2026-05-01 00:52:36 <WhyNotHugo> 
ACTION backs up /etc/apk/world

2026-05-01 04:06:17 <rnkn> what’s all this copy.fail business?
2026-05-01 04:08:21 <jvvv> kernel bug: CVE-2026-31431
2026-05-01 04:10:59 <rnkn> can I just wait and keep doing apk upgrades?
2026-05-01 04:12:41 <jvvv> I think it was in today's batch of builds. I am pretty sure all the currently supported releases and edge got updated.
2026-05-01 04:14:02 <jvvv> I'm trying to verify
2026-05-01 04:20:09 <jvvv> maybe not, the cve fixes in the most recent kernel releases were for CVE-2026-31786 and CVE-2026-31787
2026-05-01 04:24:15 <jvvv> ok, 6.18 and 7.0 branches already fixed as of 6.18.22 and 7.0... still looking at 6.12 and 6.6
2026-05-01 04:25:29 <ikke> Those should've been fixed as well
2026-05-01 04:28:24 <jvvv> Ok, good to know.
2026-05-01 04:33:29 <jvvv> Ah, for the 6.12 changes, the commit messages are not quite as clear, but I see the backports
2026-05-01 04:35:43 <jvvv> Same for the 6.6 commits... they don't mention the cve, but the fixes look clear enough
2026-05-01 04:39:01 <jvvv> wow, fixes made it all the way back to 3.17-stable... nice
2026-05-01 04:51:16 <rnkn> I'm looking at the commits to the kernel and yeah they don't mention CVE 2026-31431
2026-05-01 04:51:22 <rnkn> but it's fixed?
2026-05-01 04:57:16 <dwfreed> 5.10.254, 5.15.204, 6.1.170, 6.6.137, 6.12.85, and 6.18.22 are the LTS versions that contain the fix
2026-05-01 04:57:36 <dwfreed> To check yourself, you're looking for the "algif_aead - Revert to operating out-of-place" commit
2026-05-01 05:19:06 <jvvv> I didn't figure that out myself until I found https://lore.kernel.org/all/2026042214-CVE-2026-31431-3d65@gregkh/
2026-05-01 14:36:10 <sylvie> hey cool, i didnt even need to ask my question (copyfail), i could just check the irc logs! (i love it when vulnerability disclosures spread misinformation about which distros they affect)
2026-05-01 14:37:51 <sylvie> though it is kind of weird that i had to go to the IRC to find out when this got patched despite trying to find this info on the website
2026-05-01 14:56:49 <dwfreed> props to sylvie for 1) reading the /topic; 2) reading the logs
2026-05-01 23:29:44 <Case_Of> hello
2026-05-01 23:30:52 <Case_Of> I do own an odroid xu4 running already a system, I would like to know if by keeping its custom kernel and uboot config, I could install alpine on it, via a chroot or something to replace actual system?
2026-05-01 23:31:13 <Case_Of> and if anyone already did this for feedback?
2026-05-01 23:32:34 <Advert[m]> https://t.me/+c-LC9ed_hBgwYmZh
2026-05-01 23:37:01 <deadcade[m]> Any admins around to remove this spam?
2026-05-01 23:53:15 <ssm> . o O ( remove messages on irc? ) oh yeah matrix bridge
2026-05-01 23:55:24 <Sertonix[m]> Case_Of: I don't know that system but generally a chroot is a good way to check if it could work.
2026-05-02 00:29:08 <ePirat> Good evening
2026-05-02 00:29:53 <ePirat> I am trying to figure out how to install alpine on a pi but I am very confused by the wiki instructions
2026-05-02 00:34:26 <ePirat> it says "No disks available" and I am confused how to proceed there…
2026-05-02 00:39:54 <longnoserob[m]> which Pi exactly?
2026-05-02 00:45:02 <ePirat> Zero 2 W
2026-05-02 00:45:37 <ePirat> The wiki suggests the Pi Imager tool will already prepare the SD accordingly
2026-05-02 00:45:58 <ePirat> but I never get to the point even where I could select diskless install…
2026-05-02 00:47:51 <longnoserob[m]> what are you running the installer on?
2026-05-02 00:49:06 <ePirat> longnoserob[m], you mean the Pi Imager?
2026-05-02 00:49:13 <longnoserob[m]> yes
2026-05-02 00:49:17 <ePirat> macOS
2026-05-02 00:51:02 <longnoserob[m]> and does macos detect the sd0card you want to use?
