possibly git-email? 2018-04-02 10:33:33 <_ikke_> definitely 2018-04-02 10:34:32 tnx, didn't know it is in separate package 2018-04-02 10:34:56 <_ikke_> mps: alpine tries to keep packages small with a minimum of dependencies 2018-04-02 10:35:07 <_ikke_> So splitting up packages helps with that 2018-04-02 10:38:13 _ikke_: I understand. even searched 'apk search git|sort' but didn't noticed git-email. looked for git-mail :) 2018-04-02 10:38:47 <_ikke_> https://pkgs.alpinelinux.org/contents?file=git-send-email&path=&name=&branch=edge 2018-04-02 10:39:02 <_ikke_> In case you didn't know that 2018-04-02 10:41:06 looks like I need eyeglasses, or better yet - little resting 2018-04-02 10:52:18 morning 2018-04-02 10:52:28 where can i put commands to be executed at boot? 2018-04-02 10:52:41 i need to mount a drive during boot 2018-04-02 10:53:38 I created a file in /etc/local.d called mounthdd.start which includes mount /dev/sdb1 /media/hdd/ 2018-04-02 10:53:47 but nothing seems to happen 2018-04-02 10:54:08 id4rk: rc-update add local 2018-04-02 10:54:20 oh... lol ok 2018-04-02 10:54:26 thanks mps 2018-04-02 10:54:50 brb going to check 2018-04-02 10:54:51 local service must be started to run files in /etc/local.d/ 2018-04-02 10:55:18 id4rk: usually, mounts are setup in /etc/fstab 2018-04-02 10:56:29 of course, fstab is right solution, if someone doesn't need some special hacks to mount drives 2018-04-02 10:57:30 hello again 2018-04-02 10:57:36 mps it worked 2018-04-02 10:58:45 nice :) but look what liwakura told, maybe fstab is enough for you to mount drive 2018-04-02 11:00:50 was not able to see that, the device i rebooted is also my firewall thats why i just ghosted my nickname 2018-04-02 11:01:23 >id4rk: usually, mounts are setup in /etc/fstab 2018-04-02 11:01:39 liwakura is that more efficient? 2018-04-02 11:01:52 yeah 2018-04-02 11:02:16 fstab is literally made for mounting things 2018-04-02 11:02:16 liwakura i will have a look into it, thanks 2018-04-02 11:06:09 _ikke_: btw, my main 'driving force' to switch to AL was the "alpine tries to keep packages small with a minimum of dependencies" as you told 2018-04-02 11:06:34 mps i adore the packet manager 2018-04-02 11:06:51 they should put it in all distros 2018-04-02 11:06:55 lol 2018-04-02 11:07:08 I'm sick of Debian dependencies madness :( 2018-04-02 11:07:54 have a hope that AL would not go that route 2018-04-02 11:08:05 mps debian is old, which is not a bad thing, but... to keep compatibility up i guess they have done it in this way 2018-04-02 11:08:33 im sure there are better ways, you just have to find them 2018-04-02 11:10:08 id4rk: I'm using Debian for 20 years, IIRC, and still have it on some customers servers, but I'm trying to find better route, i.e. AL 2018-04-02 11:10:28 mps i also like that AL purges the uninstalled apps and removes unnecessary dependancies by default 2018-04-02 11:10:41 nice, clean and tidy 2018-04-02 11:11:07 yes, KISS principle 2018-04-02 11:15:30 mps i don't have that many years of experience, i have used many linux distributions but not permanently... always went back to windows at some point. AL convinced me to stay, somehow i also like it more than arch, seems to be a nicer community too 2018-04-02 11:16:53 my first linux distro was red hat, when i was 14 or 15... thats nearly 20 years ago 2018-04-02 11:27:04 id4rk: never used windows for anything :) 2018-04-02 11:27:31 mps better like that, wish i'd done the same 2018-04-02 11:29:25 hello. Can someone please let me know,is it possible to run primusrun and optirun on optimus based laptops running Alpine? I am so struggling to make it work.. 2018-04-02 11:34:59 what is the problem? 2018-04-02 11:35:07 is that nvidia related? 2018-04-02 11:36:39 yes :/ 2018-04-02 11:37:19 nvidia drivers dont work or dont work well with alpine (musl libc) 2018-04-02 11:37:38 it works on debian, but can't make it run on Alpine.. alpine showed awesome for headless usage, but want to give it a try on laptop 2018-04-02 11:37:54 yes, noticed that.. 2018-04-02 11:38:09 that is because musl doesn't support multilib ? 2018-04-02 11:38:13 we have some compat pkgs to help with that. 2018-04-02 11:38:37 no, because nvidia drivers are compliled against glibc 2018-04-02 11:38:48 aha 2018-04-02 11:39:25 gcompat? 2018-04-02 11:39:30 i was getting something like, `nvidia-installer` not found everytime it unpacks it 2018-04-02 11:39:39 lomis im going to face similar problems, i've ordered a workstation laptop with an nvidia quadro k2000m, but as i use alpine in terminal mode... its not huge problem for me 2018-04-02 11:39:41 lomis: run ldd on the binary 2018-04-02 11:39:53 sec 2018-04-02 11:39:54 lomis but still interested in the subject 2018-04-02 11:40:57 yes gcompat has implement some glibc extensions iirc 2018-04-02 11:41:38 hey, on which binary exactly ? 2018-04-02 11:41:52 which would make some binaries against glibc happier 2018-04-02 11:42:18 nvidia drivers binaries 2018-04-02 11:42:53 I have nvidia card on this laptop (where I mostly work), but just disabled it, and use only intel card 2018-04-02 11:42:59 the not found is probably because it cannot find libc at all, gcompat has some symlinks similar to glibc 2018-04-02 11:43:14 http://termbin.com/sh9i this is on nvidia-installer 2018-04-02 11:43:39 install gcompat and try again 2018-04-02 11:45:08 Error relocating /tmp/selfgz5514/NVIDIA-Linux-x86_64-390.48/nvidia-installer: fts_read: symbol not found 2018-04-02 11:45:16 with gcompat 2018-04-02 11:45:40 and couple of others.. but i am still in the X, just want to test it will it ran actually 2018-04-02 11:48:32 i gave up on nvidia-driver, so i wanted to try on nouveau.. but that didn't work as well.. so i compiled bumblebee and virtualgl, when i try to run like , optirun firefox i get: 2018-04-02 11:48:35 [32919.701872] [ERROR]Cannot access secondary GPU - error: [XORG] (EE) /dev/dri/card0: failed to set DRM interface version 1.4: Permission denied 2018-04-02 11:49:03 /dev/dri/card0 should be my intel card, idk why it doesn't switch it to nvidia one 2018-04-02 11:49:35 bbswitch is compiled as well 2018-04-02 11:50:21 well... I'd give up at that point :/ 2018-04-02 11:50:55 i gave up once, but i am back :) 2018-04-02 11:51:23 there is always a way... 2018-04-02 11:51:27 I just have historically had the worst experience with nvidia 2018-04-02 11:51:39 and as such don't have any of their products 2018-04-02 11:52:04 indeed lots of trials and fails.. stupid optimus technology... 2018-04-02 11:52:06 the best way is use intel only and skip the nvidia 2018-04-02 11:52:37 we dont support it, so you are on your own. 2018-04-02 11:52:46 why are they not releasing a opensource driver? afraid that the competition could see something? 2018-04-02 11:53:28 why are they not allowing manufactures to also use the same branding for AMD cards? 2018-04-02 11:53:41 is it -- gasp -- fair behaviour?! 2018-04-02 11:53:45 unheard of by nvidia 2018-04-02 11:53:45 is the situation a bit better with amd ? talking about laptops 2018-04-02 11:53:55 amd doesn't really make mobile GPUs 2018-04-02 11:53:58 except for one? 2018-04-02 11:54:31 i had some old laptop with some hybrid amd graphic.. 4,5y ago 2018-04-02 11:55:20 The best open-source experience is still had with Intel and AMD on the desktop. 2018-04-02 11:56:28 did you try https://wiki.archlinux.org/index.php/PRIME ? 2018-04-02 11:57:11 this one : https://www.pcworld.idg.com.au/review/toshiba/satellite_a200_psaf6a-07g01n/221218/specs/ but i recall back in that time i was limited by xorg version and some `fg...something` drivers on ubuntu 2018-04-02 11:57:22 but it worked as far i remember 2018-04-02 11:58:17 fglrx? 2018-04-02 11:58:25 yea, that one 2018-04-02 11:58:38 That driver did suck... 2018-04-02 11:58:45 AMDGPU doesn't, tough :) 2018-04-02 11:59:59 yea, it was from some ppa, and not maintained(?) ... didn't exactly follow their guide, but let me give a shoot 2018-04-02 12:00:41 btw - tried to enable the same on freebsd 11 stable - same luck 2018-04-02 12:02:01 lomis: I have this crap called optimus (or whatever) on my laptop which I use for work about five years (not sure, though) with Debian, and from the start I disabled nvidia card 2018-04-02 12:02:50 tried to nouveau and nvidia driver, but it was not worth a hassle to work with 2018-04-02 12:04:21 well i used optirun/primusrun on debian as well for 2-3y, but running only firefox and vlc when i needed with it.. and indeed it is much more efficient ... but - i want to make this thing work on alpine :)) 2018-04-02 12:04:25 and, with disabled nvidia laptop is a lot cooler and doesn't provide noise, it is quiet 2018-04-02 12:04:46 true 2018-04-02 12:10:43 anyone have an idea, where i can find this lib : `libGLU.so.1` ? 2018-04-02 12:10:53 Error loading shared library libGLU.so.1: No such file or directory (needed by glxinfo) 2018-04-02 12:11:32 https://askubuntu.com/questions/386281/error-while-loading-shared-libraries-libglu-so-1 .. but what is the alternaative for alpine ? 2018-04-02 12:18:53 well... this seems to work... ``localhost:~/Downloads/opt/VirtualGL/bin# ./vglrun firefox'' how can i identify if i am using gpu ? glxinfo doesn't work for me (missing that shared lib) 2018-04-02 12:23:35 i'll continue troubleshooting latter on, work calls.. gcompat gave me some new hope :) i'll report if i had any sucess, thanks everyone :) 2018-04-02 13:19:17 i recommend this for everyone, move the weechat directory out of your ssd to an hdd, so the logger does not write logs every second breaking your ssd writes. create a symbolic link from the home directory .weechat to /media/hdd/whateverpath 2018-04-02 13:19:45 or just disable the logger 2018-04-02 13:20:28 as my weechat runs 24/7... this could become an issue! 2018-04-02 13:52:14 id4rk: breaking your ssd writes?! 2018-04-02 13:59:27 hiro: trying to avoid ssd write cycles, would be absurd to add the noatime flag to fstb to protect the ssd and have weechat writing to the disk 24/7 2018-04-02 14:03:55 why are ssd write cycles so important? i thought the main problem was just the amount of data written? 2018-04-02 14:04:17 many small writes are worse than one big write of the same size?! 2018-04-02 14:04:31 is that documented somewhere, in the datasheets or something? 2018-04-02 14:10:14 hiro: thats why... the logging makes a lot of smaller writes (i guess thats how weechat works), not only when you /quit weechat 2018-04-02 14:11:00 i mean, i think it does not only write the logs when quitting 2018-04-02 14:21:36 let it just be said that the issue is much more complex than you make it to be 2018-04-02 14:22:28 just an application frequently logging something isn't going to break your disk though 2018-04-02 14:23:42 filesystems used, cache parameters, amount of available memory etc etc, the list of factors affecting that is long 2018-04-02 14:46:35 TBB: i agree 2018-04-02 15:43:35 nice VPN performance https://ibb.co/ijVeZn 2018-04-02 15:47:06 <_ikke_> hmm, bmon, looks nice 2018-04-02 15:47:52 yep :) 2018-04-02 18:01:26 hi 2018-04-02 18:01:42 I see some very big bugs in the latest Alpine stable release 2018-04-02 18:02:09 that don't really make me happy at all 2018-04-02 18:02:32 when using docker, my bash processes don't close, and stay as zombies 2018-04-02 18:02:41 the container host runs Alpine of course 2018-04-02 18:03:21 and so my container ends up being killed before stuff recovers 2018-04-02 18:16:34 do you have a minimal repeatable example? 2018-04-02 18:18:09 I'm not affiliated with the project at all but I'm going to assume your doing something 1) terrible 2) terribly cutting edge. And my money is on #1 2018-04-02 18:46:23 id4rk: yeah but what do you base your claim on even? how big must a write be in order for the ssd not to be worn out uselessly? 2018-04-02 18:50:02 hiro: I do not have any theory, nor proven knowledge I am just assuming that these things I am doing make my SSD live longer. Because it makes sense for me, not because I have made any tests, im just going the secure way. 2018-04-02 18:51:47 hiro: if you ask me how it works exactly, i cannot give you an answer. im trying to get all possible factors that could affect it, get them out 2018-04-02 18:52:56 id4rk: ok, cause i heard this specific claim the first time and dint quite want to believe it... 2018-04-02 18:53:28 personally i dont wear out ssds so i'm not gonna bother 2018-04-02 18:53:42 i have too much stale data 2018-04-02 18:53:49 hiro: if i get time to make tests, ill do them 2018-04-02 18:53:50 and small ssds only :) 2018-04-02 18:54:05 id4rk: id expect this kind of stuff in the datasheets 2018-04-02 18:56:30 one thing that comes to mind is the size of written data vs the block size of the target media, and by that I mean its own internal block size 2018-04-02 18:59:34 another thing affecting the wear would be mlc vs slc, but most consumer grade ssds are still mlc I imagine 2018-04-02 19:02:23 all decent SSDs have a rating, usually in TBW, for how much write endurance they're supposed to have 2018-04-02 19:03:10 desktop use cases do not even come close to this number on anything but the cheapest chinese export units 2018-04-02 19:04:36 i.e. if you buy a name brand and you're not write thrashing it 24/7, you have absolutely nothing to worry about 2018-04-02 19:05:35 usb flash drives and sd cards are another story, though 2018-04-02 19:05:55 yup. slc ssds have roughly 10 times the endurance of mlc. but things like writing IRC logs to disk aren't going to kill your disk anytime soon in any case. 2018-04-02 19:09:15 the reason why especially mlc disks get worn out is that writes smaller than what the 'block size' of the ssd in question is still cause a write of that block size 2018-04-02 19:09:48 the reasoning behind avoiding really small writes is that every write must write to a whole block, and those blocks can be 4k or even 64k depending on the media, so if you make tons of tiny writes (512 bytes) you're causing excess writes to the physical media 2018-04-02 19:09:58 however, this optimization is simply not necessary in all but the most extreme cases 2018-04-02 19:10:33 now, where it gets interesting is whether your OS and your filesystem of choice can handle that in a smart way, for example waiting until you have enough data to write (enough fo fill a block at once) 2018-04-02 19:11:56 plus, modern SSD formware optimizes on its own for stuff like this 2018-04-02 19:12:35 the OS doesn't control where, physically, the data is written, the SSD handles all of that 2018-04-02 19:12:44 so it has the ability to optimize it to some degree 2018-04-02 19:13:26 this is also why things like shredding files doesn't work on SSD 2018-04-02 19:32:52 good info 2018-04-02 22:12:49 hm, why on ascii there is : etc/systemd/system/timers.target.wants/apt-daily-* stuff ? 