2024-03-01 05:18:09 <bleb> how would I replace groff with heirloom-doctools
2024-03-01 05:19:07 <bleb> apk del groff says not removed due to: groff: man-db docs
2024-03-01 06:08:30 <fluix> bleb: seems to be in the instructions: https://git.alpinelinux.org/aports/tree/community/heirloom-doctools/README.alpine
2024-03-01 06:09:14 <fluix> I don't know if you can get apk to remove the declared dependency on groff of man-db
2024-03-01 06:22:43 <somercet> bleb, I assume you wanted to replace mandoc with man-db?
2024-03-01 06:23:41 <fluix> it sounds like they want to replace groff with the version that's provided by heirloom-doctools
2024-03-01 06:24:05 <somercet> yes, but mandoc and man-db provide the same service, serving up man pages.
2024-03-01 06:24:20 <somercet> mandoc does not require groff.
2024-03-01 06:25:19 <somercet> the simplest solution would be to re-install mandoc.
2024-03-02 01:16:05 <latex> I'm fricking angry! Whenever I enable net.ipv6.conf.all.forwarding = 1, my system NEVER GETS ANY IP ADDRESS GRRRRR
2024-03-02 01:16:09 <latex> I don't get why!
2024-03-02 01:16:17 <latex> Not even IPv4!
2024-03-02 05:36:37 <Hello71> net.ipv4.ip_forward sets a bunch of stuff implicitly like rp_filter and accept_redirects
2024-03-02 05:36:45 <Hello71> latex: 
2024-03-02 05:37:07 <Hello71> use tcpdump and find the difference with it off and on
2024-03-02 06:02:24 <ikke> You need to set accet_ra=2 if you enable forwarding
2024-03-02 07:39:30 <dwfreed> if you do slaac
2024-03-02 07:40:11 <ikke> indeed
2024-03-02 08:37:53 <latex> It does not work
2024-03-02 08:38:04 <latex> even with the accept_ra = 2
2024-03-02 08:38:09 <latex> like wtf
2024-03-02 08:38:54 <ikke> what ip addresses do you expect to appear?
2024-03-02 08:40:58 <latex> slaac
2024-03-02 08:41:01 <latex> also I just got it working I think
2024-03-02 08:41:11 <latex> I set net.ipv6.conf.eth0.accept_ra = 2 explicitly
2024-03-02 08:41:19 <latex> apparently it won't go to 2 if I set all or default
2024-03-02 09:18:19 <latex> but umfortunatey my wireguard tunnel still doeen't work >:(
2024-03-02 09:18:38 <latex> at least my server got an address from slaac and forwarding is on
2024-03-02 12:46:08 <WhyNotHugo> I tried to change my console font my running `setfont ...` in my initrd, but it fails with 'can't open /dev/tty: No such device or address'.
2024-03-02 12:48:19 <WhyNotHugo> I'm confused as to what this means. Why does /dev/tty not exist at this point?
2024-03-02 13:03:50 <WhyNotHugo> Explicitly specifying /dev/tty0 worked. 🤷
2024-03-02 13:11:07 <WhyNotHugo> Odd, so the console font is properly changed now, but as soon as nlplug-findfs runs, it gets reset to the default.
2024-03-02 13:14:00 <WhyNotHugo> I wonder if this is a result of mdev loading the framebuffer module.
2024-03-02 13:20:12 <WhyNotHugo> The initramfs has a file /etc/mdev.conf. This is not copied from the host, where does it come from?
2024-03-02 13:26:17 <WhyNotHugo> Nope, no idea where that file comes from. Any hints are welcome.
2024-03-02 13:28:17 <Ermine> It's coped
2024-03-02 13:28:20 <Ermine> copied*
2024-03-02 13:52:01 <WhyNotHugo> I edited some lines in /etc/mdev and after regenerating the initfs, those edited lines are not present.
2024-03-02 13:52:58 <WhyNotHugo> Oh, I might have inspected the wrong file 🤦‍♂️
2024-03-02 22:36:31 <tetsumaki> Hello everyone, do you know if it's possible to have Alpine use a method similar to cryptkey for autostart with FDE (full device encrypted)?
2024-03-02 22:36:31 <tetsumaki> I plug in a USB key containing the decryption key, then put the USB key back in a safe place.
2024-03-02 22:36:31 <tetsumaki> Eq for Arch: https://wiki.archlinux.org/title/Dm-crypt/System_configuration#cryptkey
2024-03-02 22:58:52 <minimal> tetsumaki: the initramfs does support "cryptkey=filename" but I'm not sure about the automounting/unmounting USB key aspect of what you want
2024-03-02 23:58:23 <tetsumaki> hi, no it's not but thanks.
2024-03-03 00:24:49 <minimal> tetsumaki: there was a MR raised a while ago to achieve this but it was never merged: https://gitlab.alpinelinux.org/alpine/mkinitfs/-/merge_requests/108
2024-03-03 05:40:11 <Fxzxmic> https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/main/busybox/busybox.post-upgrade?ref_type=heads#L33-35
2024-03-03 05:41:22 <Fxzxmic> I think this part only needs to be run once when upgrading busybox.
2024-03-03 05:51:02 <Fxzxmic> Also, would it be better to place this klogd user directly in the alpine-baselayout-data package?
2024-03-03 06:18:48 <ikke> Fxzxmic: adding it there does not help for existing systems
2024-03-03 06:21:59 <Fxzxmic> But we still have the post-upgrade script
2024-03-03 06:31:57 <Fxzxmic> https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/55129
2024-03-03 07:07:25 <ikke> Fxzxmic: Maybe you can open an MR with the proposed changes
2024-03-03 07:08:16 <ikke> You could look at the nginx package how to check when a package is upgraded from before a specific version
2024-03-03 11:03:13 <frag> can one undelete files from a mounted partition and/or tmpfs? can it be used as a short-term/a bit unreliable trashcan?
2024-03-03 11:04:27 <frag> also preferably with basic/posix tools :<
2024-03-03 11:05:44 <lopid> years ago there was a library you could preload that would make rm and such move the target to a specific dir
2024-03-03 11:14:09 <frag> hmm, yeah i made a command like that, but would be more convenient with a more basic solution :)
2024-03-03 11:46:10 <zcrayfish> extundelete wants an unmounted partition, so doesn't seem likely.
2024-03-03 14:35:35 <tetsumaki> minux[m]: thanks for link with cryptkey ;)
2024-03-03 16:39:56 <sewn> does anyone know what exactly is the abuild error 'Is $builddir set correctly?' supposed to signify if there is no builddir set
2024-03-03 16:43:47 <ikke> sewn: abuild expects that the source is extracted to `$builddir`, which defaults to `$srcdir/$pkgname-$pkgver/`. If the directory in the source is different, you need to set it
2024-03-03 16:44:20 <sewn> ahh ok woops
2024-03-03 16:45:45 <ikke> so after running abuild unpack, check what's in the src/ dir
2024-03-03 16:48:42 <ikke> Oh, and just for completeness, this error only triggers when you have patches defined in sources
2024-03-03 16:51:22 <sewn> thanks
2024-03-03 16:58:18 <sewn> is there a sort of 'alternatives' system for apk?
2024-03-03 17:00:29 <ikke> No
2024-03-03 17:01:00 <sewn> so at all costs there is no such thing as conflicting files for packages
2024-03-03 17:01:21 <sewn> they must be controlled externally with stuff like environment flags and controlled bin/lib installations (like renaming binaries/libraries)
2024-03-04 04:35:01 <CavafysCandles> Hello
2024-03-04 04:35:43 <CavafysCandles> I'm looking at configuring openldap for alpine linux using this page: <https://wiki.alpinelinux.org/wiki/Configure_OpenLDAP> and it is mentioning the file "/etc/conf.d/slapd" but I don't have such a file. Why?
2024-03-04 04:55:50 <kilomite> hello, Im trying to build a custom alpine linux iso using the mkimage scripts. it is mentioned in the wiki that, i can add packages to the iso by creating a world file and placing the package name in it. but i  have to mannually apk add <package_name>. is there a way so that those packages are already installed on the iso and i can use them right away? im trying to build it so that it autologins to the tty as a user and launch xorg.
2024-03-04 05:18:42 <CavafysCandles> kilomite: which page are you reading?
2024-03-04 05:32:07 <kilomite> https://wiki.alpinelinux.org/wiki/How_to_make_a_custom_ISO_image_with_mkimage
2024-03-04 05:36:41 <CavafysCandles>  kilomite: don't you just need to modify the init script?
2024-03-04 05:37:09 <CavafysCandles> kilomite: <https://www.youtube.com/watch?v=VGxxxABAl9s>
2024-03-04 05:40:00 <kilomite>   
2024-03-04 05:40:25 <kilomite> the /etc/inittab file? i followed this guide actually, but removed some stuff from the packages list that i didn't need. and that iso booted to a clean system with those packages in cache but no auto login or anything..
2024-03-04 05:41:00 <CavafysCandles>  that YT video should clarify 
2024-03-04 05:42:04 <kilomite> yea... i will retry that once more.
2024-03-04 06:03:47 <zcrayfish> CavafysCandles: because whoever wrote the wiki for OpenLDAP could have worded it better
2024-03-04 06:04:35 <zcrayfish> disregard, I misread it. I thought they implied earlier in the article that the file doesn't exist by default. who knows.
2024-03-04 06:05:11 <CavafysCandles> zcrayfish: who knows indeed :)
2024-03-04 06:05:18 <CavafysCandles> well thanks for looking into it! I appreciate it 
2024-03-04 06:06:23 <zcrayfish> /etc/conf.d/slapd is part of openldap-openrc; on the version of Alpine I am running it's a dependency of openldap
2024-03-04 06:07:31 <zcrayfish> OpenLDAP is something I really need to do sometime this year so I can get some 802.1X going on my network.
2024-03-04 06:09:55 <CavafysCandles> mm I'm just trying to integrate mediawiki with openldap here
2024-03-04 06:10:16 <grawity> you can get 802.1X going on without LDAP; freeradius itself will be the bigger headache
2024-03-04 06:10:41 <zcrayfish> grawity: oh joy. :x
2024-03-04 09:52:22 <quinq> erf
2024-03-04 09:53:31 <quinq> Having problems again with ifupdown-ng and dhcpcd
2024-03-04 09:54:08 <quinq> It spawns a dhcpcd instance for each physical network interface, even if there's only one defined (bond) in /etc/network/interfaces (not counting loopback)
2024-03-04 09:54:13 <quinq> And then it fails
2024-03-04 12:35:40 <raspbeguy> hello, where can I find sources of pkgs.alpinelinux.org?
2024-03-04 12:37:47 <xulfer> https://gitlab.alpinelinux.org/alpine/aports
2024-03-04 12:38:24 <clandmeter> https://gitlab.alpinelinux.org/alpine/infra/aports-turbo
2024-03-04 12:43:13 <raspbeguy> clandmeter, thanks
2024-03-04 12:43:26 <raspbeguy> xulfer, I was looking for the website code
2024-03-04 19:27:28 <zcrayfish> raspbeguy: I *think*: https://gitlab.alpinelinux.org/clandmeter/apkbrowser/-/tree/alpine
2024-03-04 19:28:33 <ikke> zcrayfish: the one clandmeter mentioned is what's running on pkgs.a.o
2024-03-04 19:29:06 <zcrayfish> oh I missed that. cool
2024-03-04 19:29:14 <clandmeter> the python one is purely the pkg browser
2024-03-04 19:29:21 <clandmeter> the lua one has some extra functions
2024-03-04 19:29:51 <raspbeguy> I don't think I know this one
2024-03-04 19:31:07 <raspbeguy> Oh it's just the mirror page
2024-03-04 19:31:38 <raspbeguy> Wait, no. I don't know what it is
2024-03-04 19:31:50 <ikke> which one? apkbrowser?
2024-03-04 19:32:01 <raspbeguy> The python one
2024-03-04 19:32:10 <ikke> That one was built by the pmos folks
2024-03-04 21:42:23 <vkrishn> anyone gave a thought on packaging trinity-desktop ?
2024-03-05 02:58:32 <ang1e> C
2024-03-05 02:58:40 <ang1e> sorry
2024-03-05 10:11:36 <WhyNotHugo> How can I mount tmpfs as a non-priviledged user? bwrap seems to be able to do this without priviledge escalation.
2024-03-05 10:14:48 <lopid> first thought would be to check out "Non-superuser mounts" in the mount man page
2024-03-05 10:18:55 <WhyNotHugo> lopid: those need to be defined in /etc/fstab. bwrap has no such requirement
2024-03-05 10:19:02 <lopid> ok
2024-03-05 10:19:16 <WhyNotHugo> Specifically, I don't want these mounts statically defined.
2024-03-05 11:27:27 <ptrc> WhyNotHugo: usually you'd need a separate user and mount namespace
2024-03-05 12:11:25 <qaqland> Hello, my "abuild rootbld" takes a long time to download and install deps, how can I cache them?
2024-03-05 12:14:41 <WhyNotHugo> Er, can I use `nsenter` to enter a namespace in a race-free way?
2024-03-05 12:15:01 <WhyNotHugo> It takes a pid as input, so it sounds like the pid's owner could change..?
2024-03-05 12:35:37 <qaqland> oh, i can easily use setup-apkcache to cache :)
2024-03-05 13:07:41 <fluix> WhyNotHugo: read bwrap's source. it's pretty straightforward
2024-03-05 13:54:31 <engblom> ncopa: Is there any technical reason for that we do not have a xtables-addons-rpi for aarch64?
2024-03-05 13:54:42 <engblom> I would want to do some geoblocking, but noticed the kernel module is missing.
2024-03-05 13:55:05 <ncopa> no technical reason for that. I suppose nobody asked for it until now
2024-03-05 13:55:47 <engblom> Is it something I can wish for?
2024-03-05 13:56:25 <ncopa> i will not stop you from wishing :)
2024-03-05 13:56:45 <ncopa> but, i also know that there are some rpi users who prefers the linux-lts kernel
2024-03-05 13:57:26 <engblom> It is not booting on rpi5
2024-03-05 13:57:29 <engblom> I tried it.
2024-03-05 13:57:38 <ncopa> ok. fair enough
2024-03-05 13:58:31 <ncopa> feel free to open a merge request or an issue
2024-03-05 15:05:15 <engblom> ncopa: https://gitlab.alpinelinux.org/alpine/aports/-/issues/15833
2024-03-05 15:26:17 <DodoGTA> What's the equivalent of "pacman -U" (installing a package from file) on Alpine?
2024-03-05 15:28:56 <minimal> apk add <filename>
2024-03-05 15:35:46 <engblom> I have a strange problem with chronyd (enabled by alpine-setup) on rpi. After boot the date back to 1970-1-1 unless I manually restart chronyd. Is it starting too early, before network (which also was configured through setup-alpine) and thus does not get the correct time?
2024-03-05 15:37:20 <minimal> engblom: assuming your ~RPI5 is *not* a RPI5 with battery, the RPI has no RTC and so at power-on the clock defaults to 1970-01-01
2024-03-05 15:37:54 <engblom> minimal: Yep, that is right. But still, chronyd should set the time upon start.
2024-03-05 15:38:06 <minimal> when chrony runs and gets NTP sync it will then try to correct the system clock but this may not succeed depending on chrony config
2024-03-05 15:38:27 <minimal> have you checked the chrony logs?
2024-03-05 15:38:31 <engblom> Whenever I do /etc/init.d/chronyd restart I get the right time.
2024-03-05 15:39:28 <engblom> So chronyd is working when I manually restart it.
2024-03-05 15:39:51 <minimal> have you checked the chrony logs?
2024-03-05 15:40:18 <engblom> There are no logs /var/logs/chrony is empty
2024-03-05 15:46:04 <minimal> I believe some chrony logging will go to /var/log/messages or /var/log/daemon
2024-03-05 15:50:12 <minimal>  /var/log/messages
2024-03-05 15:55:53 <minimal> engblom: so what chronyd log entries do you see?
2024-03-05 15:56:28 <ncopa> can you verify that network is up when chrony starts?
2024-03-05 16:15:52 <engblom> minimal: https://pastebin.com/kKHSSQY2
2024-03-05 16:16:20 <engblom> ncopa: How do I verify network is up when chrony starts?
2024-03-05 16:17:15 <engblom> There is one line that might hint it: Jan  1 02:00:16 anna daemon.warn chronyd[2856]: Could not resolve address of initstepslew server pool.ntp.org
2024-03-05 16:17:29 <minimal> Yes, I was about to point to that
2024-03-05 16:18:02 <minimal> the "initstepslew" refers to chrony being able to make a "large" change in time when it first starts
2024-03-05 16:18:17 <minimal> after that point chrony will only make minor adjusts
2024-03-05 16:18:57 <minimal> so as there is no RTC and so the system clock is 1970-01-01 then that time will only be adjusted during the initial period
2024-03-05 16:19:23 <minimal> which can't happen as chrony was unable to contact pool.ntp.org to check what the correct time is
2024-03-05 16:19:36 <engblom> How can I make sure network is working before chronyd is started?
2024-03-05 16:20:11 <minimal> when you restarted chrony it WAS able to contact that server during its initstepslew "phase" and so then made the necessary large time adjustment
2024-03-05 16:21:07 <minimal> the chronyd init.d declares a "need net" and so it should start after the networking init.d has run
2024-03-05 16:21:42 <ikke> https://github.com/OpenRC/openrc/blob/master/service-script-guide.md#be-wary-of-need-net-dependencies
2024-03-05 16:21:49 <engblom> Hmm, but it does not. I have repeated the process of powering it up several times, and the result is always the same.
2024-03-05 16:22:33 <minimal> I said that the networking service should *START*, I didn't say it should/would succeed to bring up networking before the chronyd init.d service ;-)
2024-03-05 16:23:45 <minimal> are you using wifi or ethernet? what does your /etc/network/interfaces say about your network interface?
2024-03-05 16:23:49 <engblom> ethernet
2024-03-05 16:24:15 <ikke> Just wanted to make it clear that 'need net' is not a guarantee there is internet
2024-03-05 16:24:31 <engblom> With static ip, created by setup-alpine
2024-03-05 16:25:10 <minimal> static IP? so then it should be almost instantaneous to come up (unlike DHCP where there could be a delay)
2024-03-05 16:25:18 <engblom> Yes
2024-03-05 16:26:43 <minimal> slow DNS then perhaps?
2024-03-05 16:26:57 <minimal> for the pool.ntp.org lookup
2024-03-05 16:27:57 <minimal> what DNS servers have you specified in /etc/resolv.conf? local servers? (in your network) your ISP's servers?
2024-03-05 16:28:08 <engblom> No, the dns servers are fast, and there is no problem to do any resolving
2024-03-05 16:28:20 <engblom> My ISP servers
2024-03-05 16:29:22 <minimal> well as you're using static IP config then I don't know what else it could be
2024-03-05 16:29:47 <engblom> And it always works when I restart the daemon.
2024-03-05 16:30:02 <minimal> yes because networking is obviously then functional
2024-03-05 16:30:06 <engblom> Yes
2024-03-05 16:30:28 <minimal> but networking SHOULD be functional the minute /etc/init.d/networking runs ifup
2024-03-05 16:30:39 <minimal> s/minute/instant/
2024-03-05 16:33:35 <minimal> so you could kludge around this by changing the chrony config but whatever underlying issue with your network would still remain
2024-03-05 16:34:42 <engblom> How should I change the config?
2024-03-05 16:35:35 <minimal> use "makestep" so that large jumps can happen after the initstepslew
2024-03-05 16:39:14 <minimal> combined with adding "iburst" to the "pool" entries
2024-03-05 16:40:10 <minimal> and then perhaps also remove the "initstepslew" entry
2024-03-05 16:41:46 <minimal> what is the Raspberry Pi's ethernet connected to? a "smart"/managed switch? a "dumb" switch?
2024-03-05 16:43:02 <engblom> It is connected to one of the ports of a router.
2024-03-05 17:38:18 <somercet> engblom, it sounds like chronyd needs to make a big change long after the initial slews have taken place.
2024-03-05 17:38:45 <somercet> "makestep 1 -1" in chrony.conf should allow chronyd to make a big adjustment at any time, such as after it is able to connect to outside servers.
2024-03-05 17:39:28 <engblom> somercet: Yes, makestep is kind of "fixing" the issue.
2024-03-05 17:40:27 <somercet> yes, but that -1 should allow chrony to make big steps without restarting
2024-03-05 17:40:52 <somercet> No guarantees, but I think that will solve your problem.
2024-03-05 17:47:18 <minimal> somercet: no, the initial step doesn't happen due to DNS lookup failure (for whatever reason)
2024-03-05 17:48:29 <somercet> yes, which is why the -1 is there, it allows the big step to happen later, when it gets that connection
2024-03-05 17:49:01 <minimal> I was responding to when you said "long after the initial slews have taken place" to clarify that NO initial steps/slew took place due to DNS issue
2024-03-05 17:55:34 <engblom> Now I only need the xtables-addon-rpi package before my rpi is able to fully replace my old openbsd server.
2024-03-05 17:56:00 <engblom> addons*
2024-03-05 19:22:23 <ang1e> Does anyone know what the speech synthesizer library is in apk that firefox keeps complaining about?
2024-03-05 19:24:29 <invoked> speex, maybe?
2024-03-05 21:12:26 <ptrc> ang1e: is there an error message from firefox about it?
2024-03-05 21:12:35 <ptrc> if so, can i have it? ^^
2024-03-05 21:29:17 <root[x]> helo
2024-03-05 21:29:30 <root[x]> oh no https://postmarketos.org/blog/2024/03/05/adding-systemd/
2024-03-05 21:29:45 <root[x]> pmOS betrayed Alpine creed/philosophy by using systemd?
2024-03-05 21:30:25 <root[x]> no more "Small. Simple. Secure."
2024-03-05 21:31:02 <ikke> That is Alpine Linux moto, not pmos
2024-03-06 01:23:31 <aquamo4k> anyone else running edge w/zfs ?  after my update to 6.6.20 today, cannot manually load zfs module anymore
2024-03-06 01:23:46 <aquamo4k> still investigating
2024-03-06 01:25:31 <aquamo4k> kernel == 6.6.20-0-lts, module == /lib/modules/6.6.20-0-lts/extra/zfs.ko.gz everything else seems fine
2024-03-06 01:28:09 <aquamo4k> insmod /lib/modules/6.6.20-0-lts/extra/spl.ko.gz - this is what is failing ... okay getting somewhere :-)
2024-03-06 01:29:10 <aquamo4k> spl: module verification failed: signature and/or required key missing - tainting kernel
2024-03-06 01:30:02 <tdr> sounds like you didnt sign the zfs modules as part of adding them
2024-03-06 01:31:26 <aquamo4k> ack, yeah, sig is reported wrong.  i just updated so the pkg must have a glitch, no worries, just a test system but wanted to report it
2024-03-06 08:49:48 <staceee> how do I list packages no longer available in repositories?
2024-03-06 08:53:11 <ptrc> staceee: apk list -O
2024-03-06 08:54:41 <staceee> ptrc: thanks! I get confused because it also list virtual packages
2024-03-06 08:55:00 <staceee> also, upgrade --prune drop virtual packages too
2024-03-06 11:09:39 <dzilvys_> Hi all, I was wondering I could get some answers to what licensing scheme alpine uses. Firstly, we use alpine in a commercial environment, one that we ship our hardware with alpine as the underlying OS. the customers don't have access to the OS as they run a docker container on top of it.  Do we need to acknoledge we are using alpine and all the software that comes with an alpine installation? do we need to provide a licence for each individual 
2024-03-06 11:09:39 <dzilvys_> package in the alpine OS or is there a simpler way?
2024-03-06 12:13:04 <ncopa> i think you need provide a license for each individual package
2024-03-06 12:17:24 <dzilvys_> Is there any place I can find a definitive answer in this? not saying you are write or wrong but as this is in a corporate environment, a definitive answer would be best
2024-03-06 12:18:00 <grawity> in a corporate environment, consult your legal team
2024-03-06 12:19:01 <grawity> afaik nothing supersedes the individual licenses of the software that alpine distributes – e.g. if you're further distributing a GPLv2 package, you have to honor the GPL for it, no matter if it came with a Linux distro
2024-03-06 12:19:48 <grawity> you ship a copy of Linux kernel? the kernel's license applies, which is largely the whole point of it having that license
2024-03-06 12:20:09 <grawity> [this is about where my understanding ends]
2024-03-06 12:20:23 <dzilvys_> awesome, that is helpful too
2024-03-06 12:21:56 <grawity> take a look at how other projects do it; I've seen Linux-based appliances come with a whole CD labelled "GPL source code", or a leaflet linking to a website, etc (but then I've also seen appliances whose manufacturers don't give a damn)
2024-03-06 12:22:30 <grawity> s/leaflet/flyer or whatever the term/
2024-03-06 12:23:19 <dzilvys_> will do thank you a lot :)
2024-03-06 12:26:34 <grawity> (or maybe a better example would be, tons of apps having the "About SomeApp" window that *always* has a link "...thanks to these open-source packages..." that links to all the licenses and source code repositories; I've even seen MS apps credit StackOverflow posts that were under CC-BY license)
2024-03-06 14:50:47 <invoked> lib/apk/exec/appstream-1.0.2-r1.post-upgrade: line4: /usr/bin/appstreamcli: not found
2024-03-06 15:07:50 <invoked> https://0x0.st/H732.txt  on two edge machines now.
2024-03-06 15:07:59 <ikke> invoked: I believe there are issues about it already 
2024-03-06 15:08:28 <invoked> roger that, sorry. didn't see anything in scroll here.
2024-03-06 15:09:32 <ikke> Discussion happened in #-devel
2024-03-06 16:55:17 <aquamo4k> okay, my problem is spi and zfs kernel modules not loading is now fixed with linux-lts-6.6.20-r1 and zfs-lts-6.6.20-r4 :-)
2024-03-06 16:55:45 <aquamo4k> s/is/with
2024-03-06 17:04:59 <donoban> uhmm, I stopped updating since 6.6.16, it failed to boot with just a blank screen
2024-03-06 17:07:24 <engblom> ncopa: Regarding the xtables-addons-rpi package I created an issue for, could you tell if it is something you plan to do or if I should not hope for anything?
2024-03-06 18:54:55 <root[x]> hello, I'd like to know if Alpine will allow systemd in Alpine repos
2024-03-06 18:57:47 <invoked> no.
2024-03-06 18:58:07 <invoked> alpine is either systemd completely, or it isn't systemd
2024-03-06 18:58:34 <invoked> it can't be both
2024-03-06 18:59:03 <root[x]> Would it be against `Small. Simple. Secure.` also?
2024-03-06 18:59:20 <invoked> that's a different question
2024-03-06 18:59:47 <root[x]> it's pretty related 
2024-03-06 19:00:21 <invoked> not really.
2024-03-06 19:00:27 <root[x]> yes
2024-03-06 19:00:30 <invoked> no.
2024-03-06 19:01:29 <root[x]> if something could be included that's related
2024-03-06 19:01:53 <invoked> it can't be included
2024-03-06 19:02:44 <root[x]> https://postmarketos.org/blog/2024/03/05/adding-systemd/#what-about-openrc-s6-runit-dinit
2024-03-06 19:02:59 <invoked> alpine can make a decision to switch to systemd, it can't add systemd to what's already here.
2024-03-06 19:03:53 <root[x]> that's the question
2024-03-06 19:04:50 <invoked> is it?  i already answered that once
2024-03-06 19:05:15 <root[x]> no ok i see annoying people only now
2024-03-06 19:05:22 <invoked> if you want systemd, alpine is not systemd
2024-03-06 19:05:27 <ncopa> engblom: i was thinking of have a look at that when I upgrade the rpi kernel. have not had time so far, sorry
2024-03-06 19:55:19 <engblom> ncopa: No problem, I just asked so I know if I will have to find another solution or distro or if it is worth to wait. I will wait then and see how it goes.
2024-03-06 20:00:48 <ikke> engblom: fyi, there is also a possiblity to create / use a src package with akms (alpine dkms package)
2024-03-06 20:01:04 <ikke> But it would need to be packaged as well
2024-03-06 20:05:55 <GoremanX> Hello! Wow this feels like a blast from the past, I ain't used IRC in over a decade
2024-03-06 20:06:04 <GoremanX> I was wondering if someone could help me figure out how to modify the standard Alpine boot ISO so that it displays to a serial terminal on boot. I can edit individual files in the ISO, I'm just not sure which ones to edit and how
2024-03-06 20:08:13 <ikke> GoremanX: https://wiki.alpinelinux.org/wiki/Enable_Serial_Console_on_Boot
2024-03-06 20:08:45 <GoremanX> Yeah I found that article, but it seems to apply to installed Alpine, not the filesystem on the ISO image
2024-03-06 20:09:17 <GoremanX> I tried editing syslinux.cfg on the CD with those changes and it didn't work
2024-03-06 20:09:39 <GoremanX> and I couldn't find any files that resemble the extlinux.conf instructions
2024-03-06 20:09:54 <ikke> boot/syslinux/syslinux.cfg
2024-03-06 20:10:19 <ikke> or boot/grub/grub.cfg for grub
2024-03-06 20:10:54 <ikke> GoremanX: If it's one time, you can also do it during boot
2024-03-06 20:10:55 <GoremanX> but which one is it? I already edited syslinux.cfg like so:
2024-03-06 20:11:09 <GoremanX> SERIAL 0 9600
2024-03-06 20:11:19 <GoremanX> TIMEOUT 10
2024-03-06 20:11:25 <GoremanX> PROMPT 1
2024-03-06 20:11:25 <GoremanX> LABEL lts
2024-03-06 20:11:25 <GoremanX> DEFAULT lts
2024-03-06 20:11:25 <GoremanX> MENU LABEL Linux lts
2024-03-06 20:11:25 <GoremanX> KERNEL /boot/vmlinuz-lts
2024-03-06 20:11:27 <GoremanX> INITRD /boot/initramfs-lts
2024-03-06 20:11:30 <GoremanX> FDTDIR /boot/dtbs-lts
2024-03-06 20:11:32 <GoremanX> APPEND modules=loop,squashfs,sd-mod,usb-storage console=ttyS0,9600
2024-03-06 20:11:52 <GoremanX> and the instructions for modifying the grub file don't match the way the file is written on the iso filer
2024-03-06 20:12:11 <GoremanX> *file
2024-03-06 20:12:16 <ikke> Do you see grub or sys/extlinux during boot?
2024-03-06 20:12:56 <ikke> If you see Peter Anvin mentioned and "boot:", it's sys/extlinux
2024-03-06 20:13:52 <ikke> for grub.cfg, you need to add the console port at the end of the linux with linux  /boot/..
2024-03-06 20:15:01 <GoremanX> It's definitely syslinux then
2024-03-06 20:15:43 <ikke> If you see the "boot:" line, you can press tab to modify it online
2024-03-06 20:17:05 <GoremanX> like before it actually boots?