2026-05-02 00:51:25 <ePirat> yes
2026-05-02 00:52:11 <longnoserob[m]> maybe check that the sdcard is not mounted by MacOS?
2026-05-02 00:54:30 <ePirat> ok, let me try again
2026-05-02 00:58:54 <ePirat> setup-alpine once it gets to Disk&Install says "No disks available. Try boot media /media/mmcblk0p1 (y/n)", do i need to say yes here? I guess no because then it would overwrite the partition its currently booted from?
2026-05-02 01:04:38 <ePirat> or do I just say no, have it save config to the SD card and lbu commit?
2026-05-02 01:35:29 <longnoserob[m]> thats up to you..
2026-05-02 13:51:05 <haesbaert> is firefox/librewolf kinda weird under wayland since a recent update?
2026-05-02 13:51:32 <haesbaert> as in, you click on elements of the UI and they freeze
2026-05-02 13:54:00 <visone[m]> haesbaert: I'm using librewolf 150.0.1 on mangowc and works fine, no problems
2026-05-02 13:54:18 <Advert[m]> https://t.me/+c-LC9ed_hBgwYmZh
2026-05-02 13:54:56 <WhyNotHugo> That's a pretty honest nickname
2026-05-02 13:56:41 <WhyNotHugo> Firefox/Librewolf mostly working fine, but pop-ups have blinked a few times and stopped rendering despite "still being there".
2026-05-02 13:57:07 <Advert[m]> https://t.me/+c-LC9ed_hBgwYmZh
2026-05-02 22:11:01 <Case_Of> on my xu4, i’m trying to build the hardkernel custom kernel for this hardware, kernel is building fine (I’m doing it manually with make), but I do not succeed to make a working initramfs
2026-05-02 22:11:33 <Case_Of> how should I proceed? I’m trying to create one with mkinitfs but unsuccessful
2026-05-02 22:12:02 <Case_Of> the initramfs is generated but uboot does not recognize it as an initramfs
2026-05-02 22:13:23 <Case_Of> it tells me the following: Bad Linux ARM zImage magic!
2026-05-03 05:44:52 <shadow> zlib-ng-dev installed, yet building Pillow python wheels it fails not able to find zlib... "what?"
2026-05-03 05:44:58 <shadow> I don't even know where to start troubleshooting this
2026-05-03 05:46:35 <shadow> it's from Home Assistant CI/CD build of home-assistant/core and I'm readying this for adding new architecture riscv64...  so one of the containers is this Alpine  derived base image with a python script that manages the requested CI/CD wheels building action, and it takes as an argument the packages apk names to install among those is "zlib-ng" and "zlib-ng-dev"
2026-05-03 05:47:22 <shadow> I can see in the log output it appears these are in fact installed, then fast forward skim through the log a bit I'm looking at the output from compiling python Pillow wheels and it bombs saying it cannot find zlib dependency
2026-05-03 06:25:49 <shadow> ueuggghhhh  https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/79637
2026-05-03 10:32:17 <linb> Hey, I use Alpine as a kvm host and guests and often remotly access X11 applications using SSH. I recently find out about vsock (VM sockets)and thought that would really simplyfy my setup and probable improve performance. Now I see libvirt-ssh-proxy (https://libvirt.org/ssh-proxy.html) is package in Alpine and it is probably because the standard setup really on systemd (https://wiki.archlinux.org/title/QEMU#Accessing_SSH_via_vsock) 
2026-05-03 10:33:00 <linb> I couldn't find anything on the use of vsock on Alpine, none of you guys are using it? would there be a particular reason?
2026-05-03 11:21:21 <WhyNotHugo> linb: systemd just starts an instances of ssh listening on vsock. That's quite doable manually or via an openrc script.
2026-05-03 14:08:28 <quinq> Is there a way to use pipewire/wireplumber/pulseaudio/whateverthenewfad without resorting to user service?
2026-05-03 14:08:45 <quinq> I mean just starting a process as a single user
2026-05-03 14:08:52 <quinq> (a or a couple)
2026-05-03 14:09:02 <ikke> quinq: You can set the user to run the service as in the init file
2026-05-03 14:09:29 <ikke> command_user="user:group"
2026-05-03 14:09:37 <quinq> ah thanks, will try that :)
2026-05-03 14:09:45 <ikke> It would run outside of your normal environment, though
2026-05-03 14:09:55 <ikke> So you have to explicitly provide it any environment variables it needs
2026-05-03 14:09:55 <quinq> Why does it have to be a specific usert though, can't it be just root, or a dedicated user?