2018-04-02 22:13:07 wrong chan :) sorry 2018-04-03 00:40:57 is the hardened image going to be maintained, after the abandonment of the grsec patches? 2018-04-03 00:53:59 nope 2018-04-03 00:54:19 at least the grsec patches are being phased out 2018-04-03 01:05:35 Why? I know the grsec patches are unmaintained 2018-04-03 01:05:41 but there's no alternative yet 2018-04-03 01:06:12 so having old patches is better than nothing, I think 2018-04-03 01:06:53 meltdown was stopped by a year-old kernel patch 2018-04-03 06:03:48 hello 2018-04-03 08:12:15 qemu-system-x86_64 -m 1024 -drive file=/dev/vg0/win7,if=virtio,cache=writethrough,format=raw -localtime -cpu host -enable-kvm -device e1000,netdev=net0 -netdev user,id=net0,hostfwd=tcp::3389-:3899 2018-04-03 08:12:27 can't forward port 3389 2018-04-03 08:12:55 why not working ? 2018-04-03 08:13:10 guest ip 10.0.2.15 2018-04-03 08:13:42 guest firewall disabled 2018-04-03 09:36:31 hi, i maybe someone can help me with a error i get from apk-tools, Huh? Error reporter did not find the broken constraints. 2018-04-03 09:37:29 klesk: what apk version is it? 2018-04-03 09:37:41 apk-tools 2.9.1, compiled for armhf. 2018-04-03 09:37:51 `apk --version` 2018-04-03 09:38:15 what do you have in /etc/apk/repositories? 2018-04-03 09:38:29 and what did you try to `apk add` 2018-04-03 09:38:35 i had a typo and then suddenly the message showed up 2018-04-03 09:39:00 the exact same error message 2018-04-03 09:39:22 http://dl-4.alpinelinux.org/alpine/v3.7/main 2018-04-03 09:39:24 http://dl-4.alpinelinux.org/alpine/v3.7/community 2018-04-03 09:39:27 can you see if your typo made it to /etc/apk/world? 2018-04-03 09:40:55 can't find any unusable packages, i will try to give you a log of the happenings 2018-04-03 09:42:30 https://nopaste.linux-dev.org/?1180885 2018-04-03 09:47:08 here the content of world, https://nopaste.linux-dev.org/?1180886 2018-04-03 10:56:23 any idea, what could be the cause? 2018-04-03 11:01:22 klesk: that should be enough for me to reproduce it 2018-04-03 11:04:09 is it possible to send just 'git diff .' to aports mailing list instead of complete commit 2018-04-03 11:06:13 klesk: what happens if you: sed -i -e 's/nodejs-current-npm/nodejs-npm/' /etc/apk/world 2018-04-03 11:06:35 mps: everything is possible. the impoosible just takes longer time 2018-04-03 11:06:46 mps: if you just send the diff, then we need to create the commit for you 2018-04-03 11:07:10 and it raises the question: who should be the author, you or me, since its your diff 2018-04-03 11:07:30 understand, then I will try canonical way 2018-04-03 11:07:36 so we need to do git commit --author ... and fidn out the exact name and email address etc 2018-04-03 11:07:53 and then maybe even check with you if its ok to do so 2018-04-03 11:08:22 so its much easier for us if you do git send-email 2018-04-03 11:08:40 huh, maybe I should register myself on the github, I will see what is easier for me 2018-04-03 11:09:07 github is convenient 2018-04-03 11:09:35 if you do , please check https://github.com/alpinelinux/aports/blob/master/.github/CONTRIBUTING.md first 2018-04-03 11:10:00 ncopa: I understand, but don't like to have accounts everywhere, but ... 2018-04-03 11:10:24 wener_: I read it already 2018-04-03 11:11:21 just trying to find which will work best for me and my habit 2018-04-03 11:11:55 ncopa that solved the problem, thanks 2018-04-03 11:13:34 i think its a bug in apk 2018-04-03 11:19:42 Hi everyone 2018-04-03 11:24:54 I need to have only a linux console distribution with only openssh, which flavour do you suggest me ? 2018-04-03 11:25:57 kvuser5: alpine by default doesn't install GUI 2018-04-03 11:26:48 standard or vanilla is good for simple minimal install 2018-04-03 11:28:10 no gui 2018-04-03 11:28:27 it is just to make a ssh tunnel actually 2018-04-03 11:29:23 standard is minimal with hardened kernel and during alpine-setup it ask if you want openssh 2018-04-03 11:29:59 ok thanks mps 2018-04-03 12:20:07 guys, is there requirements.txt file for apk like in pip? if yes, where can i find the documentation to use it? 2018-04-03 12:22:51 there are no requirements.txt file for apk afaik 2018-04-03 12:22:52 we set dependencies in APKBUILDs 2018-04-03 12:25:11 ncopa: do you mean to make a fake/dummy package with requirements list added as dependencies? 2018-04-03 13:00:04 Hi, the latest update on php7-mongodb (rebuild against php7.2) breaks the extension: [03-Apr-2018 12:52:57 UTC] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php7/modules/mongodb.so' - Error relocating /usr/lib/php7/modules/mongodb.so: zend_vspprintf: symbol not found in Unknown on line 0 2018-04-03 13:01:30 How can I resolve this? I tried different combinations of the repositories, but none of them lead to a working environment. I also tried using the old version of php7-mongodb, but that doesn't seem possible 2018-04-03 13:10:08 trafex, that packages is only availalbe in edge/testing 2018-04-03 13:10:30 make sure its using only edge repo's 2018-04-03 13:12:08 clandmeter: you're right. I was also spamming #alpine-devel, see the conversation there 2018-04-03 13:12:31 trafex, i know, please use this channel. 2018-04-03 13:13:08 and make sure you apk -U upgrade -a 2018-04-03 13:14:56 ah sorry, didn't know what channel to use :) I'm building a Docker image, so it's clean install from scratch. But I just found a working combination; getting the php7-* packages from 'edge/main' (seems to include all 7.2 versions). And getting php7-mongodb package from 'edge/testing' 2018-04-03 13:17:06 Big downside is that I'm now required to upgrade to PHP 7.2, coming from PHP 7.1. It's for a production system, so I need to test the whole application to make sure everything still functions. I wonder why the php7-mongodb extension is only available via the testing repo? 2018-04-03 13:23:06 where can i read some detail about the differences between the alpine variants? for example, i'd like to know specifically what a "vanilla" kernel is, and how it differs from the kernel in standard? 2018-04-03 13:23:23 i've found this: https://alpine-linux.readthedocs.io/en/latest/getting_started.html#release-differences 2018-04-03 13:23:30 but i'm looking for some more detail 2018-04-03 13:23:55 it's a kernel that smell good but isn't too exciting ? :) 2018-04-03 13:26:03 trafex, because we dont get feedback, or maintainer didnt come back to do so. 2018-04-03 13:26:11 lunaphyte: standard kernel is hardened with grsecurity patch and vanilla is just as name says 'vanilla' kernel 2018-04-03 13:26:17 lunaphyte: vanilla is an unpatched kernel from kernel.org. : https://pkgs.alpinelinux.org/package/edge/main/x86/linux-vanilla 2018-04-03 13:26:56 clandmeter: oke, that seems fair. How can I give feedback? 2018-04-03 13:29:48 trafex, you are doing right now :) 2018-04-03 13:31:08 trafex, you can talk to anypost, he does php related thigns for alpine. 2018-04-03 13:31:52 mps, koollman: i see, thanks 2018-04-03 13:38:41 does the standard kernel differ from the modified kernel beyond the grsec patches? 2018-04-03 13:39:19 Hi 2018-04-03 13:39:22 anyone hitting this https://bugs.alpinelinux.org/issues/8379 2018-04-03 13:39:24 ? 2018-04-03 14:07:04 Is there a way to remove wget from alpine? “apk del wget” doesnt do much 2018-04-03 14:08:36 Miouge: unlink /usr/bin/wget 2018-04-03 14:09:13 Miouge, wget is a symlink to busybox by default. In case you try to remove it for security reasons keep that in mind. 2018-04-03 14:09:19 apk restores busybox version of wget if you uninstall it 2018-04-03 14:10:14 yep the idea is to remove “wget” for security reasons, so if I unlink or chmod -x, once could still “busybox wget” 2018-04-03 14:10:29 s/once/one 2018-04-03 14:12:56 Miouge, right. Also one could use netcat (nc) to download things. 2018-04-03 14:13:18 or python, or perl, or bash 2018-04-03 14:13:51 where can i read about what "slimmed down kernel" actually means in terms of the virtual iso? 2018-04-03 14:14:55 Yep, curl and wget and fairly popular vectors. So the idea is that it doesn’t cost much to unlink, but it makes security people happy. 2018-04-03 14:15:47 ACTION wonders what kind of security poeple are those that are made happy with removing wget/curl 2018-04-03 14:16:20 hs3dUBwdmCjy: python, perl, or bash are not in the alpine base image :) but I get the idea, one could always edit “/etc/apk/repositories” and “apk add myvirus” :) 2018-04-03 14:17:26 Miouge, we dont use regular wget, its busybox wget, impossible to really remove. 2018-04-03 14:17:58 <_ikke_> can you symlink it to /bin/false or something? 2018-04-03 14:18:16 <_ikke_> but then still, busybox wget would be available 2018-04-03 14:18:20 busybox wget does that same. 2018-04-03 14:18:29 lunaphyte: "slimmed down kernel" means that we only included drivers for known virtual hardware 2018-04-03 14:18:46 All in all - in a user as root right you can't protect against any use of their right. 2018-04-03 14:18:47 and dont remove busybox. it will break your env. 2018-04-03 14:18:54 s/in/if/ 2018-04-03 14:19:06 ncopa: i see, thanks. is there a specific list anywhere i can read? 2018-04-03 14:20:03 you have the exact config here: https://git.alpinelinux.org/cgit/aports/tree/main/linux-vanilla/config-virt.x86_64 2018-04-03 14:22:04 Mmm, I guess to lock it down I would have to compile busybox with CONFIG_WGET=n, CONFIG_NC=n etc… 2018-04-03 14:25:14 Miouge, could work but keep in mind that every attacker just could download an apk and use it on that system. 2018-04-03 14:29:57 bernhardgruen: you are right. Maybe a more valid approach would be to “chmod -x” all executables except for the ENTRYPOINT (and eventual deps) 2018-04-03 14:30:12 ncopa: that's great, thanks, i'll have a read 2018-04-03 14:31:50 Miouge: mabye you could do an empty system with nothing except the application 2018-04-03 14:32:37 liwakura: Yep, that’s what I do for go apps (FROM scratch), but AFAIK we can’t do that for things like python, ruby, java, node 2018-04-03 14:33:16 i think an attacker could as well just execute code from the RAM of an exploited program 2018-04-03 14:33:30 so, thats more sort of obscuring 2018-04-03 14:34:26 If you ask me: if the attacker can run commands wget or else, you are already pretty much screwed. 2018-04-03 14:44:04 if you have python/ruby/java/node you can also download things from the net. 2018-04-03 14:44:34 those languages contain all whats needed for opening sockets and doing dls 2018-04-03 14:45:45 although i guess java lacks a repl 2018-04-03 14:46:22 i wouldn't assume that not having a repl stops attackers 2018-04-03 14:47:39 with a repl and ruby/py/node it is trivial to download things. 2018-04-03 14:48:00 other vectors might be more cumbersome is all my message is. 2018-04-03 14:52:26 ncopa: does the virtual kernel include the grsec patches? 2018-04-03 14:53:06 only virthardened 2018-04-03 14:53:11 we used to have a linux-virthardened kernel yes 2018-04-03 14:53:16 but we are dropping grsec patches 2018-04-03 14:53:34 oh - dropped grsec patches entirely? across all alpine variants? 2018-04-03 14:53:38 *dropping 2018-04-03 14:54:40 yes 2018-04-03 14:54:44 you need to buy the patch and build your kernel yourself if you need it 2018-04-03 14:54:45 grsec is dead 2018-04-03 14:54:50 gotcha 2018-04-03 14:54:55 grsecurity.net 2018-04-03 14:55:02 yeah, that's just fine with me 2018-04-03 14:55:10 they're no longer releasing patches, nor maintaining their current ones 2018-04-03 14:55:20 and those patches grow stale quick 2018-04-03 14:55:35 oh - only a commercial product now? no open source component? 2018-04-03 14:55:40 patch is no longer freely available 2018-04-03 14:55:42 yes 2018-04-03 14:55:46 i see 2018-04-03 14:56:08 hs3dUBwdmCjy: I guess that’s the thinking: to make it as hard as possible. For a “python:alpine” you could remove all binaries but /usr/bin/python to make it harder. Once the docker image is built, there is no reason to do any apk, pip, vi or sh in production :) 2018-04-03 14:56:37 they are not dead, just commercially available "open" source 2018-04-03 14:56:50 heh. yeah, gotcha 2018-04-03 14:57:05 ncopa: correct, but for me they're as good as "dead" ;P 2018-04-03 14:58:05 i know... 2018-04-03 14:58:49 i'll try a MT7612E based wifi card on alpine soon. wonder if it'll get picked up by linux-vanilla 2018-04-03 14:58:51 Grsecurity isn't dead 2018-04-03 14:58:56 It just is not public any more. 2018-04-03 14:58:56 it's a little bit of a bummer, maybe, just philosophically. but really, it doesn't bother me too much to not have those patches 2018-04-03 14:59:42 the relationship between grsec and the mainline kernel has just been too contentious. not healthy for the ecosystem or community 2018-04-03 15:00:01 The relationship is really complicated and both sides are at fault 2018-04-03 15:00:10 Miouge: if you have /usr/bin/python, then it makes no sense to remove wget 2018-04-03 15:00:11 right 2018-04-03 15:00:31 [re the relationship] 2018-04-03 15:03:05 hs3dUBwdmCjy: /usr/bin/python -i :) 2018-04-03 21:19:40 Is there an ipv6 mirror for alpine apk packages? I'm on an ipv6 only host. 2018-04-03 21:24:02 <_ikke_> http://mirror.leaseweb.com/alpine/ works 2018-04-03 21:24:39 _ikke_, nice. :-) I'm on leaseweb so it couldn't be closer. 2018-04-03 21:26:52 <_ikke_> https://mirrors.alpinelinux.org/ 2018-04-03 21:28:38 Ja dank je. 2018-04-03 21:28:57 <_ikke_> :-) 2018-04-03 21:34:03 o_O github has no ipv6 support! 2018-04-03 21:40:09 <_ikke_> nope 2018-04-03 21:40:32 <_ikke_> I ended up using a reverse socks proxy 2018-04-03 21:43:03 nasty... I'll figure something out. prolly nat it behind a vm that does have an ipv4 2018-04-03 21:44:43 <_ikke_> So sad ipv6 is still not generally available 2018-04-03 21:47:43 <_ikke_> pages do support ipv6, but not the repository hosting itself apparently 2018-04-03 23:56:10 is there an alpine "release" that is rolling, but is not edge/development? 2018-04-04 00:03:30 lunaphyte: I'm not heaps familiar with alpine releases, but if you want a rolling system, why not use edge/development? 