2024-03-06 20:17:12 <GoremanX> did not realize that, lemme try it
2024-03-06 20:17:38 <ikke> yes
2024-03-06 20:21:11 <GoremanX> well look at that, how convenient. Thank you!
2024-03-06 20:21:26 <GoremanX> I don't need to modify the iso after all
2024-03-06 20:22:11 <ikke> GoremanX: was not sure whether you want it to be permanent or just once of installation
2024-03-06 20:23:06 <GoremanX> just once for installation so that I can create a boot image that doesn't have SSH installed. I can't copy-paste into VNC clients and typing things out manually is error-prone
2024-03-06 20:24:47 <GoremanX> I'm outta here, thanks again!
2024-03-07 00:06:43 <vkrishn> which dep i need to install to have "source-filter=/usr/lib/cgit/filters/syntax-highlighting.sh"  working in cgit ?
2024-03-07 00:10:40 <vkrishn> got it 'apk add hightlight bash'
2024-03-07 00:29:12 <vkrishn> don't know if its a good idea, wanted to avoid cloning full aports, so i pushed in  https://git.insteps.net/mess/aportsbag/
2024-03-07 10:22:26 <lopid> is it best to go 3.16→3.17→3.19→3.19, or is it ok to go 3.16→3.19?
2024-03-07 10:22:46 <lopid> little mistake in the middle there
2024-03-07 10:24:32 <lopid> https://wiki.alpinelinux.org/wiki/Upgrading_Alpine#Upgrading_to_latest_release suggests the latter is ok (3.3→3.19)
2024-03-07 11:29:31 <ncopa> i think 3.16 -> 3.19 usually will be ok
2024-03-07 11:30:46 <ncopa> i think there were some apk index improvements around 3.14 or something so I have done 3.12 -> 3.16 -> 3.18 in the past
2024-03-07 11:47:40 <lopid> it went ok :)
2024-03-07 11:59:34 <ncopa> congrats :)
2024-03-07 12:01:58 <aron> hmmm, good to know, I also want to skip a few versions when 3.20 is out
2024-03-07 12:23:06 <WhyNotHugo> The VIRT column in `top` is kilobytes, right?
2024-03-07 12:28:40 <aron> WhyNotHugo: yes
2024-03-07 12:28:52 <aron> if not, then it appends, i.e. an "m" suffix
2024-03-07 12:29:33 <aron> or a "g" for chromium, lol: 24.2g
2024-03-07 12:30:02 <WhyNotHugo> Yeah, chromium is never ambiguous: 32.2g with 3 tabs.
2024-03-07 12:30:13 <WhyNotHugo> thnx
2024-03-07 12:30:41 <lopid> you can change the scale with 'e'
2024-03-07 12:31:46 <WhyNotHugo> lopid: nice, thanks
2024-03-07 13:43:16 <engblom> ncopa: Thank you, I saw the commit. Will I have to update to edge or will it become available for 3.19?
2024-03-07 13:45:57 <ncopa> i haven't planned to backport it to 3.19 really
2024-03-07 13:46:22 <engblom> ncopa: No problem, I just did not know how the process is for a package.
2024-03-07 13:46:38 <ncopa> but it will be included for 3.20 release though
2024-03-07 13:46:52 <ncopa> i mean it will be available for next stable, which is 3.20
2024-03-07 13:47:09 <engblom> Then I will update to edge. until 3.20 is available.
2024-03-07 13:47:17 <ncopa> sounds good. thanks!
2024-03-07 13:47:48 <engblom> Is there a time before 3.20 where edge is ahead of 3.20?
2024-03-07 13:47:56 <engblom> s/where/when/
2024-03-07 13:48:16 <ikke> before 3.20 is tagged, they are equal;
2024-03-07 13:48:50 <ikke> The builders build the master branch
2024-03-07 13:49:06 <ikke> Only when the release is made, a new branch is created of master and the builders are switched
2024-03-07 13:49:20 <engblom> What is the best way to know when to stop updating edge and instead wait for 3.20?
2024-03-07 13:50:10 <ikke> engblom: You can switched when 3.20 has been anounced
2024-03-07 13:50:17 <ikke> you can switch*
2024-03-07 13:50:55 <engblom> Okay, so by checking to front page of alpinelinux.org I know then?
2024-03-07 13:51:41 <ikke> for example, yes
2024-03-07 13:52:02 <ikke> There is also https://lists.alpinelinux.org/~alpine/announce/
2024-03-07 13:52:16 <engblom> Is there any estimate for how soon it will happen? I mean, if you already know it is several months in future it is uneccessary for me to check daily already now.
2024-03-07 13:52:34 <ikke> Planned for around May
2024-03-07 13:52:42 <engblom> Okay, thanks!
2024-03-07 13:53:19 <ikke> https://alpinelinux.org/releases/
2024-03-07 20:47:35 <donoban> aquamo4k: what problem did you have? I tried to upgrade to last kernel and failed to boot :(
2024-03-08 00:03:20 <aquamo4k> donoban: the zfs modules (zfs and spi) failed to load on boot.  My root/boot file system isn't on zfs so I was able to debug it
2024-03-08 00:03:54 <aquamo4k> the specific error was that the insmod of spi.ko was not signed or otherwise invalid.
2024-03-08 00:06:56 <aquamo4k> donoban: it resolved with zfs-lts-6.6.20-r4, going to try 6.6.21-r0 tonight
2024-03-08 05:01:05 <CavafysCandles> Hello
2024-03-08 05:01:21 <CavafysCandles> I want to store some x509 certificates used by my LDAP server. Where should they go? Somewhere under /usr/share?
2024-03-08 05:27:38 <grawity> certificates sound like config files; if they're config, they go in /etc, generally
2024-03-08 05:28:37 <grawity> /usr/share would be more appropriate for static read-only data such as the CA cert bundle that comes in a package
2024-03-08 05:28:53 <grawity> (KDE 4 was the weird one putting config.ini in /usr/share...)
2024-03-08 05:32:27 <CavafysCandles> hm, certificates are config? 
2024-03-08 05:33:06 <CavafysCandles> does /etc have other binary files? 
2024-03-08 05:38:18 <grawity> on occasion, yes, but "binary or not" is not what ultimately decides it
2024-03-08 05:38:38 <grawity> most of your certificates probably come as base64-encoded "PEM" and therefore not binary, anyway
2024-03-08 05:39:02 <grawity> (i.e. no different from the machine keys in /etc/ssh/)
2024-03-08 05:39:23 <CavafysCandles> Okay, that's fair enough
2024-03-08 05:39:30 <CavafysCandles> I'll put them under /etc/openldap then
2024-03-08 05:39:37 <grawity> it's more like, "if you were NFS-booting and mounted a single /usr to multiple systems, would they share that same file?"
2024-03-08 05:39:47 <CavafysCandles> hmmm rihgt 
2024-03-08 05:39:54 <grawity> if they wouldn't, then it doesn't go to /usr – it goes to /etc or /var depending
2024-03-08 05:42:04 <grawity> out of those, /var is typically for files that the software generates and the admin doesn't touch directly, like your LDAP DB backend files that you only edit via ldapadd (or the rare slapadd but not *usually* by hand), i.e. "data files"
2024-03-08 05:42:31 <grawity> whereas certs and private keys were admin-installed most of the time, so everyone puts them in /etc as part of the "config"
2024-03-08 05:56:12 <CavafysCandles> that makes sense, thank you 
2024-03-08 06:29:55 <CavafysCandles> I can't get TLS to work with openldap and I'm not sure why. Does anyone have experience with that? I get "ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)" from ldapsearch
2024-03-08 06:59:54 <grawity> ldapsearch with the option "-d 7"
2024-03-08 07:00:12 <grawity> though at first glance it's a case of "the server isn't even listening on the port"
2024-03-08 07:00:25 <grawity> are you trying to use direct TLS on port 636, or starttls on port 389?
2024-03-08 07:02:56 <CavafysCandles> I see 636 open via nmap; I started slapd with `slapd -h ldaps:///`
2024-03-08 07:03:57 <grawity> and what URL are you're searching at?
2024-03-08 07:05:23 <CavafysCandles> <https://termbin.com/sskl>
2024-03-08 07:06:00 <grawity> ok, and does the server have anything in its logs?
2024-03-08 07:06:13 <grawity> does non-TLS LDAP still wokr?
2024-03-08 07:07:35 <CavafysCandles> yeah that works. Maybe I should look into osixia's docker image for ldap and see if I spot any differences with my configuration
2024-03-08 07:07:50 <CavafysCandles> well, non-TLS LDAP won't work because I disabled it 
2024-03-08 07:07:56 <grawity> don't disable it lol
2024-03-08 07:08:05 <grawity> at least not until you get TLS LDAP working first
2024-03-08 07:08:14 <grawity> are you using cn=config or slapd.conf?
2024-03-08 07:08:32 <CavafysCandles> I'm using slapd.conf but then importing via slapadd to slapd.d
2024-03-08 07:09:00 <grawity> set the olcLogLevel to something higher, maybe "trace" or "7"
2024-03-08 07:09:09 <grawity> then see what it says in its logs
2024-03-08 07:09:48 <CavafysCandles> slapd? 65eab99b.2fa11b96 0x7fa45f2b2b38 TLS: init_def_ctx: . │ 65eab99b.2fa121e3 0x7fa45f2b2b38 connection_read(12): TLS accept failure error=-1 id=1007, closing │
2024-03-08 07:10:03 <CavafysCandles> that's pretty much it
2024-03-08 07:10:11 <CavafysCandles> That's with `-d -1` which should include everything
2024-03-08 07:12:13 <CavafysCandles> One thing I'm noticing is that I don't have olcTLSCACertificateFile defined. I only have olcTLSCertificateFile defined 
2024-03-08 07:12:20 <CavafysCandles> since it's self-signed, would that work? I wonder. 
2024-03-08 07:13:06 <grawity> yes, it should at least get to the point where it offers its certs to the client
2024-03-08 07:13:40 <CavafysCandles> yeah it fails fairly early, in the handshake process. That's a good point
2024-03-08 07:14:21 <grawity> in older versions, without TLSCACert it would fail to send the intermediate CAs, but that would still end up with the client doing the handshake and aborting "sorry couldn't validate your cert"
2024-03-08 07:17:31 <CavafysCandles> hm... notice how "5 expected, got 0" is there
2024-03-08 07:18:01 <CavafysCandles> <https://wiki.debian.org/LDAP/OpenLDAPSetup#Troubleshooting> mentions "A TLS packet with unexpected length was received" has as cause that I used openssl for the cert generation when openldap is built with GnuTLS. Although I'm using alpine, not debian
2024-03-08 07:18:57 <grawity> can't see how that would affect things
2024-03-08 07:19:09 <grawity> maybe it did in debian lenny, but that was 14 years ago
2024-03-08 07:19:28 <grawity> do you have any TLS-related logs from *before* the connection?
2024-03-08 07:19:38 <grawity> like the part where it's trying to load your certificate / privkey?
2024-03-08 07:19:54 <CavafysCandles> I can grab those. server logs?
2024-03-08 07:19:57 <grawity> yes
2024-03-08 07:20:04 <CavafysCandles> let me generate them 
2024-03-08 07:21:20 <CavafysCandles> <https://termbin.com/170x>
2024-03-08 07:22:27 <CavafysCandles> I don't see any occurrences of ldapscert.pem in those logs.
2024-03-08 07:22:39 <CavafysCandles> Not sure if that points to something.
2024-03-08 07:22:56 <grawity> I don't see any occurences of olcTLSCertificateFile in your cn=config at all
2024-03-08 07:23:35 <CavafysCandles> huh. 
2024-03-08 07:23:42 <CavafysCandles> let me try again
2024-03-08 07:25:14 <grawity> tbh your "importing via slapadd" process doesn't seem to be working
2024-03-08 07:25:36 <grawity> once you have the slapd.d, shouldn't touch (or have) a slapd.conf anymore – do all edits directly to slapd.d
2024-03-08 07:26:09 <grawity> which is why I said don't disable plain LDAP – the point of slapd.d is that you could adjust it live via ldapmodify (or via Directory Studio or whatever)
2024-03-08 07:26:09 <CavafysCandles> Well I mkdir slapd.d and slapadd from slapd.conf 
2024-03-08 07:26:27 <grawity> because otherwise what's the point of having slapd.d in the first place
2024-03-08 07:26:28 <CavafysCandles> there's no server yet, I'm trying to get it up and running
2024-03-08 07:26:34 <grawity> just use slapd.conf if you want to use slapd.conf
2024-03-08 07:27:17 <CavafysCandles> anyway I donm't think that's the issue, what I had worked up until I tried to use TLS. I think you're right that it's not getting read correctly, and I don't know why 
2024-03-08 07:27:26 <CavafysCandles> maybne slaptest will help me 
2024-03-08 07:29:14 <CavafysCandles> though slaptest reports no errors. hm.
2024-03-08 07:29:46 <grawity> how do you slapadd from slapd.conf exactly?
2024-03-08 07:30:24 <CavafysCandles> slapadd -n 0 -l $slapd.conf -
2024-03-08 07:30:27 <CavafysCandles> -F $slapd.d
2024-03-08 07:30:41 <grawity> but uh, slapd.conf is not the kind of input that slapadd takes
2024-03-08 07:31:04 <grawity> it takes an LDIF file (with "dn: cn=foo", "olcTLSCert: this"), slapd.conf usually isn't that
2024-03-08 07:31:54 <CavafysCandles> yeah you're right. Actually, I just realized I'm not messing with slapd.conf. It just exists, so the tools probably pick it up and use it 
2024-03-08 07:32:05 <CavafysCandles> or, they don't pick it up, because there's a slapd.d
2024-03-08 07:32:07 <grawity> tools will ignore it because you have a slapd.d
2024-03-08 07:32:16 <CavafysCandles> nice, that's it!
2024-03-08 07:34:45 <CavafysCandles> Ah, I was being quite nonsensical. :) Thanks a lot 
2024-03-08 07:35:00 <CavafysCandles> Yeayh I'll just use cn=config from now on with slapd.ldif 
2024-03-08 07:49:34 <foggy> hello world
2024-03-08 07:54:14 <foggy> Looking for help launching lightdm + openbox on RPi5  w/ alpine 3.19
2024-03-08 09:34:23 <donoban> aquamo4k: I have boot on zfs, I tried yesterday 6.6.21-r0 but failed. Maybe is there another problem with the bootloader. Ping me if 6.6.21-r0 works fine for you please
2024-03-08 15:56:07 <aquamo4k> donoban: 6.6.21-r0 is working for me.  so yeah, you must have a different problem
2024-03-08 16:29:27 <sewn> are symlinked patches allowed in aports?
2024-03-08 16:30:54 <ikke> symlinked from where?
2024-03-08 16:32:06 <sewn> another package
2024-03-08 16:32:34 <ikke> It's not a good idea. If the patch gets deleted, you end up with a broken symlink
2024-03-08 16:32:48 <ikke> If the patch is changed, the checksum will fail
2024-03-08 16:33:11 <sewn> hm ok thenx
2024-03-08 17:36:19 <donoban> aquamo4k: ok thanks!
2024-03-08 19:03:29 <sewn> i wonder how hard it is for someone to maintain chromium
2024-03-08 21:39:52 <dwfreed> It's a real undertaking
2024-03-08 21:57:19 <przemoc> hi, I think I will have to upgrade AL 3.18 to 3.19 this weekend.  are there any known gotchas not described in usual paces?  https://alpinelinux.org/posts/Alpine-3.19.0-released.html / https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.19.0
2024-03-08 22:14:04 <ikke> przemoc: not aware of any
2024-03-08 22:17:12 <przemoc> that's also good feedback, thanks
2024-03-08 22:47:10 <iggy> it's the 3.19 -> 3.20 that's going to piss everybody off
2024-03-08 22:47:56 <ikke> iggy: afaik, it's fixed now
2024-03-08 22:48:01 <ikke> or rather, worked around
2024-03-08 22:50:36 <quinq> iggy, what's in 3.20 to piss people off? :)
2024-03-08 22:51:00 <ikke> grub 1.12
2024-03-08 22:52:11 <quinq> looks like a efi problem
2024-03-08 22:53:49 <ikke> yes
2024-03-08 22:54:17 <ikke> in the end, it turned out the configuration calls a binary with a flag that does not exist yet in the old version, causing grub to reboot
2024-03-08 23:14:56 <iggy> I hit it the other day upgrading a 3.19 system to edge
2024-03-08 23:19:38 <ikke> Should be fixed since a48cf57c26266ae70f6b4cd814e9dc98dc473145 (2 weeks ago)
2024-03-08 23:25:14 <iggy> it was earlier this week, but I'll test it again to double check... I'll let you know if I hit it again somehow (I have a network wide shared package cache, some custom repos, and other oddities that could also be causing issues)
2024-03-08 23:26:03 <ikke> yes, please do
2024-03-09 13:28:59 <WhyNotHugo> Is syslinux not the default?
2024-03-09 13:30:14 <ikke> For BIOS systems, not for efi systems
2024-03-09 13:32:24 <WhyNotHugo> Is GRUB used because syslinux can't chainload other EFI operating systems? Or due to using CONFIG_EFI_HANDOVER_PROTOCOL ?
2024-03-09 13:39:47 <ikke> I don't know myself
2024-03-09 15:55:09 <Ermine> WhyNotHugo: i guess this is because UEFI support in syslinux is partial
2024-03-09 17:56:55 <donoban> Hi, I noticed that my problem with zfsbootmenu is not the kernel version itself, is more likely the initramfs
2024-03-09 17:58:13 <donoban> if I recreate the initramfs for the "working" kernel version, it fails to boot too
2024-03-09 17:58:23 <donoban> and the initramfs is considerably smaller
2024-03-09 17:58:38 <donoban> 89.8M (the working one) vs 54.4M the newer
2024-03-09 18:00:17 <donoban> uhmm, maybe missing firmware?
2024-03-09 18:04:45 <donoban> yeah it seems that the firmware was the problem lol
2024-03-09 22:54:27 <vkrishn> trying to tweak a bit, is there a var option to make al boot to "emergency shell" ?
2024-03-09 23:01:39 <dwfreed> init=/bin/sh
2024-03-09 23:13:53 <vkrishn> hmm, probably not this, as "exit" goes to kernel panic
2024-03-09 23:18:49 <dwfreed> I mean, that's expected, just reboot
2024-03-09 23:27:48 <vkrishn> reboot doen't do anything, will try to do switch_root , and try
2024-03-09 23:46:53 <vkrishn> feature might be there already, root= or SINGLEMODE, will try later, thanks
2024-03-10 02:41:35 <inedia> net.netfilter.nf_conntrack_max seems unchanged between reboots when configured in /etc/sysctl.conf, is there anything that could unset that value?
2024-03-10 02:41:58 <inedia> other parameters are set properly
2024-03-10 02:52:01 <inedia> ah, i hadn't loaded nf_conntrack ^^ thank you for being my rubber duck, #apline-linux
2024-03-10 10:46:46 <vkrishn> $ kak -version
2024-03-10 10:46:53 <vkrishn> Kakoune unknown
2024-03-10 13:39:31 <Ermine> how can I make an iso of a customized Alpine installation?
2024-03-10 13:57:16 <Ermine> Actually, I can install and customize stuff in place
2024-03-10 15:16:10 <sewn> i love alpine
2024-03-10 16:06:08 <satmd> :)
2024-03-10 16:28:53 <Case_Of> is there any third party repositories? I was looking for microsocks but it’s not in the repo
2024-03-10 16:29:49 <Case_Of> unless you know an alternative?
2024-03-10 16:31:29 <ikke> Case_Of: there are some third-party repos, but I'm not aware of a list of any
2024-03-10 16:33:53 <Case_Of> else is there any socks proxy server in repo?
2024-03-10 16:41:34 <zcrayfish> 3proxy
2024-03-10 16:42:12 <zcrayfish> in the testing repo
2024-03-10 16:42:15 <zcrayfish> https://pkgs.alpinelinux.org/package/edge/testing/x86_64/3proxy
2024-03-10 17:49:07 <Case_Of> mmmh weird when creating an lxc container on edge channel on my turris omnia, it seems there’s not service manager ._.
2024-03-10 17:54:14 <Case_Of> it does not with 3.18 image
2024-03-10 17:54:19 <Case_Of> only with edge
2024-03-10 18:21:16 <Case_Of> there is something wrong in their images
2024-03-10 18:21:36 <Case_Of> 3.18 have /etc/init.d but none of the openrc commands
2024-03-10 18:31:43 <Case_Of> mmmh linked to armhf deprecation
2024-03-10 18:32:05 <ikke> If they use the minirootfs iso, that does not come with openrc
2024-03-10 18:32:12 <ikke> s/iso/image
2024-03-10 18:39:39 <Case_Of> ah
2024-03-10 18:39:52 <Case_Of> is there a way to add it?
2024-03-10 18:40:57 <Case_Of> I do not find any documentation to create an image myself
2024-03-10 18:41:46 <ikke> https://pkgs.alpinelinux.org/package/edge/main/x86_64/lxc-templates-legacy-alpine
2024-03-10 18:42:03 <ikke> Those are the templates we use to create lxc containers from
2024-03-10 18:42:15 <Case_Of> ok
2024-03-10 18:42:29 <Case_Of> is there one that still support armhf :/
2024-03-10 18:42:33 <ikke> yes\
2024-03-10 18:42:37 <ikke> we still support armhf
2024-03-10 18:42:41 <Case_Of> cool
2024-03-10 18:42:50 <Case_Of> lxc project decided to end that
2024-03-10 19:52:04 <Case_Of> I’m getting an error while trying to create an image https://bpa.st/VNOQ is it because I’m doing it from an lxc image already?
2024-03-10 19:55:39 <ikke> Sounds like a network issue preventing it from fetching the repositories
2024-03-10 19:58:10 <Case_Of> server https://dl-cdn.alpinelinux.org/ is reachable in the same context via curl
2024-03-10 19:58:23 <Case_Of> ah cdn
2024-03-10 19:59:15 <Case_Of> is there a way to solve force a mirror?
2024-03-10 19:59:24 <Case_Of> s/solve//
2024-03-10 20:00:10 <Ermine> Another Alpine VPN goes brrrr
2024-03-10 20:02:23 <Case_Of> ikke: that’s more of a 404 https://bpa.st/DOVQ
2024-03-10 20:02:45 <ikke> armv7l is not a valid architecture
2024-03-10 20:03:14 <Case_Of> I did only use the package you mentionned before
2024-03-10 20:03:15 <Ermine> s/VPN/VPS/
2024-03-10 20:03:22 <Case_Of> mmmh
2024-03-10 20:03:33 <Case_Of> it’s called armhf?
2024-03-10 20:03:36 <ikke> yes
2024-03-10 20:03:45 <ikke> armv6 with hardfloat
2024-03-10 20:04:29 <Case_Of> works for the previous url but not for https://dl-cdn.alpinelinux.org/alpine/edge/community/armhf/APKINDEX.tar.gz
2024-03-10 20:05:06 <Case_Of> https://bpa.st/7XKQ
2024-03-10 20:05:25 <ikke> alpine-test (no such package
2024-03-10 20:05:29 <ikke> That package does not exist
2024-03-10 20:05:39 <Case_Of> true
2024-03-10 20:05:55 <Case_Of> but when I set --name it’s the image name right?
2024-03-10 20:06:14 <ikke> -name -> --name
2024-03-10 20:06:41 <Case_Of> >_<
2024-03-10 20:08:19 <Case_Of> better!
2024-03-10 22:04:32 <Case_Of> ikke: some errors are appearing
2024-03-10 22:04:33 <Case_Of> ERROR: 3proxy-0.9.4-r0: failed to rename var/log/.apk.b27839e976b1d6dd843e1c0ac35b031ffb3ea7065631a282 to var/log/3proxy.
2024-03-11 03:07:24 <midipix> ncopa: ping
2024-03-11 03:08:04 <midipix> ncopa: taking into account timezone differences (quite late on my end):
2024-03-11 03:08:52 <midipix> slibtool is now pretty much show-time ready in terms of building everything as a drop-in replacement
2024-03-11 03:09:14 <midipix> (where you'd be configuring as you always do, and the slibtool will get all the settings from the generated libtool)
2024-03-11 03:09:58 <midipix> after extensive testing building gentoo packages, midipix world build, and gnu libtool testsuite, it's pretty complete now
2024-03-11 03:10:13 <midipix> for all practical purposes -- including stuff like -dlopen and -dlpreopen
2024-03-11 03:10:30 <midipix> i'll be releasing 0.5.36 in about 24 hours
2024-03-11 03:10:44 <midipix> but you can also already build from git to give it a spin
2024-03-11 03:10:55 <midipix> https://git.foss21.org/slibtool
2024-03-11 09:17:36 <quinq> Hello
2024-03-11 09:18:46 <quinq> Something I don't understand, when I stop the networking service, the network interfaces are taken down, but networking daemon like unbound chronyd are still running (which is ok for me), but dhcpcd is *also* still running
2024-03-11 09:18:50 <quinq> Why?
2024-03-11 09:19:14 <quinq> But then when I stop dhcpcd, actually all other networking services are taken down
2024-03-11 09:19:25 <quinq> Is dhcpd service supposed to replace the networking service?
2024-03-11 09:19:36 <quinq> s/dhcpd/dhcpcd/
2024-03-11 09:20:03 <quinq> It's veeeery hard to manage network with bonding/dhcpcd at the moment
2024-03-11 09:20:30 <quinq> As in an startup, the bonding interface isn't created
2024-03-11 09:20:53 <quinq> And when restarting network, dhcpcd isn't using the correct interface (although in the conf file only the bonding interface is allowed)
2024-03-11 09:21:02 <quinq> And when restarting network, dhcpcd isn't actually killed
2024-03-11 09:21:12 <quinq> (restarting/stopping)
2024-03-11 10:03:41 <dwfreed> you probably shouldn't be mixing both networking (which uses ifupdown, either from busybox or ifupdown-ng) and dhcpcd
2024-03-11 10:22:39 <ikke> ifupdown-ng will / can use dhcpcd when available 
2024-03-11 10:29:45 <dwfreed> not surprising, though I'd expect it to start its own? not manipulate an existing one
2024-03-11 10:35:24 <ikke> Yes
2024-03-11 12:58:11 <WhyNotHugo> My system boots into a black screen after upgrading to linux-edge-6.7.9-r0. I see the BIOS logo, and then just black screen.
2024-03-11 12:58:47 <WhyNotHugo> ctrl+alt+del works. I tried live media and rebuilding the mkinitfs/uki.
2024-03-11 12:58:56 <WhyNotHugo> Using an amd gpu
2024-03-11 13:13:38 <lopid> no sign of grub or extlinux?
2024-03-11 13:14:49 <Ermine> WhyNotHugo: is your system bios?
2024-03-11 13:15:58 <WhyNotHugo> UEFI, booting with secureboot-hook and gummiboot
2024-03-11 13:16:15 <WhyNotHugo> So it should boot straight into gummiboot+linux
2024-03-11 13:16:31 <Ermine> Ah, I should have understood that, because uki. Dumb me
2024-03-11 13:17:12 <Ermine> But anyway, gummiboot is what we know today as systemd-boot, isn't it?
2024-03-11 13:17:29 <WhyNotHugo> Er, looks like my cmdline in /etc/kernel-hooks/secureboot.conf is messed up and has some... non-ascii noise.
2024-03-11 13:18:03 <WhyNotHugo> Ermine: Alpine repos have gummiboot, i think that sd-boot has some changes on top.
2024-03-11 13:19:23 <Ermine> hopefully it's maintained upstream
2024-03-11 13:19:47 <WhyNotHugo> gummiboot is not maintanied by anyone :(
2024-03-11 13:20:37 <Ermine> Sad... I guess you have reasons to avoid grub?
2024-03-11 13:21:37 <Ermine> Anyway, if you can edit your kernel parameters, you can add nomodeset to get something on screen and investigate further
2024-03-11 13:22:08 <WhyNotHugo> Apparenlty the cmdline had some extra gibberish at the end, but that's weird, since nothing sohuld write to /etc/kernel-hooks/secureboot.conf
2024-03-11 13:22:12 <WhyNotHugo> It seems to work okay now.
2024-03-11 13:22:24 <WhyNotHugo> Ermine: grub is too compilcated
2024-03-11 13:24:27 <Ermine> Yeah...
2024-03-11 14:55:14 <ncopa> hi midipix: that great news! what do we need to do to make sure slibtool is used by default?
2024-03-11 15:00:40 <midipix> ncopa: assuing you _don't_ want to install .la files (why would you ever ...)
2024-03-11 15:00:45 <midipix> then
2024-03-11 15:01:15 <midipix> make LIBTOOL=rdlibtool MAKE="make LIBTOOL=rdlibtool"
2024-03-11 15:01:49 <midipix> the 'r' stands for 'drop-in replacement' --> which tell slibtool to obtain settings from the libtool script generated for the project
2024-03-11 15:02:24 <midipix> search order is: this-dir --> then going up the ladder until you find libtool while staying on same disk device
2024-03-11 15:02:43 <midipix> the verbose output (that's the 'd' in the above symlink) would be something like:
2024-03-11 15:04:30 <midipix> https://0x0.st/HhWp.txt
2024-03-11 15:24:12 <midipix> ncopa: here's also a link to the gentoo usage wiki created by orbea 
2024-03-11 15:24:46 <orbea> (iirc i didn't create it, i just added a lot to it)
2024-03-11 15:25:51 <midipix> it's a bit outdated (since now sblitool _could_ in fact be used as a pure drop-in replacement), but has the two or three makeflags
2024-03-11 15:26:00 <midipix> and an explanation on what each of the symlinks stands for
2024-03-11 15:26:03 <midipix> https://wiki.gentoo.org/wiki/Slibtool#Usage
2024-03-12 03:41:31 <qaqland> alpine linux's iwlwifi is in linux-firmware-other package
2024-03-12 03:45:43 <qaqland> some distro has a singe package like firmware-iwlwifi which is easier to search :)
2024-03-12 11:41:10 <uuidNuniq> yep. debian got apt-file, arch got pacman -F, alpine got an online database which is slow to search qaqland 
2024-03-12 11:46:40 <Ermine> patchen welcome
2024-03-12 11:49:12 <uuidNuniq> patch what..
2024-03-12 11:49:32 <uuidNuniq> just provide a database package
2024-03-12 11:51:01 <ikke> just
2024-03-12 11:52:03 <Ermine> If 'just', it should pose no difficulty for you to send all appropriate patches to alpine
2024-03-12 11:53:20 <uuidNuniq> i mean, how is the online database generated? make that a package?
2024-03-12 11:55:11 <qaqland> it it a sqlite and lua powered
2024-03-12 11:58:42 <dwfreed> https://gitlab.alpinelinux.org/alpine/infra/aports-turbo/-/blob/master/tools/import.lua
2024-03-12 11:59:03 <dwfreed> that generates the database
2024-03-12 12:02:11 <WhyNotHugo> the pmOS folks made their own, which seems to be faster: https://pkgs.postmarketos.org/packages
2024-03-12 12:02:45 <WhyNotHugo> Not sure if they rewrote it just because of speed or what.