2026-05-03 14:10:34 <quinq> Hummm, it doesn't seem to set any environment variable, like ssh-agent or dbus-launch would do for example
2026-05-03 14:11:27 <ikke> quinq: it's not advisable to run these services as root
2026-05-03 14:11:36 <ikke> Running it as a different user makes permissions difficult
2026-05-03 14:11:54 <quinq> Sorry, was lazy and didn't install pipewire-doc, it doesn't help the user but to document several (wow a lot actually) env variables
2026-05-03 14:12:29 <quinq> Hummm, isn't that the whole idea of groups?
2026-05-03 14:12:44 <quinq> You can run as a user and allow group to share resoruces
2026-05-03 14:13:52 <quinq> Actually the documented environment variables are only for startup config
2026-05-03 14:14:12 <achill> why wouldnt you not just run them on the same uid? if you dont benefit from the security benefits of a different uid/gid, then you can just run them on the same uid anyway
2026-05-03 14:14:32 <ikke> quinq: From my understanding, the idea is to avoid different user from being able to access the same instannce
2026-05-03 14:14:34 <ikke> instance
2026-05-03 14:15:45 <achill> tbh in 99.9% of use cases you just want openrc to manage your pipewire user service
2026-05-03 14:16:18 <quinq> Use case is not having to manually create user services and having to use openrc
2026-05-03 14:16:35 <quinq> Ah so it's possible to having several instances of pipewire
2026-05-03 14:16:52 <quinq> Then yeah, why all this complexity
2026-05-03 14:16:59 <achill> i mean there is a user service in pipewire-openrc
2026-05-03 14:17:26 <quinq> But there is no user service in openrc unless you create it manually
2026-05-03 14:17:46 <ikke> For now
2026-05-03 14:17:57 <quinq> :)
2026-05-03 14:18:05 <quinq> An init service is mostly for system daemons
2026-05-03 14:18:10 <achill> no?
2026-05-03 14:18:17 <quinq> If I need to run something as a single user… Then I can just run it as a single user
2026-05-03 14:18:20 <achill> i mean your init system can also supervise all daemons
2026-05-03 14:18:25 <achill> thats kinda the cool thing about it
2026-05-03 14:18:33 <achill> that there is something supervising all your services
2026-05-03 14:18:47 <ikke> There is a distinction between an init system and a service manager
2026-05-03 14:18:52 <achill> right
2026-05-03 14:19:16 <ikke> Alpine is the proof, it uses busybox init, but openrc for services
2026-05-03 14:19:17 <achill> but that there is something to supervise your services is a good thing
2026-05-03 14:19:47 <quinq> Like a user
2026-05-03 14:19:49 <achill> not to run them and nobody to look after it, kinda uncool if you want to rely on it
2026-05-03 14:20:12 <quinq> look after how?
2026-05-03 14:20:17 <ikke> user services are there so that each user can has there distinct set of services limited to that user (for security reasons)
2026-05-03 14:20:18 <quinq> Like stopping?
2026-05-03 14:20:51 <quinq> Then again, if I want to run something as the current user, I can just… run it
2026-05-03 14:21:17 <quinq> If it needs to be run as a different user, then yeah a service manager comes in handy, you don't need other user access
2026-05-03 14:21:50 <ikke> service managers support these features and more, so there is little reason not to use them if they support it
2026-05-03 14:22:09 <quinq> Because it's not needed
2026-05-03 14:22:21 <ikke> Many things are strictly not needed
2026-05-03 14:22:32 <quinq> It doesn't make sense (at least to me) to use something just because it provides features, if those features are not needed
2026-05-03 14:22:36 <achill> sure, i can also fax paper to my local authorities, but there are better ways
2026-05-03 14:22:38 <quinq> ikke, exactly
2026-05-03 14:22:47 <ikke> But we use them because they provide a benefit
2026-05-03 14:22:54 <quinq> Who's “we”
2026-05-03 14:23:05 <achill> lol any openrc user
2026-05-03 14:23:28 <quinq> That's a great answer
2026-05-03 14:24:00 <quinq> So far I only heard about potentials
2026-05-03 14:24:09 <quinq> “features” “benefits”
2026-05-03 14:24:13 <ikke> One reason is to make sure these 'services' are started in the right order
2026-05-03 14:24:14 <quinq> “should be”
2026-05-03 14:24:17 <quinq> But nothing concrete
2026-05-03 14:24:38 <ikke> Another reason could be (not that openrc supports that atm afaik) is to run services on-demand
2026-05-03 14:24:46 <quinq> ikke, that's a good point
2026-05-03 14:24:56 <quinq> It can be managed easily with a sequence of commands though
2026-05-03 14:25:03 <ikke> "easily"
2026-05-03 14:25:22 <ikke> You have to research the order and make sure they in the right order
2026-05-03 14:25:32 <ikke> a service can set it declaritively
2026-05-03 14:25:40 <quinq> I yes, it's some work
2026-05-03 14:26:06 <quinq> But maybe we're coming to the actual problem / solution here
2026-05-03 14:26:30 <ikke> services can easily be enabled and disabled
2026-05-03 14:26:32 <quinq> Is it that pipewire/wireplumber/pulse* is too complex to use manually and needs a service manager?