2018-04-04 00:05:13 i like the mechanics of a rolling release, and not the potential surprises of a development tree 2018-04-04 00:22:45 lunaphyte: What's the difference, in practice? :) 2018-04-04 00:23:13 i'm not sure i understand the question 2018-04-04 00:23:52 lunaphyte: Consider how the two are the same. 2018-04-04 00:24:04 lunaphyte: And then ask yourself: How do they differ? 2018-04-04 00:24:47 versioned releases versus rolling releases? 2018-04-04 00:25:44 lunaphyte: "edge" vs "rolling" releases. 2018-04-04 00:25:54 lunaphyte: Edge, iirc, is *always edge*. 2018-04-04 00:26:08 it seems to me, in the context of alpine, they are the same, no? 2018-04-04 00:26:10 It is under "constant development", just like rolling releases are. 2018-04-04 00:26:19 the only rolling release is an "edge" release 2018-04-04 00:26:36 non edge releases are available only as versioned releases 2018-04-04 00:26:38 right? 2018-04-04 00:26:40 lunaphyte: So how does that differ from other rolling release distros? 2018-04-04 00:26:50 um 2018-04-04 00:26:57 lunaphyte: At least, in alpine and debian, I have a choice not to use rolling releases. 2018-04-04 00:27:00 i wasn't really looking to make a comparison to other distros, why? 2018-04-04 00:27:51 lunaphyte: I'm attempting to compare on a conceptual release. You seem to be focused on the particular spelling (ie, "edge" isn't named "rolling"?) 2018-04-04 00:28:24 hmm, why do i seem to be focused on that? it doesn't appear that way to me 2018-04-04 04:00:32 Hello, I have a new alpine linux box set up, and I am trying to get it to register with my server when it gets a DHCP address 2018-04-04 04:00:46 so I can talk to it via hostname instead of with an IP 2018-04-04 04:01:10 I have modified my /etc/dhcp/dhclient.conf file, but that does not seem to be doing it 2018-04-04 04:01:27 other machines on the network register and show up fine quickly 2018-04-04 04:01:41 are there any other configuration steps I need to take? 2018-04-04 07:10:44 Do any of you use alpine with Docker? 2018-04-04 07:11:30 <_ikke_> As container image or as docker host? 2018-04-04 07:11:44 <_ikke_> I use both, but not very extensively 2018-04-04 07:24:15 _ikke_, as a docker host 2018-04-04 07:24:38 I'm trying to figure out stopping, starting and restarting nginx is why 2018-04-04 07:26:39 with my normal alpine install, rc-service works great for controlling nginx. The docker image however, doesnt have rc-service installed, and I keep trying to figure out how to get it working with my own virtual hosts configuration, but it sucks to have to stop the whole thing and rebuild then run so nginx can start up with my changes 2018-04-04 07:26:49 I use alpine as docker host and as container image. 2018-04-04 07:27:13 i installed rc-service with `apk add openrc` and tried to add nginx as a service but that didnt work 2018-04-04 07:27:56 I don't know if openrc will work inside a container. I've never tried to use it. 2018-04-04 07:28:14 What's the reason you like to use init inside the container? 2018-04-04 07:28:58 How do you guys control nginx? I finally resorted to using `FROM nginx:alpine-3.7` or something like that in my dockerfile, because installing it from RUN and COPYing my own virtual host file wasn't working. I have tried it without COPYing my host file, it works. I copy their host file and make *slight* changes to it and it doesnt work anymore 2018-04-04 07:29:15 bernhardgruen, what do you mean ? 2018-04-04 07:29:50 In a normal alpine install, I found that i could also control nginx from /etc/init.d/nginx command 2018-04-04 07:30:01 That does not work in docker either 2018-04-04 07:30:40 I control my nginx images with docker rm CONTAINER ; docker pull IMAGE ; docker run CONTAINER if it is something really basic. Or I use docker stack deploy to control the workflow. 2018-04-04 07:31:31 birdbolt1, you normally don't start and stop services inside the container. Instead, you change the whole container. 2018-04-04 07:32:01 For nginx though I think you could work with kill -SIGNAL to do a reload and so on. 2018-04-04 07:33:48 aahh gotcha 2018-04-04 07:35:13 birdbolt1, you could also use 'nginx -t' to test the config and 'nginx -s reload' to actually reload, btw. 2018-04-04 07:35:14 Would u guys recommend I use `FROM nginx:alpine-3.7` or `FROM alpine:3.7` and then `RUN apk add nginx` 2018-04-04 07:35:30 bernhardgruen, YES! perfect 2018-04-04 07:35:58 It is super annoying to kill the container, change a line or two, then rebuild and run it again 2018-04-04 07:37:14 I always prefer the official variant (first one). But sometimes it makes sense install software manually - for example if you need a version with special features compiled in. 2018-04-04 07:38:15 Indeed, noted :) 2018-04-04 07:44:48 <_ikke_> birdbolt1: It helps to not see docker containers as virtual machines 2018-04-04 07:45:07 <_ikke_> birdbolt1: They just isolate processes 2018-04-04 07:47:20 <_ikke_> You typically don't run an init process for example 2018-04-04 07:51:30 That is a helpful way to put it. I'll be seeing it from your perspective from now on. Thank you 2018-04-04 07:53:48 <_ikke_> So you typically directly run for example nginx 2018-04-04 08:01:34 bernhardgruen: _ikke_: could you point me or give search term for running container without init. I'm using lxc with init to start redmine and didn't know it could be done without init 2018-04-04 08:20:50 mps: I don't know lxc very well. For docker it is some kind of a paradigm not to use init. You can think of docker like a chroot where you call 'chroot DIR PATH/TO/APP'. There you don't have an init process too. 2018-04-04 08:25:12 bernhardgruen: ok, tnx, I will search net and I hope that there are some docs about that 2018-04-04 09:21:48 hello 2018-04-04 09:23:58 could someone update sphinx package? 2018-04-04 09:29:20 pax_rhos, update requests are best done via bugs.a.o 2018-04-04 11:41:42 how would an automated installed ideally look like? 2018-04-04 11:41:49 apkovl with script in /etc/local.d/ ? 2018-04-04 11:41:55 *automated installer 2018-04-04 11:42:30 how to bootstrap alpine linux from uboot ? 2018-04-04 11:43:48 armada-370-dlink-dns327l.dtb soc 2018-04-04 11:44:36 kahiru: btw, i've given up on the ordoid 2018-04-04 11:44:46 ;_; 2018-04-04 11:44:49 bootloader is a PITA 2018-04-04 11:44:55 yeah, major pita 2018-04-04 11:45:21 like, the upstream binary works, but doesn't understands alpines kernel format 2018-04-04 11:45:35 u-boot compiled by alpine (with the ordoid target) just boot loops 2018-04-04 11:46:53 and the support is in the level of "just run this magic scrip" 2018-04-04 11:49:18 kozakman: it is possible, I did it about year ago but didn't write docs and now I forgot how I done that 2018-04-04 11:55:52 liwakura: that sucks 2018-04-04 11:58:17 i have built latest linux kernel 4.16 but to booting need installed system 2018-04-04 11:58:36 Kernel panic - not syncing: No working init found 2018-04-04 11:58:53 Could you rephrase your question to be a little more descriptive of the problem? 2018-04-04 11:59:27 You'd run standard u-boot commands to load kernel+dtb+initramfs (as applicable) 2018-04-04 11:59:39 Have you loaded an initramfs? 2018-04-04 11:59:49 It sounds like you've not, given that init is not found. 2018-04-04 12:02:38 setenv bootargs_mmc "setenv bootargs console=ttyS0,115200 root=/dev/sda3 rw rootwait modules=loop,squashfs,sd-mod,usb-storage modloop=/boot/modloop-hardened" 2018-04-04 12:02:43 setenv bootcmd_mmc "ide reset; ext2load ide 0:3 0xa00000 boot/uImage; ext2load ide 0:3 0x2000000 boot/initramfs-hardened; run bootargs_mmc; bootm 0xa00000" 2018-04-04 12:02:46 run bootcmd_mmc 2018-04-04 12:05:41 boot/uImage from latest kernel and boot/initramfs-hardened from GENERIC ARM from alpinelinux site download section 2018-04-04 12:06:33 What is "latest kernel" 2018-04-04 12:06:44 Kernel and initramfs should match 2018-04-04 12:06:52 [ideally] 2018-04-04 12:08:26 Given you're using initramfs-hardened, I'm going to suggest that they don't. 2018-04-04 12:08:43 built by self linux 4.16 from debian system with cross toolchain 2018-04-04 12:09:18 Rebuild your initramfs around this kernel 2018-04-04 12:10:22 Your initramfs may have various kernel modules needed at boot-time; if they don't match, those modules won't work. 2018-04-04 12:11:26 what modules you are mean ? 2018-04-04 12:11:32 Kernel modules. 2018-04-04 12:12:08 names 2018-04-04 12:12:24 Sorry? 2018-04-04 12:12:51 у них есть имена ? 2018-04-04 12:12:57 they have names ? 2018-04-04 12:13:10 I don't understand the direction this conversation is going 2018-04-04 12:13:17 either way, you need to build a new initramfs 2018-04-04 12:14:52 what modules should I include in the kernel ? 2018-04-04 12:15:03 I don't understand 2018-04-04 12:15:32 You'll have a given configuration for your kernel. It is up to you. 2018-04-04 12:15:46 You'll want to build that configuration off an existing "known good" one probably 2018-04-04 12:16:20 there are some configurations in Alpine's aports repository. But IDK if they will be useful. 2018-04-04 12:16:29 Or why you're building a custom kernel in the first place 2018-04-04 12:16:33 I built a kernel with multi_v7_defconfig 2018-04-04 12:22:07 because i can't find armada-370-dlink-dns327l.dtb 2018-04-04 12:22:31 on alpine linux 2018-04-04 12:38:56 kozakman: what SOC have armada-370-dlink-dns327l 2018-04-04 13:22:43 Marvell ARMADA 370 System-on-Chip (SoC) Family of Integrated Controllers 2018-04-04 13:23:28 Hello, i was using php7-mongodb in testing with alpine:3.7 + php 7.1, but the last commit of author are causing problems, i can't use anymore, it's possible i use the old version of package? 2018-04-04 13:23:34 88F6710, 88F6707, and 88F6W11 ARMADA ® 370 SoC 2018-04-04 13:24:12 Functional Specifications – Unrestricted 2018-04-04 13:25:23 sorry, I don't have experience with these boards, only with A20 and some exynos (chromebook) 2018-04-04 13:31:01 is there a alpine system image like https://archlinuxarm.org/platforms/armv7/marvell/mirabox for arm ? 2018-04-04 13:31:35 i need alpine root filesystem for arm 2018-04-04 13:38:09 Hi, how can i resolve the problem? https://nopaste.xyz/?628f93c4a7e80d18#1Afhh9q3IUihqNKtH0YKoLwT8wklfV7McbGeaPVAPcA= 2018-04-04 13:39:52 My /etc/apk/repositories looks like: https://wiki.alpinelinux.org/wiki/Alpine_Linux_package_management 2018-04-04 13:45:31 one does not simply apk add packgages from edge 2018-04-04 13:47:18 you need to specify the pinned repository name if you plan to install from one using @edge or @edgecommunity 2018-04-04 13:47:32 so, apk add package@pinnedrepository 2018-04-04 13:47:43 It looks like i need packages from both? 2018-04-04 13:49:16 Now, with @edgecommunity: https://nopaste.xyz/?83ed102fd06850b3#DfgW7q4lwGlwsYrV6Z6n1xNbgCMUzOpbbgDcrniemDU= 2018-04-04 13:51:57 you might have to install those separately first using the same syntax; using stable and various pinned repositories can be cumbersome at times 2018-04-04 13:52:23 as installing from one pinned repo explicitly does not allow installing deps fron another 2018-04-04 13:59:06 Hmm, ok, make sense. 2018-04-04 14:21:38 TBB: So there is no good way to install theese version? 2018-04-04 14:21:45 -e 2018-04-04 15:34:31 how can I install man pages for all the commands on my system? 2018-04-04 15:48:37 teratorn: there are *-doc packackes containing the manpages 2018-04-04 15:48:45 but they need to be installed separately 2018-04-04 15:48:58 i did a shell script hack, but thanks 2018-04-04 15:49:22 I have no idea how to find the right doc package for the /etc/network/interfaces man page 2018-04-04 15:50:45 might be that there is none 2018-04-04 15:54:36 maybe 'apk add docs' could be solution 2018-04-04 15:55:00 Meta package for pulling in all documentation 2018-04-04 15:55:13 ohhhh! 2018-04-04 15:55:18 mps: incredibly useful! 2018-04-04 15:56:19 'apk add --simulate docs' to test what it will do 2018-04-04 15:56:27 Hi, is there any chance I can have Spotify running in alpine? 2018-04-04 15:56:33 too late, im already enjoying it, mps :P 2018-04-04 16:06:52 mps: it just says "1 error; ..." 2018-04-04 16:13:02 teratorn: well, I don't know because I never installed 2018-04-04 16:13:21 not sure how to debug when apk just errors 2018-04-04 16:13:55 I don't need all -doc packages, just some and installed them when I needed 2018-04-04 16:15:58 error is probably if there are installed package from stable and edge/testing, but not sure 2018-04-04 17:21:36 Would someone be able to help me get started packaging something for alpine? 2018-04-04 17:21:52 It looks like the package I want already exists in the repo, but I want to update it to the latest version. 2018-04-04 17:22:05 What's the easiest way to reverse engineer how the package was built 2018-04-04 17:22:54 It looks like "Alan Lacerda" is the maintainer. 2018-04-04 17:31:03 shadoxx: You can start by building a chroot environment for building ports. 2018-04-04 17:31:45 then clone aports tree. 2018-04-04 17:42:25 terra: is this the guide i should follow for chroot? http://wiki.alpinelinux.org/wiki/Installing_Alpine_Linux_in_a_chroot 2018-04-04 17:45:50 shadoxx: I can't open the link.. but chroot environment basics doesn't differ for distros. You can follor any guide axcept installng alpine base system on a folder (which will serve as chroot environment) 2018-04-04 17:45:59 does this ring any bells? python was working, now i've installed some standard packages, now this: https://bpaste.net/show/5132a4ec4769 2018-04-04 17:46:08 *follow 2018-04-04 17:47:35 teratorn: apk fix ? 2018-04-04 17:49:12 terra: well that reveals a broken condition that probably should not have happened https://bpaste.net/show/5a633b2bf5de 2018-04-04 17:49:30 i installed every -doc package for every package on my system, and it looks like it got me in some pathological conflict 2018-04-04 17:50:17 terra: does that mean apk fix won't help and the error is unrelated? 2018-04-04 17:50:25 yes 2018-04-04 17:51:32 "file /usr/lib/libpython2.7.so.1.0" must say: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, stripped 2018-04-04 17:51:52 assume you're on x86_64 2018-04-04 17:53:34 that conflict is well known and can't be fixed, but it doesn't have anything to do with the .so problem 2018-04-04 17:54:02 util-linux-doc and shadow-doc just can't coexist in an Alpine system currently 2018-04-04 17:54:25 terra: that file is 1585464 null bytes :/ 2018-04-04 17:55:14 teratorn: then..its a filesystem error. maybe fixed by reinstalling the python package. 