2024-03-12 12:02:59 <ikke> They miss anitya support though
2024-03-12 12:03:08 <ikke> which is at least one thing that witholds us
2024-03-12 12:04:21 <dwfreed> this? https://github.com/fedora-infra/anitya
2024-03-12 12:05:54 <WhyNotHugo> dwfreed: yes, https://release-monitoring.org/ sends notifications for out-of-date IIRC
2024-03-12 12:06:04 <dwfreed> yeah
2024-03-12 12:22:03 <qaqland> could I download the sqlite db for content search
2024-03-12 12:23:57 <qaqland> It would be great if there is an API or link for downloading this sqlite every day
2024-03-12 12:24:18 <ikke> take a guess how large this DB is
2024-03-12 12:24:33 <qaqland> 0.0
2024-03-12 12:32:08 <dwfreed> It's probably got some decent heft to it, since it contains all the package data, not just a file list
2024-03-12 12:32:27 <dwfreed> (though even just a file list would be decent size)
2024-03-12 12:33:01 <ikke> 2.5G per repo (but for all arches)
2024-03-12 12:33:47 <dwfreed> yeah, that's pretty good size
2024-03-12 12:56:56 <WhyNotHugo> ikke: what does 'all package data' mean in this case? I assume metadata (depends, version, arch, etc) and file-list, right?
2024-03-12 12:57:14 <qaqland> arch's package-files.tar.gz is 40M
2024-03-12 13:00:28 <WhyNotHugo> Regarding pmOS's reimplementation: it seems that nobody wanted to touch lua code.
2024-03-12 17:13:55 <sewn> what android operating systems do you guys use
2024-03-12 17:14:39 <f3278hjfdhka> Hey there, back to a noob question with mkinitfs and initramfs generation. In short, i have vmlinuz-6.6.18 staged under /boot, have /lib/modules/6.6.18 staged (this is a custom kernel). I cant seem to properly generate the initramfs image to boot to the kernel
2024-03-12 17:17:01 <lopid> i use the android android operating system
2024-03-12 17:18:45 <ptrc> f3278hjfdhka: the modules directory seems misnamed
2024-03-12 17:19:21 <ptrc> as in, it should match $(uname -r), or whatever you get after "version" when you do `file /boot/vmlinuz-6.6.18`
2024-03-12 17:21:38 <f3278hjfdhka> So im trying to actually install someone elses precompiled kernel based on the linux-hardened patchset. The real kver is '6.6.18-hardened1' and thats what displays after version
2024-03-12 17:22:01 <f3278hjfdhka> and to confirm, /lib/modules/6.6.18-hardened1 is the directory. Have it working on fedora atm
2024-03-12 17:26:02 <f3278hjfdhka> Typically id run something along the lines of this to get a custom kernel working on other distros
2024-03-12 17:26:07 <f3278hjfdhka> cp ./arch/x86_64/boot/bzImage /boot/vmlinuz-"$KVER"
2024-03-12 17:26:07 <f3278hjfdhka> 	        dracut --kver "$KVER" --force
2024-03-12 17:26:07 <f3278hjfdhka> 	        grub-mkconfig -o /boot/grub/grub.cfg
2024-03-12 17:26:07 <f3278hjfdhka> 	        xbps-reconfigure -fa
2024-03-12 17:26:07 <f3278hjfdhka> 	        /usr/bin/update-grub   
2024-03-12 17:26:51 <f3278hjfdhka> KVER in this case being 6.6.18-hardened1
2024-03-12 17:37:29 <ptrc> ah, hm, that sounds correct then.. and you've been using `mkinitfs -o /boot/something 6.6.18-hardened1`?
2024-03-12 17:38:00 <f3278hjfdhka> I believe i tried that, but let me give it a go rq
2024-03-12 17:40:29 <f3278hjfdhka> That time i at least got it generated to 6.6.18-hardened1, size is 4.8 MB compared to linux-virt at 7.7mb, so not sure if its actually generating correctly, but will give a go. Need to correctly add menu option in extlinux first
2024-03-12 17:43:59 <f3278hjfdhka> Another noob question, after changing extlinux.conf, do i need to run 'extlinux --install /boot/` or are more params needed?
2024-03-12 17:49:53 <ptrc> iirc that should be enough to update the bootloader
2024-03-12 17:50:01 <f3278hjfdhka> Seems that i am up and booted with my created entry. Thank you for the help ptrc, much appreciated!
2024-03-12 17:50:07 <ptrc> oh, nice!
2024-03-12 17:50:09 <f3278hjfdhka> Love this project 
2024-03-12 17:50:49 <f3278hjfdhka> My end goal is to get a pseudo-microkernel for alpine images, that is a hardened fork or simple a qcow2 image precompiled similar to kali (but for defensive infra)
2024-03-12 17:51:35 <f3278hjfdhka> I have a kernel that has 69 modules and working vs what i believe alpine's virt kernel is 900ish modules (which is still a substantial improvement to upstream)
2024-03-12 18:10:37 <f3278hjfdhka> Another question unrelated to the kernel imports. With libvirt, has anyone successfully gotten spice-vdagent with copy/paste and filetransfer from host to guest working?
2024-03-12 18:12:07 <lopid> i have (but in another distro)
2024-03-12 18:17:20 <f3278hjfdhka> ah i see. ive gotten it working with debian/fedora guests, but not alpine
2024-03-12 18:31:04 <f3278hjfdhka> ah it cant work
2024-03-12 18:31:07 <f3278hjfdhka> Using the virt edition of Alpine
2024-03-12 18:31:07 <f3278hjfdhka> This currently does not work on the virt edition (version 3.12.1), as it doesn't have uinput enabled in the kernel. However, there are still several ways to get it working. 
2024-03-12 18:39:50 <f3278hjfdhka> Just got it with my kernel, as i have uinput built in fortunately! that was the issue, then had to add spice-vdagent to runlevel4
2024-03-12 20:17:13 <Apachez> the virt edition of alpine, does it use 100Hz or 1000Hz (or something different) by default ?
2024-03-12 20:17:59 <ikke> CONFIG_HZ_100=y
2024-03-12 20:18:05 <ikke> So I assume 100hz
2024-03-13 06:27:53 <frojnd> Hi there.
2024-03-13 06:31:29 <frojnd> I'm trying to run https://github.com/adrienverge/openfortivpn I've built package using https://git.alpinelinux.org/aports/tree/testing/openfortivpn/APKBUILD however I had to install ppp package too. Now when I try to connect to vpn server I get: DEBUG:  Gateway certificate validation succeeded. INFO:   Connected to gateway. DEBUG:  Empty cookie. ERROR:  Could not authenticate to
2024-03-13 06:31:31 <frojnd> gateway. Please check the password, client certificate, etc. and then Closed connection to gateway. .... Logged out. I wonder if I also had to set CONFIG_PPP=m CONFIG_PPP_ASYNC=m according to: https://github.com/adrienverge/openfortivpn
2024-03-13 06:33:25 <ikke> CONFIG_PPP_ASYNC=m is already present in the default alpine configuration
2024-03-13 06:34:18 <ikke> CONFIG_PPP=m as well
2024-03-13 06:37:36 <frojnd> Hmmm ok
2024-03-13 06:40:14 <frojnd> Hm I've tried again and even got info Authenticated, and also INFO:   Remote gateway has allocated a VPN. However I got: Couldn't open the /dev/ppp device: No such file or directory /usr/sbin/pppd: You need to create the /dev/ppp device node by executing the following command as root: mknod /dev/ppp c 108 0 ERROR:  read: I/O error
2024-03-13 06:40:22 <frojnd> ERROR:  pppd: The kernel does not support PPP, for example, the PPP kernel driver is not included or cannot be loaded.
2024-03-13 06:40:52 <frojnd> Ah I didn't install pp-daemon
2024-03-13 06:41:00 <frojnd> Maybe I need to install that package too
2024-03-13 06:55:39 <ikke> and perhaps you need to modprobe something as well
2024-03-13 07:37:29 <frojnd> Ok all I had to do was to rc-service pppd start (so also ppp-daemon package is required)
2024-03-13 07:37:45 <frojnd> Will contact mantainer to also add those 2 packages as required
2024-03-13 07:38:45 <frojnd> Unfortunatelly default rute is then `default dev ppp0 scope link` which means I am not able to ssh to servers otsude of VPN (all traffic goes through VPN)
2024-03-13 07:51:01 <frojnd> Ah routes and dns configs
2024-03-13 10:09:04 <WhyNotHugo> I want to set up a 'guest' account for others to use when visiting. I noticed that Alpine already has a "guest" user.
2024-03-13 10:09:15 <WhyNotHugo> Is the 'guest' account intended for interactive usage? Or does it have some other purpose?
2024-03-13 10:09:22 <WhyNotHugo> Mostly asking because it's apparently a system account?
2024-03-13 10:22:10 <lopid> i would say it's a poorly named account for some other purpose
2024-03-13 10:23:32 <lopid> it's in base
2024-03-13 11:15:25 <xpufx> is it in any groups? that might be a clue as to what it's for
2024-03-13 11:25:26 <dwfreed> it is in users as its primary gid, that's it
2024-03-13 11:25:36 <dwfreed> there is no reference to it anywhere else in aports
2024-03-13 11:51:48 <xpufx> it has a nologin shell
2024-03-13 11:51:51 <xpufx> ftp anon user?
2024-03-13 11:52:35 <dwfreed> for ftp, anonymous user is usually 'anonymous'
2024-03-13 12:28:48 <xpufx> guest used to be a very popular username for ftp
2024-03-13 12:29:00 <xpufx> don't know about whether it would exist as a system user though
2024-03-13 15:25:35 <IND\wdorrejo> HELP SET
2024-03-13 15:27:25 <IND\wdorrejo> hello
2024-03-13 15:27:38 <IND\wdorrejo> i am setting alpine for rppi zero 2 w
2024-03-13 15:28:11 <IND\wdorrejo> i have created the partition boot, i am stuck to setup the need files or repositories from where to download the files to install
2024-03-13 15:30:17 <IND\wdorrejo> hello?
2024-03-13 15:33:06 <ikke> IND\wdorrejo: it helps to have a bit of patience
2024-03-13 15:37:41 <IND\wdorrejo> Hello, need help setup Zero 2 W with alpine
2024-03-13 15:38:37 <IND\wdorrejo> i have setup the boot, and work, but when try to iunstall the system it won't find repository of needed file to install
2024-03-13 15:38:49 <IND\wdorrejo> the boot have a size of 60mb and i download the aarch64
2024-03-13 16:06:15 <ikke> IND\wdorrejo: Can you explain what you mean with "it won't find repository of needed file to install"? What error do you get?
2024-03-13 16:18:32 <IND\wdorrejo> when doing setup-alpine the installation, first will stuck in chrony, and second when is going to install or refresh the repositories it will crash with ssl error
2024-03-13 16:19:08 <ikke> Did you verify you have a network connection?
2024-03-13 16:20:02 <IND\wdorrejo> yes, have network
2024-03-13 16:20:36 <IND\wdorrejo> one question, how can i start the dhcp_client ? because setup-interfaces won't do the dhcp request for the ip
2024-03-13 16:23:25 <IND\wdorrejo> found that the dhcp is by service, so i am geeting SSL routines:tls_post_process error
2024-03-13 16:25:53 <IND\wdorrejo> setup-reposapk is broken and the repository using SSL is broken too in alpine, and i am using latest version
2024-03-13 16:26:05 <IND\wdorrejo> setup-apkrepos9
2024-03-13 16:26:09 <IND\wdorrejo> setup-apkrepos*
2024-03-13 16:26:54 <ikke> IND\wdorrejo: probably because your time is off
2024-03-13 16:28:49 <IND\wdorrejo> chrony will stuck if try
2024-03-13 16:30:10 <IND\wdorrejo> stuck in starting chronyd when i do setup-ntp
2024-03-13 16:31:16 <ikke> IND\wdorrejo: what does cat /etc/apk/repositories return?
2024-03-13 16:31:22 <IND\wdorrejo> found: Could not read valid frequency and skew from driftfile /var/lib/chrony/chrony.drift
2024-03-13 16:31:54 <IND\wdorrejo> got /media/mmcblk0p1/apks
2024-03-13 16:32:04 <IND\wdorrejo> i am installing alpine in a Zero 2 W
2024-03-13 16:40:49 <IND\wdorrejo> some how using busybox it allow me to install, but in the setup-apkrepos show SSL error, but at least add the repositories now
2024-03-13 17:34:50 <IND\wdorrejo> ikke: i decided to do a clean install and now it won't downlod or add from mirrors.alpinelinux.org/mirrors.txt, it give SSL error.
2024-03-13 17:44:30 <ikke> ssl errors again are most likely to an incorrect system time
2024-03-13 17:59:16 <IND\wdorrejo> how to force fix time in the boot?
2024-03-13 17:59:30 <IND\wdorrejo> not have timedatectl, how to do in alpine 
2024-03-13 18:00:31 <IND\wdorrejo> the solution i did, is change the URL of setup-apkrepos to http://mirror.fcix.net/alpine/MIRRORS.txt
2024-03-13 18:17:05 <IND\wdorrejo> where can i contribute to alpine? need to help with this setup-* scripts, not working fine
2024-03-13 18:17:50 <ikke> https://gitlab.alpinelinux.org/alpine/alpine-conf
2024-03-13 18:18:53 <IND\wdorrejo> the time is not the issue
2024-03-13 18:19:10 <IND\wdorrejo> sync the time and still SSL issue
2024-03-13 18:19:29 <IND\wdorrejo> will have to change the URL in setup-apkrepos for one of the mirrors
2024-03-13 18:19:36 <IND\wdorrejo> thanks for the link
2024-03-13 18:23:00 <IND\wdorrejo> alpine image for raspberry installation is broken for SSL
2024-03-13 18:23:08 <IND\wdorrejo> and is not timesync issue
2024-03-14 11:10:20 <WhyNotHugo> 
ACTION has yet again destroyed all their local changes by using `git checkout main` instead of `git checkout master`.

2024-03-14 11:14:33 <ikke> auch
2024-03-14 14:25:40 <bleb> setting up 2fa with google, can anyone suggest a tool that emulates a security key so the browser thinks I have one?
2024-03-14 14:26:03 <orbea> bleb: oath-toolkit
2024-03-14 14:29:10 <bleb> can that emulate the security key, or does it just produce strings that you would copy into a form?
2024-03-14 14:29:59 <orbea> it produces valid 2fa strings to give to sites like github, im pretty sure it does other things too, but I haven't needed those yet
2024-03-14 14:46:44 <satmd> browsers can do that by themselves, at least firefox
2024-03-14 14:46:56 <satmd> check about:config for webauthn, there should be a "software" variant
2024-03-14 14:47:27 <ikke> security.webauth.webauthn_enable_softtoken
2024-03-14 14:47:41 <satmd> thanks :)
2024-03-14 14:49:38 <orbea> didn't know that, but I still prefer a cli tool that might not get accidentally wiped out with a firefox profile
2024-03-14 15:02:08 <bleb> OK so I disabled security.webauth.webauthn_enable_softtoken
2024-03-14 15:02:21 <bleb> no
2024-03-14 15:02:36 <bleb> I disabled security.webauth.webauthn_enable_usbtoken
2024-03-14 15:02:41 <bleb> and enabled security.webauth.webauthn_enable_softtoken
2024-03-14 15:02:58 <bleb> then on the 2fa page there was a firefox popup and I clicked "anonymize away"
2024-03-14 15:03:38 <bleb> can I save the seed/private key to be used again in a different profile?
2024-03-14 15:05:22 <bleb> this is also private browsing so I guess if my computer crashes I'm locked out of gmail forever
2024-03-14 15:06:12 <orbea> bleb: oath-toolkit...
2024-03-14 15:06:43 <orbea> then save the key with some kind of password manager
2024-03-14 15:08:05 <bleb> the key?
2024-03-14 15:08:15 <orbea> the 2fa string
2024-03-14 15:10:29 <orbea> at least with github they give you the 2fa string to manually enter into your device, you save that and anytime you need to provide the valid 2fa string you: 'oathtool -b --totp 123456' (where 123456 is the 2fa string saved from the site)
2024-03-14 15:10:30 <bleb> no I'm trying to access the key that firefox used when emulating the usb security key
2024-03-14 15:10:44 <orbea> yea, no idea about that...
2024-03-14 15:18:55 <bleb> I see the passkey option in the settings now, but it says "A passkey can’t be created on this device."
2024-03-14 15:24:20 <bleb> had to disable 2fa since there appears to be no way to export the softtoken info
2024-03-14 15:24:52 <bleb> maybe I'll just back up the whole .mozilla directory
2024-03-14 17:51:46 <iggy> WhyNotHugo: maybe something with symbolic-ref can help prevent that?
2024-03-14 20:58:14 <aquamo4k> just venting ... would be nice if deno would build on alpine/musl so I could make more npm projects into a single binary :-)
2024-03-14 20:59:17 <ikke> You mean https://pkgs.alpinelinux.org/package/edge/community/x86_64/deno?
2024-03-14 21:00:04 <aquamo4k> i just tried to build it with cargo build and it was not able to build a librustyv8 - i've been running it in a container
2024-03-14 21:00:24 <aquamo4k> iirc
2024-03-14 21:00:41 <ikke> The APKBUILD has quite a number of patches to make it work
2024-03-14 21:02:58 <aquamo4k> yeah, I will take a look at it again because i concede it's been a little while.
2024-03-14 21:03:07 <aquamo4k> I'll try again
2024-03-14 21:03:36 <aquamo4k> i think the v8 library is glibc only or it needs extra help with musl
2024-03-14 21:04:28 <aquamo4k> thanks
2024-03-15 02:11:20 <Saijin_Naib> Thanks for Fractal v6! So nice!
2024-03-15 10:22:54 <ovf> tesseract-ocr segfaults on intel x86_64 due to something opencl: http://0x0.st/HFL8.txt am i holding it wrong or should i investigate?
2024-03-15 14:29:25 <boombim> ping
2024-03-15 14:29:54 <boombim> Hello everyone. How to make alpine visible for refind? I've tried to follow wiki but without success
2024-03-15 14:32:59 <WhyNotHugo> boombim: what's failing for you right now?
2024-03-15 14:34:01 <boombim> WhyNotHugo: refind cannot find alpine. I guess it's because there is no alpine in efi partition
2024-03-15 14:43:39 <midipix> ncopa: slibtool-0.5.36 has been released
2024-03-15 14:44:29 <midipix> https://dev.midipix.org/cross/slibtool/c/a35ec15eded4cd786aae1e7795c1909df9b04075?branch=main
2024-03-15 14:44:57 <midipix> https://dl.foss21.org/slibtool/
2024-03-15 15:01:06 <boombim> WhyNotHugo: Do you have any ideas?
2024-03-15 15:03:07 <WhyNotHugo> boombim: you can add alpine to refind_linux.conf
2024-03-15 15:03:13 <WhyNotHugo> https://wiki.alpinelinux.org/wiki/Bootloaders#rEFInd
2024-03-15 15:04:19 <boombim> WhyNotHugo: I did it as I said before. But without success. I added this line mannualy to my efi partiotion
2024-03-15 15:04:45 <WhyNotHugo> are the initfs and you kernel in the uefi partitoin?
2024-03-15 15:04:45 <boombim> Is it correct? Or I have to put it into /boot on the alpine partition?
2024-03-15 15:05:04 <boombim> they are not
2024-03-15 15:05:11 <WhyNotHugo> I think that for this kind of setup, you want to mount your efi boot partition as /boot
2024-03-15 15:05:37 <WhyNotHugo> The files that are currently in alpine's /boot partition need to be in the efi partition
2024-03-15 15:06:04 <boombim> Oh. So what I need to do? Mount my efi to /boot of alpine?
2024-03-15 15:07:48 <WhyNotHugo> move the files from the /boot partition into the efi partition first, then boot into alpine, then update your /etc/fstab
2024-03-15 15:08:03 <WhyNotHugo> you can eventually delete the alpine boot partition too i guess
2024-03-15 15:08:45 <boombim> WhyNotHugo: Are you sure? I'll try
2024-03-15 15:13:13 <WhyNotHugo> is serial output no longer enabled for virt images?
2024-03-15 15:14:17 <boombim> WhyNotHugo: I files from /boot to efi and make refind-install. I now see alpine in refind but it is unbootable
2024-03-15 15:14:20 <WhyNotHugo> oh, boot messages are not visible, but i have a tty now
2024-03-15 15:14:39 <boombim> Moved files*
2024-03-15 15:15:02 <WhyNotHugo> boombim: unbootable?
2024-03-15 15:15:35 <boombim> yeah refind cannot boot alpine os
2024-03-15 15:16:35 <boombim> what I did. I created alpine folder in efi partition and copied everything from /boot to that folder. Then I did refind-install
2024-03-15 15:16:43 <boombim> Did I do something wrong?
2024-03-15 15:18:07 <txnintn> hi all, I'm 1nstalling Intel Optane M10 16gb cache drive, the Intel driver is a .deb file. I install the alpine's dpkg program.  I get the following error when running dpgg -i filename.deb...
2024-03-15 15:18:17 <txnintn> dpkg: error processing archive intelmas_2.3.0-0_amd64.deb (--intall):
2024-03-15 15:18:17 <txnintn> package architecture (amd64) does not match system (musl-linux-amd64)
2024-03-15 15:18:17 <txnintn> intelmas_2.3.0-0_amd64.deb
2024-03-15 15:18:17 <txnintn> Errors were encountered while processing:
2024-03-15 15:18:18 <WhyNotHugo> boombim: wiki says:  The path in the config file needs to be relative to the partition that the kernel resides on. If /boot resides on its own separate partition, then \boot needs to be removed from the paths.
2024-03-15 15:18:46 <WhyNotHugo> txnintn: .deb is a debian package
2024-03-15 15:19:32 <txnintn> Why yes it it...I'm using alpine linux dpkg to install it.
2024-03-15 15:19:52 <ikke> txnintn: it's a very bad idea to mix system package managers
2024-03-15 15:20:53 <txnintn> The brand new Optane was $5.00, I thought I would take a shot....hah
2024-03-15 15:22:45 <boombim> WhyNotHugo: have I create new refind_linux.conf in case I have only refind.conf?
2024-03-15 15:23:50 <WhyNotHugo> txnintn: the binary driver that you've downloaded likely links debian libraries.
2024-03-15 15:24:02 <WhyNotHugo> i doubt it will run, even if you manage to install it
2024-03-15 15:25:39 <WhyNotHugo> txnintn: does dmesg say anything about it?
2024-03-15 15:26:16 <txnintn> I don't think so, but let me check again...
2024-03-15 15:26:36 <WhyNotHugo> boombim: did you follow the instructions on the wiki to install and configure refind?
2024-03-15 15:28:39 <boombim> WhyNotHugo: I did. 
2024-03-15 15:28:52 <boombim> There are two configs for refind
2024-03-15 15:29:21 <boombim> One was in alpine's boot and second one in /my_efi_partition/refind/refind.conf
2024-03-15 15:32:37 <boombim> WhyNotHugo: refind says "Not Found kreturned from vmlinuz-lts"
2024-03-15 15:33:53 <txnintn> I searched, Intel, Optane, and cache, nada.
2024-03-15 15:38:03 <txnintn> it is showing up as /dev/nvme0n1...
2024-03-15 15:39:09 <Fxzxmic> Sad
2024-03-15 15:41:45 <txnintn> [    1.600929]  nvme0n1: thats all I can find in dmesg
2024-03-15 16:32:34 <boombim> WhyNotHugo: may you please help me to finish it in case you have some ideas? thank you
2024-03-16 01:47:30 <jerkwad_robot> Good evening! Curious if anyone has run Alpine as a media server with an Intel ARC video card.
2024-03-16 01:48:54 <jerkwad_robot> it looks like I can just use the latest mesa drivers..?
2024-03-16 02:14:55 <fission> hmm
2024-03-16 02:19:47 <jerkwad_robot> another question: From a security standpoint is it better to allow rootless docker or setup docker namespaces?
2024-03-16 02:30:29 <Saijin_Naib> <jerkwad_robot> "it looks like I can just use the..." <- I have not had success having accelerated AV1/AVIF encode with my A380 yet on Alpine Edge, but maybe I am missing something obvious
2024-03-16 02:30:50 <Saijin_Naib> Otherwise it works great for 2D/3D
2024-03-16 02:33:06 <jerkwad_robot> Saijin_Naib, that's interesting
2024-03-16 02:35:06 <jerkwad_robot> I am not sure I am ready to go all in on AV1. Does it work as expected for other containers?
2024-03-16 02:37:04 <Saijin_Naib> 🤷
2024-03-16 02:37:04 <Saijin_Naib> Not really positive, nor sure how to test. 
2024-03-16 02:37:21 <Saijin_Naib> Playback seems fine?
2024-03-16 02:37:36 <jerkwad_robot> Okay, well that's good news.
2024-03-16 02:37:52 <Saijin_Naib> I have not done much encoding since switching, unfortunately
2024-03-16 02:37:56 <jerkwad_robot> I am just worried about transcoding performance when I have 3 family members streaming stuff.
2024-03-16 02:38:12 <Saijin_Naib> Yeah, makes sense
2024-03-16 02:38:30 <Saijin_Naib> If you have an easy to follow testing protocol I can try?
2024-03-16 02:38:34 <jerkwad_robot> but you had to use Alpine Edge to get things working?
2024-03-16 02:38:50 <Saijin_Naib> At the time, yes, needed newer kernel
2024-03-16 02:38:59 <Saijin_Naib> Still may need it 🤔
2024-03-16 02:39:04 <jerkwad_robot> I am a total noob at this so I am affraid I can't contribute much... yet
2024-03-16 02:39:55 <Saijin_Naib> You'll get there. This has been the most helpful and encouraging Linux community I have ever been in, and has helped me so much
2024-03-16 07:39:00 <Sofia> Hello world. Just updated things and steam is broken. Nothing obviously useful in its console output. Can anyone confirm steam works for them on alpine using flatpak?
2024-03-16 07:40:53 <Saijin_Naib> Hi, yes
2024-03-16 07:42:06 <Sofia> Saijin_Naib: Yes as in steam just works for you after all upgrades in apk and flatpak?
2024-03-16 07:42:46 <Saijin_Naib> Yep, no issues on Edge x86_64
2024-03-16 07:42:57 <Saijin_Naib> What GPU do you have?
2024-03-16 07:43:22 <Saijin_Naib> I had issues with lts kernel before it supported my Intel Arc, but not since
2024-03-16 07:43:42 <Sofia> Intel integrated in 10th gen i7.
2024-03-16 07:43:45 <Sofia> Not using edge. Hmm.
2024-03-16 07:48:17 <Sofia> > Steamwebhelper is not responding
2024-03-16 07:48:23 <Sofia> Should have said that one at least :p
2024-03-16 07:52:08 <Sofia> https://github.com/flathub/com.valvesoftware.Steam/issues/1251
2024-03-16 08:05:31 <Saijin_Naib> Hmm, that should be fully supported on stable and lts kernel
2024-03-16 08:06:29 <Saijin_Naib> I have hardware accel for steam turned off in its menus, so I might have dodged this issue by accident
2024-03-16 08:41:53 <sewn> what is a good replacement for ungoogled chromium in alpine?
2024-03-16 08:42:06 <sewn> chromium is hard to catch up with and takes time to test given it takes some hours to build
2024-03-16 08:42:20 <quinq> firefox is one
2024-03-16 08:42:55 <sewn> hmm thats not bad of a replacement
2024-03-16 08:43:11 <sewn> are there any other browsers that are as light and as fast as chromium?
2024-03-16 08:48:53 <Sofia> Saijin_Naib: from /home/user/.var/app/com.valvesoftware.Steam/.local/share/Steam/logs/steamwebhelper.log -> [0316/080555.697176:ERROR:ozone_platform_x11.cc(238)] Missing X server or $DISPLAY
2024-03-16 08:49:13 <Sofia> flatpak run --command=env ..steam;  does include DISPLAY=:0
2024-03-16 08:49:34 <sewn> --socket=x11 ?
2024-03-16 08:49:47 <Sofia> And wayland things
2024-03-16 08:49:51 <Sofia> 
ACTION tries that

2024-03-16 08:50:45 <Sofia> Same error
2024-03-16 08:51:49 <Sofia> Note I am getting a UI error from steam saying the steamwebhelper isn't responding.
2024-03-16 08:52:07 <Sofia> I even reset permissions with flatseal in case any of those changed
2024-03-16 08:52:12 <sewn> you can always try reinstalling steam (with --delete-data) and see how it goes
2024-03-16 08:52:16 <sewn> its sort of a last resort
2024-03-16 08:52:38 <Sofia> If I uninstall steam, I keep the data by default yes?
2024-03-16 08:53:01 <Sofia> I tried repair and install --reinstall
2024-03-16 08:53:06 <sewn> if you do flatpak uninstall, iirc it will not delete the steam data
2024-03-16 08:53:11 <sewn> you have to add --delete-data
2024-03-16 08:53:11 <Sofia> Good
2024-03-16 08:53:13 <Sofia> I'll try this first
2024-03-16 08:53:40 <sewn> https://github.com/ValveSoftware/steam-for-linux/issues/10554
2024-03-16 08:54:05 <Sofia> Still broken
2024-03-16 08:56:46 <Sofia> moved out my steamapps dir
2024-03-16 08:57:54 <Sofia> Wait
2024-03-16 09:03:00 <Sofia> Fixed it thank sewn 
2024-03-16 09:03:29 <Sofia> Added the dbus-update-* to my sway config and relogged.
2024-03-16 09:04:09 <Sofia> Running the command from the terminal didn't fix it, didn't try from swaymsg but restarting did work. Curious if something else was broken and it might have just worked anyway.
2024-03-16 09:04:15 <Sofia> Oh well. It works \o/
2024-03-16 09:10:56 <sewn> yay
2024-03-16 09:14:55 <Sofia> Speaking of steam. I've been unable to run dota 2 and talos principle (I got a refund on the latter). Wonder if there are other log files I should be looking into because steam hasn't been giving me anything obviously useful, and hides everything in log files it seems...
2024-03-16 09:20:05 <Sofia> Celeste is running. No menu. Hmm.
2024-03-16 09:20:13 <sewn> Sofia: you can have a look at the stdout of steam when you run it in a terminal
2024-03-16 09:20:16 <sewn> for me its more than enough
2024-03-16 09:20:47 <Sofia> It hasn't been helpful. Hmm
2024-03-16 09:25:52 <Sofia> Press C to get past splash lol
2024-03-16 09:32:54 <ashie[m]> Sofia: there used to be a config option that made steam log the entire wine command used to run a game, dunno what it was but I think I found it in the proton (or maybe proton ge) readme
2024-03-16 09:47:43 <lopid> PROTON_LOG=1
2024-03-16 09:55:14 <Sofia> Thanks <3
2024-03-16 09:55:32 <Sofia> 
ACTION wonders how often people ask about steam here; seems to be quite the source of issues.