2026-05-03 14:26:38 <ikke> If you have a script that starts them, then you have to edit the script
2026-05-03 14:27:21 <ikke> quinq: that's hard to say
2026-05-03 14:27:36 <ikke> some things are inherently more complex. But I don't know pipewire enough to determine that
2026-05-03 14:27:36 <quinq> Yeah ikke, for example openrc (though rather ifupdown) doesn't manage very well bonding interfaces
2026-05-03 14:27:44 <quinq> So I have to resort to my own manual scripts
2026-05-03 14:28:03 <ikke> quinq: we manage bonded interfaces just fine for our infrastructure
2026-05-03 14:28:22 <quinq> Glad to hear it worksforyou™ ;)
2026-05-03 14:28:38 <quinq> That was just an example about what you said, service vs script
2026-05-03 14:29:03 <ikke> quinq: you can easily create something that works just for you and your usecase
2026-05-03 14:29:14 <quinq> Hey
2026-05-03 14:29:18 <ikke> but if you want to create something that supports more than one usecase, it inhrently comes with complexity
2026-05-03 14:29:22 <quinq> That was exactly my initial question about pipewire!
2026-05-03 14:29:29 <quinq> Though I'm not convinced it is that easy
2026-05-03 14:29:41 <quinq> Looks like there are several moving parts with environment variables?
2026-05-03 14:29:49 <unvFK9I3vgc> what's wrong with ^Rwire in your shell, that returns "pipewire & pipewire-pulse & wireplumber &" - is super handy and very much user-controlled
2026-05-03 14:30:02 <quinq> yeah
2026-05-03 14:30:30 <ikke> unvFK9I3vgc: imagine running pmos on your mobile phone
2026-05-03 14:30:45 <ikke> each time you restart your phone, you have to open a terminal, run that command to get sound
2026-05-03 14:30:47 <unvFK9I3vgc> ok, neither of these things apply
2026-05-03 14:30:57 <unvFK9I3vgc> no phone, no pmos
2026-05-03 14:31:03 <quinq> computer, alpine
2026-05-03 14:31:08 <unvFK9I3vgc> exactly
2026-05-03 14:31:12 <ikke> unvFK9I3vgc: you only think about your own usecase
2026-05-03 14:31:13 <unvFK9I3vgc> computer, alpine
2026-05-03 14:31:18 <ikke> for yourself, you can decide what to use
2026-05-03 14:31:28 <unvFK9I3vgc> i think" computer alpine" is a very common use case in this irc chan here...
2026-05-03 14:31:43 <ikke> you can cat bytes to an audio device to get sound for all that matter
2026-05-03 14:32:20 <ikke> But if you think about any usecase other then your own, then you'll realize there is benefit in a more streamlined process
2026-05-03 14:32:53 <ikke> And just to make it clear, in my own environment I start most programms like copyq and flameshot in my xinitrc
2026-05-03 14:33:11 <quinq> Only suspect thing I see in the user services is:
2026-05-03 14:33:11 <unvFK9I3vgc> makes sense!
2026-05-03 14:33:11 <quinq> export PIPEWIRE_PULSE_NOTIFICATION_FD=3
2026-05-03 14:33:11 <quinq> notify=fd:3
2026-05-03 14:33:28 <quinq> Not sure what that is though, PIPEWIRE_PULSE_NOTIFICATION_FD isn't documented in pipewire man-page
2026-05-03 14:33:30 <ikke> Why is that suspicious?