2018-04-04 17:55:41 terra: ok, how? :) 2018-04-04 17:56:41 it seems one does not simply apk reinstall a package an alpine 2018-04-04 17:56:51 apk info --who-owns /usr/lib/libpython2.7.so.1.0 | xargs apk fix --reinstall 2018-04-04 17:58:12 nice 2018-04-04 17:58:49 oh oh oh, probably not! 2018-04-04 17:58:59 thank you my python is happy again but im worried other files are corrupt, can you do an integrity check of installed packages? 2018-04-04 17:59:15 (i del/add python) 2018-04-04 17:59:49 good question 2018-04-04 18:00:08 I seem to be too tired to give any advice today, better flee before someone rm -rf's their / thanks to my help 2018-04-04 18:00:17 or detect any unrelated files under /usr etc.. 2018-04-04 20:37:50 i think it's possible there's a bug in the python3 apk. when using twine to upload packages to artifactory using our internal SSL cert, it works fine on the python:3-alpine3.7 image, but when using the exact same setup on the alpine image with the python3 apk we get a 400 error 2018-04-04 20:56:03 As a developer of packages that Alpine Linux users use, how should I log something if I want a high probability that the data will actually get written somewhere? Syslog? 2018-04-04 20:56:49 what kind of data? 2018-04-04 20:57:20 logs about metrics data being sent externally 2018-04-04 20:58:21 syslog, probably 2018-04-04 21:21:50 nevermind my issue, turned out to be an artifactory bug - https://www.jfrog.com/jira/browse/RTFACT-16189 2018-04-04 21:43:25 when i do an update I get this error: extlinux: cannot open device /dev/vda1 2018-04-04 21:54:43 Adran: does the device exist? 2018-04-04 21:54:50 yes 2018-04-04 21:55:23 and you run it as root? 2018-04-04 21:56:42 yes 2018-04-04 21:57:54 you could check with blkid and fdisk p if the disk is accessible... otherwise, im out of ideas 2018-04-04 22:08:31 no DIE DIE DIE DIE DIE https://bpaste.net/show/b42b39c13998 2018-04-04 22:09:20 any idea how I can get the ssl libs to stop fighting? 2018-04-04 22:09:59 oh hmm 2018-04-04 22:10:25 sorry I added openssl-dev on purpose.. 2018-04-04 22:16:41 terra: thanks for the tips! i just found the APKBUILD package for xrdp/xorgxrdp/virtualgl 2018-04-04 22:17:06 and i have my environment setup to compile 2018-04-05 01:48:22 Hey all. I just attempted to boot the Alpine 3.7 Xen image and... it's frozen on the Xen startup, right after "(XEN) AMD-Vi: IOMMU 0 Enabled.", there's a line with "(XEN)" on it by itself and things just stop. 2018-04-05 01:49:03 Before that, there was a message "Mismatch between expected (0x1de) and real (0x5e) levelling caps: missing 0" which produces zero relevant search results except the source file it comes from... 2018-04-05 01:49:17 Anyone know of any debugging steps I could take to figure out what's going on? 2018-04-05 03:35:39 hello, I messaged this yesterday evening, but for some reason, my alpine linux clients are a million times slower to update my dhcp server with their hostnames than my debian or ubuntu boxes 2018-04-05 03:35:52 or anything else really 2018-04-05 03:35:56 I can't figure out why 2018-04-05 03:36:13 Because my dhcp server seems to see their hostname just as fast as everything else 2018-04-05 03:36:35 but it doesn't respond to pings until around an hour later 2018-04-05 03:36:49 I know that sounds like it must be an issue with my dhcp server and my DNS resolver 2018-04-05 03:37:08 but if I spin up two VMs in bridged mode, one with debian, the other with alpine 2018-04-05 03:37:12 the debian one pops right up 2018-04-05 03:37:25 and the alpine one takes ages, even if I force dhclient and dhcpcd to restart 2018-04-05 03:37:35 I am at my whits end here trying to figure out why this is 2018-04-05 05:17:31 guys, py-zmq was last updated in march'17. can you please consider updating it? many new versions have been released in between. 2018-04-05 06:01:02 shreyansh_k: best way to have a fix for that would be to contact the maintainer of the package. You could also file an issue at bugs.alpinelinux.org. 2018-04-05 06:18:03 can't boot when i use Mini Root Filesystem (armhf) from https://www.alpinelinux.org/downloads/ 2018-04-05 06:18:09 can't run '/sbin/openrc': No such file or directory 2018-04-05 06:18:56 how to add openrc to Mini Root Filesystem 2018-04-05 11:08:47 apk fix 2018-04-05 11:08:59 (1/1) [APK unavailable, skipped] Reinstalling busybox (1.27.2-r8) 2018-04-05 11:09:12 how to reinstall busybox ? 2018-04-05 11:10:40 update your db 2018-04-05 11:11:40 doesn't help 2018-04-05 11:13:00 with -X flag update done 2018-04-05 11:40:41 kozakman: run apk update; apk add alpine-base 2018-04-05 11:40:55 apk add openrc 2018-04-05 11:41:32 to add openrc miniroot or uboot filesystem 2018-04-05 11:50:05 what services need to boot with system ? 2018-04-05 11:50:21 -a will install packages which are available 2018-04-05 11:51:18 <_ikke_> kozakman: perhaps you already found out, but re your earlier question around minirootfs: that's not meant to be booted, it's an image for chroot like systems (docker, lxc, ..) 2018-04-05 11:56:27 _ikke_: I installed armhf and aarc64 from alpine-uboot tar.gz archives, with trial and error method, of course 2018-04-05 12:10:52 how to make bootable minirootfs armhf ? chroot method doesn't work (https://wiki.alpinelinux.org/wiki/Installing_Alpine_Linux_in_a_chroot) 2018-04-05 12:12:25 <_ikke_> kozakman: Why are you using minirootfs? 2018-04-05 12:16:21 kozakman, arm boot is board specific 2018-04-05 12:16:33 it really depends on the exact hardware board you are using 2018-04-05 12:23:53 boot hangs on this https://nopaste.linux-dev.org/?1180896 2018-04-05 13:38:10 kozakman: from where did you get kernel 4.16? :P 2018-04-05 13:43:55 switched to debian armhf, debootstrap works like a charm. thanks 2018-04-05 14:07:29 Hey all. I just attempted to boot the Alpine 3.7 Xen image and... it's frozen on the Xen startup, right after "(XEN) AMD-Vi: IOMMU 0 Enabled.", there's a line with "(XEN)" on it by itself and things just stop. 2018-04-05 14:07:38 Anyone know of any debugging steps I could take to figure out what's going on? 2018-04-05 14:09:55 Tashtari: hmm, maybe add nomodeset to the cmd line? 2018-04-05 14:11:27 Shiz: All right, let me see... 2018-04-05 14:17:07 ..hm. 2018-04-05 14:17:45 Shiz: Is there a way to append that parameter to the kernel command line using the isolinux boot: prompt, or do I have to find out what it is currently set to and type the whole thing in? 2018-04-05 14:27:04 Tashtari: just type it and hit enter 2018-04-05 14:27:06 :) 2018-04-05 14:27:14 on the boot prompt 2018-04-05 14:28:35 Shiz: Well, I had to prefix it with "hardened" to make it boot, but it stopped at the same place as before. :( 2018-04-05 14:28:46 aw 2018-04-05 14:30:36 How about serial port output of some kind? 2018-04-05 14:30:54 Does IOMMU work on your platform? 2018-04-05 14:31:25 duncan^: I would think so, but I'm not sure how to verify. 2018-04-05 14:31:50 There should be an option to disable it in the kernel command line for AMD platform 2018-04-05 14:32:06 I would try that, given it freezes on (XEN) AMD-Vi: IOMMU 0 Enabled. 2018-04-05 14:32:16 Ok, let me see if I can find it... 2018-04-05 14:33:04 You might want to try updating to latest BIOS version as that may ship with IOMMU fixes in microcode 2018-04-05 14:34:39 hmm. 2018-04-05 14:35:10 I added "amd_iommu=off" to the command line and it stopped in the same place, but it still had the message about IOMMU. 2018-04-05 14:37:51 Doesn't the fact that it says IOMMU enabled suggest that the IOMMU was initialized successfully, though, and whatever the next message is, the one that isn't getting printed, is where things went off the rails? 2018-04-05 14:42:54 Huh. 2018-04-05 14:43:38 So I added console=ttyS0,9600 to the command line and... it seems to have ignored it. Output still goes to the VGA, serial console gets nothing. Is there some way these kernel parameters are just getting ignored? 2018-04-05 14:44:08 I'm not entirely sure what Xen's interaction with the existing setup of the kernel might do to influence this 2018-04-05 14:44:11 how are you adding these to the command line 2018-04-05 14:44:18 are you doing this in the bootloader configuration file? 2018-04-05 14:44:26 at the boot: prompt. Tha is, I typed "hardened console=ttyS0,9600" 2018-04-05 15:06:29 Well, this is an interesting data point... 2018-04-05 15:07:22 I booted the standard Alpine image, and during boot, before we even got to init, a bunch of messages were logged saying "AMD-Vi: Event logged [" 2018-04-05 15:08:31 It did get to init and a login prompt, though, so I was able to look at dmesg and see that each of those was followed by an "IO_PAGE_FAULT" message 2018-04-05 15:20:23 well, anyway, regardless of the trouble that the smbus controller seems to want to cause... I'm looking at the syslinux.cfg file for the xen image, and nomodeset is already in the parameters list 2018-04-05 17:47:19 Does someone of you run Kubrrnetes on Alpine or uses Kubrrnetes in general? 2018-04-05 18:32:17 Okay, I've made a tiny bit of progress on my Xen issue. I was able to modify the Xen kernel to use the serial console, and... it stopped in the exact same place. 2018-04-05 18:34:24 Maybe I should throw this at Xen rather than alpine.. 2018-04-05 19:41:51 xorg-server-1.19.6-r1 @edge on aarch64 doesn't work. Just black sreen, and nothing more 2018-04-05 20:26:30 mps: What does your Xorg log say? 2018-04-05 20:28:53 duncan^: nothing useful 2018-04-05 20:29:29 Have you got your modules in the correct order in your Xorg configuration? 2018-04-05 20:29:36 in meantime I downgraded to 3.7 and it work 2018-04-05 20:29:56 config is not changed 2018-04-05 20:30:13 the same is for 3.7 and for edge 2018-04-05 20:30:17 IIRC on Musl-based systems, one needs to do this because it doesn't have the bug that Glibc-based systems have that allows loading in various orders :) 2018-04-05 20:31:02 change order of the module loading? 2018-04-05 21:24:10 in last few days there were people asking how to install AL armhf on arm boards/devices 2018-04-05 21:25:22 I took an hour from my free time to test that and I have confirmed that it is quite possible without loot of burden 2018-04-05 21:26:25 even wrote short howto (far from perfect) but it could be used as simple guide 2018-04-05 21:27:43 mps: but thats faily specific to the individual board? 2018-04-05 21:27:57 yes and no 2018-04-05 21:28:21 I installed it on bananapi 2018-04-05 21:29:28 and alpine-uboot-3.7.0-armhf.tar.gz missing ethernet driver 2018-04-05 21:29:36 so network does not work 2018-04-05 21:30:33 also, u-boot is missing but I found u-boot from Armbian image and add it 2018-04-05 21:31:20 also, built u-boot from u-boot source to add another solution 2018-04-05 21:31:53 custom u-boot builds are a PITA.. 2018-04-05 21:32:19 my test was a just proof that the AL could be installed on arm boards 2018-04-05 21:32:43 no, build u-boot is quite easy 2018-04-05 21:33:38 but, must have appropriate compiler, or cross compile environment 2018-04-05 21:33:41 try odroid C2 then.. 2018-04-05 21:34:00 don't have it :] 2018-04-05 21:34:04 be glad 2018-04-05 21:34:40 isn't odroid C2 64bit, or I'm mistaken 2018-04-05 21:35:28 ye 2018-04-05 21:36:09 64bit arm is different story especially u-boot, you are right about it 2018-04-05 21:36:46 I'm talking about 32bit arm (armv7 mostly) 2018-04-05 21:37:53 serial console is a must for development board setup 2018-04-05 21:38:43 liwakura: looking scrollback I see that I was not clear, should tell that is armhf for arm32 2018-04-05 21:38:50 otherwise you won't notice u-boot related problems 2018-04-05 21:39:19 terra: yes, I have to edit extlinux.conf to add console 2018-04-05 21:40:07 no, you will see u-boot on console but will not se kernel messages 2018-04-05 21:40:11 inittab ? 2018-04-05 21:41:02 u-boot is first chain loader and in later stage read extlinux.conf or boot.scr 2018-04-05 21:42:00 i thought extlinux.conf isn't related with u-boot, both are stage-1 2018-04-05 21:42:19 looks like AL boot process ad getty in inittab, automagically 2018-04-05 21:42:42 probably reading /proc/cmdline 2018-04-05 21:43:56 uboot reads extlinux.conf to find kernel, initram, set kernel parameters, even could have simple menu in it 2018-04-05 21:44:19 it is like syslinux extlinux.conf 2018-04-05 21:45:09 you put syslinux in mbr on disk, and u-boot is put in similar method on disk/card 2018-04-05 21:45:19 so u-boot has its own extlinux.conf ? 2018-04-05 21:45:24 there is even u-boot for x86 2018-04-05 21:45:35 terra: right 2018-04-05 21:45:53 oh. ok then. 2018-04-05 21:45:55 but, that is not for to old u-boot 2018-04-05 21:46:16 from v2016-05 IIRC 2018-04-05 21:46:26 you still generate .scr file ok? 2018-04-05 21:46:43 no, it is not needed anymore 2018-04-05 21:46:54 just edit extlinux.conf 2018-04-05 21:47:47 .scr is not needed and I don't have a long time (in IT measure of time) 2018-04-05 21:48:48 nowadays u-boot is quite similar to syslinux in config 2018-04-05 21:49:20 hmm, I got drag behind then. It was 15 months ago I think. 2018-04-05 21:50:44 well, just looked, and I see that I use v2016.05 of uboot with extlinux 2018-04-05 21:51:02 sorry, extlinux.conf 2018-04-05 21:51:59 I was building u-boot for OrangePi and remembering that I have to generate some binary file with mkbootimg or something else. 2018-04-05 21:52:57 so u-boot can read it. 2018-04-05 21:53:09 could be, I didn't worked with many boards, just few so I don't know does it works with all of them 2018-04-05 21:53:41 but, with A20 (Allwiner) and exynos it works 2018-04-05 21:57:28 I plan to build an Alpine based embedded system for arcade + Kodi 2018-04-05 22:05:12 could be good idea if you find appropriate board, gpu could be problematic 2018-04-05 23:24:00 hi all, what’s the proper way to save my default route so it is restored after reboot? 2018-04-06 00:24:12 is it me or is https://wiki.alpinelinux.org/wiki/How_to_make_a_custom_ISO_image_with_mkimage broken for rpi? 2018-04-06 00:24:33 `./mkimage.sh --tag edge --outdir /iso --repository http://dl-cdn.alpinelinux.org/alpine/edge/main --profile rpi` does nothing, adding --arch armhf works 2018-04-06 00:25:35 when running with -x it seems there's a function that checks "aarch64" equals "armhf" and then returns 1, which causes return 0 and then the script is done 2018-04-06 00:29:19 https://git.alpinelinux.org/cgit/aports/tree/scripts/mkimg.arm.sh#n54 seems to be the issue, it's restricting to armhf there 2018-04-06 12:01:24 has anyone got any simple 3D game ideas? preferably something i could construct out of cubes; i want to step up from this stuff: https://streamable.com/d3s0u 2018-04-06 12:02:31 sorry, wrong channel 2018-04-06 20:56:06 Hello! My installation started throwing a kernel panic a few days ago (no working init found). I've found the same bug listed on https://bugs.alpinelinux.org/issues/8751 and tried to fix it with the mentioned workaround and by upgrading the whole thing (apk upgrade -U). It didn't work in the end. Still throws the kernel panic. 