2024-03-16 09:56:03 <lopid> there's a #gamingonlinux channel on libera, if it helps
2024-03-16 09:56:51 <Sofia> 
ACTION nods, thanks

2024-03-16 12:40:09 <boombim> hey everyone. If someone have an idea how to make alpine work with refind please ping me somehow...
2024-03-16 12:40:12 <boombim> Thanks
2024-03-16 13:56:05 <Saijin_Naib> Yeesh, wayland is hard to setup. No such issues with XFCE. Glad you got sorted
2024-03-16 14:07:37 <sewn> does anyone have contact to someone called Celeste on the gitlab?
2024-03-16 14:08:48 <ikke> sewn: They're in #alpine-devel
2024-03-16 14:09:30 <sewn> thanks
2024-03-16 15:48:55 <jerkwad_robot> are there any options other than cron for scheduling? Not a huge deal, but snooze spoiled me.
2024-03-16 15:54:23 <lopid> at
2024-03-16 15:54:43 <lopid> sleep. depends what you want
2024-03-16 17:28:27 <dalias> how do i configure dhcpcd on alpine to honor mtu?
2024-03-16 17:31:02 <quinq> Internet says #nohook mtu
2024-03-16 17:31:36 <quinq> Sorry, misread
2024-03-16 17:31:51 <quinq> In the default dhcpcd.conf here, theres:
2024-03-16 17:31:52 <quinq> # Respect the network MTU. This is applied to DHCP routes.
2024-03-16 17:31:52 <quinq> option interface_mtu
2024-03-16 17:31:56 <quinq> Does that not work?
2024-03-16 17:33:35 <quinq> Hummm, that's not documented
2024-03-16 17:33:38 <dalias> doesn't seem to
2024-03-16 17:33:47 <dalias> i think it needs a hook script to set mtu obtained from the server
2024-03-16 17:33:51 <dalias> but alpine didn't ship one
2024-03-17 07:32:15 <somercet> wow, the new aisleriot looks like a war crime.
2024-03-17 10:07:40 <lnm> Does anyone have expering with the woodpecker package in testing? I am trying to set the server up but suspect /etc/woodpecker.conf isn't read by the application. I get a "WOODPECKER_HOST is not properly configured" error, which according to the source code means that the variable is an empty string.
2024-03-17 10:08:02 <lnm> *experience
2024-03-17 11:01:55 <sewn> I love alpine
2024-03-17 15:13:12 <Forza> Hello 👋 
2024-03-17 15:13:48 <Forza> Would it be OK to ask for kexec support to be included in Alpine kernels as default? 
2024-03-17 15:15:18 <Forza> Hm it is it seems. Maybe I'm doing it wrong
2024-03-17 15:16:51 <Forza> kexec_load failed: Operation not permitted
2024-03-17 15:18:28 <Forza> I used:  kexec -a -l /boot/vmlinuz-virt --initrd=/boot/initramfs-virt --reuse-cmdline
2024-03-17 15:19:22 <lopid> as root?
2024-03-17 15:21:05 <Forza> Yes
2024-03-17 15:22:07 <Forza> Comparing to my gentoo kernel, alpine image doesn't have CONFIG_KEXEC_FILE set, and the other kernel doesn't have CONFIG_KEXEC_SIG set
2024-03-17 15:24:20 <Forza> Maybe sig thing?
2024-03-17 15:28:26 <Forza> https://gist.tnonline.net/5Y kernel config diff
2024-03-17 15:33:12 <Forza> Could the issue be luks?
2024-03-17 15:38:52 <Forza> Isnt alpine's initrd asking for the luks key, so it that shouldn't be an issue?
2024-03-17 17:25:26 <G3016> Hello
2024-03-17 17:26:06 <G3016> I try to migrate a Ruby script from a Solus to an Alpine machine
2024-03-17 17:26:14 <G3016> When I run the script, I got this error :
2024-03-17 17:26:20 <G3016> https://pastebin.com/VxM646xj
2024-03-17 17:26:35 <G3016> I tried to install sqlite and sqlite-dev but the issue is the same
2024-03-17 17:26:41 <G3016> I don't know what to do
2024-03-17 17:27:13 <ikke> G3016: make sure you set platfrom to ruby when installing dependencies
2024-03-17 17:28:11 <ikke> 'fcntl64: symbol not found': musl does not provide these shims anymore
2024-03-17 17:29:00 <ikke> bundle config set --global force_ruby_platform true
2024-03-17 17:31:01 <G3016> I installed the gem via bundler with gem 'sqlite3', :platforms => :ruby
2024-03-17 17:31:04 <G3016> It is not enough?
2024-03-17 17:35:05 <G3016> I'm trying bundle config set --global force_ruby_platform true
2024-03-17 17:35:16 <G3016> It's installing for now
2024-03-17 17:37:57 <G3016> It seems to work, I got an another error but relative to my code this time
2024-03-17 17:38:12 <G3016> related*
2024-03-17 17:38:12 <G3016> Thanks a lot!
2024-03-17 17:40:21 <G3016> Do you mind explaining to me why this was necessary?
2024-03-17 17:42:12 <ikke> To make sure it does not pull in pre-compiled dependencies not suitable for the current system 
2024-03-17 17:47:12 <G3016> When you say the current system, you're talking about architecture?
2024-03-17 17:47:21 <G3016> Sorry I'm a newbie in this world
2024-03-17 17:49:41 <ikke> G3016: mostly libc
2024-03-17 17:49:52 <ikke> alpine uses musl, while most other distros use glibc
2024-03-17 17:52:46 <G3016> Okay
2024-03-17 17:52:49 <G3016> Thanks
2024-03-17 17:55:52 <G3016> Have a nice day!
2024-03-17 19:55:40 <bananicorn> boombim: I use alpine with refind, what is your issue?
2024-03-17 21:13:23 <jerkwad_robot> oh man, I am so excited. Who do I need to thank for packaging the son/rad arr and jellyfin apps for Alpine?@
2024-03-17 21:13:37 <jerkwad_robot> Here I thought I was going to have to deal with containers :)
2024-03-17 21:15:22 <ikke> https://pkgs.alpinelinux.org/packages?name=jellyfin&branch=edge&repo=&arch=&maintainer=
2024-03-17 21:16:16 <jerkwad_robot> Thankyou Simon Zeni! :)
2024-03-17 21:17:02 <jerkwad_robot> ikke, thanks to you as well
2024-03-18 17:14:43 <sewn> to update a package as someone who isnt the package maintainer, do i need permission from the package maintainer?
2024-03-18 17:17:32 <ikke> sewn: You can make an MR, but the maintainer will need to approve
2024-03-18 17:40:37 <fluix> I will note that approval seems to be commonly ignored/bypassed; not necessarily a problem for common updates
2024-03-18 18:17:58 <sewn> why doesnt pipewire run wireplumber out of the box?
2024-03-18 18:18:05 <sewn> iirc it comes with the default configuration and alpine overrides it
2024-03-18 18:18:20 <sewn> ikke: thanks
2024-03-18 19:33:13 <grossaffe[m]> does alpine run some kind of firewall by default?  I've had some weird networking issues on my install.
2024-03-18 19:33:51 <ikke> no
2024-03-18 19:43:40 <grossaffe[m]> what I experience is I'll be remoted into the alpine box over ssh and the the ssh session goes unresponsive.  If I try to ping the alpine box, I get destination unreachable or something along those lines.  If I ping the other machine from Alpine it gets through.  If I then try to ping alpine after pinging the other way, it works again.
2024-03-18 19:44:37 <bph> Hi! I'm trying to install Alpine on FriendlyElec NanoPC-T6
2024-03-18 19:45:23 <bph> What I have done so far.Connected via UART so all the logs below are from debug interface.Used GitHub actions to compose u-boot-rockchip.bin for my SBC (credits to https://github.com/Kwiboo/u-boot-build )Formatted SDCard as per tps://wiki.alpinelinux.org/wiki/Alpine_on_ARM#Preparing_installation_mediaPut u-boot with dddd if=u-boot-rockchip.bin of=/dev/mmcblk0 bs=32k seek=1 conv=fsync
2024-03-18 19:45:56 <bph> It seems that with modern u-boot this /extlinux/extlinux.conf got fully ignored (I even removed that and it had 0 impact)
2024-03-18 19:46:02 <bph>  and it went straight to Grub.Kernel starts to loads but I stuck with Mounting boot media: failed. I tried putting root=/dev/mmcblk1 in grub.cfg but it seems that it does not make sense because when I do mdev -s in initramfs emergency recovery shell it shows nothing.I wonder if i need to do custom initramfs file as described here https://wiki.alpinelinux.org/wiki/DIY_Fully_working_Alpine_Linux_for_Allwinner_and_Other_ARM_SOCs#Creating_I
2024-03-18 19:47:05 <bph> Uboot and kernel(L7)  logs are here. As "helpful" comments too :) https://www.reddit.com/r/AlpineLinux/comments/1bh2ua0/trying_to_install_alpine_on_friendlyelec_nanopct6/
2024-03-18 19:50:21 <ikke> grossaffe[m]: definitely not something in alpine that would be blocking it
2024-03-18 19:50:34 <ikke> I mean, not something that is installed by default
2024-03-18 20:01:00 <jk> grossaffe[m]: could it be that you picked a static ip which is already being used by another device?
2024-03-18 20:24:59 <grossaffe[m]> <jk> "grossaffe: could it be that..." <- I did pick a static IP, but it is not conflicting with anything else.
2024-03-18 20:26:55 <grossaffe[m]> had checked on my router and accounted for all my connected devices.  I'll double check when I get back home to be sure.
2024-03-18 23:01:04 <ramiferous> I'm not getting man pages for most packages, even after installing the '-doc' packages
2024-03-18 23:09:29 <ramiferous> Never mind. nixCraft to the rescue, as always
2024-03-18 23:22:58 <grossaffe[m]> Confirmed that there is no other device on my network contending for the static IP.  Also, when the device is reachable, the ping is also... I don't want to say erratic, since it follows a fairly reliable pattern of every other packet being horribly slow for a local network: https://bpa.st/H52Q
2024-03-18 23:26:05 <dewdude> is that a single device over a single cable?
2024-03-18 23:32:19 <invoked> also try with a different cable, if it is a cable
2024-03-18 23:32:25 <grossaffe[m]> Ping source is a computer on a single lan cable to the router.  Ping sink (Alpine-box) is a single computer on Wifi.
2024-03-18 23:36:00 <invoked> if it's wifi, it's possible that your issue is caused by powersave or some other driver-level issue
2024-03-18 23:36:20 <grossaffe[m]> But now here's the flipside; ping from Alpine-box back to the other computer: https://bpa.st/UWVQ
2024-03-18 23:36:20 <grossaffe[m]> Looks pretty normal going that way.
2024-03-18 23:36:32 <invoked> in any case alpine's not doing anything custom
2024-03-18 23:37:04 <invoked> you fat fingered your paste
2024-03-18 23:38:04 <grossaffe[m]> Oops
2024-03-18 23:38:20 <grossaffe[m]> https://bpa.st/OJOA
2024-03-18 23:39:17 <invoked> what does 'arp -a' say
2024-03-18 23:39:34 <invoked> (from your other computer)
2024-03-18 23:42:12 <grossaffe[m]> https://bpa.st/CTOA
2024-03-18 23:43:21 <grossaffe[m]> I think a lot of those <incomplete> entries are devices no longer on the network or under a different IP address.  Pretty sure my printer changed IP on me a number of times.
2024-03-18 23:46:34 <invoked> hard to say. i don't know what wifi chipset you have, but i would look into what settings are there for it.  if you can plug the alpine computer into wired ethernet, and get the same bad result then it's not the interface.
2024-03-18 23:46:41 <invoked> process of elimination
2024-03-18 23:47:42 <invoked> for wifi i would suggest looking to disable any powersave on it, as a thing to try
2024-03-18 23:47:56 <invoked> but would try connecting the alpine host via cable first
2024-03-18 23:48:07 <grossaffe[m]> I suppose I can plug in the ethernet.  It probably won't be on Ethernet much in the near future when it's live, but while I'm setting it up, it's still sitting here next to me and my router.
2024-03-18 23:48:32 <grossaffe[m]> Just have to make sure I have a port on the right vlan.
2024-03-18 23:49:02 <invoked> yeah but if you plug it in, it would give you a lot of info immediately.  if your ping works to the wired interface, something's going on with wifi probably.
2024-03-18 23:50:20 <grossaffe[m]> Shouldn't be able to ping it if it's on the wrong vlan, though.  I partitioned my router so I could separate work from home network when working remotely.
2024-03-18 23:51:12 <invoked> that depends. some older switch chipsets have buggy vlans
2024-03-18 23:57:56 <grossaffe[m]> Wired ping is consistently under half a millisecond.  So I guess now I get to blame wifi.
2024-03-18 23:58:45 <grossaffe[m]> Chipset appears to be... mediatek?  I usually expect good things from them.
2024-03-18 23:59:57 <invoked> not sure myself. i'm usually on intel chipsets
2024-03-19 00:00:39 <grossaffe[m]> Also have mediatek in my router.
2024-03-19 00:01:58 <invoked> https://wireless.wiki.kernel.org/en/users/drivers/mediatek
2024-03-19 02:38:32 <thresh> hi.  I'm using alpine 3.19 aws cloud-init-based images.   I have a per-boot script that is launched when cloud-final init step is running.  All good, however I depend on Docker being running in this step (and init is not reached d* yet, it's right after cloud-final).  What can I do to fix that?
2024-03-19 02:58:01 <grossaffe[m]> Okay, here's something really weird.  There's a mysterious IP address connected to my router when my Alpine-box's wifi is unreachable.  I saw it at address 192.168.1.168, and then disappear and reappear as 192.168.1.169.  The MAC address matches that of my Alpine-box's Wifi.  Meanwhile, ip a on the Alpine-box still says its address is 192.168.1.115.
2024-03-19 03:22:36 <elly_> maybe it has a confused dhcp client running
2024-03-19 03:27:02 <grossaffe[m]> Networking is not my strong suit.  I do see that I have a udhcpc instance running.
2024-03-19 03:28:10 <grossaffe[m]> Would it perhaps be better for me to configure for dhcp on the alpine-box and let the router assign a static IP to it?
2024-03-19 03:32:44 <elly_> I don't know what your setup is exactly but in general you should either: a) configure the alpine machine to have a static ip and not have it run a dhcp client, or b) have it run a dhcp client and let it figure out its ip address from that
2024-03-19 03:36:43 <grossaffe[m]> Yeah, that makes sense.  Though I imagine one should expect the machine to function if one wanted to have a static IP on one interface and dynamic on another.
2024-03-19 03:37:07 <grossaffe[m]> Not that I have any need for that.
2024-03-19 03:37:31 <elly> you could do that! but each interface should only get its IP one way
2024-03-19 03:39:02 <grossaffe[m]> Oh, I see that the udhcpc command does specify interfaces.  But on that note, I only see the eth0 interface in the command being run, so I would think that shouldn't affect wlan0.
2024-03-19 03:40:00 <grossaffe[m]> Well anyways, I'll try swapping over to full dhcp anyways and tell my router to give it a static lease and see what happens.
2024-03-19 03:50:22 <grossaffe[m]> This all makes so little sense to me.  Pinging the new static lease from the router dropped the first 10 packets, and then the next few packets took over 10 seconds to reach their destinations.  Then pinging from other computer said the host was unreachable for packets 9-14 before packets 2-8 arrived in 15,14...9 seconds respectively before eventually settling on a ping that bounces around 30 ms - 200 ms.
2024-03-19 03:56:39 <grossaffe[m]> When I restart the networking service, it takes awhile for it to acquire a DHCP lease and has to fork to the background before finally acquiring it.
2024-03-19 03:56:39 <grossaffe[m]> And now I'm back to the old status-quo of ping-ponging between ~1ms ping and ~900ms ping.
2024-03-19 04:12:23 <elly> that's weird
2024-03-19 08:58:30 <ramiferous> How could I go about requesting a package?
2024-03-19 08:59:08 <qaqland> here https://gitlab.alpinelinux.org/alpine/aports/-/issues
2024-03-19 08:59:19 <ramiferous> Cheers
2024-03-19 09:01:24 <qaqland> search "Package request" and get more examples
2024-03-19 09:07:49 <ikke> There is an issue template for it now
2024-03-19 09:08:28 <ramiferous> qaqland: seems to be a fair few package requests with no activity/replies.. realistically, what are the chances anyone will Pick it up?
2024-03-19 09:09:14 <ikke> ramiferous: it depends on the package, if someone cares about packaging it
2024-03-19 09:09:35 <ramiferous> Yeah, I realised it was a silly question
2024-03-19 09:10:07 <ramiferous> I've just given up trying to build it from source so this is my last resort
2024-03-19 09:50:33 <ramiferous> Actually, before I do.. I don't suppose anyone might be able to help me build libdrm. I'm getting the following error:  https://0x0.st/Xru2.txt
2024-03-19 09:54:40 <ikke> https://github.com/intc/libssp-nonshared perhaps?
2024-03-19 10:09:32 <bananicorn> Is anyone here using the Flutter package from testing? Flutter doctor crashes for me, curious if anyone has it working.
2024-03-19 10:17:45 <ikke> lnl: ^
2024-03-19 10:40:11 <ramiferous> ikke: C compiler cannot create executables..  https://0x0.st/XrSi.txt
2024-03-19 10:56:53 <cyclisme24[m]> Is musl-dev installed?
2024-03-19 11:01:22 <dwfreed> 'build-base' is alpine's equivalent to debian's 'build-essential' to an extent
2024-03-19 11:05:17 <ramiferous> Installing musl-dev helped
2024-03-19 12:32:23 <Fxzxmic> I want to know, does anyone here think I'm right? Or should I not consider these things and my thoughts are superfluous?
2024-03-19 12:32:34 <Fxzxmic> Link: https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/61716#note_384851
2024-03-19 13:45:13 <fluix> haven't read the linked discussions, but I think having consistent naming across distros is very helpful for common software (though idk how popular klog is). I might suggest only creating the new user and mentioning this in the release notes because it's a breaking change if anybody has used the existing username
2024-03-19 13:48:18 <fluix> s/ (though idk how popular klog is)//
2024-03-19 13:50:22 <fluix> oh and this is all only in edge so disregard the last part
2024-03-19 14:22:18 <Fxzxmic> fluix: In fact, I want to mention the changes made by the first commit in the discussion.
2024-03-19 14:23:24 <Fxzxmic> It's not about discussing the commit of changing klogd to klog.
2024-03-19 14:25:07 <Fxzxmic> Should klogd user and group be created repeatedly every time busybox is upgraded.
2024-03-19 14:26:50 <ikke> Its not unlike any other user that is created by packages 
2024-03-19 14:28:44 <Aragami> hello, I am new to linux in general and Alpine specifically, but my last time used linux was not fun because of gnu (and I was linked to this distro because it does not include that) my first question is regarding the availability of gcc, the web interface here: https://pkgs.alpinelinux.org/packages?name=gcc&branch=v3.19&repo=main&arch=x86_64&maintainer= shows there exists a gcc, however doing apk search gcc does not result in output except a couple 
2024-03-19 14:28:44 <Aragami> of warnings
2024-03-19 14:29:36 <Aragami> WARNING: opening from cache https://dl-cdn.alpinelinux.org/alpine/v3.19/main: No such file or directory
2024-03-19 14:29:37 <Aragami> WARNING: opening from cache https://dl-cdn.alpinelinux.org/alpine/v3.19/community: No such file or directory
2024-03-19 14:29:37 <Aragami>  which I believe is just saying your package was not found.
2024-03-19 14:29:58 <Aragami> specifically what I did was `apk search gcc` 
2024-03-19 14:39:13 <feuerteufel> Aragami: Did you enable "main and community" in /etc/apk/repositories ?
2024-03-19 14:42:05 <feuerteufel> If not, do so. Then run "apk update" and you'll see a lot gcc stuff!
2024-03-19 14:44:28 <Aragami> so I just did cat and it seems to be there
2024-03-19 14:44:30 <Aragami> https://dl-cdn.alpinelinux.org/alpine/v3.19/main
2024-03-19 14:44:30 <Aragami> https://dl-cdn.alpinelinux.org/alpine/v3.19/community
2024-03-19 14:44:47 <Aragami> btw, I am inside wsl2 but I don't think that should matter, and it is not only gcc, I don't think any package is returned
2024-03-19 14:45:16 <Aragami> for example, searching for curl is the same, returns nothing
2024-03-19 14:45:54 <Fxzxmic> Everything was good before, but why did it stop considering user choices after this change? I do not deny the necessity of the current proposal to simplify the passwd file, but do I think there is a lack of consideration?
2024-03-19 14:46:49 <Aragami> feuerteufel actually, after restarting everything, it seems to be working, maybe because I just created the user right now? but at least now it lists them
2024-03-19 14:50:26 <ncopa> Fxzxmic: i think you bring up an interesting consequence of the simplification of passwd file
2024-03-19 14:51:13 <ncopa> i honestly didn't think about it
2024-03-19 14:51:41 <ncopa> this passwd simplification is starting to become expensive...
2024-03-19 14:52:11 <malikn[m]> We had problems installing pydantic with a version higher than 2.5.3 on armv7 last week
2024-03-19 14:52:11 <malikn[m]> Does someone know what caused this?
2024-03-19 14:52:11 <malikn[m]> Since friday it all of sudden works without changing the Dockerfile
2024-03-19 14:53:24 <ncopa> no idea! broken internet?
2024-03-19 14:54:58 <malikn[m]> ncopa: Did rust get a new version?
2024-03-19 14:54:58 <malikn[m]> Where could I confirm this?
2024-03-19 14:57:33 <Fxzxmic> ncopa: Although this is not related to the proposal to simplify passwd itself, I feel that there was a lack of consideration when implementing this proposal.
2024-03-19 14:57:36 <Aragami> is this a bug? cd ~ works, but if I do it again, it reports no such file or directory? that is you can not cd to `~` if you are already there?
2024-03-19 14:58:09 <Aragami> hmm: /home/ali $ cd ~
2024-03-19 14:58:09 <Aragami> ash: cd: can't cd to ./ali: No such file or directory
2024-03-19 15:00:57 <orbea> works with mksh, so probably
2024-03-19 15:01:58 <Aragami> should I go to devel channel and report it?
2024-03-19 15:02:41 <Fxzxmic> Since adding it directly to the baselayout is not appropriate, caution should be exercised when adding it to the post-upgrade script.
2024-03-19 15:07:35 <Fxzxmic> It is logically reasonable to limit behavior in post-upgrade to the smallest version range possible. In fact, if an action only needs to be executed once, it is reasonable to execute it only once without causing too much interference to the user. And the reasons I mentioned in the PR were also considered from the user's perspective.
2024-03-19 15:07:46 <ncopa> Aragami: things mentioned in IRC will be forgotten. its probably better you create an issue in gitlab.a.o
2024-03-19 15:08:19 <Aragami> well, a guy in alpine-devel sent me back here, saying that my home directory is messed up for some reason
2024-03-19 15:09:24 <Aragami> weird, because I added a new user just as the docs said 
2024-03-19 15:09:36 <invoked> which docs
2024-03-19 15:13:10 <ncopa> Fxzxmic: I am thinking that it might be better to move the klog(d) user to alpine-baselayout, than to add it with busybox-openrc scripts
2024-03-19 15:14:17 <ncopa> its is non-optimal to ship users in default passwd that may not be used, but it makes it possible to delete the user at least, without it coming back on each busybox upgrade
2024-03-19 15:14:31 <raspbeguy> hello, doas anyboady have knowledge of an equivalent of molly-guard on alpine?
2024-03-19 15:14:32 <ncopa> and it is a very simple solution (which I like)
2024-03-19 15:14:54 <Aragami> I guess I found the issue, not sure if it is a bug, or just a misunderstanding of how path works 
2024-03-19 15:15:02 <Aragami> I was referring to this docs
2024-03-19 15:15:02 <Aragami> https://docs.alpinelinux.org/user-handbook/0.1a/Working/post-install.html
2024-03-19 15:15:24 <Aragami> and the way I did it, was by specifying -h ./directory instead of specifying absolute path
2024-03-19 15:15:44 <Aragami> and it seems like, it does take ./directory literally instead of resolving it
2024-03-19 15:15:52 <ncopa> ha
2024-03-19 15:16:31 <ncopa> its busybox adduser that is simple and stupid. with emphasis on stupid
2024-03-19 15:16:45 <Aragami> because doing cat /etc/passwd | grep my_user shows that its home directory is `./directory` which is not what I expected
2024-03-19 15:16:58 <ncopa> i dont think that is a bug
2024-03-19 15:17:18 <Aragami> probably, it is just the first time I saw `./` not being resolved with a command, 
2024-03-19 15:17:43 <Fxzxmic> ncopa: If all viewpoints are compromised, your proposal is the best one.
2024-03-19 15:17:44 <ncopa> sounds like you are young :)
2024-03-19 15:17:59 <ncopa> i feel old
2024-03-19 15:18:10 <Aragami> I am not young, but I am not old XD
2024-03-19 15:19:33 <ncopa> Fxzxmic: Another option would be to move the user creation to busybox-openrc.pre-install
2024-03-19 15:20:16 <ncopa> But then the only way to avoid creating the user would be to `apk add !busybox-openrc`
2024-03-19 15:20:36 <ncopa> which would mean you can not use any of the services provided by busybox-openrc
2024-03-19 15:20:54 <ncopa> which might be ok(ish)
2024-03-19 15:22:31 <Fxzxmic> I haven't considered this yet, although it makes sense, as you said, there is still controversy over whether to execute it once or every upgrade.
2024-03-19 15:23:31 <ncopa> I think the current situation is unacceptable. you simply cannot remove the user without it being recreated later
2024-03-19 15:24:08 <ncopa> (well you could always make an adduser wrapper script that does weird stuff but thats even worse...)
2024-03-19 15:24:44 <Fxzxmic> After all, some people are very concerned about the simplicity of scripts. Although I also care, from my perspective, it is inevitable to make it more complex.
2024-03-19 15:25:16 <ncopa> its a trade-off
2024-03-19 15:25:51 <ncopa> and IMHO the proposed complexity is not worth the benefit
2024-03-19 15:26:25 <ncopa> i think i should create an issue for it
2024-03-19 15:28:25 <Fxzxmic> I also think we should reconsider how to complete the original proposal without causing any inconvenience to the users.
2024-03-19 15:32:25 <Fxzxmic> You can also take a look: https://gitlab.alpinelinux.org/alpine/aports/-/issues/15841
2024-03-19 15:40:19 <fluix> I don't know the details of this, but it feels like the best solution is apk add the first time or apk fix creates necessary users, and deletions after stick around
2024-03-19 15:40:48 <fluix> but I feel like creating users isn't that big a deal unless they have permissions that are too powerful
2024-03-19 15:44:53 <Fxzxmic> Creating a user is not a problem, the problem is that every time you update busybox, it will create the same user - this will not have any consequences, but you cannot completely delete this user, even if you do not use it. In other words, you have lost the right to choose.
2024-03-19 15:45:41 <fluix> I understand, but this feels close to saying "I install <pkg> and it has this binary <a> that I don't need but I can't choose not to have it"
2024-03-19 15:46:28 <fluix> of course not exactly, but similar. perhaps busybox is an exception (but it sounds like there are plans to separate alpine from busybox specifically, so installing busybox creating specific mandatory users makes sense)
2024-03-19 15:48:38 <Fxzxmic> On the other hand, even if you use klogd, creating klogd users can achieve the effect in one go. So what is the point of creating klogd users every time you upgrade? This is a logical issue.
2024-03-19 15:49:10 <Fxzxmic> "I install <pkg> and it has this binary <a> that I don't need but I can't choose not to have it"
2024-03-19 15:49:46 <Fxzxmic> It's different, you chose to use it, you're not forced to.
2024-03-19 15:54:29 <Fxzxmic> And if you really don't want it, you can divide it into two packages, there is still a choice.
2024-03-19 15:57:01 <Fxzxmic> You can take a look at the qt6-qttools package, I have divided it into two.
2024-03-19 16:19:06 <fluix> I know you can have subpackages but I think we both agree "go make a subpackage" is not a solution
2024-03-19 16:19:33 <fluix> and you're only mandated to have a klog user as much as you're mandated to install busybox. if we support completely uninstalling busybox you wouldn't need the user
2024-03-19 16:20:04 <fluix> to be clear, if you could simply remove the user and not complicate every package that provides users, that sounds great to me, but always installing a user also seems appropriate given you have the package installed
2024-03-19 16:22:16 <ikke> It's the same as removing the package and then installing it again
2024-03-19 16:22:32 <ikke> it would not be inappropriate for any users to be created again if they were not present
2024-03-19 16:25:17 <ncopa> Fxzxmic: I created an issue https://gitlab.alpinelinux.org/alpine/aports/-/issues/15892
2024-03-19 16:26:15 <sewn> why doesnt abuild report the total building time regardless of if it failed or succeeded
2024-03-19 16:27:10 <sewn> because in either case the starting time is recoreded anyway
2024-03-19 16:27:11 <ncopa> sewn: because nobody cared enough to change the code. feel free to create a merge request! I think its a good idea
2024-03-19 16:27:44 <sewn> i don't know how it would be possible, looking at line 1890~ it seems it should be called given the 'cleanup' 
2024-03-19 16:27:48 <sewn> unless runpart kills the program entirely
2024-03-19 16:28:01 <sewn> if it fails that is
2024-03-19 16:28:38 <sewn> ok i can see the -e flag being set on abuild globally so maybe that could be why
2024-03-19 16:28:46 <ikke> yes
2024-03-19 16:29:00 <sewn> yeah i'm too scared to make a pull request to change that
2024-03-19 16:29:18 <ikke> There are some functions that are run to clean up
2024-03-19 16:29:26 <ikke> which run regardless of success or failure
2024-03-19 16:29:48 <sewn> which is 'cleanup' of course right?
2024-03-19 16:31:31 <ncopa> would also be nice if there was a test that verifies that it works as expected
2024-03-19 16:31:47 <ikke> sewn: it's the die() function that gets called
2024-03-19 16:32:17 <ikke> die() then calls cleanup()
2024-03-19 16:33:31 <sewn> i'm not too sure if the 'build complete in $time' is a good idea to be placed in cleanup
2024-03-19 16:33:48 <sewn> the message is 'Build complete at' and so on, but if the build fails it wouldn't really be complete would it
2024-03-19 16:36:52 <ncopa> also note that abuild cals itself recursively for fakeroot stuff
2024-03-19 16:37:36 <ncopa> i would start with a testcase, what you would expect to happen
2024-03-19 16:38:32 <ncopa> maybe a text like: "abuild ran HH:MM:SS"
2024-03-19 16:42:26 <sewn> maybe if there was a way to run indivisual abuild steps manually?
2024-03-19 16:42:29 <sewn> like abuild build and so on
2024-03-19 16:42:38 <sewn> could just use $ time abuild build -r
2024-03-19 17:09:20 <Fxzxmic> Too late for me, bye.
2024-03-19 19:33:38 <vkrishn> re: to get total build time,
2024-03-19 19:33:44 <vkrishn> 1. add /tmp/main/.pkgname with current timestamp whenever build starts
2024-03-19 19:33:50 <vkrishn> 2. add feature in "abuild timelapse" (not there yet)
2024-03-19 19:33:56 <vkrishn> 3. run "abuild timelapse" after every build and "get your coffee break" period
2024-03-19 19:37:05 <vkrishn> 3a. also possible to do "break point" for various cleanup() calls
2024-03-19 19:39:53 <sewn> why isn't it possible to search - in pkgs.alpinelinux.org - for package descriptions?
2024-03-19 19:54:26 <sewn> find . -name APKBUILD | xargs ugrep pkgdesc=\".*search*\" seems to be enough
2024-03-19 19:55:43 <vkrishn> apk search -d
2024-03-19 19:56:15 <sewn> flabbergasted
2024-03-19 19:57:39 <fission> heh
2024-03-19 20:29:25 <WhyNotHugo> What do folks here thing of chimera's python-based cport system?
2024-03-19 20:30:50 <WhyNotHugo> (honestly, just curious about opinions)
2024-03-20 00:56:51 <chexo3> testing testing
2024-03-20 00:56:52 <chexo3> hi
2024-03-20 00:57:13 <grossaffe[m]> test success
2024-03-20 01:08:48 <chexo3> Okay I'm back again
2024-03-20 01:08:59 <chexo3> as soon as I remember why I came here I will speak
2024-03-20 01:10:51 <chexo3> I was thinking that `APKBUILD` files and `abuild` seem to be set up reasonably well to be reused for source based packaging. Like with feature flags and such, Gentoo style. As an optional thing, so that people who know they need X feature that isn't enabled by default can compile a package with it. This is of course optional and in addition to regular binary packaging.
2024-03-20 01:11:02 <chexo3> But it would be nice to have.
2024-03-20 01:52:29 <elly> you already can build from source? (with `abuild build` and similar)
2024-03-20 01:53:03 <vkrishn> it could start by someone fusing gentoo+alpine to make a "gental or gentle" distro
2024-03-20 01:57:08 <vkrishn> there are always some improvements possible
2024-03-20 02:23:39 <Saijin_Naib> It does sound interesting... having CPU-optimized builds as an option would be amazing for my desktop, for instance
2024-03-20 02:23:49 <Saijin_Naib> But Sabayon was brutal on my laptop
2024-03-20 02:24:06 <Saijin_Naib> 4GB RAM + N3450 + 64GB eMMC meant days and days to do an upgrade
2024-03-20 02:24:25 <Saijin_Naib> Full kernel compile was like 32hrs with all the swapping
2024-03-20 02:54:04 <invoked> there's a vast graveyard of distros
2024-03-20 02:54:30 <invoked> starting a new one is rarely a good idea
2024-03-20 02:56:54 <ahmadraniri[m]> invoked: because some people decide to reinvent and redesign distro by putting some themes then call it "new distro". 
2024-03-20 02:57:37 <invoked> mostly because they don't have what it takes to sustain the effort over time
2024-03-20 02:57:53 <invoked> no org, infra, etc. it's a lot of things
2024-03-20 03:00:39 <ewo> https://imgs.xkcd.com/comics/standards.png
2024-03-20 03:12:08 <chexo3> heck
2024-03-20 03:12:14 <chexo3> i forgot i don't have a bouncer
2024-03-20 03:15:31 <chexo3> vkrishn: the idea was more that it would be some extra features/tooling built on the existing abuild tools to make source based builds more convenient. Maybe even something like an option in `apk` itself that you can install as an add-on. Like an `apk-source` package that adds that functionality to apk using abuild.
2024-03-20 03:16:18 <chexo3> So for instance I could use some special syntax that a package should be built from source with such and such features.
2024-03-20 03:17:06 <chexo3> But probably most important would be that it's easy enough to maintain so that it remains well supported.
2024-03-20 03:23:42 <chexo3> Maybe it would work by (ironically) having an optional feature in APK itself that's normally not compiled in. The installed `apk` binary would be either replaced outright, or moved elsewhere as an emergency backup, and replaced with the `apk-source` binary.
2024-03-20 03:29:24 <chexo3> It might make sense to have feature flags as an option in packages in general. Including binary ones. Although in only very few cases so there aren't dozens of slightly different build targets for different packages. Like, there are feature flags configured for packages with optional features, but in 99% of cases only one binary, maybe two, are available. And the rest of the features you're expected to build from source 
2024-03-20 03:32:40 <vkrishn> chexo3: "with such and such features" means new version, meaning apk versioning should be able to handle that
2024-03-20 03:32:51 <chexo3> Could also maybe be used for consolidating the `docs`, `dev`/`devel` and `openrc` packages under their parent package. So they are set up as feature flags/toggles and you can configure APK to automatically download them.
2024-03-20 03:32:55 <chexo3> vkrishn: how so?
2024-03-20 03:33:22 <chexo3> oh i see
2024-03-20 03:33:33 <chexo3> like adding a hyphen and some text to the version string?
2024-03-20 03:34:09 <vkrishn> and what happens when one upgrades?
2024-03-20 03:35:10 <vkrishn> maybe start a proof-of-concept setup and ask devs back here if it still fits into ALs philosophy
2024-03-20 03:41:54 <chexo3> > and what happens when one upgrades?
2024-03-20 03:41:56 <chexo3> uh
2024-03-20 03:42:40 <chexo3> well, if it's a binary with feature flags that are packaged in the binary repos, it will just download the new one as normal
2024-03-20 03:43:42 <chexo3> for docs and other non-binary features it gets updated alongside
2024-03-20 03:44:39 <chexo3> and if you're running a package built from source with feature flags that need to be built from source, it'll either warn you that you need to rebuild it, or do so automatically depending on your configuration.
2024-03-20 03:45:29 <chexo3> maybe you could also have a build server building those packages and serving them if you have a lot of devices using package features that aren't in binary packages in the official repos
2024-03-20 03:47:14 <chexo3> vkrishn: I'm honestly not sure about a lot of implementation details. My main thinking was that it would be nice to have the option easily available to build packaged software from source for better CPU specific optimizations, specific features that aren't compiled by default, or both
2024-03-20 03:47:34 <chexo3> Like if Gentoo hosted binary packages
2024-03-20 03:50:01 <elly> there is `abuild build` already for building an apk from source locally
2024-03-20 03:50:10 <elly> are you looking for something other than that?
2024-03-20 04:02:57 <vkrishn> shouldn't abuild-meson script be part of meson pkgs ?
2024-03-20 04:04:23 <vkrishn> similar to abuild-rootbld
2024-03-20 04:05:42 <chexo3> elly: I also want to be able to do something like `abuild build $PKGNAME -f $FEATURES`. Or like `apk add $PKG1 $PKG2 $PKG3[source=true, $FEATURENAME1, $FEATURENAME2]`
2024-03-20 04:06:31 <chexo3> like for telling either apk to optionally build something from source, or abuild to build something with a feature compiled in
2024-03-20 04:09:48 <vkrishn> i mean, shouldn't abuild-meson script in main/meson/ be part of 'abuild' pkgs
2024-03-20 07:18:26 <PureTryOut> well my aarch64 VM on a M3 macbook yesterday stopped booting after the Linux-lts upgrade...
2024-03-20 07:22:30 <PureTryOut> oh huh, /boot/vmlinux-lts isn't present
2024-03-20 07:22:53 <PureTryOut> apk fix linut-lts reveals tons of errors about non-existing dts files
2024-03-20 07:22:58 <PureTryOut> *linux-lts
2024-03-20 07:25:46 <PureTryOut> ah nvm I forgot to mount the EFI partition, doing this in a chroot 😅
2024-03-20 07:27:04 <PureTryOut> anyway, /boot/vmlinuz-lts is now present but the VM still doesn't boot...
2024-03-20 07:35:55 <PureTryOut> oh what, /sbin/mkinitfs was missing. I reinstalled the package, initramfs regenerated and now it boots again. How did that happen?!
2024-03-20 09:32:28 <ncopa> weird! no idea
2024-03-20 09:32:32 <ncopa> disk full?
2024-03-20 10:58:04 <PureTryOut> didn't seem like it no 🤔
2024-03-20 11:54:44 <Forza>  Hi
2024-03-20 11:55:47 <Forza> I have a problem after updating alpine to 6.6.22-0-virt. Seems btrfs module is missing so now I can't boot
2024-03-20 11:58:21 <ikke> Was your initramfs properly regenerated?
2024-03-20 12:01:46 <Forza> I hope so. I did not read properly, just assumed it was 
2024-03-20 12:10:06 <Forza> Going to boot with a rescue disk and check 
2024-03-20 12:17:06 <Forza> Seems the initramfs was updated by looking at the timestamp 
2024-03-20 12:21:40 <Forza> I did a chroot and did mkinitfs and can see it is not including btrfs.ko.gz
2024-03-20 12:22:46 <Forza> Maybe I need to add it to mkinitfs.conf
2024-03-20 12:32:49 <Forza> Yes that was the problem. Now it works 
2024-03-20 12:40:11 <test> hello
2024-03-20 12:54:15 <Forza> Maybe I made a mistake when doing update-conf and it got overwriten
2024-03-20 13:24:17 <ikke> Forza: yeah, plausible 
2024-03-20 14:32:30 <WhyNotHugo> This is the first I've heard of update-conf. Is it in the docs / wiki?
2024-03-20 14:32:45 <WhyNotHugo> Oh, it is. Very BSD-like.
2024-03-20 15:34:00 <ncopa> it hasn't been updated for a decade
2024-03-20 15:34:43 <ncopa> py3-pydantic also broken with pytest 8
2024-03-20 15:34:52 <ncopa> i think
2024-03-20 15:36:01 <ikke> Potentially many things are. I already disabled tests for ipython because they do not support pytest8 yet
2024-03-20 15:36:55 <ikke> Wonder if it makes sense to have a py3-pytest7 package
2024-03-20 15:37:31 <ncopa> nah, my guess it is only like 10%?
2024-03-20 15:37:47 <ncopa> those needs to be fixed upstream anyway at some point
2024-03-20 16:21:13 <engblom> ncopa: Now it is about 2 weeks since you made the xtables-addons-rpi package and I am so thankful for it. Thanks to the geoblocking I have not had even one attempt in my ssh logs, and normally there would be many each day.
2024-03-20 16:24:29 <ncopa> engblom: nice to hear!
2024-03-20 16:28:47 <engblom> It is so amazing to have clean readable logs with only my own logins (that can easily be filtered out by grep).
2024-03-20 17:10:16 <Juniper> Hi, I'm new around here and I just purchased a new proprietary laptop that I wish to wipe and put Alpine Linux on, presently Windows 11 Home is on the device; I would like to utilize secure boot with Alpine but am confused about the process and confused on the present supported status of Alpine Linux with regard to Secure Boot. Also it's worth noting that I struggle with learning disabilities so please be patient with me.
2024-03-20 17:12:15 <Juniper> I found: https://wiki.alpinelinux.org/wiki/UEFI_Secure_Boot but I don't know or understand what to do to begin with to boot the install media; do I disable Secure Boot First or try to boot with it already on? Do I need to install fully before I follow the UEFI Secure Boot procedures given in the guidance? Like how or where do I start?
2024-03-20 17:16:52 <Forza> WhyNotHugo: update-conf is great. Similar to Gentoo etc-update 
2024-03-20 17:17:47 <Forza> engblom: that sounds great. I'll try it on my Alpine boxes 
2024-03-20 17:23:51 <Juniper> I found: https://wiki.linuxquestions.org/wiki/How_to_use_Secure_Boot_with_your_own_keys but I get lost at the point of "Install" Install to where and from what or from where? And at the end it mentions "your kernel should now boot" does this mean I'll have to do this procedure after every kernel upgrade ? Or sign the kernel every time?
2024-03-20 17:33:27 <Juniper> given: https://it.slashdot.org/story/23/05/12/1957257/microsoft-will-take-nearly-a-year-to-finish-patching-new-0-day-secure-boot-bug?utm_source=pocket_reader && https://techrights.org/o/2021/10/02/secure-boot-and-vmd/?utm_source=pocket_reader && The latest news of: https://www.phoronix.com/news/Linux-6.9-EFI-Updates which will take a long time to be released and implement in Alpine ... Maybe it would be best to just disable Secure Boot altogether?
2024-03-20 17:38:19 <WhyNotHugo> Juniper: these keys are "installed" into the firmware's storage.
2024-03-20 17:38:39 <WhyNotHugo> You usually only install the keys once, and sign all kernels with the same key.
2024-03-20 17:39:39 <Juniper> WhyNotHugo: again given the curent state of affairs it seems more pragmatic to disable Secure Boot.
2024-03-20 17:39:49 <WhyNotHugo> I'll warn you not to mess with these two much if you're not very familiar. It's possible to brick a system if you install keys and then lose access to them, or if your GPU requires an OpROM to work.
2024-03-20 17:40:32 <Juniper> WhyNotHugo: it's required to mess with them enough to even be able to boot much less install certain distros of Linux
2024-03-20 17:41:50 <WhyNotHugo> Usually it's safe to disable it. Keeping it enabled with MS's keys means that an attacker with physical access to the device can only boot into software signed by MS, which doesn't really help you.
2024-03-20 17:43:05 <Juniper> WhyNotHugo: in that instance it would be ideal to wipe the MS keys as well.
2024-03-20 18:24:56 <Juniper> On the other hand, this seems useful: https://imgur.com/a/Iuz9djh
2024-03-20 18:55:07 <frag> is it weird if the computer starts having problem after 35 days uptime? rpi, soundproblem, fixed with reboot
2024-03-20 19:16:25 <WhyNotHugo> Juniper: deleting keys make no change if secureboot is disabled.
2024-03-20 19:16:39 <WhyNotHugo> I mean, it saves the change to firmware, but it has no immediate effect.
2024-03-20 19:18:33 <Juniper> so with various Linux distros adopting Secure Boot Protocol/Practices, what is preventing this:https://arstechnica.com/information-technology/2016/08/microsoft-secure-boot-firmware-snafu-leaks-golden-key/ from happening with Linux Distro Keys?
2024-03-20 19:19:26 <Juniper> WhyNotHugo: it prevents a known "leaked" key being a trojan back door, right?
2024-03-20 19:19:50 <Juniper> in the instance secureboot is re-enabled
2024-03-20 19:21:58 <dwfreed> the keys used to sign things for secure boot are stored in HSMs and aren't exportable
2024-03-20 19:23:33 <Juniper> dwfreed: are you talking about private keys? or distro master keys?
2024-03-20 19:23:57 <dwfreed> the distro keys
2024-03-20 19:24:28 <Juniper> dwfreed: so a leak like happened to MS isn't possible?
2024-03-20 19:24:46 <dwfreed> correct
2024-03-20 19:25:28 <Juniper> dwfreed: if a key is stored in HSM, couldn't that be exploited?
2024-03-20 19:26:01 <dwfreed> HSMs are literally designed to hold keys and protect them from compromise...
2024-03-20 19:26:41 <Juniper> dwfreed: why didn't Microsoft utilize those mechanics?
2024-03-20 19:26:58 <dwfreed> the page you linked had nothing to do with actual signing keys
2024-03-20 19:30:31 <Juniper> dwfreed: I'm confused, the page I linked to mentions: "allows anyone to bypass the provisions Microsoft has put in place ostensibly to prevent malicious versions of Windows from being installed" how would they be *malicious versions of Windows* if the signing mechnisms are utilized and not compromizable? 
2024-03-20 19:30:48 <Juniper> and how would this in turn not apply to Linux distros?
2024-03-20 19:31:45 <dwfreed> bypassing secure boot itself on a single device isn't exposing the keys that sign binaries to allow them to pass secure boot checks
2024-03-20 19:32:02 <dwfreed> and indeed shim recently had a vulnerability fixed that allowed a bypass
2024-03-20 19:33:16 <Juniper> AFAIK, Alpine doesn't have a distro master key and relies on Psersonal Private Keys added, does this mean Alpine is less trustworthy than RedHat or Ubuntu or such?
2024-03-20 19:34:00 <dwfreed> No
2024-03-20 19:35:06 <Juniper> dwfreed: I get the feeling we're talking about two different things; I'm concerned with SecureBoot and it sounds like you're discussing Operating System Signature Keys; am I correct or am I missing something?
2024-03-20 19:35:33 <dwfreed> you're the one that said "keys"
2024-03-20 19:36:06 <Juniper> because https://wiki.alpinelinux.org/wiki/UEFI_Secure_Boot mentions "keys"
2024-03-20 19:44:21 <Juniper> so am I understanding right that https://www.phoronix.com/news/Linux-6.9-EFI-Updates pertains to shims for various Distros and doesn't really affect https://wiki.alpinelinux.org/wiki/UEFI_Secure_Boot or Authorized Marjor distros such as RHEL, Ubuntu etc?
2024-03-20 19:57:29 <bananicorn> Hi there, I am trying to use iwd's built-in DHCP functionality without success, even after enabling EnableNetworkConfiguration it simply does not get a DHCP lease without me manually running udhcpc -i wlan0. Am I missing something?
2024-03-20 19:58:38 <bananicorn> I stopped the networking service, even removed the wlan0 interface from /etc/network/interfaces to prevent any conflicts
2024-03-20 19:59:36 <Juniper> Power outage disconnected me; when I get disconnected on webchat it closes the channel window so I miss any prior responses that I didn't get a chance to see.
2024-03-20 20:00:27 <bananicorn> Juniper: You didn't miss anything directed at you :)
2024-03-20 20:02:03 <ikke> https://irclogs.alpinelinux.org/%23alpine-linux-2024-03.log
2024-03-20 20:03:12 <Juniper> ikke: thanks :)
2024-03-20 20:08:29 <Juniper> so for the step: '# efi-mkkeys -s "Your Name" -o /etc/uefi-keys'  on:  https://wiki.alpinelinux.org/wiki/UEFI_Secure_Boot is it best practice to use your actual name or an alias to prevent the possibility of someone else generating the same key if they know your name?
2024-03-20 20:41:53 <Juniper> why isn't Alpine on this list: https://kcm.trellix.com/corporate/index?page=content&id=KB96586 ?
2024-03-20 21:19:55 <Juniper> dwfreed:  https://youtu.be/4ETqwL0NddQ?si=GJT4_RuXoM0gC6uQ&t=2157 the question becomes even if the OS can be secured by signature, what about the packages that make up that OS; what's to secure the signatures?
2024-03-21 00:40:11 <chexo3> I am getting to the point where I want to finally bite the bullet and switch to Linux full time. The problem is the distro I am most interested in actually using is Alpine, and I do a lot of gaming. So basically I'd be dealing with a glibc chroot, VFIO, or *both*. But I chose this CPU to upgrade to for the extra CPU cores and because it has an iGPU I could use for the host when the dGPU is being passed through, so I kind
2024-03-21 00:41:02 <chexo3> I don't think I have the technical skills to do it on my own. Thankfully I have a spare SATA SSD installed so I can install the system onto there and clone it onto my NVMe drive when I'm ready to switch, but still.
2024-03-21 00:42:22 <chexo3> Do y'all think it makes sense to have an NTFS formatted drive for my Steam games? So I could use them with a Windows guest or dual boot for example. Since NTFS support in Linux is *relatively* mature it should be fine right?
2024-03-21 00:42:35 <chexo3> It's not like I'd have mission critical data on there, just stuff I can redownload anyways.
2024-03-21 00:44:57 <chexo3> Okay this part is more of a traditional question: Those of y'all who have played Steam games on Alpine Linux, what route did you take for the glibc issue (chroot? gcompat? container? VM (potentially Windows VM)?) and what pain points did you experience?
2024-03-21 00:45:29 <chexo3> did you get things running satisfactorily in a decently demanding title and what did it take to get there?
2024-03-21 01:34:43 <Saijin_Naib> <chexo3> "I am getting to the point..." <- What gaming? My main usage of my Windows desktop was Gaming and geospatial data work
2024-03-21 01:34:50 <Saijin_Naib> I use Alpine fully on all my personal machines now
2024-03-21 01:34:59 <Saijin_Naib> Lutris flatpak + Steam Flatpak and I'm pretty happy
2024-03-21 01:35:16 <Saijin_Naib> Geospatial side is harder, but Mr. Holger Jaekel is doing a wonderful job on that
2024-03-21 01:35:35 <Saijin_Naib> <chexo3> "Okay this part is more of a..." <- Flatpak, literally none
2024-03-21 01:35:57 <Saijin_Naib> <chexo3> "did you get things running..." <- Switching my GPU from NVIDIA to Intel Arc and waiting for Alpine to use a supported kernel as LTS
2024-03-21 02:03:01 <chexo3> <Saijin_Naib> ... What gaming?
2024-03-21 02:03:03 <chexo3> heck
2024-03-21 02:03:09 <chexo3> shift enter doesn't work for newlines
2024-03-21 02:03:28 <chexo3> lots of counter strike lately but also helldivers 2. 
2024-03-21 02:04:30 <dwfreed> there are no multiline messages on irc
2024-03-21 02:04:55 <Saijin_Naib> Control, quantum break, wrath, cs 1.6 cz s go 2, quakes, nightrunners, etc
2024-03-21 02:05:38 <chexo3> I... really do not care for flatpak. Like, stuff that would normally be shared libs needs to be duplicated between flatpaks. But needs must I guess. 
2024-03-21 02:05:39 <Saijin_Naib> Lutris for EA games like NFS
2024-03-21 02:05:54 <chexo3> What's special about Lutris? I forget what exactly it does.
2024-03-21 02:06:03 <Saijin_Naib> It does a ton
2024-03-21 02:06:07 <chexo3> Is it like automating Wine/Proton basically?
2024-03-21 02:06:26 <Saijin_Naib> Partially, and library management
2024-03-21 02:07:27 <chexo3> oh like games library management
2024-03-21 10:39:26 <Cannonba1t> Hi, trying to configure the RX/TX ring buffer for an alpine Raspberry Pi 4. But unable to due to getting "netlink error: Not supported" when running "ethtool -g eth0". I strongly suspect a reliability issue I'm trying to track down is related to these buffers, any idea how I could check/increase them?
2024-03-21 12:07:14 <pfr> If anyone is able to give me some pointers on building velox/wld (or building packages on Alpine in general) please have a look at this github issue and comment if you have time: https://github.com/michaelforney/velox/issues/54
2024-03-21 12:07:16 <pfr> cheers
2024-03-21 13:20:52 <Inga> Hi everybody! I wonder if anybody here is using Alpine on a recent AMD-based thinkpad? I'm getting a ton of problems, most of them probably kernel driver bugs (even though I'm talking about AMD 7xxx (summer 2023) and AMD 6xxx (summer 2022) generations, and I'm on the latest linux-lts), but maybe they're well known, and there are some well known workarounds?
2024-03-21 13:22:50 <ikke> Inga: I have not heard of such issues
2024-03-21 13:26:45 <Inga> like, I got issues with internal mic (it simply doesn't work, neither on this generation nor on previous one), with sleep (everything seems to work fine on linux kernel level, but wireplumber / pipewire breaks until reboot), with closing the lid (black screen on open, only solved when wayland-based WM is running by switching to another VT and back; no way to recover if wayland-based WM was not running)...
2024-03-21 13:27:48 <Inga> ...with external monitors (they don't work, but at least this can be fixed by disabling VRR / adaptive sync), with closing the lid _and_ external monitors (apparently, from linux point of view, closing the lid does not actually turn off the internal screen, even though it used to do so on the previous generation laptop)...
2024-03-21 13:28:56 <Inga> that's a lot of issues, and none of them are especially googlable, and this is on relatively popular hardware (I'd suspect it's popular here as well), so I wonder if anybody has any ideas how to debug this / google this?
2024-03-21 14:50:02 <Ermine> Despite the popularity, the chance  of meeting with the same model running Alpine Linux is close to zero
2024-03-21 14:52:36 <lopid> mm, a model running alpine linux…
2024-03-21 14:52:46 <Ermine> So you need, as usual, go through logs to figure out culprits of your issues
2024-03-21 14:55:10 <Ermine> You'll probably need to file bugreports to various projects
2024-03-21 14:55:36 <Inga> most of them to kernel I guess
2024-03-21 14:56:01 <Ermine> probably
2024-03-21 14:56:41 <Inga> it's just that I thought thinkpads are going to be quite popular here, so I thought there'd be a few people using the recent ones
2024-03-21 14:57:00 <Ermine> I have thinkpad, but it's intel
2024-03-21 14:58:03 <Ermine> haven't tried alpine on this one tho
2024-03-21 14:58:17 <Ermine> but there are much more differences between models anyway
2024-03-21 15:01:22 <Inga> the four main models (X13, T14s, T14/P14s and T16/P16s) do not differ very much (if at all) internally afaik :)
2024-03-21 15:03:29 <Inga> (I mean between each other, within a single generation)
2024-03-21 15:04:13 <Inga> (and that's only for AMD-based)
2024-03-21 15:05:34 <fluix> way out of my depth here, but maybe you could try linux instead of linux-lts?
2024-03-21 15:05:58 <Ermine> I have t14, and it runs pretty solid
2024-03-21 15:13:23 <Inga> hmm, maybe I should indeed try the latest kernel.
2024-03-21 15:15:28 <Inga> how exactly does one do that? https://wiki.alpinelinux.org/wiki/Kernels is not very informative. should I just install linux-edge package and adjust grub boot menu somehow? or are there some other (easier?) ways to do it?
2024-03-21 15:21:27 <zcrayfish> n.b.: linux-edge supports different hardware than linux-lts; so it could do better or could do worse.
2024-03-21 16:48:01 <Ermine> Inga: just install linux-edge, grub will be reconfigured appropriately
2024-03-21 17:11:31 <inga> thank you! switching to the latest kernel went easy and painlessly. didn't fix any issues either, though.
2024-03-21 17:29:53 <inga> I think I found what causes one of the problems (or maybe even two... or maybe it improves the state of things with another problem).
2024-03-21 17:32:05 <inga> I'm getting these messages in way-displays logs: "WARNING: libinput open /dev/input/event1 failed: 13 Permission denied". but I'm using elogind, shouldn't it automatically provide all the permissions when my session is created with elogind? or maybe I don't understand how any of this works
2024-03-21 17:41:34 <ikke> Yes, it should but I have not experience with elogind, so not sure how it's supposed to work
2024-03-21 17:42:02 <ikke> inga: you could verify that's the issue by adding yourself to the input and video group and see if that improves things
2024-03-21 17:42:19 <grawity> afaik, (e)logind does not set ACLs for input devices; it expects software to make D-Bus calls to have (e)logind open the devices on its behalf
2024-03-21 17:42:51 <grawity> (as that way it can *revoke* access when the foreground console switches away to a different user)
2024-03-21 18:23:56 <WhyNotHugo> inga: i don't think you ever open /dev/input/event1 directly; clients need to ask elogind/seatd for access to input devices.
2024-03-21 18:24:28 <inga> adding myself to input group and logging out and in again did help and solved one of the issues that I had
2024-03-21 18:24:49 <inga> now the question is, why did I have to add myself to the input group, why wasn't it sorted out by elogind / dbus?
2024-03-21 18:25:31 <inga> or can it be the issue with the software that tried to listen to these events?
2024-03-21 18:27:03 <inga> okay, nevermind, "Add yourself to the input group to monitor events" is now a part of the readme for that software (way-displays)
2024-03-21 18:30:15 <Ermine> The point of elogind is to avoid adding users to input/video/etc groups
2024-03-21 18:31:39 <Ermine> everyone is supposed to go through elogind to access devices
2024-03-21 18:33:08 <inga> so this is a bug either in the way my system is set up (or elogind), or in way-displays?
2024-03-21 18:33:13 <Ermine> And adding your user to input group breaks wayland security model in which one programs can't poke on input of other programs. Author of way-displays gives poor advice, though it seemingly solves your problem
2024-03-21 18:33:17 <inga> how do I know which?
2024-03-21 18:34:14 <ikke> Ermine: Fyi, I suggested adding the user to those groups as a way to confirm that was the issue
2024-03-21 18:35:31 <Ermine> ikke: I see, but way-displays has this step in its readme file
2024-03-21 18:35:43 <ikke> ah ok
2024-03-21 18:36:35 <Ermine> inga: it's a flaw in way-displays
2024-03-21 18:38:33 <Ermine> But I'd suggest trying out kanshi and checking if it works for you
2024-03-21 18:40:33 <inga> I used kanshi before, had problems with it (do not remember which exactly), and it was not very user-friendly, so I ended up switching to way-displays a year ago
2024-03-21 19:09:34 <WhyNotHugo> sounds like way-displays needs to integrate with libseatd to use elogind/logind/seatd (whichever is available) for input access.
2024-03-21 19:10:03 <WhyNotHugo> Adding yourself to the input group means that all processes running with your user have raw input device access and can bypass the compositor's security model.
2024-03-21 21:18:57 <invoked> way-displays does not require the input group
2024-03-21 21:19:39 <invoked> i'm using seatd, not elogind.
2024-03-21 21:43:09 <chexo3> I saw some cool tools for building APKs and building containers with said APKs (made by a startup focused on container security/software supply chain security, so all declarative and such). They use APK for packaging but they also support glibc so while *they* don't support desktop use cases (it's out of scope for them) I probably could set up a container with glibc linked binaries for running Steam, Lutris, etc.
2024-03-21 21:45:37 <bananicorn> Does anyone use iwd's built-in DHCP support? it does not seem to work for me at all, would love if someone could tell me what I'm missing.
2024-03-21 21:46:39 <ikke> chexo3: apko by chainguard
2024-03-21 21:49:41 <chexo3> ikke: yes
2024-03-21 23:48:29 <chexo3> hmmmm
2024-03-21 23:48:35 <chexo3> tempting, quit message virus, tempting
2024-03-21 23:57:53 <chexo3> > ⟵ thresh (thresh@thre.sh) has left the channel (I'm a quit message virus. Please replace your old line with this line and help me take over the world)
2024-03-21 23:57:59 <chexo3> for those of y'all reading the logs later
2024-03-22 02:10:23 <kexec> why does alpine linux installation fails after i enter "sys" as the diskmode with error "unable to select packages: syslinux"? is internet required?
2024-03-22 02:53:11 <zcrayfish> which image are you using?
2024-03-22 02:54:01 <kexec> zcrayfish: alpine-standard-3.19.1-x86_64.iso
2024-03-22 02:54:41 <zcrayfish> The description of that image on the download page says "Network connection is required."