2018-04-06 20:56:46 Did anyone experience the same thing and knows how to fix it? 2018-04-06 20:57:27 was the initramfs regenerated when upgrading? 2018-04-06 20:58:18 Not sure about that, many updates colledted during these last few days (around 150) and the output was bloated. 2018-04-06 20:59:10 However the mentioned verification step at https://bugs.alpinelinux.org/issues/8751 succeeds, but the block number is different. Only around 60k 2018-04-06 20:59:43 then its probably an different bug 2018-04-06 21:01:07 The "apk fix mkinitfs" command should regenerate initramfs? 2018-04-06 21:01:43 rok: just run mkinitfs as described in the manual 2018-04-06 21:02:18 Alright, lets see. 2018-04-06 21:02:24 brb :P 2018-04-06 21:28:14 azarus: Ran "mkinitfs 4.14.32-0-vanilla". Still not working. 2018-04-06 21:29:06 Could something somehow be wrong with the options passed to the kernel? 2018-04-06 21:30:07 rok: might be. 2018-04-06 21:30:11 update-extlinux? 2018-04-06 21:50:09 Anyone here have any problems getting Alpine to run on the Raspberry Pi? 2018-04-06 21:53:13 sigtrm_: you should probably present your problem a bit more specifically 2018-04-06 21:56:45 azarus: update-extlinux didn't work, I noticed something tho, one of the lines in the kernel panic output mentions the wrong kernel version. It says "CPU: 1 PID: 1 Comm: swapper/0 Not tainted 4.14.30-0-vanilla #1-Alpine" while my kernel version seems to be 4.14.32-0-vanilla. 2018-04-06 21:57:18 rok: try reinstalling the kernel? 2018-04-06 21:57:35 also, update-extlinux save to extlinux.conf.new 2018-04-06 21:57:46 make sure to move that file to extlinux.conf 2018-04-06 21:59:15 My /etc/update-extlinux.conf has the overwrite option on 1 which means it should replace the /boot/extlinux.conf file on each run. 2018-04-06 22:00:27 Oh, ok. Sorry for assuming it wasn't set for you :/ 2018-04-06 22:04:12 I'll try reinstalling the kernel next then. Btw, thanks for your help! :) I'm far from new to linux but I've never done things that close to "the metal" (kernel options, etc.). 2018-04-06 22:05:57 Hehe, have quite some experience there. 2018-04-06 22:06:06 ACTION relives his gentoo history 2018-04-06 22:36:00 azarus: yeesss!!! works :D had to do one thing before the "apk fix linux-vanilla", had to "mount /boot". 2018-04-06 22:37:08 Yay! 2018-04-06 22:37:28 (you can also have an entry for /boot in your fstab) 2018-04-06 22:47:00 When I tried to reinstall the kernel without mounting "/boot" I received "extlinux no previous boot sector found" ammong the output. Googled for that and checked "/etc/fstab" & "fdisk -l /dev/sda". Found a partial answer that way (the missing "mount /boot"). Thanks for the help once more azarus & liwakura, appreciate it ;) Now I'm off to bed (0:46). 2018-04-06 22:47:22 Same time for me 2018-04-06 22:47:26 Goodnight :) 2018-04-06 22:57:25 Good point danieli, I have followed the wiki installation guide, made a fat32 (tried with fat16 too) which had both boot flag and lba flag, unpacked the current Alpine there and tried to run it, yet all I get out on the hdmi is a black screen, the green led blinks and the red led is constantly on 2018-04-06 22:57:27 Any davice? 2018-04-06 22:57:31 *advice 2018-04-06 22:59:46 fat16 won't help when it clearly says fat32 2018-04-06 23:00:48 well 2018-04-06 23:00:52 what kind of pi is it? 2018-04-06 23:01:02 i just realized that you never mentioned 2018-04-06 23:01:04 brb 2018-04-06 23:09:20 it is a rpi 3 2018-04-07 02:37:09 I seem to have the same issue with a rpi 1 2018-04-07 02:58:54 it seems my problem was related to a faulty power supply, got it to work now 2018-04-07 04:04:52 I've followed the instructions here: https://wiki.alpinelinux.org/wiki/How_to_make_a_custom_ISO_image_with_mkimage and built my own image for a raspberry pi 2018-04-07 04:05:38 the packages that I've listed are used to build a local repo, but it seems the packages are not supposed to be installed automatically, can somebody point me in the right direction? 2018-04-07 04:08:02 example: when booting the image, htop should be available right aware without having to install it manually 2018-04-07 06:41:47 Hi, I'm getting random "Protocol Errors" when trying to install packages during docker build. Any insights as to what might be causing this. Sometimes specifying the add commands in a different order tends to work. 2018-04-07 07:53:10 So in my case I struggle with two rpi 3's and one rpi 2. I have followed the guide and only get a blinking green led and a constant red led, no output onh dmi or serial port. I have also tried several version and it seems the last version that works is alpine 3.5.1, that one works as expected, but anything newer just gives me the black screen. 2018-04-07 07:53:12 Any advice? 2018-04-07 12:52:30 After more testing, I can install alpine 3.5.1, but if I upgrade it, it stops working again 2018-04-07 13:07:44 in which way does it stop working? 2018-04-07 15:46:48 hey guys, I'm trying to setup password less authentication with SSH to a apline linux server 2018-04-07 15:47:00 I did all the usual stuff 2018-04-07 15:47:54 copied the id_ecdsa.pub from my laptop to authorized_keys on the alpine server 2018-04-07 15:48:00 chmod -R 600 2018-04-07 15:48:18 tried to connect with the key but I get access denied 2018-04-07 15:48:26 does alpine doesn't support ecdsa? 2018-04-07 15:50:00 enoch85: what sshd are you using= 2018-04-07 15:50:01 ?* 2018-04-07 15:50:08 openssh 2018-04-07 15:50:39 enoch85: support for it has been removed upstream 2018-04-07 15:50:43 make a new key 2018-04-07 15:50:54 Was removed in OpenSSH 5.7, we're at 7.7 now 2018-04-07 15:50:59 what's the strongest key available? 2018-04-07 15:51:04 ed25519 is good 2018-04-07 15:51:08 ok thanks! 2018-04-07 15:52:46 that did the trick, only took 5 hours to figure out 2018-04-07 15:52:47 gees 2018-04-07 15:52:52 thanks azarus :) 2018-04-07 15:53:18 enoch85: 2 seconds of utilising your favorite search engine ;) 2018-04-07 15:53:37 also np 2018-04-07 15:53:38 azarus, yes, did that but I guess my google skills suck 2018-04-07 15:53:52 whould be added here imho: http://wiki.alpinelinux.org/wiki/Setting_up_a_ssh-server 2018-04-07 15:55:07 enoch85: https://imgur.com/a/evQds 2018-04-07 15:55:20 i don't see how it could be more obvious 2018-04-07 15:55:44 try "alpine ssh key" 2018-04-07 15:55:53 that's what I used never had opensshin the search term 2018-04-07 15:55:58 so, that explains it :) 2018-04-07 15:56:18 well, alpine doesn't have it's own sshd or special configuration to prevent ecdsa ;P 2018-04-07 15:57:10 jn__, sorry for my late reply. Basically the same way as if I install 3.7.0 directly, it just blinks green a couple of times on the one led while the other is solid red and no output on either uart or hdmi. No leds run on the ethernetport either 2018-04-07 15:58:08 azarus, you're right, I'm tired :p 2018-04-07 15:59:02 sigtrm_: hmmm 2018-04-07 16:03:12 As mentioned, that is the symptoms starting with version 3.5.2, version 3.5.1 and under works fine 2018-04-07 16:03:20 This is on two rpi3 and one rpi2 2018-04-07 16:09:38 sigtrm_: I don't have any experience with rpi, but did you sure bootloader works 2018-04-07 16:09:56 What do you mean? 2018-04-07 16:10:23 do you get anything from bootloader on your console 2018-04-07 16:10:54 No nothing at all, it's as if I am booting without any flash memory 2018-04-07 16:11:27 what bootloader rpi uses? u-boot? 2018-04-07 16:12:32 I googled and it seems to be u-boot bootloaders for rpi3, but not what is default with it 2018-04-07 16:13:39 you are trying to install on rpi2? 2018-04-07 16:14:18 Right now on rpi3, I tried it on rpi2 just to see if the problem was the same 2018-04-07 16:14:23 Which it was 2018-04-07 16:14:26 I mean, Alpine Linux armhf for rpi 2018-04-07 16:14:33 Yes, that's the one 2018-04-07 16:14:53 It seems rpi is booting up using its GPU which reads some partition on SD card and the files within 2018-04-07 16:14:58 give me few minutes 2018-04-07 16:15:43 It seems the GPU boots bootcode.bin which in turn boots the system 2018-04-07 16:18:21 did the videocore ever get an open firmware ? 2018-04-07 16:18:24 yep, raspis boot that way 2018-04-07 16:18:25 i remember talk about that 2018-04-07 16:18:43 solar: inofficially yes, but it's unfinished 2018-04-07 16:18:49 not from bcm 2018-04-07 16:18:53 ah, cool :) 2018-04-07 16:19:22 https://github.com/christinaa/rpi-open-firmware 2018-04-07 16:20:07 sigtrm_: you should fix your boot loader first, then when the boot loader starts you can ask why AL doesn't boot, of course if it wouldn't boot 2018-04-07 16:20:20 Well I can't figure out what is wrong though 2018-04-07 16:20:38 What makes the bootloader not work from version 3.5.2 and upwards? 2018-04-07 16:21:19 sigtrm_: probably kernel changes (?) 2018-04-07 16:21:36 really don't know :) I don't have any rpi these days to test 2018-04-07 16:22:32 jn__: don't think so, because his boot loader doesn't show anything on console 2018-04-07 16:23:21 I have an idea I will try now to see if I can get data out to the consol 2018-04-07 16:43:25 Nope didn't work, but at least the ethernet leds are back on 2018-04-07 16:47:53 I have the symptoms when the card is not placed properly or boot loader is incorrectly put 2018-04-07 16:49:02 s/the symptoms/the same symptoms/ 2018-04-07 16:58:46 But that's the thing, I can very clearly reproduce this and have several times, the moment I put anything above 3.5.1 it stops 2018-04-07 17:00:57 how do you put boot loader from AL on the card 2018-04-07 18:14:09 mps, sorry I was trying stuff 2018-04-07 18:14:35 how can i found out what the contents of /etc/apk/repositories should be for my particular install to use the "official" repos? 2018-04-07 18:15:20 Easy, I download the tar.gz file from the server, partition the sd-card into two partitions using MBR, the first one is a fat32 one. I unpack the tar.gz file to the first partition and insert the sdcard into the rpi 2018-04-07 18:16:22 Then it boots up fine and shows information on the console through uart and on the screen connected through hdmi with version 3.5.1, with any high version I get no data out on either the console or the screen 2018-04-07 18:16:46 lunaphyte: Just re-run setup-apkrepos and follow the prompts 2018-04-07 18:16:50 There is more than one official mirror 2018-04-07 18:17:14 aha, i see. thanks 2018-04-07 18:17:51 so theoretically, any of the entries in this list is as official as any other? just largely personal preference at that point? 2018-04-07 18:18:03 f 2018-04-07 18:18:07 oops :) 2018-04-07 18:18:14 Ideally, you should use one that is close to you in terms of network topology 2018-04-07 18:18:19 right, of course 2018-04-07 18:18:32 Which is what the "fastest mirror" thing in setup-apkrepos does for you 2018-04-07 18:18:45 cool, just trying that now 2018-04-07 18:20:16 how do i see what version is currently installed? 2018-04-07 18:22:15 i see /etc/alpine-release - is that the canonical method? just look at that file? or is there some other "official" command? 2018-04-07 18:22:34 ala lsb_release or such 2018-04-07 18:43:50 sigtrm_: now, I was away 2018-04-07 18:44:39 At this point I am just going to run version 3.5.1 or use another distro on the rpi because debugging blindly is difficult, if I could at least get something on the console to help me debug 2018-04-07 18:44:49 you didn't put anything in MBR? didn't used 'dd' with that new (I presume) card 2018-04-07 18:48:33 mps: rpi has no mbr 2018-04-07 18:49:06 so just creating an fat partition and extracting the tarball there is enough 2018-04-07 18:49:12 liwakura: really, didn't know. How it boots then 2018-04-07 18:49:45 Its firmware loads stuff from the FAT partition 2018-04-07 18:49:50 then it have boot loader in some kind of flash on board 2018-04-07 18:49:52 In general, you can't assume that non-x86 platforms use an MBR 2018-04-07 18:50:07 MBR is an x86-specific thing in general 2018-04-07 18:50:51 mps: yeah, there is internal firmware capable of loading from FAT 2018-04-07 18:51:01 and that loads start.elf then 2018-04-07 18:51:10 I know for MBR but intended to give known term to describe process of putting boot loader on the card 2018-04-07 18:51:14 or maybe bootcode.bin ? 2018-04-07 18:51:30 for RPi its just placing a file somewhere 2018-04-07 18:51:37 like whast EFI bought to x86 2018-04-07 18:53:08 understood. then sigtrm_ could just copy appropriate boot loader (whatever it is) from working card to the new, I think 2018-04-07 18:54:17 yes, as I read rpi just starts the gpu which loads bootcode.bin which loads the third bootloader that starts the whole thing 2018-04-07 18:54:27 I could try that yes 2018-04-07 18:54:28 ye, like that 2018-04-07 18:54:41 sigtrm_: i remember that the AL tarballs for the RPi were also broken for me 2018-04-07 18:54:46 but it seemed fixed with 3.7 2018-04-07 18:54:47 try it and report result 2018-04-07 18:54:53 Really? 2018-04-07 18:54:58 It works for you liwakura? 2018-04-07 18:55:22 with current 3.7 branch, yes 2018-04-07 18:59:04 Before reinstalling yet again, I will check the bootcode.bin and see if it has the same hash 2018-04-07 19:02:08 how can i remove a package and automatically all of its dependencies? 2018-04-07 19:02:48 lunaphyte: apk del -r package 2018-04-07 19:02:56 ah, thanks 2018-04-07 19:03:12 does alpine have online man pages somewhere? e.g. a public web site? 2018-04-07 19:03:52 i'd like to read the man page for apk, but without have to install man on my computer 2018-04-07 19:03:55 <_ikke_> lunaphyte: We are working on offline man-pages first :) 2018-04-07 19:04:21 oh - how do you mean? 2018-04-07 19:06:11 <_ikke_> https://github.com/alpinelinux/abuild/pull/33 2018-04-07 19:06:42 <_ikke_> lunaphyte: apk does not have a man-page yet, that PR introduces it 2018-04-07 19:06:50 ah, i see! 2018-04-07 19:07:10 when i remove a package, some leave stuff behind, i see. how can i completely purge everything that a given package has installed? 2018-04-07 19:07:16 [for example, /etc/ssh/] 2018-04-07 19:08:17 You want the --purge flag to apk del 2018-04-07 19:08:18 <_ikke_> --purge, but not certain it does what you want 2018-04-07 19:08:19 See apk del --help 2018-04-07 19:08:27 <_ikke_> (it's a global option) 2018-04-07 19:08:56 <_ikke_> Hmm, that PR is for abuild btw, not apk 2018-04-07 19:11:46 "Instead of adding all the packages to 'world', create a new virtual package with the listed dependencies and add that to 'world'; the actions of the command are easily reverted by deleting the virtual package" 2018-04-07 19:11:49 that's pretty neat 2018-04-07 19:12:35 <_ikke_> abuild uses that feature to create a virtual package for the dependencies it has installed to build a package, so that they can be removed again after the package has been built 2018-04-07 19:13:14 oh that's handy 2018-04-07 19:20:55 even with -r, it looks like del doesn't remove /etc/ssh/ 2018-04-07 19:21:08 oops - sorry, even with --purge, rather 2018-04-07 21:01:20 helo, quick question 2018-04-07 21:01:30 i can't currently add php5 packages via apk 2018-04-07 21:02:07 can find only 2 packages named "*php*" with "search" 2018-04-07 21:02:19 alpine 3.7 2018-04-07 21:02:20 <_ikke_> radomvimmer: what repositories do you use? 2018-04-07 21:02:32 I switched them around 2018-04-07 21:02:46 <_ikke_> what does /etc/apk/repositories contain? 2018-04-07 21:04:09 <_ikke_> You should have a community repository 2018-04-07 21:04:10 ah, I feel dumb now 2018-04-07 21:04:11 thanks 2018-04-07 21:04:31 yeah, the community repos are commented out 2018-04-07 21:04:42 sorry, new to alpine 2018-04-07 21:04:46 <_ikke_> no 2018-04-07 21:04:47 <_ikke_> np 2018-04-07 21:55:20 lunaphyte: that /etc/ssh doesnt get deleted might be because the host ssh keys are still in it 2018-04-07 21:55:25 packages apk didnt create 2018-04-07 22:23:04 anyone have a clue how to get python extensions for gdb working? e.g. py-bt command is not recognized in gdb 2018-04-07 22:25:18 you have to recompile gdb with python support 2018-04-07 22:29:03 :( ok - was already on it :/ 2018-04-08 00:34:44 Is there a preferred menu generator for something like jwm? 2018-04-08 00:34:58 I just ripped off Arch's xdg_menu utility 2018-04-08 04:46:28 alpine linux noobie here, i tried to dd the iso to a usb and boot in, whoops! i'm on debian so i don't have setup-alpine. what the easy way to get alpine linux onto a bootable usb from debian? 2018-04-08 05:45:12 <_ikke_> jcgruenhage: Writing the image to a USB disk should be fine with newer images 2018-04-08 15:02:30 Hi, I'm trying to change a file's attribute but I don't want to keep e2fsprogs-extra installed so it won't be changed back 2018-04-08 15:02:57 for some reason when I purge the package apk attempts to remove the files I set +i on 2018-04-08 15:02:59 why is that? 2018-04-08 15:03:43 are the files you set +i on part of the apk package? 2018-04-08 15:03:55 no, they are a part of another package 2018-04-08 15:04:09 which I am not removing 2018-04-08 15:05:33 this doesn't make sense... 2018-04-08 15:05:36 Oh I think it's a different problem 2018-04-08 15:06:02 Since I'm setting +i on the file and alpine is in a LXC container packer cannot remove the container and fails 2018-04-08 15:06:45 that's completely unrelated to alpine. liwakura, Thanks for being my rubber duck debugger :) 2018-04-08 15:06:59 https://en.wikipedia.org/wiki/Rubber_duck_debugging 2018-04-08 15:07:03 why are you setting +i in an LXC contianer again? 2018-04-08 15:07:30 +i is for files that are not supposed to change where they are stored on disk 2018-04-08 15:07:39 like extlinux components 2018-04-08 15:23:40 hello everyone 2018-04-08 15:23:56 is there any library for serial gsm modules? 2018-04-08 15:24:50 im trying to make my own mobile phone and like to use alpine linux 2018-04-08 15:25:38 i hate that at command bullshit, i tought the modules would have a better protocoll 2018-04-08 15:28:13 wish i could just buy some kind of opensource baseband chip 2018-04-08 15:37:57 i guess i have to program my own thing 2018-04-08 15:38:37 There are SoC 2018-04-08 15:38:47 that have a built-in modem 2018-04-08 15:39:17 evening duncan^ 2018-04-08 15:39:52 Baseband is regulated on the American market. You'll never see a manufacturer give you any source code (beyond obligations under license) or schematics withput an NDA. 2018-04-08 15:40:11 i was thinking abiut getting an odroid c0, and a sim800 module 2018-04-08 15:40:43 Why not use existing designs like the Neo900 2018-04-08 15:40:57 (also this is offtopic) 2018-04-08 15:41:00 duncan^ i know that... same for europe :( 2018-04-08 15:41:11 they need that licensing 2018-04-08 15:41:48 duncaen i want hardware killswitches for microphone 2018-04-08 15:41:55 separate the module from the cpu 2018-04-08 15:42:52 Unless you're good at PCB design you should use someone's existing design 2018-04-08 15:43:03 like a relay that activates when you accept the call and disconnects the microphone after the call 2018-04-08 15:49:17 why dont you just remove the microphone entirely and use a headset with microphone? much easier to accomplish same result. internal mikes suck anyway, they pick up typing and fan noise 2018-04-08 16:02:06 hs3dUBwdmCjy: you are right, however the odroid c0 is fanless, im still not sure on the design but obviously its going to be a portable device, and fans are also a no go for me on battery powered devices 2018-04-08 16:02:35 hs3dUBwdmCjy: also the jack would run over the killswitch 2018-04-08 16:05:24 i think you're overengineering, remove the mike and use a headset and you're good. 2018-04-08 16:11:20 We already have opensource smartphones like GTA04... the main issue is the software suitable for small device. 2018-04-08 16:12:26 duncan^: https://puri.sm/shop/librem-5/ 2018-04-08 16:12:42 if any i think id take that one 2018-04-08 16:12:43 That's not a real thing. It does not exist yet. 2018-04-08 16:13:21 crowdfunding campaign does not a viable product make 2018-04-08 16:22:18 well, they did not want as much as other projects, there was another open source phone project their goal was like an exorbitant 20+ million, this guys at least are hhappy with 1,5 and well they are already selling their laptops... i dont think these people will fail, but you know... no one knows 2018-04-08 16:23:56 Well as I said there are already OSHW designs you can use today, such as the GTA04 (and its predecessors from OpenMoko) 2018-04-08 16:25:33 duncan^: im looking at them now 2018-04-08 16:33:04 duncan^: more then 10 years I bought one of the OpenMoko, GTA02 IIRC. eh, memories 2018-04-08 16:33:22 Well the user asked for an OSHW mobile device :) 2018-04-08 16:34:45 I've submitted my first APKBUILD, if anybody feels like reviewing something, feedback is very welcome :) https://github.com/alpinelinux/aports/pull/3967 2018-04-08 16:35:38 In that time I (and not only I) had a hope that OSHW phones will be everywhere 2018-04-08 16:35:51 one day it may be so 2018-04-08 16:36:06 I still have a hope 2018-04-08 16:42:57 as soon as there is something good, the big companies try to hijack it, buy the project and make it disappear or similars, infiltrate people with instructions to break the project... you need really good people in the project who know these risks and hw to protect the project, also people who are not easily corruptable 2018-04-08 16:43:19 these companies try everything, too much money involved that they dont want to lose 2018-04-08 16:45:11 some friends and me work on some political stuff and we have seen everything, one of the members a state agend rented the flat below him and sicovered that this agend was microwaving him from the flat below to make this person sick, and more... 2018-04-08 16:46:11 people cannot imagine what this people can do, to not loose power 2018-04-08 16:47:16 someomne who tries to protect the data of the people is officially a enemy of the state 2018-04-08 16:47:57 That's not true 2018-04-08 16:48:20 Commercial developers often put investment and time into maintaining software projects. 2018-04-08 16:48:44 bbl 2018-04-08 16:49:10 Sometimes commercial development is orthogonal to free software, but it's not inherently bad for a given project. 2018-04-08 16:49:27 OpenMoko certainly wasn't hijacked. 2018-04-08 16:50:05 So I'm not sure why you brought this up at all 2018-04-08 16:50:32 #alpine-offtopic either way 2018-04-08 16:50:51 Yeah, I agree. It was fairly offtopic ages ago. 2018-04-08 16:51:25 I figure 2018-04-08 16:51:26 d 2018-04-08 19:37:29 Does anyone here know of a way to convert glibc binaries to musl binaries? 2018-04-08 19:37:43 I'm pretty sure that would be possible, although possibly an enormous and tedious hassle. 2018-04-08 19:37:57 <_ikke_> mswan: compiling them from source against musl? 2018-04-08 19:38:12 Oh no, I'm assuming you only have the binary. 2018-04-08 19:38:22 e.g. Spotify 2018-04-08 19:38:27 <_ikke_> Well, there is not 'converting' 2018-04-08 19:39:02 Yeah. So, what happens if you change the program interpretter. I imagine you might have some missing symbols. 2018-04-08 19:39:27 Like, I imagine there are a few parts of the ELF metadata that you need to change to make that work. 2018-04-08 19:40:05 program code might be differently depending on certail CPP flags 2018-04-08 19:40:46 Oh okay. That makes some sense. I guess glibc might assume certain macro implementations of stuff, I suppose. 2018-04-08 19:41:13 glibc has some symbols that are not in musl 2018-04-08 19:41:25 Right, that's what I thought. 2018-04-08 19:41:43 like, there was an similar problem 2018-04-08 19:41:49 executing windows binaries on linux 2018-04-08 19:41:59 and people decided to make an wrapper instead (wine) 2018-04-08 19:42:15 if people want to run glibc on musl systems, they can use gcompat 2018-04-08 19:42:20 Sure, although in that case that is the difference between PE and ELF and also an entirely different OS API. 2018-04-08 19:42:31 Oh 2018-04-08 19:42:32 but like wine, its an rather wacky solution, but might work for easier programs 2018-04-08 19:42:32 I see 2018-04-08 19:43:30 Honestly, gcompat is the answer I was looking for. 2018-04-08 19:43:36 I didn't know that exists. 2018-04-08 19:43:46 Does it work well? 2018-04-08 19:43:51 mswan: X-Y-Problem 2018-04-08 19:44:06 You wanted to run spotify (which is possible and afaik has already been done) 2018-04-08 19:44:33 But instead asked how to convert binaries (Which is incredibly painful and even then unreliable) 2018-04-08 19:45:00 I see 2018-04-08 19:45:04 Good point 2018-04-08 19:45:27 Thanks 2018-04-08 22:18:45 Anyone experince some website loading issues recently? 2018-04-08 22:33:13 Yes 2018-04-08 22:52:40 mswan_: could you able find the cause? 2018-04-08 23:22:26 terra1: I found out that my router was being tampered with by my roommate. 2018-04-08 23:25:30 liwakura: Thanks for mentioning gcompat. Looks useful for sucky programs where only a glib-linked binary is available. 2018-04-08 23:28:14 I wonder if anyone has managed to get Nvidia proprietary drivers working in Alpine. 2018-04-08 23:29:29 I imagine there would be lots of conflicts esp. since it's user-space stuff has tons of dependencies. 2018-04-08 23:29:36 it's built against glibc 2018-04-08 23:29:43 I don't think there's any point in even trying 2018-04-08 23:29:53 Well, we were just talking about gcompat. 2018-04-08 23:30:01 Not saying that it would be feature-complete enough for this to work. 2018-04-08 23:30:10 the nvidia drivers aren't just some trivial program 2018-04-08 23:30:20 Sure. 2018-04-08 23:30:34 I don't see that stopping someone from trying. 2018-04-08 23:31:14 have fun 2018-04-08 23:31:38 haha, yeah. It would be a hassle. I was hoping someone would point me to the guy who may have already done this. 2018-04-08 23:31:49 It's just that nouveau is pretty garbagy. 2018-04-08 23:32:18 Blame Nvidia. 2018-04-08 23:33:35 that is indeed nvidia's fault 2018-04-09 00:31:36 I'm trying to crosscompile with abuild, it's complaining that it can't install build-base-armhf, but I can't find that package 2018-04-09 00:32:01 do I need to install build-base for armhf somehow? 2018-04-09 01:23:40 is it expected to have afresh install, install xdm, but have it not respect /etc/profile upon loading? 2018-04-09 01:23:52 my .xsession didn't have the path as exported by /etc/profile 2018-04-09 01:25:29 how do i deal with nasty package tarballs, that don't contain their contents in a directory named $pkgver-$pkgname ? 2018-04-09 01:25:31 it does if i login to a vt with noxdm 2018-04-09 01:34:01 strfry: define it in sources - "${pkgname}-${pkgver}.tar.gz::https://thesite/$pkgname/v$pkgver.tar.gz" 2018-04-09 01:34:21 it'll download it and rename it to that 2018-04-09 01:44:06 danieli: i meant when i unpack the thing... everything goes directly to srcdir instead of a subfolder 2018-04-09 01:44:31 i found a way to handle that by reassigning srcdir 2018-04-09 02:03:06 hmm.. I'm having trouble setting up cross compile on alpine unrelated to abuild.. are there packages that contain gcc for other architectures? 2018-04-09 02:03:37 kpcyrd: There is crosstool-ng 2018-04-09 02:03:46 (It's actually pretty good) 2018-04-09 10:01:03 There appears to be an issue with compiling Ruby with jemalloc support on Aline: https://bugs.ruby-lang.org/issues/13524 Ruby team say it's a jemalloc/alpine issue, not Ruby-specific. Where best to report this onwards? 2018-04-09 10:14:34 it is already being handled, and the correct fix is in ruby 2018-04-09 10:14:51 afaik 2018-04-09 10:15:54 oh, maybe this is a different isse. but there is a known issue with ruby assuming bigger stack than available 2018-04-09 10:25:08 hs3dUBwdmCjy, do you know where I can see that bug? 2018-04-09 10:26:23 <_ikke_> https://bugs.alpinelinux.org 2018-04-09 10:28:39 maybe i'm completely wrong about this, jemalloc might be unrelated to the stack entirely. 2018-04-09 10:28:52 anyway that url you can also submit bugs, not only look for them. ;) 2018-04-09 10:29:12 hs3dUBwdmCjy, you referring to this? https://bugs.alpinelinux.org/issues/4986 2018-04-09 10:30:22 nope 2018-04-09 13:56:21 uhm, I don't seem to have php-pdo or php-pdo_mysql packages in my repos? all the ones in the default config are enabled 2018-04-09 14:00:08 php7-pdo... :) 2018-04-09 14:03:50 now this.. https://bugs.alpinelinux.org/issues/7046 2018-04-09 14:04:02 but getting rid of edge repos and reinstalling php fixed it :) 2018-04-09 15:09:59 When is the next release going to be? (When should I expect bug reports to start coming in on my package that was just merged?) 