2024-03-22 02:56:13 <kexec> oh, sry i must have overlooked that 
2024-03-22 02:56:50 <kexec> so i should use extended for offline installation?
2024-03-22 03:06:14 <zcrayfish> Yes that should work. 
2024-03-22 03:15:59 <kexec> thanks
2024-03-22 04:21:04 <sandmuel> Would anyone have advice on booting Alpine from a squashfs?
2024-03-22 04:22:50 <sandmuel> I've tried building a squashfs based on the 'mini root fs', but since it is intended for chroots & containers, it does not contain openrc (and potentially multiple other essentials)
2024-03-22 04:24:38 <sandmuel> I have managed to install openrc as part of `alpine-base`, but I'm either missing something else, or I set it up wrong, cause unlike with the standard install, I cannot connect to a network.
2024-03-22 04:26:09 <sandmuel> even after manually starting the 'networking' service and the 'networkmanager' service
2024-03-22 06:30:01 <dwfreed> you probably need a writable overlay
2024-03-22 06:32:31 <sandmuel> How come?
2024-03-22 06:33:00 <sandmuel> Can't I just chroot into it to set it up before compressing it?
2024-03-22 06:33:50 <dwfreed> dhcp clients like to write to /var/lib
2024-03-22 06:34:03 <dwfreed> so you need to make that writable somehow
2024-03-22 06:34:26 <dwfreed> this could be overlayfs, or individual mounts
2024-03-22 06:34:47 <dwfreed> the upper part of the overlayfs or the individual mounts could be tmpfs
2024-03-22 06:35:20 <dwfreed> but ultimately it is not possible to have a completely non-writable full system
2024-03-22 06:35:54 <dwfreed> (/run will be writable regardless, because that gets mounted as a tmpfs, and that does cover a lot of it, but not all of it)
2024-03-22 06:36:43 <dwfreed> equally, /tmp should be writable somehow
2024-03-22 07:09:16 <sandmuel> Oh I was thinking of (for now) having the filesystem writable, but only in RAM, so /var/lib will is writable, it just doesn't stay across reboots
2024-03-22 07:09:28 <sandmuel> same with the other directories
2024-03-22 07:10:19 <sandmuel> for essentials, I was thinking symlinking specifically what *must* remain across reboots, from a filesystem on the hard drive
2024-03-22 07:13:34 <dwfreed> there isn't really anything that needs to remain across reboots and be writable, unless you want to be able to change config at runtime
2024-03-22 07:14:17 <dwfreed> (see OpenWrt; unless you change config or install packages, it does not write to flash; but it takes care to override everything so that it writes to /tmp in some way)
2024-03-22 07:27:54 <sandmuel> Yeah, nothing that absolutely must be written, but things such as /etc/passwd is quite nice to have remaining
2024-03-22 07:30:31 <sandmuel> I'll be going now since it is quite late for me, but I'll be back the next day. Goodbye
2024-03-22 07:31:02 <sandmuel> (I don't have a bouncer so I won't be able to get any messages while I'm away)
2024-03-22 11:24:15 <rdbo> hello everyone! when you boot on alpine linux, you get the message "Welcome to Alpine Linux 3.20.0_alpha... (edge)" (not the one from /etc/motd)
2024-03-22 11:24:23 <rdbo> where does that message come from? i wanted to change it
2024-03-22 11:24:51 <rdbo> it shows before you log in, along with kernel version and arch
2024-03-22 11:28:26 <lopid> grep -ir 'welcome to alpine linux' /etc
2024-03-22 11:31:15 <rdbo> oh, /etc/issue it is
2024-03-22 11:31:19 <rdbo> thx lopid
2024-03-22 11:57:06 <oneDitto> I'm getting ERROR BAD Signature when trying to install a package with apk add, is there anything I can do to fix?
2024-03-22 11:58:49 <ikke> oneDitto: what package, with what repo?
2024-03-22 12:00:05 <oneDitto> ikke:  edge community libqaccessbilityclient
2024-03-22 12:00:30 <ikke> what arch?
2024-03-22 12:00:42 <oneDitto> x86_64
2024-03-22 12:01:59 <ikke> And what mirror?
2024-03-22 12:02:39 <oneDitto> https://dl-cdn.alpinelinux.org
2024-03-22 12:07:13 <quinq> Can confirm
2024-03-22 12:07:22 <quinq> Ah, no.
2024-03-22 12:07:27 <quinq> Get (no such package
2024-03-22 12:07:29 <quinq> )
2024-03-22 12:08:37 <quinq> Because it was missing an 'i', I installed it successfuly
2024-03-22 12:12:17 <oneDitto> hmm, I tried a random mirror and it worked
2024-03-22 12:12:50 <oneDitto> is this something that happens often? I'm relatively new to alpine
2024-03-22 12:20:06 <ikke> oneDitto: only if some change is reverted, which i didn't see happen here
2024-03-22 12:20:23 <ikke> Or a package being downgraded again 
2024-03-22 18:42:10 <jerkwad_robot_> Silly but serious question. Dockerhub has a bunch of images for some software I want to run. Then I started thinking... could these images be loaded with mal/spyware and other bad stuffs?
2024-03-22 18:43:23 <ikke> absolutely
2024-03-22 18:43:26 <jerkwad_robot_> Should I think twice about downloading some image..
2024-03-22 18:43:31 <jerkwad_robot_> Ya, k
2024-03-22 18:44:10 <jerkwad_robot_> Hmm, maybe rolling my own is the way to go.
2024-03-22 18:45:30 <jerkwad_robot_> 'course, I have no idea what I am doing with docker :)
2024-03-22 18:50:00 <jerkwad_robot_> Hmm. For a piece of software that should be running in the background constantly, am I better off taking a swing at LXC vs docker?
2024-03-22 19:01:39 <ikke> Both can work for that
2024-03-22 19:50:33 <kexec> is it possible to disable ipv6 on a specific network interface using /etc/network/interfaces?
2024-03-22 19:52:25 <quinq> Not sure, but there are sysctls for that
2024-03-23 02:10:33 <pfr> I'm new to the ash shell. Is there an equivelant command to Bash's fc(1) in ash do work with the command history?
2024-03-23 05:45:47 <telmich> Good morning! It seems we have 2 packages providing the same file: (1/1) Reinstalling libsmi (0.5.0-r2) ERROR: libsmi-0.5.0-r2: trying to overwrite usr/share/yang/ietf-interfaces.yang owned by frr-9.1-r0.
2024-03-23 06:00:52 <theJoker8814> Hi, I want to use connman (with wpa_supplicant) and DHCP, currently I’m using dhcpcd for dual-stack. I cannot figure out, if connman has it’s own DHCP client or whether it supports dhcpcd. Can anyone point me into the right direction?
2024-03-23 08:09:51 <sewn> does abuild use exclusively only ash in APKBUILDs?
2024-03-23 08:11:49 <ikke> abuild uses the shell it is executed with
2024-03-23 08:12:15 <ikke> On Alpine Linux, that is ash
2024-03-23 08:12:44 <sewn> https://gitlab.alpinelinux.org/alpine/abuild/-/blob/master/abuild.in?ref_type=heads#L1
2024-03-23 08:12:46 <sewn> are you sure about that?
2024-03-23 08:13:21 <ikke> bash /usr/bin/abuild and it would be bash
2024-03-23 08:13:32 <sewn> thats undefined wouldn't it
2024-03-23 08:13:55 <ikke> It's not tested with any other shell, no
2024-03-23 08:14:04 <sewn> abuild's shebang is ash, which says it should be used with ash only
2024-03-23 08:16:14 <ikke> for the best results, yes, but generally ash if very close to bash (except missing some features). But what I mean to say is that abuild just sources APKBUILD files, so whatever shell it is executed with, that's what's being used for APKBUILDs
2024-03-23 08:17:02 <sewn> then SC2102 should be an exception
2024-03-24 01:14:02 <m1rr0r5h4d35> Anyone awake?
2024-03-24 01:20:57 <ang1e> a little.
2024-03-24 01:21:42 <m1rr0r5h4d35> Well I suppose as long as you can still form words, awake is awake.
2024-03-24 01:22:34 <m1rr0r5h4d35> This might be a stupid question, but does alpine still have 32-bit support, or has it moved to x86_64 only?
2024-03-24 02:27:41 <Someone[m]> <m1rr0r5h4d35> "This might be a stupid question,..." <- Can you read their page?
2024-03-24 02:31:29 <omni> armhf, armv7 and x86 are 32b and supported, although 32b x86 now has slightly more modern requirements than before if you run latest stable (3.19) or edge
2024-03-24 02:37:26 <omni> https://wiki.alpinelinux.org/wiki/Requirements
2024-03-24 21:46:08 <sewn> has anyone tried to do a full EFISTUB installation for the kernel on alpine?
2024-03-24 21:46:27 <sewn> without efibootmgr, using initramfs for cmdline
2024-03-24 21:46:40 <sewn> i think thats referred to commonly as a unified kernel image
2024-03-24 22:08:13 <zcrayfish> Sounds like something the folks who want to use secureboot would do.
2024-03-24 22:08:35 <zcrayfish> Or to answer your question: absolutely, but not me!
2024-03-24 23:15:17 <sewn> when I had my own kernel I just copy it to the boot partition as bootx64.efi, this way I dont need a bootloader or efibootmgr
2024-03-24 23:15:34 <sewn> I dont believe something similar can be done without uki for initramfs
2024-03-25 00:38:14 <jerkwad_robot> Does anyone here know if LXC can use nftables? I can't seem to find anything that explicitly says that it does. 
2024-03-25 00:57:31 <jerkwad_robot> nevermind. I found what I was looking for. Archlinux wiki to the rescue!
2024-03-25 03:36:41 <pfr> How can I set the default shell (ash) to be a Login Shell?
2024-03-25 03:37:02 <pfr> it seems my ~/.profile isn't being read
2024-03-25 03:49:51 <pfr> do I simply add the -l flag when using chsh?
2024-03-25 03:55:54 <pfr> or is there a way I cab check?
2024-03-25 04:05:45 <pfr> hmmm just reading through the busybox man page... If I didn't specify my shell when setting up my user for the first time I can use 'add-shell' ?
2024-03-25 04:07:02 <pfr> hmm nope. That's not it. What it the busybox equivelent for 'usermod'?
2024-03-25 04:32:49 <zcrayfish> pfr: # vi /etc/passwd
2024-03-25 04:34:28 <pfr> zcrayfish: I have /bin/ash at the end of the line next to my username. DO I need to add '-l' or something?
2024-03-25 04:41:55 <zcrayfish> No.
2024-03-25 04:42:39 <pfr> It seems it's set. I wonder why my .profile is not being read on login..?
2024-03-25 04:43:18 <pfr> I am sourcing it in /etc/profile 
2024-03-25 04:46:01 <zcrayfish> That's weird it should parse /etc/profile and ~/.profile on login
2024-03-25 04:48:13 <zcrayfish> how are you launching the shell? (e.g. on the vt consoles via getty)
2024-03-25 04:50:15 <pfr> what's weirdes is that I'm sourcing my ~/.ashrc from ~/.profile, and my ~/.ashrc sources an alias file... and my aliases work so therefore the ~/.profile seems to be read but other environment variables aren't ..
2024-03-25 04:51:54 <pfr> In term's of launching the shell, i'm not sure what you mean. I login and start my wm and then launch terminal processes
2024-03-25 04:52:11 <zcrayfish> yeah, that's what I meant.
2024-03-25 04:52:12 <pfr> It s single user laptop system
2024-03-25 04:54:34 <pfr> this is my ~/.profile -> https://0x0.st/XsNU.txt
2024-03-25 04:54:49 <pfr> this is my /etc/profile -> https://0x0.st/XsN0.txt
2024-03-25 04:55:19 <pfr> this is my ~/.ashrc -> https://0x0.st/XsNG.txt
2024-03-25 04:56:14 <pfr> the bottom 3 environment variables in my ~/.profile aren't being loaded
2024-03-25 05:06:20 <pfr> should I just merge my .profile into /etc/profile seeing as I'm the only user?
2024-03-25 05:06:29 <pfr> and delete my .profile
2024-03-25 05:07:47 <zcrayfish> You could, but I think you were on the right track to begin with. The terminal emulators are going to launch an interactive regular shell as opposed to an interactive login shell. 
2024-03-25 05:08:45 <zcrayfish> most of the terminal emulators have an option to start the shell as a login shell (e.g. "xterm -ls"), or to pass an argument to the shell. 
2024-03-25 05:09:04 <pfr> ahhhhhh
2024-03-25 05:10:03 <pfr> I use alacritty and I do set the shell option in the config. THere doesn't appear to be an option to set a login shell.. I'll keep digging
2024-03-25 05:10:47 <pfr> however, those environment variables should be read at login yes?
2024-03-25 05:13:36 <zcrayfish> I would think so
2024-03-25 05:14:01 <zcrayfish> anyway alacritty's web documentation shows how to start zsh as a login shell... you could just change it to ash
2024-03-25 05:14:03 <zcrayfish> https://alacritty.org/config-alacritty.html
2024-03-25 05:14:18 <pfr> Yeah, I've just added the 'args'
2024-03-25 05:14:28 <zcrayfish> cool
2024-03-25 05:14:45 <pfr> but in my case, the BEMENU_OPS should be read at login and they aren't
2024-03-25 05:15:49 <ikke> pfr: you can also set the ENV variable to a file to source for non login shells 
2024-03-25 05:16:23 <ikke> (environment variable)
2024-03-25 05:17:34 <pfr> ikke: that it actually hos I'm sourcing my ~/.ashrc from my ~/.profile (see link above)
2024-03-25 14:27:52 <ang1e> Has anyone succeeded in installing dbeaver to alpine?
2024-03-25 14:56:26 <ang1e> https://builds.sr.ht/~acsqdotme/job/1178042
2024-03-25 14:57:26 <ang1e> If anyone here is a java did I make my build manifest wrong, or is this an upstream issue? Binaries don't work either.
2024-03-25 14:58:09 <ang1e> and I wanna avoid flatpak for as long as I can.
2024-03-25 15:07:39 <fluix> I think you're going to have to do some debugging: keep in mind that Alpine uses musl, and that you're running in a container
2024-03-25 15:08:13 <fluix> your build manifest just runs an upstream-provided build script so I don't think there's anything wrong, but also not much to say
2024-03-25 15:10:41 <ang1e> yeah, there was an issue back in 2020 of it not working with alpine, but I wanted to be sure.
2024-03-25 18:01:32 <NullP01ter> xfce4-docklike-plugin is a relatively old project but I only seem to find the package for Alpine in the "edge" repositories, does this mean I need to switch to edge just to use this package? https://pkgs.alpinelinux.org/packages?name=xfce4-docklike-plugin
2024-03-25 18:24:16 <zcrayfish> NullP01ter: this is not recommended, but if you don't want to switch to edge, you might add the edge repo as a tagged repository and then install xfce4-docklike-plugin with a tag... that way you're pulling in as little as possible from edge. It works for some packages but not others. Not sure for xfce4-docklike-plugin.
2024-03-25 18:24:48 <zcrayfish> https://wiki.alpinelinux.org/wiki/Alpine_Package_Keeper#Repository_pinning
2024-03-25 18:25:41 <NullP01ter> zcrayfish: thank you for the info... any idea why that package has been in edge ? is there something inherently unstable about it?
2024-03-25 18:26:31 <ikke> NullP01ter: Not necessarily
2024-03-25 18:26:38 <NullP01ter> Also is there any major issue running edge in full? 
2024-03-25 18:26:53 <NullP01ter> it's only for a personal system at home
2024-03-25 18:26:56 <ikke> Generally not, just from time to time there may be issues
2024-03-25 18:27:09 <NullP01ter> ikke: cool, thanks
2024-03-25 18:27:17 <zcrayfish> Also that package is in testing.
2024-03-25 18:27:31 <zcrayfish> I *only* run edge, very rarely run into issues.
2024-03-25 18:28:16 <NullP01ter> oh, I didn't find it or see it in testing... now I know, thanks zcrayfish
2024-03-25 18:28:59 <NullP01ter> cool nick by the way, RIP Seymour Cray
2024-03-25 18:29:56 <omni> you can suggest for the aport to be moved from testing/ to community/ by opening an issue or MR
2024-03-25 18:31:12 <NullP01ter> omni, I may consider that once I actually install Alpine; don't actually have a system up yet.
2024-03-25 18:33:35 <NullP01ter> Is there a way to see the testing branch on https://pkgs.alpinelinux.org/
2024-03-25 18:33:54 <ikke> It's shows packages in testing by default
2024-03-25 18:34:11 <ikke> As long as you have edge selected as branch
2024-03-25 18:34:14 <omni> you have the Repository drop-down
2024-03-25 18:34:17 <ikke> testing is a repo btw, not a branch
2024-03-25 18:34:50 <ikke> https://pkgs.alpinelinux.org/packages?name=xfce4-docklike-plugin&branch=edge&repo=&arch=&maintainer= shows that the package is in testing
2024-03-25 18:35:46 <NullP01ter> Is there a place to see the status or update progress for the next upcomming release of Alpine Linux and what the roadmap of features are to be implemented?
2024-03-25 18:36:42 <omni> a release is cut from edge (the "rolling release") twice a year
2024-03-25 18:37:21 <NullP01ter> zcrayfish: looks like in testing for edge not 3.19 ... https://pkgs.alpinelinux.org/packages?name=xfce4-docklike-plugin&branch=v3.19&repo=testing&arch=&maintainer=
2024-03-25 18:37:35 <omni> you can get an idea about when by looking at https://alpinelinux.org/releases/
2024-03-25 18:37:51 <NullP01ter> omni: cool, thank you :)
2024-03-25 18:37:52 <omni> testing is only for edge
2024-03-25 18:38:01 <NullP01ter> oh, okay
2024-03-25 18:38:09 <NullP01ter> so I'll have to pin that package either way
2024-03-25 18:38:22 <ikke> https://gitlab.alpinelinux.org/groups/alpine/-/milestones/6
2024-03-25 18:38:54 <omni> aports in main are supported for ~two years and aports in community are supported for ~half a year, until the next release
2024-03-25 18:39:46 <omni> new aports are introduced through the testing repo and ideally should not stay there for too long but sometimes they do
2024-03-25 18:40:07 <omni> and it is rarely an indication of issues with the aport itself
2024-03-25 18:41:25 <NullP01ter> oh, I had just assumed since it was testing that there may have been found issues that needed worked out before releasing to (community?)(stable?)
2024-03-25 18:41:45 <NullP01ter> or even "edge"
2024-03-25 18:42:08 <ikke> NullP01ter: testing is more for new packages
2024-03-25 18:42:25 <ikke> the edge branch is where we test out packages for the next release
2024-03-25 18:43:15 <NullP01ter> okay, thank you again :)
2024-03-25 18:45:09 <omni> when an aport is moved from testing to community or main it will be available in the next release
2024-03-25 18:46:49 <NullP01ter> so when this May release comes does it use recent stable or main line kerenel or does it use a kernel from edge branch ? Like will 6.9 or later be in a May release?
2024-03-25 18:46:51 <omni> that usually happens on request or when the maintainer themself feel it's time
2024-03-25 18:47:21 <omni> it will use what is in edge at the time of release
2024-03-25 18:47:44 <NullP01ter> how often do new kernels go into edge?
2024-03-25 18:49:07 <NullP01ter> or is there an intentional time gap between newer kernels and kernels in testing?
2024-03-25 18:49:19 <ikke> No, generally the same update schedule
2024-03-25 18:49:20 <omni> the linux-lts aport track the latest longterm kernel and linux-edge the latest stable kernel
2024-03-25 18:49:40 <ikke> but the main kernel follows the stable kernels
2024-03-25 18:49:55 <NullP01ter> so are releases based on lts then?
2024-03-25 18:52:10 <omni> alpine releases are around end/beginning of the year and around mid-year, when it is ready and in good enough shape
2024-03-25 18:52:23 <ikke> The next one is due in may
2024-03-25 18:53:02 <NullP01ter> so if Alpine use Position Independent Executables how does it handle wayland with things like XFCE etc? AFAIK XFCE itself isn't wayland ready does this mean I can't use the wayland package with XFCE on Alpine?
2024-03-25 18:53:30 <ikke> How are those 2 concepts related?
2024-03-25 18:54:27 <NullP01ter> ikke, cause XFCE typically uses X.org but AFAIK things are trying to move away from X (at least in other distros) and Wayland is supposedly the alternative replacement
2024-03-25 18:54:48 <ikke> how is that related to PIE?
2024-03-25 18:55:33 <NullP01ter> oh, well I thought X.org as a server or even Wayland had to talk to other applications to function and so I thought PIE was issolating those connections and just didn't know if or how it affected it.
2024-03-25 18:55:58 <ikke> That's not the case
2024-03-25 18:56:18 <ikke> in general, if you want to use wayland, you use some display manager / compository that is built for wayland
2024-03-25 18:58:39 <NullP01ter> ikke: to be honest I've been out of the Linux world for a while, and just now getting back in so I'm not too familiar with Wayland, but I keep seeing somthing about wlroots or something and I understand Sway and Hyperland are the available compistors for Wayland; does Wayland not handle window management and compositor itself by design?
2024-03-25 19:01:14 <fluix> it does
2024-03-25 19:01:56 <fluix> wlroots is a library to write wayland servers/compositors (a combination of the corresponding server *and* compositor in the X world)
2024-03-25 19:07:00 <NullP01ter> fluix, I'm still lost, so if I install XFCE and wish to use Wayland, ... do I HAVE TO install sway or Hyperland or can I use the default xfwm ? I'm guessing I do because xfwm was written with X.org in mind ? so if I go with Sway does that mean I can't have stacking or dynamic windows?
2024-03-25 19:09:08 <fluix> XFCE is a desktop environment with multiple programs; xfwm is an xorg window manager; the apps that come with xfce can probably run without xfwm but expect to use the xorg protocol, so you must use an xorg server
2024-03-25 19:09:58 <fluix> you cannot use xfwm as a wayland window manager because it doesn't implement the wayland protocol, it implements the X protocols
2024-03-25 19:10:54 <fluix> now, if you want to use Wayland, you can choose a wayland compositor (be that GNOME's Mutter, KDE's Plasma, Sway, Hyprland, or numerous others) and use xwayland (often well integrated with the compositor) to run X apps like those of the xfce desktop environment
2024-03-25 19:11:28 <fluix> the apps will connect to xwayland which presents an X API to them and it will translate that to corresponding wayland protocol events to your wayland compositor. it's not perfect, but it works very well
2024-03-25 19:12:30 <NullP01ter> fluix, ok thanks that clears things up ... but I am curious, because wayland is on XFCE's road map what does that mean once the apps that come with xfce are ported over will they cese to run under xorg protocol, thus forcing a protocol switch from xorg to wayland?
2024-03-25 19:13:11 <NullP01ter> oh, so there's a translation layer for legacy
2024-03-25 19:13:22 <fluix> it depends on how they do the porting. the big toolkits like Qt, GTK, SDL, etc. can compile or run on both
2024-03-25 19:13:55 <fluix> however, note that while xwayland exists (so you can run X apps on a Wayland compositor), waylandx isn't something that exists or will likely ever exist (so you can't run wayland apps on an xorg compositor)
2024-03-25 19:15:57 <NullP01ter> this is concerning because I'm used to certain consistences in XFCE and am afraid of disruptions affecting workflow 
2024-03-25 19:16:03 <fluix> yeah reading the wiki pages, some xfce aps already work on wayland
2024-03-25 19:16:14 <fluix> s/aps/apps/
2024-03-25 19:16:50 <fluix> switching to Wayland isn't something you have to do, and it all depends on what you plan on running
2024-03-25 19:16:53 <NullP01ter> is thunar one of those apps @fluix or have a link to wikipage ?
2024-03-25 19:17:05 <fluix> I just glanced at https://wiki.xfce.org/releng/wayland_roadmap. I don't know
2024-03-25 19:17:26 <fluix> I lie the answer is yes for everything except the wm
2024-03-25 19:17:47 <NullP01ter> I just plan to run the XFCE DE but I keep getting the impression that its tooling or underlaying engine is getting deprecated 
2024-03-25 19:18:23 <fluix> I don't know what you mean and/or don't see this being the case based on what I've read
2024-03-25 19:18:53 <fluix> but if you plan on running the xfce de you don't need to think about x or wayland right now. the main component, the window manager, is still exclusively an X window manager
2024-03-25 19:19:40 <fluix> eh, scratch that. I don't know how much of the "XFCE DE" is the window manager vs. the rest
2024-03-25 19:19:41 <NullP01ter> will they likely replace xfwm with sometihg else or port it over to wayland cause then I'm concerend about themes and how they work and if my old themes for say GTK2/3 will work
2024-03-25 19:20:09 <fluix> themes for GTK have nothing to do with X vs. Wayland
2024-03-25 19:20:26 <NullP01ter> oh yeah you said that GTK is being tooled for wayland
2024-03-25 19:20:28 <fluix> the wiki page is as much as I know
2024-03-25 19:20:36 <NullP01ter> so maybe hopefully the themes will still work
2024-03-25 19:20:36 <fluix> GTK supports wayland well
2024-03-25 19:21:03 <fluix> all the major compositors have switched to Wayland. most things you expect to work, work
2024-03-25 19:21:49 <NullP01ter> "[14:20] <fluix> themes for GTK have nothing to do with X vs. Wayland" so if a theme is made for a GTK that was compiled for X.org it won't matter that it's now running over GTK compiled for Wayland ?
2024-03-25 19:22:40 <fluix> I don't know how themes work for GTK. I would guess they're windowing protocol agnostic.
2024-03-25 19:24:05 <NullP01ter> I don't know themes used to throw fits with errors in the past when I would swich just window managers namely gala from xfwm and gala was lua but who knows
2024-03-25 19:24:50 <fluix> okay, that's something you're going to have to figure out yourself
2024-03-25 19:25:01 <NullP01ter> er vala not lua
2024-03-25 19:25:43 <NullP01ter> yeah, I think it'll be fine, thank you again for all the information and help fluix, this really sheds some light on things
2024-03-25 19:25:51 <fluix> gl
2024-03-25 19:25:54 <NullP01ter> np
2024-03-25 19:28:49 <NullP01ter> wait... just to recap, so on Alpine I just install the XFCE and wayland package, or am I required to install sway or something else too? if I want XFCE DE running with Wayland ?
2024-03-25 19:29:44 <fluix> xfce4 will install xfwm4 which is an X server. you will not be running wayland
2024-03-25 19:30:20 <NullP01ter> right, but you can replace xfwm in XFCE with whatever window manager you want, so I pick a wayland one right?
2024-03-25 19:30:38 <fluix> yes
2024-03-25 19:30:53 <NullP01ter> but not wayland alone?
2024-03-25 19:31:21 <NullP01ter> have to pick sway or something?
2024-03-25 19:31:22 <fluix> no, wayland alone is a library
2024-03-25 19:32:46 <NullP01ter> is Sway and Hyperland my only compatible options for XFCE?
2024-03-25 19:33:07 <fluix> I don't know what kind of WM XFWM is
2024-03-25 19:33:17 <fluix> please do your own research
2024-03-25 19:47:06 <fluix> looking online, most sources show `print var` in GDB to print out the contents of a c++ std::unordered_set, but this doesn't happen for me
2024-03-25 19:47:17 <fluix> am I missing some debuginfo-like package or something?
2024-03-25 19:51:27 <cow123> I am unable to install qt6-qtbase-dev on my Alpine Linux M1 system becuase of some mesa package conflicts. https://paste.rs/69NGG.txt is the full log when I try and install it. Is there any way to install this package while using mesa-asahi?
2024-03-25 19:57:50 <fluix> do you have mesa-asahi-dev installed?
2024-03-25 19:57:53 <cow123> yes
2024-03-25 20:18:34 <fluix> ok apparently the pretty printers aren't auto-loaded
2024-03-25 23:53:28 <grepnuts> Hello new to Alpine, have an issue with setting a zfs feature atime to equal off. Wanted to learn if this is a known bug or if I am doing something wrong. Openzfs version shows zfs-2.2.2-1 and Alpine version is 3.19.1 installed "sys" extended 
2024-03-25 23:54:32 <grepnuts> attempted command zfs set atime=off zpool1/dataset1 
2024-03-25 23:54:56 <grepnuts> zfs get atime zpool1/dataset1 shows on source temporary 
2024-03-25 23:55:18 <grepnuts> mount shows noatime on the filesystem which is interesting 
2024-03-25 23:55:33 <quinq> Maybe you have to remount it
2024-03-25 23:55:47 <quinq> (either by zfs unmount + zfs mount, or export the whole pool)
2024-03-25 23:55:52 <grepnuts> tried that :/ , rebooted, exported pool imported 
2024-03-25 23:55:55 <quinq> oh ok
2024-03-25 23:56:05 <grepnuts> thank you though! 
2024-03-25 23:56:25 <quinq> Here it's on
2024-03-25 23:56:30 <quinq> But then so is relatime
2024-03-25 23:57:14 <grepnuts> I have relatime on as well 
2024-03-25 23:57:25 <quinq> Ah ok, they're complementary
2024-03-25 23:58:10 <grepnuts> yes, would like to disable atime though, unfortunately doesn't seem to work
2024-03-25 23:58:21 <grepnuts> works on freebsd 
2024-03-25 23:58:45 <grepnuts> and tried it on ubuntu that worked as well 
2024-03-25 23:59:21 <grepnuts> I was hoping maybe I just missed something since I am new to Alpine 
2024-03-25 23:59:42 <quinq> I don't think that there's anything specifit for Alpine
2024-03-26 00:00:47 <quinq> In the documentation, they say that an option will be marked (and set) only as temporary if asked on a per-mount basis (like mount -o noatime zpool/zfs)
2024-03-26 00:02:13 <grepnuts> interesting 
2024-03-26 08:19:30 <cnt0> hello, looks like something's horribly broken on alpine edge after the latest update, at least on my system. Like "useradd user", "passwd user", "doas -u user ls" - shows authentication error. I can login as user via su, but then mere "$ which" results in "permission denied". Anyone's having similar problems?
2024-03-26 08:27:52 <WhyNotHugo> cnt0: 'doas -u hugo ls' works for me
2024-03-26 08:28:28 <WhyNotHugo> so you can't even run ls or which?
2024-03-26 08:29:07 <cnt0> ls works, which doesn't
2024-03-26 08:29:25 <grawity> ls -ld /bin /usr/bin
2024-03-26 08:33:58 <cnt0> tried to do that as user. It shows "/usr/bin - permission denied", "/bin" works fine
2024-03-26 08:35:07 <grawity> ooookay, ls -ld /usr then
2024-03-26 08:35:21 <grawity> that's going to be missing a+rx I bet
2024-03-26 08:38:15 <cnt0> stat /usr shows 0644
2024-03-26 08:38:25 <grawity> yeah, that's missing +x
2024-03-26 08:45:11 <WhyNotHugo> /usr/bin should be 755
2024-03-26 08:45:52 <grawity> (also there's a reason I asked for ls -ld instead of just ls -l)
2024-03-26 08:46:44 <cnt0> OK I did chmod a+x for /usr/bin and /usr/lib and that fixed the problem, many thanks. That's probably because I've been messing with nfpm packages (nfpm apk packager is broken atm, I'm trying to fix it)
2024-03-26 13:07:40 <ahmadraniri[m]> Hello, could we use patchelf to run glibc-based precompiled binary ? Thanks.