2018-04-09 15:15:00 <_ikke_> gdh: No exact date, but ncopa announced he was going to set up the builders soonish 2018-04-09 15:16:36 _ikke_, thank you. 2018-04-10 02:34:14 Hello 2018-04-10 02:34:19 Looks like the package server is down 2018-04-10 02:34:41 Ok, it's back up 2018-04-10 02:51:37 https://pastebin.com/dQCjYG7Y why ping took 2s, but ping -4 is very fast ? 2018-04-10 07:46:43 wener: can you run it via strace? 2018-04-10 08:04:44 ncopa: https://pastebin.com/nSJWrgeE 2018-04-10 08:06:08 strace time ping -c 1 baidu.com SLOW strace ping -c 1 baidu.com FAST ping -c 1 baidu.com SLOW 2018-04-10 08:06:45 and if you run it with: strace -r ping ..... 2018-04-10 08:06:56 so you get the timestamps 2018-04-10 08:11:57 https://pastebin.com/TUj0tBKU 2018-04-10 08:26:28 Hey all, question; is there anyway to restrict access to a file to a specific executable? 2018-04-10 08:26:55 or executable(s) 2018-04-10 08:27:13 MikeFair: google chmod 2018-04-10 08:27:26 I'd rather not rely on the user or user group 2018-04-10 08:27:41 wener: can you compare with -4? 2018-04-10 08:28:12 maybe also use strace -t 2018-04-10 08:28:19 it will show where the time is spent 2018-04-10 08:28:30 ncopa, Oh sorry; yeah, let me rephrase; I have encrypted data that I want a specific executable to be the only program allowed to open it 2018-04-10 08:29:25 MikeFair: ans who has access to the program? 2018-04-10 08:29:28 Typical practice is you make a service that runs as a separate user and lock the directory/file to that user 2018-04-10 08:30:04 it's a dedicated user/group that runs on its own; but I'm assuming the attacker can become that uid 2018-04-10 08:30:09 can any user run the specific executable 2018-04-10 08:30:12 no 2018-04-10 08:30:51 but I don't want the "shell" program of the user to be able to cat the file 2018-04-10 08:31:02 or any other access 2018-04-10 08:31:32 the security context of the access to the file is restricted to the specific executable 2018-04-10 08:31:48 ncopa: https://pastebin.com/yiNqPf2n 2018-04-10 08:31:56 and root user? 2018-04-10 08:32:08 MikeFair: ssh can do this 2018-04-10 08:32:28 root should not be able to access the file either 2018-04-10 08:32:50 but I'll take it as an exception so long as the root user must be running that executable 2018-04-10 08:32:57 might be you can do that with things like selinux or apparmor 2018-04-10 08:33:22 or grsecurity 2018-04-10 08:33:28 selinux is what I was thinking; but I'm not aware of any "slim docker" images for that 2018-04-10 08:33:41 its a kernel feature you need 2018-04-10 08:33:51 so its not something you can add to a docker image 2018-04-10 08:33:52 wener: how so? 2018-04-10 08:34:26 but you cannot really prevent root from reading it 2018-04-10 08:34:44 because root can replace the blessed binary with something else 2018-04-10 08:35:24 for example, if you say that only /usr/bin/myprog can access the file 2018-04-10 08:35:35 My intention was a kernel module that checksums the executable memory space of the accessing program 2018-04-10 08:35:55 sounds complicated 2018-04-10 08:36:23 what happens if you get a security vulnerability in your prog and need to update it? 2018-04-10 08:36:28 A bit, but it only requires access to /proc/pid/mem 2018-04-10 08:36:32 will you need recompile kernel module? 2018-04-10 08:36:42 Sure 2018-04-10 08:36:53 I thought you want to restrict the user to only run one exe 2018-04-10 08:37:34 wener, yeah no; I want to restrict an encrypted data file to only be readable by a specific program 2018-04-10 08:37:46 Basically it contains the encryption keys 2018-04-10 08:37:59 not sure you can checksum /proc/pid/mem either 2018-04-10 08:38:13 And the program is the encryption/decryption/data signing service 2018-04-10 08:39:05 ncopa, why not; you can read the memory of other processes, especially as a kernel module; or perhaps that's what the kernel module does 2018-04-10 08:39:13 what about ASLR 2018-04-10 08:39:20 address space randomization 2018-04-10 08:39:32 the addresses used in there will be randomizd 2018-04-10 08:39:49 and thus the checksum won't match :P 2018-04-10 08:39:50 what about timestamps? 2018-04-10 08:40:21 The code blocks for the functions themselves have to be "in order; so I'll checksum each code block, then checksum the list of checksums 2018-04-10 08:40:34 I'll exclude timestamps 2018-04-10 08:40:51 I'm looking to validate "what the process is" 2018-04-10 08:40:59 like process dna 2018-04-10 08:41:05 why not store the data in the kernel module itself? 2018-04-10 08:41:32 that'd work 2018-04-10 08:41:43 or create a special block device 2018-04-10 08:41:47 not used to thinking of the kernel as my data service provider 2018-04-10 08:41:59 but that only moves the problem 2018-04-10 08:42:03 what exactly do you want to protect with this? is this some kind of drm? 2018-04-10 08:42:04 who can read the kernel module? 2018-04-10 08:42:23 agreed; but below protected kernel access I can't really control for that 2018-04-10 08:43:08 hs3dUBwdmCjy, I'm protecting the secret seed for a keypair generator running as a cloud service 2018-04-10 08:44:03 ehe. 2018-04-10 08:44:40 I want to use a hardware wallet attached physically as a USB device to the machine and then send the data off the server to the USB device for encrypting/decrypting/signing 2018-04-10 08:44:44 why not do a miageos kernel for this, on a dedicated host 2018-04-10 08:45:00 ACTION googles miageos. 2018-04-10 08:45:08 mirageos 2018-04-10 08:45:16 unikernel 2018-04-10 08:46:31 Wow, and it runs on the ESP32 2018-04-10 08:46:45 So it's literally "the kernel is the exe" 2018-04-10 08:47:52 wener: it looks like dns resolution behaves different when you add -4 2018-04-10 08:48:26 wener: what do you have in your /etc/resolv.conf? 2018-04-10 08:48:52 nameserver 114.114.114.114 nameserver 223.6.6.6 2018-04-10 08:49:10 interesting 2018-04-10 08:49:11 If you guys are familiar with IPFS, one of the approaches for distributing the code was to use IPFS CIDs for the scripts/executable files; the execution environment would download the requested CID; validate that the file it received does in fact reproduce the CID requested ; and after having validating it, will execute the resulting script/file 2018-04-10 08:49:55 wener: looks like with -4 it will only try first nameserver 2018-04-10 08:50:37 Those scripts/executables will require encryption/decryption/signing services; which it would rely on the execution environment to provide 2018-04-10 08:50:55 wener: i suggest you ask in #musl 2018-04-10 08:56:03 hs3dUBwdmCjy, So can mirageOs be run as a docker container or on a cloud service; I'm assuming yes 2018-04-10 08:56:37 And yes I understand having a hypervisor under the unikernel kind of defeats the point somewhat 2018-04-10 08:58:13 no. it runs on hw. 2018-04-10 08:58:21 At this time, I'm not prepared to take responsibility for the hardware deployment 2018-04-10 08:58:24 virutalized 2018-04-10 08:58:31 xen or so 2018-04-10 08:59:05 the hypervisor is above the unikernel 2018-04-10 08:59:32 and no, putting secrets into docker makes little sense, when you want to what you want to do 2018-04-10 09:00:02 this whole project sounds like a fun exercise how many different ways can i get your keys. 2018-04-10 09:00:10 Looks like EC2 or a two stage boot can do it: https://mirage.io/wiki/xen-boot 2018-04-10 09:00:29 so you would put your keys into ec2? 2018-04-10 09:01:11 hs3dUBwdmCjy, not exactly; the idea is the machine spins up and deterministically generates the base key 2018-04-10 09:01:45 many of these nodes then share data with each other 2018-04-10 09:02:13 collectively they redundantly store pieces of the key database 2018-04-10 09:02:44 but only the node can read/write data to its local data store 2018-04-10 09:03:01 if the node gets destroyed, all its data goes with it 2018-04-10 09:03:35 it's challenging to try and get a process to keep a secret 2018-04-10 09:03:37 ;) 2018-04-10 09:03:53 That can survive a reboot 2018-04-10 09:04:09 because whatever the process does on "boot up" the attacker can emulate 2018-04-10 09:05:50 So I took the approach of "okay, forget surviving reboots; distribute the load across a network of nodes that each keep redundantly a encrypt a piece of the seed data" 2018-04-10 09:06:04 yeah, i'm not sure i ever heard of a solution for that problem without dedicated hw 2018-04-10 09:06:27 and even then... 2018-04-10 09:06:30 err each keep a redundant and encrypted piece 2018-04-10 09:06:36 yeah I know 2018-04-10 09:07:21 the USB dongle or Intel Instructions were the best I had access, but I figured I "try anyway" and this is where I got to for the moment 2018-04-10 09:08:52 A bunch of really tiny machines that each see a piece, and the "whole thing" is only brought together and decrypted "on demand" on the node as required to do work, then its memory of the event wiped 2018-04-10 09:10:09 Another approach I was considering was sinply keeping ssh tunnels open to machines with dedicated hardware attached 2018-04-10 09:11:55 That way I can have better control over where those hardware devices physically are; I wasn't sure how to prove the requesting processes were what they claimed to be though 2018-04-10 09:13:19 On the one hand; they can't get the keys; but on the other; if the dedicated hardware is encrypting/decrypting the data for the attackers; what difference does it make if the attacker got the keys; they got "the point" of the keys which was signing/decryption/encryption services 2018-04-10 09:15:19 ncopa: thanks, I found musl do have some problems with dns 2018-04-10 09:15:46 ncopa: may I ask why https://github.com/alpinelinux/aports/tree/master/unmaintained/usbip-utils is unmaintained ? 2018-04-10 09:16:28 wener: nobody cared enough to move it out from testing to community 2018-04-10 09:16:43 and it probably failed to build 2018-04-10 09:17:00 if I want to maintain this, I just move this to testing ? 2018-04-10 09:17:19 I already build usbip in my build server 2018-04-10 09:17:22 https://github.com/alpinelinux/aports/commit/b6af1e02efe594039707cd882517663d5370f375#diff-4d9aa69b36fa06dd0bbd7818eb942a76 2018-04-10 09:18:02 yup, move it back if you want maintain it 2018-04-10 09:21:48 usbip not update since 2011, even I moved to testing, after 6 months no more update for this package, will this package move back to unmaintained ? 2018-04-10 09:28:51 wener, there is another version in the linux tools: https://github.com/torvalds/linux/tree/master/tools/usb/usbip 2018-04-10 09:29:00 and this version seems to be maintained. 2018-04-10 09:29:45 usbip; totally forgot about that tool 2018-04-10 09:30:34 I thought this is the same as http://usbip.sourceforge.net/ 2018-04-10 09:32:35 I wonder if I could use it to help me with my use case... 2018-04-10 09:34:18 wener, it seems the code from the linux tools has received some changes in the last years, months and even days. 2018-04-10 09:36:57 to build the user space tools, need to pull the kernel source ? should I use the same version of the kernel ? or even use the same name to use the shared cached kernel source code ? 2018-04-10 09:39:54 wener, I unfortunately can't answer your question. 2018-04-10 09:42:01 wener, You should simply need the include headers from the same kernel version 2018-04-10 09:42:21 but don't quote me 2018-04-10 10:12:36 ncopa: moving usbip-utils from unmaintained to testing, upgrade to 4.16, should I change the Contributor or Maintainer ? 2018-04-10 10:12:57 wener_: maintainer 2018-04-10 10:14:33 ncopa: can I use cjk for maintainer name ? 2018-04-10 10:15:08 i guess you can 2018-04-10 10:25:10 ncopa: can not, rfc822 error, pr https://github.com/alpinelinux/aports/pull/3982 2018-04-10 12:23:40 I've set up my Alpine desktop, but I can't find a single browser that works on 3.7.0. There are lots of them, including the 2 I would use (luakit & surf) but they are both in edge, and I run stable. Should I switch to edge on my desktop? 2018-04-10 12:28:34 hir0: i did, and I encountered no problems 2018-04-10 12:28:47 also, you can always compile those from source 2018-04-10 12:29:00 (like one usually does with surf) 2018-04-10 12:29:38 another option for stable, firefox or chromium if you're looking for something in apk 2018-04-10 12:29:53 i personally use chromium with vimium 2018-04-10 12:30:11 (not really fond of the webkit based stuff) 2018-04-10 12:32:03 Oh, cool! Thanks. I've just moved across from OpenBSD so this feels pretty familiar and I'm liking it so far. I'll have a go at upgrading to edge 2018-04-10 12:32:46 hir0: funnily enough I'm from OpenBSD as well 2018-04-10 12:36:37 As someone pointed out, Alpine is like all of the good parts of OpenBSD on top of the best maintained (if somewhat bloated) kernel in the world 2018-04-10 12:37:05 hir0: and you have 'better' filesystems 2018-04-10 12:37:25 ACTION isn't that fond of ffs 2018-04-10 12:37:59 ACTION can't see the point of ZFS 2018-04-10 12:38:17 I'm actively using it, and it's nice 2018-04-10 12:38:51 It's really fast because of the ARC, and it can actually detect and correct corruption 2018-04-10 12:40:04 To each their own, I suppose. I don't use it but I also have never experienced any of the problems your reasons fix 2018-04-10 12:40:05 It's not hoping anything is corrupt, it's knowing that nothing's corrupt. 2018-04-10 12:40:39 Also, snapshots, compression and zfs send/recv are killer features 2018-04-10 12:41:09 Before I do anything risky I just do a snapshot and I'm reasonably safe 2018-04-10 12:41:24 It's probably like all of the other things I've used where I haven't put the time into learning it properly. Like, until recently, I never knew vi(1) properly 2018-04-10 12:41:26 If anything goes wrong: "zfs rollback" 2018-04-10 12:42:11 Oh yup. I was the kinda guy that had a huge .vimrc and .zshrc and still was a newb. 2018-04-10 12:42:30 Now I have use vi(1) and (m)ksh with minimal configs 2018-04-10 12:42:42 I'm trying to do the whole minimal setup, and I thought Alpine makes a good base 2018-04-10 12:42:47 Agreed. 2018-04-10 12:43:20 I've just bought Michael Lucas' ed(1) mastery so I can learn that as well 2018-04-10 12:44:42 Hehe, I'll stick with vi. 2018-04-10 12:45:46 Yeah, but in the event that you end up with a truly broken install, you might only have ed(1) available as an editor. I'm also going to learn ACME at some point as well. 2018-04-10 12:46:27 Not really, under alpine. 