2024-03-26 13:22:04 <ikke> gcompat is a better option 
2024-03-26 13:22:55 <ahmadraniri[m]> Nice, thanks ikke.
2024-03-26 13:23:17 <ikke> You cannot simply swap the dynamic loader and expect things to work
2024-03-26 13:25:32 <q66> ikke: tbf you can't expect gcompat to work either
2024-03-26 13:26:01 <q66> for a lot of the stuff it works for it does not boil down to much more than swapping the ldso
2024-03-26 13:26:23 <q66> but yeah it further increases your chances a tiny bit :)
2024-03-26 13:44:16 <gnurizen> Are there any plans for a debuginfod server for Alpine?
2024-03-26 17:28:31 <maarten> Hey! How do I install libasan on Alpine Linux? I get a "cannot find -lasan" error on linking.
2024-03-26 18:47:20 <Forza> Hey :) 
2024-03-26 18:48:53 <Forza> I'm using luks and I have to type in the key on boot. Is there an option to use sshd/busybox inside the initramfs so I can onlock remotely? 
2024-03-26 18:51:42 <ikke> I think people typically use dropbear, but I don't have any experience with it myself
2024-03-26 19:01:02 <fluix> Forza: not related to Alpine, but I relevant discussion a couple days ago on HN: https://news.ycombinator.com/item?id=39807037 with https://wiki.archlinux.org/title/dm-crypt/Specialties#Remote_unlocking_of_root_(or_other)_partition being linked
2024-03-26 19:01:32 <Forza> ikke: yea I meant dropbear 
2024-03-26 19:04:58 <ikke> You can add a mkinitfs feature that includes the files / programs you need
2024-03-26 19:14:37 <Forza> I'll have to think about it. I'm feeling a bit off at the moment so the effort is too high 
2024-03-26 19:15:03 <Forza> dropbear-initramfs for Alpine was a thing many years apparently 
2024-03-26 19:35:57 <Forza> Is this the main init run byt mkinitfs https://gitlab.alpinelinux.org/alpine/mkinitfs/-/blob/master/nlplug-findfs/init.sh?ref_type=heads
2024-03-26 19:45:27 <Forza> No its this https://gitlab.alpinelinux.org/alpine/mkinitfs/-/blob/master/initramfs-init.in?ref_type=heads
2024-03-26 21:04:48 <Forza> Hm . So nlplug-findfs runs cryptsetup . I guess i need to provide something  in features.d that makes mkinitfs include my script. But I cant see where init will load additional scripts/commands
2024-03-26 21:06:30 <Forza> The initramfs script start at https://gitlab.alpinelinux.org/alpine/mkinitfs/-/blob/master/initramfs-init.in?ref_type=heads#L399 if i read it right 
2024-03-26 21:12:09 <Forza> Ikke how did you mean add mkinifs feature? I added a features.d/forza.files that included /sbin/forza which got included in initramfs. But how do i get it executed?
2024-03-26 21:17:09 <Forza> I guess i am looking for custom hooks to be plugged in 
2024-03-26 21:18:05 <ikke> There is no hooking system
2024-03-26 21:22:36 <Forza> I found someone wanting it, but closed the request https://github.com/alpinelinux/mkinitfs/pull/49
2024-03-26 21:24:04 <Forza> ikke: right, so i need to patch the init script that mkinitfs uses to be able to run cuatom scripts (such as dropbear to unlock luks)
2024-03-26 21:26:50 <Forza> I might work on a hook system if that's interesting? Or maybe just add the dropbear feature and plug it to a new $myopts ?
2024-03-26 21:32:37 <ikke> I think there is interest in a hook system, but I would discuss it with ncopa, and it would require thorough testing
2024-03-26 21:32:43 <ikke> (automated tests)
2024-03-26 21:33:38 <ncopa> yeah, i have wanted a hooks system long time
2024-03-26 21:34:20 <ncopa> just have not had the need time to focus on it
2024-03-26 22:44:42 <Forza> ncopa: that's understandable! I'll see if I can come up with some idea. Is there some developer notes and/or flow charts on the init script and maybe ideas already written down somewhere? 
2024-03-27 00:27:18 <mid> Forza: FWIW, I haven't checked myself yet but bookmarked it for later, but maybe you can have a look at this (old and archived) repo: https://github.com/mk-f/alpine-initramfs-dropbear
2024-03-27 00:40:31 <Forza> mid: thank you. That looks like a good starting point
2024-03-27 00:42:08 <Forza> I wonder why they closed the repo
2024-03-27 11:41:58 <Fxzxmic> Does Busybox not support creating xz or lzma compressed files? Only supports decompression?
2024-03-27 11:45:50 <armin> Fxzxmic: I'd be surprised if it did. There's "xz" in apk, though.
2024-03-27 11:49:37 <Fxzxmic> I am referring to busybox itself, not Alpine. Alpine has xz package to create and decompress xz compressed files, I know that.
2024-03-27 11:50:25 <oneDitto> hm
2024-03-27 11:50:54 <oneDitto> it shows to args for xz and lzma 
2024-03-27 11:51:19 <oneDitto> with tar
2024-03-27 11:55:27 <Fxzxmic> I know, but if we only use busybox itself, both xz and lzma compression will not work properly.
2024-03-27 12:09:53 <ncopa> Fxzxmic: i believe busybox only supports decompression of those
2024-03-27 12:45:03 <Saijin_Naib> If I am just getting into IRC coming from Matrix, am I insane to setup a bouncer like ZNC?
2024-03-27 12:45:09 <Saijin_Naib> I am using Pidgin as my IRC client
2024-03-27 12:45:24 <Saijin_Naib> I am finding I miss Matrix basically acting as my bouncer. Had no idea how convenient that was
2024-03-27 12:47:37 <malikn[m]> Hi
2024-03-27 12:47:37 <malikn[m]> Where can I find information about python 3.12 under Alpine?
2024-03-27 12:47:37 <malikn[m]> Thanks a lot
2024-03-27 12:48:17 <Saijin_Naib> What information in specific?
2024-03-27 12:49:48 <ikke> malikn[m]: https://lists.alpinelinux.org/~alpine/devel/%3C20240325155641.26f352d5%40ncopa-desktop.lan%3E
2024-03-27 12:50:06 <ikke> It's an ongoing effort 
2024-03-27 12:50:59 <ikke> https://gitlab.alpinelinux.org/alpine/aports/-/issues/15341
2024-03-27 13:28:20 <Fxzxmic> ncopa: OK, I got it.
2024-03-27 13:57:39 <malikn[m]> <ikke> "malik.n: https://lists.alpinelin..." <- Can this mail be interpreted as python 3.12 being released with alpine 3.21?
2024-03-27 13:58:31 <malikn[m]> * Can this mail be interpreted as python 3.12 maybe being released with alpine 3.21?
2024-03-27 14:02:18 <ikke> 3.20 is the next release, and ncopa is trying to get it in before that release 
2024-03-27 14:03:21 <divVerent> Is there any way to make elogind recognize tty sessions as local active sessions so loginctl suspend works without root?
2024-03-27 14:03:45 <hwend> I tried to upgrade from 3.11 to 3.19 (well, I thought I actually did), and perhaps I've done something horribly wrong because gtk+ has a bunch of symbol not found errors...has anyone seen this and hopefully knows how to fix it?  :-)  (I did a variety of googling to no avail)
2024-03-27 14:03:51 <divVerent> First step I did was installing util-linux-login which uses pam_elogind properly, so now loginctl shows the session and loginctl session-status c1 shows it as active
2024-03-27 14:04:25 <divVerent> but for now loginctl suspend still needs root (but as a workaround I just added an allow-everyone-to-suspend polkit policy... wonder if I can get rid of that by fixing the underlying cause
2024-03-27 14:04:32 <divVerent> * underlying cause)
2024-03-27 14:05:47 <divVerent> Without that hack, loginctl suspend does literally nothing, and syslog contains "Failed to suspend via elogind: Interactive authentication required." - which is actually odd, as according to dbus-monitor, loginctl did set the interactive authentication flag.
2024-03-27 14:07:40 <hwend> well I guess it's both gtk+ and shared-mime-info
2024-03-27 14:09:08 <ikke> hwend: start with apk list -- orphan 
2024-03-27 14:09:13 <ikke> --orphan
2024-03-27 14:09:37 <hwend> uh, should I be troubled that this displays a lot of things
2024-03-27 14:10:02 <hwend> or am I looking for something in particular
2024-03-27 14:10:23 <ikke> Well, any of those packages could prevent others from being updated 
2024-03-27 14:10:59 <divVerent> * polkit policy: http://paste.debian.net/1312184/ ... wonder, * underlying cause)
2024-03-27 14:12:16 <hwend> ikke: I guess I'm not sure what to do with that now, unfortunately...should I try to remove these?  I mean, it seems weird that things like imagemagick didn't upgrade?
2024-03-27 14:25:18 <ikke> Removing those would probably help 
2024-03-27 14:36:42 <hwend> sadly that didn't really help
2024-03-27 14:39:00 <hwend> I could reinstall gtk+3.0 which is nice but when I try to reinstall gvim it breaks on ffi and apparently wants wayland-libs-client, so I may be generally hosed regardless
2024-03-27 14:47:50 <hwend> yeah so probably the problem is python2 so I need to rollback and then only upgrade to 3.15 I guess
2024-03-27 15:07:27 <ikke> Do you still need python2?
2024-03-27 15:08:39 <hwend> yeah, for regulatory compliance reasons we have to support/maintain stuff that still uses python2 for a few more years
2024-03-27 15:08:46 <hwend> but I probably need to separate their dev vms now I guess
2024-03-27 15:38:17 <WhyNotHugo> I just "discovered" package man-pages-posix
2024-03-27 15:38:20 <WhyNotHugo> so useful
2024-03-27 16:15:03 <sewn> why is all of linux-firmware installed in the base system by default? is there a way to not do that?
2024-03-27 16:16:28 <ikke> sewn: It's easier to trim firmware that you don't need than to figure out what firmware you do need
2024-03-27 16:16:46 <ikke> If you know what firmware packages you need, explicitly installing any of them will remove all remaining ones
2024-03-27 16:23:16 <sewn> how can I do that?
2024-03-27 16:24:11 <ikke> Do you know what firmware you need?
2024-03-27 17:18:45 <userdocs> is there a known curl issue with alpine:latest?
2024-03-27 17:19:30 <userdocs> this command gives me errors
2024-03-27 17:19:32 <userdocs> https://bpa.st/raw/UUGQ
2024-03-27 17:22:47 <ikke> apk add -u curl
2024-03-27 17:28:44 <userdocs> that works but was never required, now my workflows broke
2024-03-27 17:28:49 <userdocs> is it a bug?
2024-03-27 17:28:54 <ikke> userdocs: somewhat
2024-03-27 17:33:50 <userdocs> will it go back to previous behaviour?
2024-03-27 17:33:58 <ikke> eventually yes
2024-03-27 17:35:01 <userdocs> it's somewhat of a bug that may eventually be fixed?
2024-03-27 17:38:11 <ikke> the problem is that libssl3 is not automatically upgraded when you install curl
2024-03-27 17:38:26 <ikke> the latest version of curl requries a newer version if libssl
2024-03-27 19:20:44 <Case_Of> about linux-firmware, when they are not installed, dmesg tells what’s missing
2024-03-27 19:21:18 <Case_Of> ikke: 
2024-03-27 19:33:32 <WhyNotHugo> how do i read the label of /dev/sda1 ?
2024-03-27 19:36:57 <dwfreed> generically? blkid can usually do that
2024-03-27 20:11:47 <divVerent> <Case_Of> "about linux-firmware, when..." <- But then you don't have wifi to get the packages back :)
2024-03-27 20:12:06 <divVerent> yeah, it'd be smarter if the installer could detect which FW was actually loaded, and only install those APKs then
2024-03-27 20:12:48 <userdocs> ikke: i don't see how curl 8.6 requires a newer version of libssl, which is at 3.2.1, current latest version, when curl latest is 8.7
2024-03-27 20:13:57 <ikke> userdocs: curl was built against a newer libssl, and it is linked against a symbol that only the latest version provides
2024-03-27 20:14:25 <userdocs> curl is built against 3.2.1, per the build log?
2024-03-27 20:14:50 <ikke> userdocs: the docker image contains 3.1.5
2024-03-27 20:14:59 <ikke> https://tpaste.us/ePWW 
2024-03-27 20:16:26 <userdocs> oh  i see, i missed that. so this is really just a problem with the image?
2024-03-27 20:17:08 <userdocs> since libssl is updated? https://pkgs.alpinelinux.org/package/edge/main/x86_64/libssl3
2024-03-27 20:17:29 <ikke> Updating the image would solve it, but ideally that would not be a requirement
2024-03-27 20:17:43 <Case_Of> divVerent: well, you keep the full linux-firmware package in your cache :-)
2024-03-27 20:17:44 <ikke> A simpler / quicker fix would be to add an explicit requirement
2024-03-27 20:17:57 <Case_Of> divVerent: package cache I mean
2024-03-27 20:18:05 <Case_Of> is there a package cache?
2024-03-27 20:18:16 <ikke> Optionally, yes
2024-03-27 20:19:13 <userdocs> i think knowing the image is bugged would be a good enough reason to updated it, not me change all my commands?
2024-03-27 20:19:45 <ikke> userdocs: It does require our builders to be idle so that a new image can be built, which is not the case at the moment
2024-03-27 20:20:51 <Case_Of> sewn: if you are around, you can try this way for linux-firmware
2024-03-27 20:21:24 <sewn> i think i know what firmware i need
2024-03-27 20:21:28 <sewn> i just install it manually then what?
2024-03-27 20:21:55 <sewn> oh hmm i already did something like that lol i was confusing it for another machine
2024-03-27 20:25:06 <userdocs> ikke: yeah fair enough, it is edge, at least i undertsand it now, so thanks. i might go with the -u thing anyway, thinking about it.
2024-03-27 20:25:42 <ikke> userdocs: Maybe you missed it, but there is an alternative: add an explicit version constraint from libcurl on ssl so that it forces it to be updated
2024-03-27 20:33:07 <userdocs> if i do apk add -u ... all my packages, it works?
2024-03-27 20:33:36 <ikke> yup
2024-03-27 20:36:46 <userdocs> that will work for me.
2024-03-28 06:32:51 <Ermine> Do I understand correctly that if I want to be able to replace one package with another, I need same provides= in both of them?
2024-03-28 06:36:06 <ikke> depends on the usecase, but one package could also do provides="other-package=$pkgver-r$pkgrel"
2024-03-28 07:32:16 <Ermine> ikke: thank you. my use case is to make a git version of a package that is already here
2024-03-28 07:36:04 <ikke> Ermine: then you want what I proposed 
2024-03-28 07:37:17 <ikke> Combined with replaces so that switching is smooth 
2024-03-28 11:12:05 <mugre> Hi, 
2024-03-28 11:12:39 <mugre> has anyone tried using alpine with btrfs as a root partition with subvolumes for etc and home instead of using ext4?
2024-03-28 11:15:12 <nep_nep> I use btrfs for root, no subvolumes though
2024-03-28 11:19:57 <mugre> Did you experience any issues, when upgrading the kernel or other nuissances in regard to btrfs?
2024-03-28 11:20:35 <donoban> I used btrfs for years without any problem but just switched to zfs
2024-03-28 11:20:39 <mugre> I am I correct to assume, that I can ` export ROOTFS=btrfs` and then run setup-disk? 
2024-03-28 11:20:53 <mugre> I will skip the subvolumes for now
2024-03-28 11:21:00 <mugre> @donoban why did you switch?
2024-03-28 11:23:38 <donoban> mostly because I use many docker containers and btrfs doesn't cache IO between them, with zfs there is also some penalties for this use-case but you can create a zvol on ext4 and use overlay
2024-03-28 11:25:07 <donoban> setup-disk supports btrfs but I have no idea about the layout that it creates
2024-03-28 11:27:27 <donoban> it seems that it justs format btrfs and installs directly. I think that in the long run you will appreciate to have @ROOT, @HOME, etc..
2024-03-28 14:02:26 <Case_Of> hi, when setting in /etc/network/interfaces iface eth1 inet dhcp and iface eth1 inet6 auto is there a way to set a custom metric?
2024-03-28 14:10:17 <Case_Of> metric directive seems to work for inet but not inet6
2024-03-28 14:53:37 <oGEosFMtUw8> test test
2024-03-28 14:54:35 <satmd> successful
2024-03-28 14:54:47 <oGEosFMtUw8> awesome!
2024-03-28 14:55:19 <satmd> if you need further testing of IRC, please use a test channel instead, tho :P
2024-03-28 14:56:13 <oGEosFMtUw8> nope i was testing if being registered with nickserv is still needed to be heard here. which was a thing earlier and a reason for me to leave.
2024-03-28 17:39:00 <bl4ckb0ne> the sanitizer libs are in compiler-rt right?
2024-03-28 17:41:34 <oGEosFMtUw8> on alpine v3.19 when cargo updates crate.io index i get a segfault in SSL_get_peer_certificate () from /usr/bin/../lib/libssl.so.1.1
2024-03-28 17:46:45 <oGEosFMtUw8> which is strange, since https://pkgs.alpinelinux.org/package/v3.19/main/x86_64/cargo doesnt list libssl1.1 only libssl3 as a dep. - btw in the backtrace i see a a few frames up curl_multi_perform () from /usr/bin/../lib/libcurl.so.4, but even libcurl does only depend on libssl3 not libssl1.1 - but when i try to remove libssl1.1 i get told that a bunch of packages depend on it
2024-03-28 17:46:48 <oGEosFMtUw8> like libssl1.1: ruby uwsgi-rack curl abuild cargo git
2024-03-28 18:00:03 <mugre> Hello Dear Alpine Folks,
2024-03-28 18:02:05 <mugre> I would like to mount my encrypted ext4 drive. Sadly I am stuck. After running udiskctl mount. I want to run " udisksctl mount -b  /dev/dm-1 " but I get the error: Object /org/freedesktop/UDisks2/block_devices/dm_2d1 is not a mountable filesystem.
2024-03-28 18:03:28 <mugre> I have already added these udev rules: https://gist.github.com/Scrumplex/8f528c1f63b5f4bfabe14b0804adaba7 and setup installed lvm2
2024-03-28 18:04:38 <mugre> This is my fdisk output:
2024-03-28 18:04:40 <mugre> Disk /dev/sda: 4294967295 sectors, 4095M
2024-03-28 18:04:42 <mugre> Logical sector size: 512
2024-03-28 18:04:43 <mugre> Disk identifier (GUID): 9ed7ad07-5ad5-4085-814e-0e6d49d423b8
2024-03-28 18:04:45 <mugre> Partition table holds up to 128 entries
2024-03-28 18:04:46 <mugre> First usable sector is 34, last usable sector is 7814037133
2024-03-28 18:04:48 <mugre> Number  Start (sector)    End (sector)  Size Name
2024-03-28 18:04:49 <mugre>      1           65535      7814035455 3725G 
2024-03-28 18:04:51 <mugre> fdisk: device has more than 2^32 sectors, can't use all of them
2024-03-28 18:04:52 <mugre> Disk /dev/dm-1: 2048 GB, 2199023255040 bytes, 4294967295 sectors
2024-03-28 18:04:54 <mugre> 267349 cylinders, 255 heads, 63 sectors/track
2024-03-28 18:04:55 <mugre> Units: sectors of 1 * 512 = 512 bytes
2024-03-28 18:04:57 <mugre> Disk /dev/dm-1 doesn't contain a valid partition table
2024-03-28 18:04:58 <mugre> Disk /dev/sdb: 14 GB, 15518924800 bytes, 30310400 sectors
2024-03-28 18:05:00 <mugre> 1886 cylinders, 255 heads, 63 sectors/track
2024-03-28 18:05:01 <mugre> Units: sectors of 1 * 512 = 512 bytes
2024-03-29 03:39:59 <cow123> on asahi linux with mesa-asahi, I cannot install any package that requires mesa-dev as apk will try and install mesa-dev instead of mesa-asahi-dev. is there any way to fix this?
2024-03-29 05:28:06 <infinte[m]> <cow123> "on asahi linux with mesa-asahi..." <- not apple silicon is feature not bug
2024-03-29 05:28:14 <infinte[m]> s/not/no,/
2024-03-29 09:03:28 <mugre>  
2024-03-29 09:03:43 <mugre> @cow123 thy this command: "
2024-03-29 09:03:44 <mugre> apk add mesa-asahi  mesa-asahi-rusticl mesa mesa-asahi-dev mesa-asahi-dri-gallium mesa-asahi-egl mesa-asahi-gbm mesa-asahi-gl mesa-asahi-glapi mesa-asahi-gles mesa-asahi-osmesa mesa-
2024-03-29 09:03:46 <mugre> asahi-va-gallium mesa-asahi-vdpau-gallium mesa-asahi-vulkan-swrast mesa-asahi-xatracker
2024-03-29 09:05:44 <infinte[m]> i guess our noob trap in apple hardware
2024-03-29 12:07:51 <sewn> why is wget included in alpine but not curl?
2024-03-29 12:09:54 <sewn> ah, seems to come included by busybox 
2024-03-29 17:19:38 <cow123> mugre: thanks, I will try that later today when I am at my M1 system. I think I already have those packages installed though.
2024-03-29 17:32:49 <spacetoast> \o heyo, just wanted to make sure everyone's aware of the lzma situation (I noticed aports is on 5.6.1)
2024-03-29 17:33:01 <spacetoast> if everyone's aware of it then do ignore me :)
2024-03-29 17:33:27 <elly> we are very aware, yep
2024-03-29 17:33:31 <spacetoast> (it's also not targeting musl so probably not as big a deal, but worth mentioning regardless; I'd submit a patch but I'm very busy lately)
2024-03-29 17:33:51 <spacetoast> alright cool ^^ - hope everything's still going ok since I became less active
2024-03-29 17:34:34 <nangel> nice to see a friendly face, spacetoast. :)
2024-03-29 17:34:50 <spacetoast> oh heya! :D
2024-03-29 18:35:15 <Apachez> xz/liblzma may have been backdoored - this will be fun!  https://www.openwall.com/lists/oss-security/2024/03/29/4
2024-03-29 18:37:01 <Ermine> Apachez: 1) Alpine is not affected; 2) Devs are well aware of the situation
2024-03-29 18:38:40 <Apachez> *thumbs up*
2024-03-29 18:43:31 <dwfreed> yeah, was sent to the distros list (which is private, and limited to distro security teams) yesterday
2024-03-29 19:04:30 <Apachez> security by obscurity never works ;)
2024-03-29 19:04:54 <Apachez> better to have that stuff in public so admins can take action and verify so not a backdoored version is being used
2024-03-29 19:05:04 <Apachez> seems like both debian unstable and debian testing might be affected
2024-03-29 19:05:18 <Ermine> > unstable and testing
2024-03-29 19:06:25 <Ermine> Sure, let's disclose information immediately so everyone knows that their ass is not covered and have nothing better to do but turn ssh off
2024-03-29 19:07:33 <Ermine> Temporary embargo to win time for distros has nothing to do with 
2024-03-29 19:07:45 <Ermine> 'security by obsucrity
2024-03-29 19:07:47 <Apachez> sure, lets wait for a long holiday before disclosing it so the vulns will be available for a longer time than if this would have been publically disclosed thursday morning ;)
2024-03-29 19:08:36 <Ermine> nobody is waiting for long holidays
2024-03-29 19:09:27 <Ermine> now admins can just upgrade their systems and get back to safety
2024-03-29 19:15:06 <Apachez> https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
2024-03-29 19:21:35 <jk> ouch
2024-03-29 19:37:19 <Apachez> not to mention all the rolling release OSes out there (which is a thing nowadays)
2024-03-29 19:38:21 <dwfreed> This exploit does not affect almost all of them, because they generally aren't debian or RPM based
2024-03-29 19:48:12 <Apachez> LFS affected?   https://www.linuxfromscratch.org/lfs/view/development/chapter06/xz.html       HP-UX aswell?  http://hpux.connect.org.uk/hppd/hpux/Misc/xz-5.6.0/
2024-03-29 19:49:39 <dwfreed> This is offtopic
2024-03-29 19:49:46 <vkrishn> general al users running sshd are affected ?
2024-03-29 19:50:26 <dwfreed> No, most users are not affected
2024-03-29 19:58:31 <frag> can awk eval the var so the result becomes 3? echo 1+2|awk '{sum+=$1;print sum}'
2024-03-29 20:07:15 <wej> you guys have seen this? https://news.ycombinator.com/item?id=39866275
2024-03-29 20:12:41 <chris218> hi guys how does diskless mode work?
2024-03-29 20:13:04 <chris218> as in I'm wondering where does the iso load info about cache/config and other stuff from
2024-03-29 20:13:45 <chris218> I had a crazy idea to setup my lab with diskless alpine installed from iPXE and setup ceph on drives on those computers
2024-03-29 20:15:20 <frag> crhis you can choose to store some files/dirs in the boot partition
2024-03-29 23:33:23 <f_> hi, about that xz backdoor, is xz going to stay on older versions?
2024-03-29 23:39:25 <Ermine> f_: alpine is immune, so you can calm down
2024-03-29 23:41:48 <f_> I am calm.
2024-03-29 23:42:01 <f_> Just wanted to know.
2024-03-29 23:50:10 <dwfreed> I would suspect that many distros will stay on 5.4.x until xz has gone through a thorough code audit, and been forked and acquired new maintainers
2024-03-30 04:46:51 <cow123> related to my question a few pages up about alpine linux with mesa-asahi, I tried running the apk add command that was suggested earlier and installing all the mesa-asahi subpackages but I still can't install things that depend on mesa-dev even though mesa-asahi-dev provides mesa-dev
2024-03-30 04:53:26 <zenx> hi all... it's been a couple of days tinkering with alpine
2024-03-30 04:53:30 <zenx> cool distro
2024-03-30 04:55:05 <zenx> but i don't see qemu-audio-pipewire package
2024-03-30 04:55:27 <zenx> is there any way i can obtain it in my alpine?
2024-03-30 04:57:35 <Soni> would it be possible to invent a way to set and enforce security boundaries between a project and its dependencies, particularly so a rogue dependency can't just hijack the entire process? (for example, a compression library could have access to some memory and known-safe opcodes, and then take bytes as input and produce bytes as output)
2024-03-30 05:10:58 <zenx> exit
2024-03-30 09:24:13 <WhyNotHugo> Soni: you can do priviledge separation. have your main process fork, drop priviledges, and then exec into a second program.
2024-03-30 09:41:06 <Someone[m]> https://www.openwall.com/lists/oss-security/2024/03/29/4
2024-03-30 09:57:25 <WhyNotHugo> Someone[m]: alpine is unaffected. the backdoor is only compatible with glibc.
2024-03-30 10:02:18 <rdbo> hey guys! i was reading about the xz vulnerability, is alpine vulnerable too?
2024-03-30 10:02:58 <rdbo> i notice that the package is flagged, but the APKBUILD fetches from a git source archive instead of a release tarball (i read somewhere that the git source was not compromised, but not sure?)
2024-03-30 10:03:27 <rdbo> and github took the repo down so i can't verify
2024-03-30 10:11:20 <ptrc> rdbo: nope
2024-03-30 10:11:27 <ptrc> alpine is not vulnerable
2024-03-30 10:11:28 <ptrc> but als
2024-03-30 10:11:31 <ptrc> also*
2024-03-30 10:11:32 <ptrc> https://ptrc.gay/PXpXTHmm
2024-03-30 10:18:29 <rdbo> ptrc: ooh, good to know!
2024-03-30 10:19:07 <Ewhks_> might as well make it the topic
2024-03-30 10:22:09 <Soni> WhyNotHugo: what about having wasm in your natives?
2024-03-30 10:23:10 <WhyNotHugo> Soni: in order to avoid linking a few libraries you're going to add an entire runtime?
2024-03-30 10:23:16 <WhyNotHugo> Usually, adding more complexity isn't the solution.
2024-03-30 10:23:26 <Soni> WhyNotHugo: wasm2c is great
2024-03-30 10:23:31 <Soni> firefox uses it
2024-03-30 10:23:59 <Soni> (wasm2c is separate from whatever JIT firefox uses for website wasm)
2024-03-30 10:58:19 <StyXman> Ermine: last nigh you said alpine is immune to the xz debacle. care to expand on that? I am calmed down :)
2024-03-30 10:58:39 <Soni> (personally, we are a wasm maximalist. we think wasm can solve the problem of "how do you enforce security boundaries with your dependencies" in a similar way to how rust can solve the problem of "how do you avoid shooting yourself in the foot".)
2024-03-30 11:01:47 <StyXman> ok, I foung it: https://fosstodon.org/@jakub@jirutka.cz/112180550946955423
2024-03-30 11:28:48 <Apachez> f_ for once in history there is a good reason to use musl instead of glibc ;)
2024-03-30 11:29:28 <Apachez> xv 5.6.0 have existed in alpine edge but as it seems that the binary vulnarbility is dependent on both systemd and glibc
2024-03-30 11:42:58 <rdbo> Apachez yeah i read that in a blog post too
2024-03-30 11:43:32 <rdbo> allegedly, needs systemd, glibc, a patched version of openssh with a systemd feature, and xz built from tarballs instead of git source
2024-03-30 11:43:57 <rdbo> according to this post: https://dataswamp.org/~solene/2024-03-30-lessons-learned-xz-vuln.html
2024-03-30 11:47:14 <Soni> who wants to help build a build system that makes it easy to use dynamically linked wasm2c'd dependencies and outline and enforce the security boundaries between them?
2024-03-30 12:13:55 <Apachez> Soni: too soon since that evil dev seems to have been involved in wasm aswell ;)
2024-03-30 12:21:44 <Soni> Apachez: wasm2c is safe from them :)
2024-03-30 12:22:06 <Soni> (it's not safe from us but uh. yeah anyway. >.>)
2024-03-30 14:47:12 <Someone[m]> <ptrc> "https://ptrc.gay/PXpXTHmm" <- Don't rely on the fact that it is not compatible with glibc
2024-03-30 14:47:35 <Someone[m]> But alpine doesn't patch openssh to use some systemd feature lol
2024-03-30 14:47:53 <ikke> Someone[m]: there are multiple checks that the exploit does, none of which applies to alpine
2024-03-30 14:48:19 <Someone[m]> yeah
2024-03-30 14:50:36 <Someone[m]> but we shouldn't rely on those fact :)
2024-03-30 14:51:59 <Apachez> 1) alpine dont use glibc   2) alpine dont use systemd   3) alpine dont patch sshd for use with systemd
2024-03-30 14:52:18 <Apachez> so fairly low probability that this particular binary would have had any affect on alpine
2024-03-30 14:52:48 <Apachez> but there might be other binaries out there or other libraries who have been attacked in the same or similar way but thats a different story
2024-03-30 14:53:29 <Apachez> also archlinux used this exploited zip package for 31 days in their rolling releases so there is that (and they use systemd + glibc + maybe patched sshd for use with systemd)
2024-03-30 14:55:04 <Someone[m]> Alpine don't use xz too :)
2024-03-30 14:56:49 <ikke> Apachez: but don't have the debian  directory not rpm env variable set
2024-03-30 15:10:53 <Apachez> Someone[m]: its on the dependencylist for alpine
2024-03-30 15:17:02 <WhyNotHugo> Apachez: AFAIK, Arch doesn't patch openssh with libsystemd support.
2024-03-30 15:17:50 <WhyNotHugo> IIRC they disabled it due to some race condition
2024-03-30 15:18:15 <WhyNotHugo> That doesn't mean that they're unaffected, but it's possible that sshd itself was safe.
2024-03-30 15:18:57 <chris218> WhyNotHugo: I've heard that systemd wasn't the only dependency that could load liblzma for sshd another one was libselinux pam module
2024-03-30 15:19:24 <chris218> but yea alpine is safe (or at least I hope because I had that version on one of my servers)
2024-03-30 15:24:48 <ikke> only edge would've been affected anyway
2024-03-30 15:25:52 <chris218> that server is on edge heh
2024-03-30 15:26:16 <chris218> I switched it all to edge by mistake and was too lazy to reinstall to stable
2024-03-30 15:26:33 <chris218> `VERSION_ID=3.20.0_alpha20240329` heh
2024-03-30 15:28:33 <invoked> stuff like kmod links to liblzma so there was future risk maybe
2024-03-30 15:28:56 <invoked> if it wasn't caught
2024-03-30 15:39:20 <ikke> chris218: you don't have to reinstall to downgrade
2024-03-30 15:41:24 <Forza> Hi. Was Alpine affected by the xz backdoor?
2024-03-30 15:41:39 <Forza> https://www.openwall.com/lists/oss-security/2024/03/29/4
2024-03-30 15:42:36 <chris218> ikke: if I set version in /etc/apk/repository it'll downgrade for me?
2024-03-30 15:43:03 <chris218> Forza: nope no musl no systemd patches that the backdoor requires 
2024-03-30 15:43:34 <chris218> I wonder how many more people will ask before somebody puts it in the banner :)
2024-03-30 15:44:16 <ikke> chris218: apk upgrade --available
2024-03-30 15:45:21 <Someone[m]> chris218: People already analysed. Can such people read?
2024-03-30 15:46:40 <chris218> Someone[m]: going on irc and asking is easier and requires less work from people :)
2024-03-30 15:47:09 <Forza> chris218: thanks. I did read about systemd/sshd thing but didnt quite understand if that was the only combo that was affected
2024-03-30 15:47:57 <chris218> Forza: from what I've heard systemd isn't exact requirement but musl rules out being affected because it lacks functionality that was exploited 
2024-03-30 15:48:12 <Forza> Ok great. Thanks
2024-03-30 15:48:33 <Forza> Im reading https://www.openwall.com/lists/oss-security/2024/03/29/4 for more details
2024-03-30 15:50:57 <chris218> ikke: oh neat, now question `@testing <url>pub/Linux/distributions/alpine/edge/testing`
2024-03-30 15:51:09 <chris218> is this the correct syntax to get single package from edge/testing?
2024-03-30 15:51:55 <ikke> yes, but know that it's not supported, and can either not work already, or break at any moment
2024-03-30 15:52:33 <chris218> well time for reboot and we'll see :)
2024-03-30 15:53:36 <aron> openwall's thread is real good stuff, it worth to read it
2024-03-30 16:09:05 <chris218> looks like it works :)
2024-03-30 16:37:52 <Apachez> Forza: other good sources:  https://www.tukaani.org/xz-backdoor/  https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27  https://dataswamp.org/%7Esolene/2024-03-30-lessons-learned-xz-vuln.html
2024-03-30 16:38:14 <Forza> Thanks 
2024-03-30 16:38:45 <Forza> Saw the malicious author has merged changes in libarchive too
2024-03-30 16:39:02 <Forza> The github gist listed it
2024-03-30 16:39:12 <Forza> https://github.com/libarchive/libarchive/pull/1609
2024-03-30 16:40:52 <Forza> It was just fixed some hours ago 
2024-03-30 17:05:52 <Forza> https://boehs.org/node/everything-i-know-about-the-xz-backdoor this was also interesting to read as a summary of it all with a bit of historical info
2024-03-30 17:07:39 <aron> it seems to me the writing on dataswamp.org draws improper conclusions
2024-03-30 17:08:32 <aron> how building from source code repository is any better than tarball?
2024-03-30 17:10:12 <donoban> "This commit does a little more than it says. It replaces safe_fprint with an unsafe variant, potentially introducing another vulnerability. The code was merged without any discussion" ouch
2024-03-30 17:11:17 <aron> donoban: yep, that's another gem
2024-03-30 17:21:47 <donoban> it's pretty fascinating that all this was discovered due "micro-benchmarking"
2024-03-30 17:22:11 <Someone[m]> https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor/comments
2024-03-30 17:22:38 <Someone[m]> https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
2024-03-30 17:26:12 <donoban> "This is not the fault of systemd, this is more unfortunate", ehem..
2024-03-30 17:32:41 <Forza> Let's point blame when the whole extent is known
2024-03-30 17:33:16 <Forza> But some consider systemd ecosystem a virus hard to get rid of ;) 
2024-03-30 17:33:40 <aron> hehe
2024-03-30 17:33:42 <tdr> it could indicate its been granted a degree of trust in a zero-trust world
2024-03-30 17:34:09 <tdr> or at least not been seen as means when it should be, things will likley change
2024-03-30 17:36:52 <Forza> Quite the conclusion on someone's link "and it wouldn’t be surprising if it was paid for by a foreign government" 
2024-03-30 17:38:14 <tdr> i dont think it helps to go down all the paths of speculation into backend roots until solid facts are known
2024-03-30 17:39:21 <Forza> Yea I think do too. I'm grateful my two favourite distros aren't affected as we know.. Though the libarchive thing is suspicious 
2024-03-30 17:41:27 <WhyNotHugo> There are commits from the same author on other repos.
2024-03-30 17:41:42 <Forza> Yup
2024-03-30 17:41:51 <WhyNotHugo> I won't speculate, but I wouldn't compain if libarchive is audited.
2024-03-30 17:42:21 <Forza> Libarchive reverted just hours ago a commit from him
2024-03-30 17:42:44 <Forza> https://github.com/libarchive/libarchive/pull/1609
2024-03-30 17:45:34 <Forza> This comment is right https://open.substack.com/pub/lcamtuf/p/technologist-vs-spy-the-xz-backdoor?utm_source=direct&utm_campaign=comment-list-share-cta&utm_medium=web&comments=true&commentId=52804915 i always wondered about go and rust how you get the sources for a small program, only to discover when you do "cargo build" that a hundred other projects are downloaded to be included
2024-03-30 17:47:02 <aron> nice
2024-03-30 17:48:08 <invoked> supply chain attacks are not a new subject, but everyone seems surprised by it when it happens
2024-03-30 17:48:36 <Forza> It's just hard to go through it all when there's so much of it
2024-03-30 17:50:57 <invoked> ref: 'on trusting trust', ken thompson, 1984
2024-03-30 17:51:27 <WhyNotHugo> Forza: I'm writing a project in Rust and suffer this. I was going to use sqlx the other day: over 200 dependencies.
2024-03-30 17:56:54 <Forza> WhyNotHugo: it's annoying and also very much bloat. 
2024-03-30 17:57:11 <aron> lol
2024-03-30 17:59:15 <DuClare> but disk space is cHeAp!
2024-03-30 18:03:12 <omni> https://github.com/crev-dev/cargo-crev
2024-03-30 18:12:45 <Forza> DuClare: sure, but this static craze is including a whole os in every binary 
2024-03-30 18:13:32 <Forza> https://github.com/libarchive/libarchive/issues/2103 they're reviewing the changes that xz guy did
2024-03-30 18:14:28 <Apachez> thought you wrote "interviewing" =)
2024-03-30 18:14:38 <Apachez> like intervju with oprah winfrey or something ;)
2024-03-30 18:14:44 <Forza> omni: it's a good step, but wouldn't have caught the xz backdoor 
2024-03-30 18:15:36 <Forza> Apachez: my auto type keyboard often makes mistakes, so I wouldn't be surprised 
2024-03-30 18:32:59 <chris218> WhyNotHugo: every time I want to write simple cli for api in rust it starts by adding clap and rewest and when I see 200 crates being pulled I just give up and do this in plain go
2024-03-30 20:09:37 <chris218> hmm so on fedora I can attach drive just fine but on alpine I get  `failed: Remote I/O error`
2024-03-30 20:09:50 <chris218> it's xfs formatted drive
2024-03-30 20:10:15 <dwfreed> what does dmesg say
2024-03-30 20:11:11 <chris218> `sdb1: writeback error on inode 44359630, offset 0, sector 44685320`
2024-03-30 20:12:52 <chris218> I already ran xfs_repair and now I saw some error about duplicate UUID so I'm regenerating it and will try to mount it again
2024-03-30 20:14:15 <chris218> hmm that doesn't look good (on fedora dmesg) `tag#24 uas_eh_abort_handler 0 uas-tag 10 inflight: CMD OUT `
2024-03-30 20:15:34 <chris218> yea looks like drive is toast 
2024-03-30 20:16:00 <chris218> got spammed with `Buffer I/O error on dev sda1, logical block 2000430585, lost async page write`
2024-03-30 20:16:22 <chris218> interesting that smartctl doesn't report any issues
2024-03-30 23:44:41 <Apachez> Debian have halted all production for testing/unstable/experimental and have wiped (reinstalled) two of their buildservers according to https://fulda.social/@Ganneff/112184975950858403
2024-03-30 23:45:28 <dwfreed> This is not on-topic for this channel
2024-03-31 01:09:08 <vkrishn> maybe knowing if salsa.d.o is wiped too, aports has some dependencies on it
2024-03-31 01:10:52 <satmd> chris218: unfortunately, smart often has doubtful quality. vendors often are lazy at filling it with meaningful stuff.
2024-03-31 01:11:06 <satmd> also you'd need to enable self-testing with smartd to be on the safe side
2024-03-31 04:18:19 <mesap[m]> Does anyone have CUPS or printing working on alpine?
2024-03-31 04:40:16 <dwfreed> I'm sure *somebody* does; ask real questions, rather than looking for experts
2024-03-31 06:52:58 <cyclisme24[m]> mesap: https://wiki.alpinelinux.org/wiki/Printer_Setup
2024-03-31 10:15:46 <spacetoast> chris218: smartd's importance is kind of overstated - most drives will die before smart picks *anything* up
2024-03-31 10:15:49 <spacetoast> even when it's done well
2024-03-31 10:16:06 <spacetoast> if you see any errors in smart it's a "replace the drive yesterday" kind of deal
2024-03-31 10:24:38 <Soni> hi
2024-03-31 10:24:47 <lassebq> hello
2024-03-31 10:26:08 <Soni> we would like to talk about security boundaries again but without ppl being dismissive of it
2024-03-31 10:26:55 <lassebq> I tried to make a talk page on alpine wiki but my action was flagged as "Spammers not welcome"
2024-03-31 10:27:39 <lassebq> I was trying to bring up that OpenRC is not the init system on alpine and /sbin/init is a symlink to busybox
2024-03-31 10:29:22 <divVerent> <spacetoast> "chris218: smartd's importance is..." <- Yeah, smartd usually complains too late, I prefer checking smart metrics manually
2024-03-31 10:29:40 <divVerent> generally, if reallocated sector count is not zero, get new hard drive
2024-03-31 10:29:48 <spacetoast> ++
2024-03-31 10:30:09 <spacetoast> lassebq: "init system" is kind of a loaded term, there's PID1 and there's the RC system
2024-03-31 10:30:15 <divVerent> the other smart metrics and thresholds probably make more sense - just never had a drive hit those
2024-03-31 10:30:32 <spacetoast> busybox is basically just running as PID1, but most people think of the RC system when they say "init" - also see s6/runit/etc
2024-03-31 10:31:48 <lassebq> Alright, well I'm confused on what the order of init actually is on alpine. Does busybox immediately run openrc's service initialization?
2024-03-31 10:32:18 <lassebq> Or how is it handeled?
2024-03-31 10:34:03 <lassebq> And what's the argument for not using openrc-init binary which is built in openrc package? https://git.alpinelinux.org/aports/tree/main/openrc/APKBUILD#n108
2024-03-31 10:34:11 <divVerent> if I understand it right, openrc's init is very close to sysv init - like, the thing receiving signals and launching stuff as per inittab. openrc's interesting parts are the service script framework and the rc-* utilities
2024-03-31 10:34:28 <spacetoast> lassebq: busybox init rules are in /etc/inittab
2024-03-31 10:34:36 <spacetoast> if you take a look at that you'll notice that all it does is run openrc, indeed :)
2024-03-31 10:34:47 <divVerent> wait, no
2024-03-31 10:34:48 <spacetoast> the argument is that you can actually go in and change this if you so desire
2024-03-31 10:34:51 <lassebq> spacetoast: /etc/inittab does not exist in alpine base installation
2024-03-31 10:34:54 <divVerent> openrc does not even HAVE an init
2024-03-31 10:35:06 <divVerent> you supply it yourself, any sysv-ish init will do
2024-03-31 10:35:14 <spacetoast> does it not? it does in mine: `apk add alpine-base` and now I have /etc/inittab
2024-03-31 10:36:20 <spacetoast> dirVerent: yeah you were thinking of openrc-init
2024-03-31 10:36:27 <divVerent> ah no, openrc does have its own init here: https://github.com/OpenRC/openrc/blob/master/src/openrc-init/openrc-init.c
2024-03-31 10:36:38 <lassebq> Oh, huh, nvm I guess I do have /etc/inittab
2024-03-31 10:36:41 <divVerent> but... using it is VERY optional
2024-03-31 10:36:47 <spacetoast> and there's your answer lassebq ;)
2024-03-31 10:37:06 <spacetoast> dirVerent: yeah, it's basically meant to be a "if you really don't wanna set anything else up" option
2024-03-31 10:37:42 <spacetoast> source: I did dev on Gentoo and contributed to the OpenRC docs and some other init stuff there (though most of the changes were by proxy)
2024-03-31 10:37:42 <divVerent> and this one indeed uses no inittab, if I see it right
2024-03-31 10:37:56 <spacetoast> yeah, openrc-init doesn't need anything, +/-, it just runs openrc
2024-03-31 10:38:15 <spacetoast> but with busybox init you can switch openrc out if you wanna do runit shenanigans or similar
2024-03-31 10:38:16 <lassebq> Alright, well either way, what's the reason for alpine not using openrc's init binary?
2024-03-31 10:38:42 <spacetoast> lassebq: my understanding is that alpine is very busybox-oriented, and as I keep mentioning, it also means you can just swap it out
2024-03-31 10:38:43 <lassebq> spacetoast: openrc's init and shutdown have the benefit of being able to use kexec
2024-03-31 10:38:56 <divVerent> or more interestingly, if you want any service to be directly supervised by init
2024-03-31 10:39:12 <divVerent> sysvinit technically does not NEED shell scripts for services
2024-03-31 10:39:22 <lassebq> I understand, yeah
2024-03-31 10:39:24 <divVerent> it is just how it is usually set up
2024-03-31 10:39:27 <lassebq> it could just be any binary
2024-03-31 10:39:29 <spacetoast> it's not as interesting as you might think
2024-03-31 10:39:47 <spacetoast> reaping is fine but you usually want supervision beyond "if it dies it dies", and putting that into PID1 isn't a great idea
2024-03-31 10:39:54 <spacetoast> which is why PID1 and the RC systems tend to be separate
2024-03-31 10:39:56 <spacetoast> anyway gotta go \o
2024-03-31 10:40:02 <lassebq> k bye
2024-03-31 10:40:25 <lassebq> I'll see if swapping busybox init with openrc's init will work
2024-03-31 10:40:26 <divVerent> honestly though, the only common reason to ever edit inittab is to use a different getty, or to add terminals (e.g. 8 rather than 6 VTs, or serial)
2024-03-31 10:40:37 <lassebq> I just hate that it's not packaged in alpine
2024-03-31 10:42:44 <divVerent> from reading openrc-init's source, the only interesting feature it has is receiving commands from a FIFO instead of just signals (but it also understands the usual pid 1 signals)
2024-03-31 10:44:27 <Soni> (hmm tho we guess security boundaries aren't really relevant to alpine linux, they're more of a programming language/dependency management system thing...)
2024-03-31 10:47:50 <lassebq> One more thing, how do you properly reboot using kexec if you use busybox as pid1?
2024-03-31 10:48:10 <divVerent> the way I see it, Alpine has no security boundaries beyond Linux's own
2024-03-31 10:48:49 <divVerent> like, it e.g. cannot run a service in its own namespace unless the service implements that on its own
2024-03-31 10:49:09 <lassebq> I tried it but almost every time kexec would immediately run, marking filesystems dirty due to them not being unmounted
2024-03-31 10:49:31 <lassebq> and alpine doesn't have a package for kexec services so that's unfortunate
2024-03-31 10:50:09 <lassebq> Even on gentoo you can reboot using kexec because `reboot` supports -r flag
2024-03-31 10:50:24 <lassebq> but busybox's reboot doesnt have that
2024-03-31 10:52:01 <divVerent> tried this already? https://wiki.alpinelinux.org/wiki/Kexec
2024-03-31 10:52:23 <divVerent> it SEEMS like you first set up your kexec target, and then do a regular shutdown
2024-03-31 10:59:06 <lassebq> divVerent: The method wiki suggests doesn't really suit me. I dont want it to run every poweroff or reboot
2024-03-31 10:59:32 <divVerent> see the top part
2024-03-31 10:59:36 <divVerent> I am trying that right now
2024-03-31 11:04:10 <divVerent> haha, fails epically for me, the kexec -e part just powers off the thing
2024-03-31 11:04:46 <lassebq> Yeah, openrc-shutdown doesn't complete fully as far as I understand?
2024-03-31 11:04:57 <lassebq> openrc shutdown*
2024-03-31 11:05:06 <divVerent> I had to log in to a tty console again
2024-03-31 11:05:06 <lassebq> because disks stay mounted
2024-03-31 11:05:23 <divVerent> but anyway, it either didn't boot the kernel, or it did but did not get a framebuffer
2024-03-31 11:05:43 <divVerent> so, gonna remove that kernel option again
2024-03-31 11:07:05 <divVerent> given I have odd stuff going on (this is a macbook, and I use encrypted LVM with boot partition on that), I am not surprised
2024-03-31 11:10:16 <lassebq> Alright
2024-03-31 11:10:22 <lassebq> I didn't have luck with kexec either
2024-03-31 11:58:27 <lassebq> Just wondering, does openrc care about `quiet` kernel parameter like systemd does?
2024-03-31 11:59:27 <lassebq> https://git.sr.ht/~calebccff/pbsplash I'm trying to get this awesome postmarketos splash screen utility to work at boot, but /dev/tty1 logs keep interrupting it
2024-03-31 12:24:02 <lassebq> Okay I must be completely missing how openrc dependencies work. I got splash to work as intended after adding a line in devfs service
2024-03-31 14:39:23 <sebastia1> P.S. Enabled the openrc 'rc_logger' but no mention of the 'loadkmap'. The service status is 'stopped' until manually (re)started.
2024-03-31 15:08:57 <dwfreed> pastebin the boot log?
2024-03-31 15:09:18 <dwfreed> also let's keep the conversation here, since this is somewhat alpine specific
2024-03-31 15:25:20 <sebastia1> dwfreed https://pastebin.com/waQwjrHG not sure if I got what you wanted; /var/log/messages, /var/log/rc.log and the rc-update output just to show it's enabled.
2024-03-31 15:26:02 <dwfreed> the rc.log isn't logging boot runlevel
2024-03-31 15:26:06 <dwfreed> so that's why there's nothing
2024-03-31 15:31:26 <sebastia1> Okay, thanks. Let me switch the 'loadkmap' to the 'default' runlevel so. While I'm at it I'll set the 'rc_verbose' on.
2024-03-31 15:31:55 <dwfreed> sebastia1: are you running this in a container or anything like that?
2024-03-31 15:34:33 <dwfreed> guess probably not if you're starting xen stuff
2024-03-31 15:34:40 <dwfreed> although...
2024-03-31 15:36:23 <dwfreed> sebastia1: what does 'rc-update -V' print?
2024-03-31 15:36:58 <ano> how does alpine handle tmpfiles.d?
2024-03-31 15:38:24 <dwfreed> ano: it doesn't, apparently
2024-03-31 15:39:15 <ano> why some pkgs include it then?
2024-03-31 15:39:27 <dwfreed> probably because they're not aware of this fact :)
2024-03-31 15:40:17 <ano> shouldn't they be masked or something e.g. INSTALL_MASK?
2024-03-31 15:41:18 <dwfreed> if alpine has such a mechanism, sure, that wouldn't be a bad thing
2024-03-31 15:41:25 <dwfreed> but they're just small text files, they're harmless
2024-03-31 15:41:39 <dwfreed> you could also submit PRs updating the packaging to remove them
2024-03-31 15:44:19 <sebastia1> dwfreed: not in a container, no. I made a mistake and did not include the entire 'rc.log' content, I'll do it again now that it's more verbose. Switching the 'loadkmap' back to 'boot', as it was. 'rc-update -V':'rc-update (OpenRC [XEN0]) 0.52.1'.
2024-03-31 15:46:34 <dwfreed> I am wondering if during boot level it thinks it's a domU
2024-03-31 15:46:58 <dwfreed> sebastia1: if you edit the loadkmap initscript, and remove the -xenu item, does it show as started?
2024-03-31 15:47:05 <dwfreed> on the keyword line
2024-03-31 15:47:31 <dwfreed> I realize booting xen takes an age
2024-03-31 15:51:10 <sebastia1> dwfreed: https://pastebin.com/TX0D2id8 rc.log, quite verbose, lots in it, yet no mention of the 'loadkmap' that I can see :/ Let me check the about the '-xenu' initscript change you suggested.
2024-03-31 15:52:50 <dwfreed> the very top line tells me that's exactly it
2024-03-31 15:59:07 <sebastia1> dwfreed: the 'loadkmap' '* status: started' on boot now that the '-xenu' got removed of the init script. Care to explain what went wrong there pls? Much thanks!
2024-03-31 15:59:46 <dwfreed> xenfs not mounting early enough, means that openrc thinks it's a domU
2024-03-31 16:00:09 <dwfreed> this is also evident in your log, at the very top, notice the [XENU]
2024-03-31 16:01:39 <sebastia1> Suppose I couldn't make my typing experience any worse, having a blank keyboard (no letter labels) and ditching the 'qwerty' in favour of dvorak ages ago :D
2024-03-31 16:01:52 <dwfreed> yeah...
2024-03-31 16:02:01 <dwfreed> I want to learn dvorak one day
2024-03-31 16:02:13 <dwfreed> but it'll probably be on a keyboard where I can switch layouts *in the keyboard*
2024-03-31 16:02:16 <satmd> 
ACTION uses kernel_menuconfig to actually enable rtl8366s support, because menuconfig didn't do it

2024-03-31 16:02:25 <dwfreed> satmd: wrong window
2024-03-31 16:02:30 <satmd> oh
2024-03-31 16:02:39 <satmd> indeed
2024-03-31 16:03:16 <sebastia1> Much more easy on the hands dvorak. Hard to go back once you get used to it. The 'qwerty' _really is_ designed to make typing uncomfortable.
2024-03-31 16:03:26 <sebastia1> Thanks again dwfreed :)
2024-03-31 16:03:54 <dwfreed> sebastia1: we should probably figure out how to fix the underlying issue of openrc thinking it's a domU and not a dom0
2024-03-31 16:04:10 <dwfreed> the question is, *why* isn't xenfs mounting early
2024-03-31 16:04:18 <dwfreed> (it's supposed to)
2024-03-31 16:04:19 <sebastia1> dwfreed: sure thing.
2024-03-31 16:06:55 <sebastia1> Right, so the xenfs supposed to mount earlier, gotcha.
2024-03-31 16:08:24 <sebastia1> There's a 5 2TB disks hooked up to the system, not sure if it can have an impact of this sort. 
2024-03-31 16:08:52 <dwfreed> should not
2024-03-31 16:10:01 <sebastia1> There's a _huge_ delay between the XEN msgs and the openrc messages appearing on the screen. Feels like ~1minute, perhaps less but long enough to make you wonder if it's going to come up at all.
2024-03-31 16:10:25 <dwfreed> make sure 'quiet' is not in your kernel command line
2024-03-31 16:19:48 <dwfreed> and I think I know the answer
2024-03-31 16:20:11 <dwfreed> xenfs is a module, and if the module's not loaded, it won't be listed in /proc/filesystems, and so then openrc won't mount it in init.sh
2024-03-31 16:33:30 <sebastia2> Removing 'quiet' from the 'APPEND' line in the '/media/usb/boot/syslinux/syslinux.cfg' did not make a diff in terms of the blank screen delay between the 'XEN' and the 'openrc' as part of the boot process. Not a priority though, just thought perhaps it relates to the issue we observed, otherwise ignore.
2024-03-31 16:33:54 <dwfreed> sebastia2: so it looks like the "correct" fix here is going to be setting rc_sys=dom0 in /etc/rc.conf
2024-03-31 16:35:03 <dwfreed> the ideal fix would be having a xen kernel that's got xenfs built in, but I'd understand if alpine doesn't want to maintain more kernel configs
2024-03-31 16:35:55 <sebastia2> Let me try that dwfreed.
2024-03-31 16:36:17 <dwfreed> sebastia2: sorry, it's xen0, not dom0
2024-03-31 16:36:26 <sebastia2> Sure.
2024-03-31 16:42:40 <sebastia2> dwfreed: the '-xenu' part is back in the 'loadkmap' def and it starts nicely at boot with the 'rc_sys=xen0' in the '/etc/rc.conf'. Did the trick.
2024-03-31 16:43:48 <sebastia2> The trick did the trick.
2024-03-31 16:52:26 <dwfreed> hurray
2024-03-31 21:39:29 <sewn> has anyone tried to do a full disk encryption install without using LVM
2024-03-31 21:39:33 <sewn> is LVM really required for such a task?
2024-03-31 21:45:58 <rdbo> sewn: you mean just a LUKS encrypted ext4 partition?
2024-03-31 21:46:03 <rdbo> or some other fs
2024-03-31 21:47:10 <sewn> rdbo: just a regular luks encrypted root partition
2024-03-31 21:47:19 <sewn> afaik LVM is used to encrypt the kernel (/boot) too
2024-03-31 21:47:37 <sewn> which requires grub which i do not like working with
2024-03-31 21:48:34 <dwfreed> There's no need for LVM regardless; it is convenient if you want to have multiple encrypted partitions, but it is not necessary
2024-03-31 21:49:04 <sewn> so how come the guide requires LVM
2024-03-31 21:49:05 <rdbo> sewn, i have done only encrypted root fs without lvm
2024-03-31 21:49:07 <rdbo> but no /boot
2024-03-31 21:49:29 <dwfreed> beecause explaining it without lvm can be more complicated
2024-03-31 21:49:39 <sewn> hrm..
2024-03-31 21:49:47 <rdbo> 1 partition for EFI, 1 partition for /boot, 1 partition for encrypted rootfs
2024-03-31 21:49:49 <sewn> rdbo: what would be so different in the installation process may i ask?
2024-03-31 21:49:51 <dwfreed> especially if you want multiple partitions inside one LUKS encrypted volume
2024-03-31 21:49:56 <sewn> since i would like to do something like that
2024-03-31 21:50:17 <sewn> > Disclaimer : this is not to be followed, only for testing purposes. This will be updated when GRUB 2.12 rc1 will be available for LUKSv2, GRUB and FDE to work
2024-03-31 21:50:18 <sewn> wonderful
2024-03-31 21:50:26 <rdbo> well... i am making my own distro based on alpine linux. i have an installation script that sets everything up
2024-03-31 21:50:42 <sewn> whats the distro?
2024-03-31 21:50:45 <sewn> i shall refer to the arch wiki
2024-03-31 21:51:14 <rdbo> https://github.com/rdbo/sigma-linux/blob/wayland-squashfs-reboot/src/apk/sigma-conf/rootfs/usr/sbin/setup-sigma
2024-03-31 21:51:22 <rdbo> this is the installation script, pretty barebones
2024-03-31 21:51:24 <rdbo> still working on it
2024-03-31 21:51:28 <sewn> lol sigma linux
2024-03-31 21:51:31 <sewn> thats a funny name
2024-03-31 21:51:33 <rdbo> XD
2024-03-31 21:51:50 <sewn> interesting file explorer, why not xfiles?
2024-03-31 21:51:53 <rdbo> to achieve the same result on regular alpine: here's what i would do:
2024-03-31 21:52:01 <sewn> why not luakit for surf?
2024-03-31 21:52:17 <sewn> tcc? how does that work so far for you?
2024-03-31 21:53:06 <rdbo> manually do partitioning -> format with luks and load device mapper partition -> create ext4 on /dev/mapper/<partition> -> install alpine's apk overlay (located at the CDROM, in 'apk' directory iirc)
2024-03-31 21:53:21 <rdbo> that should theoretically work, but a little annoying
2024-03-31 21:53:45 <rdbo> sewn, i used xfe because it allowed me to theme it to the os color scheme. i didn't try xfiles tho
2024-03-31 21:54:18 <rdbo> also, that is the old version of the os, i'm working on a wayland reboot that doesn't use alpine's apk overlay, instead uses squashfs + overlayfs, which is what most other distros do
2024-03-31 21:54:42 <rdbo> saved a lot of memory and boot time from the liveboot
2024-03-31 21:55:12 <rdbo> tcc is just a "works" c compiler i shipped with the old version because installing the apk overlay with gcc would take too much memory
2024-03-31 21:55:59 <rdbo> luakit looks interesting, will check it out
2024-03-31 21:57:05 <sewn> rdbo: can you build everything with tcc?
2024-03-31 21:57:11 <sewn> linux and stuff like that
2024-03-31 21:57:31 <rdbo> i don't think so
2024-03-31 22:59:22 <root_> hi
2024-03-31 23:00:40 <root__> hi
2024-03-31 23:01:02 <root_> root you name
2024-03-31 23:01:27 <dwfreed> O.o
2024-03-31 23:04:12 <root_> write