2018-04-10 12:46:36 either you have busybox, or you don't 2018-04-10 12:46:52 and if you don't, then you're very likely SOL. 2018-04-10 12:46:56 I really like Rob Pike's stuff, he's sort of like my "hero" of computer science 2018-04-10 12:47:12 Even after Google? ;) 2018-04-10 12:47:35 Even after giving into macOS? 2018-04-10 12:48:04 (also, why not go for 9front?) 2018-04-10 12:48:41 Yeah, I think Go is an awesome language and, despite giving in and using MacOS, he wrote a blog post about how he thought it was stupid that there weren't any OSes that were truly distributed like plan9 was/is 2018-04-10 12:49:13 Yup. I personally haven't messed with Go much 2018-04-10 12:49:30 ACTION is still trying to become somewhat 'ok' at C 2018-04-10 12:51:33 ACTION is doing the same. 2018-04-10 12:52:25 Also, just to let you know, I'm a professional C dev. That's how much there is to learn 2018-04-10 12:52:46 and also how rare we are as a " breed" of devs 2018-04-10 12:52:56 ACTION is an apprentice sysadmin, learning nothing about programming professionally 2018-04-10 12:53:45 C is still very popular, tough. 2018-04-10 12:54:14 Maybe eclipsed by Java in the corporate world, but I don't care 2018-04-10 12:55:18 Are you using Xorg on Alpine, hir0? 2018-04-10 12:56:11 Hopefully, Some of my work might make your life easier at some point :) I'm currently working on a new spec for BGPSec and DNSSec 2018-04-10 12:56:50 ACTION knows and absolutely dreads the DNSSec hassl 2018-04-10 12:56:58 s/hassl/hassle 2018-04-10 12:59:20 Although never heard anything of BGPSec :o 2018-04-10 13:00:13 No, you won't have done. I'm working with some Dutch researchers on drafting an RFC spec for release late 2018. We are trying to find all of the edge cases and adapt the spec to them atm. 2018-04-10 13:02:25 Great. Will keep my eyes peeled for that. 2018-04-10 13:03:42 After the catastrophe last year where some ASes were being rerouted through a malicious gateway, we decided it was time someone finally implemented a secure protocol for BGP so it can't happen again (or at least, is less likely to) 2018-04-10 13:04:09 No such thing as 100% secure ;) 2018-04-10 13:06:29 Indeed, but there's no point in not trying to make it closer to that goal 2018-04-10 13:11:31 Of course. 2018-04-10 13:12:07 Another recommendation: XFS. It, to me, seems the most mature filesystem (for large filesystems) in the Linux world. 2018-04-10 13:13:44 Its codebase has actually been decreasing steadily, instead of increasing like other Linux filesystems. 2018-04-10 13:13:53 The cause of that are code cleanups. 2018-04-10 13:14:02 does it support live resize? 2018-04-10 13:14:41 clandmeter: xfs_growfs can do that, yes. 2018-04-10 13:15:12 But do note, shrinking is not supported. 2018-04-10 13:15:32 i know there are some limitations in that departement 2018-04-10 13:15:37 thats why i stopped using it. 2018-04-10 13:16:03 "shrinking" a filesystem seems so dangerous to me 2018-04-10 13:16:17 who knows if you're not gonna cut a file in half? :P 2018-04-10 13:17:35 Fun fact: you cannot grow an unmounted XFS filesystem. It must be mounted. 2018-04-10 15:00:30 i've installed py3-qt5, and i see that package contains a bunch of stuff re: qtqml, but i cannot import PyQt5.QtQml from the repl 2018-04-10 15:00:33 am i doing something wrong? 2018-04-11 03:01:23 Have figured out how to handle github stuff where there's no release... not pretty but it works for my own purposes. 2018-04-11 05:46:45 Any way to get alpine working with WiFi without prior connection to the Internet? 2018-04-11 06:09:06 Xanza, I'm thinking you'd have to put all the deps in a portable mirror (easy if you're running from USB/flash) 2018-04-11 06:10:14 or if you have access to a live system with WiFi, install the deps via chroot 2018-04-11 06:12:34 Sounds easy enough. Re-installing with the correct dependencies shouldn't be a problem, but are there any approved public mirrors? I can't seem to find any locations that offer the compiled .apk's. 2018-04-11 06:59:25 <_ikke_> Xanza: all mirrors provide compiled apks... 2018-04-11 10:34:44 I've been using https://pkgs.alpinelinux.org/package/edge/testing/x86/createrepo_c successfully on 3.7 for a few weeks, but it's recently broken when the package moved from 0.10.0.48-r1 to 0.10.0.48-r2 (libressl 2.7 rebuild) .. 2018-04-11 10:35:02 now when I apk add createrepo_c --update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ ... I am told so:libcrypto.so.43 (missing): required by: createrepo_c-libs-0.10.0.48-r2[so:libcrypto.so.43] 2018-04-11 10:49:46 ugh, don't suppose my createrepo_c question got any love while my client farted? 2018-04-11 14:01:59 why alsaconf needs bash? 2018-04-11 14:02:06 i dont want to isntall bash 2018-04-11 14:31:10 what does one need alsaconf for? looks like a really handy tool to setup your SoundBlaster16 ;p 2018-04-11 14:35:23 Is there a new release lined up soon? I'd like a release with meltdown mitigation, running edge is a bit too risky for me on the systems I don't get to administrate often 2018-04-11 14:47:31 evening 2018-04-11 14:47:37 quick one 2018-04-11 14:54:37 I have setup a docker with alpine 2018-04-11 14:54:44 I run it with the command line 2018-04-11 14:55:13 sudo docker run -it alpine /bin/sh 2018-04-11 14:55:42 yet when I'm exiting with a ctrl+Q 2018-04-11 14:56:20 after some changes like creating a new file, I cannot commit the image 2018-04-11 14:57:06 which makes me run the same image again and again, the changes forgotten each time 2018-04-11 14:57:08 azarus, yes its in the oven. 2018-04-11 14:57:13 what should I do? 2018-04-11 14:57:22 clandmeter: yay! 2018-04-11 14:57:43 we hope to ship it on time this time. 2018-04-11 14:57:46 3.7.1, or 3.8.0? 2018-04-11 14:57:54 3.8 2018-04-11 14:57:58 Cool. 2018-04-11 14:58:26 (also, there's a release schedule? wouldn't have guessed on basis of the last releases ;P ) 2018-04-11 14:58:50 did you ever see https://wiki.alpinelinux.org/wiki/Alpine_Linux:Releases 2018-04-11 14:58:57 I have not. 2018-04-11 14:59:07 gives you an estimate when to expect next release. 2018-04-11 14:59:14 Thanks for the info :) 2018-04-11 15:03:55 new releases are about every six months, AFAIK 2018-04-11 15:04:28 Yup. So 3.8 will be sometime in May? 2018-04-11 15:04:54 3.6 was in May last year 2018-04-11 15:06:00 I remember because then I switched my chromebook to Alpine from Debian :) 2018-04-11 15:21:52 cya 2018-04-11 16:14:01 azarus: i 2018-04-11 16:14:11 oops ;) 2018-04-11 16:15:00 i'm eager for the new release too, because of the linux-firmware-* split :) 2018-04-11 16:17:31 it's kind of sad, the base system is like 7 MB, and then you install a kernel and whoops, there go 300 MB. and 2/3 are proprietary blobs for all conceivable kinds of hardware ;) 2018-04-11 16:21:17 hey there 2018-04-11 16:21:42 so, I'm running musl on gentoo and I was wondering - who made gcompat? 2018-04-11 16:22:23 Hi 2018-04-11 16:22:30 Kaniini 2018-04-11 16:24:01 Oh, cool 2018-04-11 16:24:21 I was wondering, is it okay to write an ebuild for gentoo? There's currently none I can find 2018-04-11 16:24:47 jord: https://code.foxkit.us/adelie/gcompat/commits/master <-- here's a list of contributors (next to their contributions) 2018-04-11 16:24:48 'Tis a good distro, but we sometimes do our own things ;-) 2018-04-11 16:24:58 jn__: many thanks 2018-04-11 21:02:26 Hi! Is there an iso/qcow2 version ready for the cloud (cloud image for openstack) available? 2018-04-12 04:42:33 is there a specific way commit numbers should be handled for software without a proper release? 2018-04-12 04:44:59 <_ikke_> TomTheDragon: That's always tricky 2018-04-12 04:45:30 _ikke_, I'm frequently tempted to fork and create a tag at the least, but I can't really track as many projects as I'll end up using 2018-04-12 04:46:41 <_ikke_> TomTheDragon: Yeah, I can imagine 2018-04-12 04:46:47 and obviously unlikely to make it into Alpine itself... given the lack of a release 2018-04-12 04:48:52 _ikke_, I've settled on definining _commit and calling it v0.0.${_commit:0:7} (first 7 characters of commit, like Github itself displays) 2018-04-12 04:49:35 <_ikke_> That will break 2018-04-12 04:49:45 collision, you mean? 2018-04-12 04:50:05 <_ikke_> no, more that the next 'version' might be lower then the previous one 2018-04-12 04:50:27 <_ikke_> versions should always increment 2018-04-12 04:51:15 oh, yikes... I was not thinking of that at all. 2018-04-12 04:52:02 <_ikke_> You could take the amount of commits in the main branch or something like that, but not sure how stable / acceptable that is 2018-04-12 04:53:32 <_ikke_> Something like https://wiki.archlinux.org/index.php/VCS_package_guidelines#Git 2018-04-12 04:55:33 <_ikke_> https://wiki.alpinelinux.org/wiki/APKBUILD_Reference#pkgver 2018-04-12 04:57:36 <_ikke_> "To package a specific git commit, the date of the commit gets appended to the latest release, e.g. 1.0.0_git20180204" 2018-04-12 04:58:19 <_ikke_> But it's always good to stimulate the maintainers to cut a proper release 2018-04-12 05:00:16 _ikke_, likely release gets ignored by EionRobb (for several libpurple modules) simply because of how much 'churn' there is in messaging protocols 2018-04-12 05:05:49 <_ikke_> How can anything depend on it then? 2018-04-12 05:05:54 <_ikke_> or anyone 2018-04-12 05:09:28 you know, you're right... nobody can depend on those kind of projects. are you referring to continued maintainance? 2018-04-12 05:12:13 <_ikke_> You do wan't to have at least some kind of stability 2018-04-12 05:12:23 <_ikke_> s/wan't/want/ 2018-04-12 05:13:38 <_ikke_> I don't know the nature of this project 2018-04-12 05:14:27 <_ikke_> messaging protocol apparently 2018-04-12 05:14:41 popular instant messaging protocol implementations. the unofficial ones (most of them) tend to break a lot 2018-04-12 05:15:03 <_ikke_> right, I can imagine 2018-04-12 05:15:18 <_ikke_> They just go fast and break thingss 2018-04-12 05:16:05 web itself seems to have trended that way 2018-04-12 05:16:26 but at least there's only one standard 2018-04-12 09:59:09 Hi, is there a way to use allow-hotplug in /etc/network/interfaces ? 2018-04-12 13:02:07 don't know JeanScotch 2018-04-12 13:02:23 the question maybe relevant on stackoverflow 2018-04-12 13:06:47 As far as I kno, this feature is introduced by debian and is based on udev; the apk ifupdown is present in repo and comes from debian but lacks those udev rules; I suppose I could hack those rules myself but not sure yet 2018-04-12 13:51:07 Hello. I am using a diskless installation, but "lbu commit" does not seem to save installed applications (like nano, sudo, etc..) by default. I found out that it only saves the contents of /etc by default. What is the proper way to save applications (and their dependencies) so they are available out of the box after booting? 2018-04-12 13:57:47 BieHDC, did you setup apk cache 2018-04-12 13:58:21 yes i did on a secondary partition. it is automatically mounted on boot. 2018-04-12 13:59:51 is apk cache meant to save installed applications? maybe i just did it wrong... 2018-04-12 14:00:36 yes, its has the packages needed to setup your system on tmpfs 2018-04-12 14:01:30 this or you need to have a repo local with a hidden file .xxx i dont remember then name. 2018-04-12 14:01:51 like the packages on the iso 2018-04-12 14:02:25 apk cache makes sure you have all of them (if local repo misses some) 2018-04-12 14:04:25 these are the apk then, i am talking about keeping the already installed ones. unless reinstalling all "custom" applications on boot is the proper way to go? 2018-04-12 14:04:53 on tmpfs packages are reinstalled on boot 2018-04-12 14:05:33 initramfs creates it on boot from local packages. 2018-04-12 14:05:39 or from remote repo on netboot 2018-04-12 14:06:56 so it should remember what i have installed? 2018-04-12 14:07:09 of course 2018-04-12 14:07:15 thats what lbu does 2018-04-12 14:07:22 it creates an ovl file 2018-04-12 14:07:52 lbu only saves the configuration files as i understood it (by default settings) 2018-04-12 14:08:11 it will be found on boot and extracted in root, then it will install all packages according to world file. 2018-04-12 14:08:39 yes lbu only saves /etc contents 2018-04-12 14:08:56 but /etc has apk information about which packages were installed. 2018-04-12 14:09:03 hi all, i have a question about alpine 3.4 and a missing file called /etc/ssl/cert.pem. since alpine 3.5 the package libressl is providing this file. is there a way to get this file for alpine 3.4? backround is: the official php-docker-image 5-fpm-alpine bases on alpine 3.4 2018-04-12 14:09:09 tts called world file 2018-04-12 14:09:18 located here /etc/apk/world 2018-04-12 14:10:28 seltmann, 3.4 is almost eol 2018-04-12 14:14:11 i see. well yes then it seems that i just messed up my installation. what procedure should i follow if i plan on using a 2nd partition for general files, apk cache and for an unprivileged users home directory? i added a manual entry to the fstab, but after one reboot. alpine itself started mounting it by itself without an entry into the fstab 2018-04-12 14:22:19 i dont know your setup 2018-04-12 14:22:30 something specific about that 2nd partition? 2018-04-12 14:22:42 raspberry pi 2018-04-12 14:22:48 no its just an ext4 2018-04-12 14:23:07 and the cache dir is linked to /etc/apk/cache? 2018-04-12 14:23:28 i used the setup-apkcache (i think it called like that) script 2018-04-12 14:24:15 and pointed it to /media/sdcard/apkcache which i is mounted by fstab 2018-04-12 14:24:43 but one day it mounted itself in /media/mmcblk0p2 and ofc the mount in sdcard failed 2018-04-12 14:58:16 hello. while doing cc -static file.c, i still get a shared/dynamic linked object file. is this on purpose? can't i statically link on alpine? 2018-04-12 15:01:40 bergers89: what does "lddtree a.out" say? 2018-04-12 15:02:29 bergers89: i guess it's statically linked, but has the ELF type of a shared object to allow ASLR 2018-04-12 15:07:19 ah yes, exactlh, thanks jn__. 2018-04-12 15:07:26 *exactly 2018-04-12 15:09:08 jn__: is there an easy way to turn off ASLR? i am using alpine to study operating systems, and at some points, it feels simpler to deactivate this security option? 2018-04-12 15:10:23 cc -static hello.c -o hello -no-pie 2018-04-12 15:12:14 ah great thanks a lot. 2018-04-12 15:13:10 so it just compiles a binary w/o dynamic linkage options and therefore, global variables are on the same location. 2018-04-13 03:06:28 campain #deletefacebook https://www.facebook.com/buh0x/videos/2059902154334625/UzpfSTE0ODg3ODYxNTE1MzMyOToyMDA5MzAxMzQ5MTExMDM3/