2026-05-03 14:33:44 <ikke> FD is an abbreviation for file descriptor
2026-05-03 14:33:45 <quinq> Because it has to be done in addition to just running the program
2026-05-03 14:33:50 <quinq> I know that :)
2026-05-03 14:33:52 <unvFK9I3vgc> ikke, how does that work, pmos on a phone, do i have to login as a regular user to have sound?
2026-05-03 14:34:07 <unvFK9I3vgc> and if i am not logged in, i cannot use the sound devices?
2026-05-03 14:35:22 <unvFK9I3vgc> ok, i guess the question is a bit different.
2026-05-03 14:35:35 <ikke> Well, be creative and imagine how it can work
2026-05-03 14:36:02 <unvFK9I3vgc> i assume a phone to be really a single-user device, where it makes sense to have all these services started globally and not only after user logging in.
2026-05-03 14:36:16 <quinq> Something must be missing, just ran pipewire, wireplumber, pipewire-pulse, but I only get a “Dummy Output”
2026-05-03 14:36:17 <unvFK9I3vgc> there is no real reason to expect a phone to be used by multiple users at the same time
2026-05-03 14:36:38 <quinq> What about playing Mario Party on it?
2026-05-03 14:36:45 <ikke> unvFK9I3vgc: well, imagine each application running as it's own user
2026-05-03 14:37:06 <ikke> It's a common security feature on phones
2026-05-03 14:37:08 <unvFK9I3vgc> ok, but that is not a new thing, that is handled by setuid and friends in startu scripts
2026-05-03 14:37:13 <quinq> Every application needs its own sound server then
2026-05-03 14:37:31 <unvFK9I3vgc> i mean even now my nginx runs as nginx user...
2026-05-03 14:37:41 <ikke> I don't know specifically how it's arranged in pmos
2026-05-03 14:38:11 <ikke> unvFK9I3vgc: setuid is considered an unsafe practice
2026-05-03 14:38:28 <ikke> We do not allow any application providing suid binaries
2026-05-03 14:38:30 <unvFK9I3vgc> ok, then bwrap. whatever
2026-05-03 14:38:40 <ikke> so you are just moving complexity
2026-05-03 14:38:48 <quinq> haha, just had to start those twice
2026-05-03 14:38:56 <quinq> I mean killed all of them, started again, same order
2026-05-03 14:38:58 <quinq> Now it works
2026-05-03 14:39:36 <ikke> quinq: perhaps exectlyt the reason why that notification environment variable is there
2026-05-03 14:40:00 <ikke> Not to only start them in the right order, but wait for a services to be ready before starting the next
2026-05-03 14:41:07 <ikke> You start with a simple solution, then run into problems, add work-arounds for those problems, and you end up with a solution that is more complex than you would get if you did it properly
2026-05-03 14:41:25 <quinq> That can happen
2026-05-03 14:41:33 <quinq> Not necessarily always the case though
2026-05-03 14:41:35 <ikke> It has happened
2026-05-03 14:41:51 <ikke> The whole sysv-init system was full of those kind of hacks
2026-05-03 14:41:51 <quinq> Oh yeah, Murphy's everything ;)
2026-05-03 14:42:08 <quinq> yeah
2026-05-03 14:42:45 <unvFK9I3vgc> how is a service supervisor handling running things as dedicated users? isn't that also setuid?
2026-05-03 14:43:06 <quinq> openrc handles it by running a supervisor as the current user
2026-05-03 14:43:09 <quinq> I suppose
2026-05-03 14:43:25 <unvFK9I3vgc> i mean as dedicated users, not the current one...
2026-05-03 14:43:38 <ikke> unvFK9I3vgc: a system service manager is running as root, started by init
2026-05-03 14:43:45 <ikke> so no suid required
2026-05-03 14:43:58 <unvFK9I3vgc> i didn't say suid, i said setuid
2026-05-03 14:44:09 <ikke> What's the difference?
2026-05-03 14:44:56 <unvFK9I3vgc> one is a flag on a fs, the other an stdc api call 
2026-05-03 14:46:02 <ikke> Sorry, I meant suid than in all cases I mentioned it
2026-05-03 14:46:06 <ikke> not setuid
2026-05-03 14:46:11 <unvFK9I3vgc> yeah, i figured
2026-05-03 15:15:52 <quinq> “Issue the command $ rc-status -Ur to view and verify the current user runlevel as gui and default for Wayland and Xorg, respectively, before proceeding.”
2026-05-03 15:16:14 <quinq> $ openrc -U default * default: not a valid runlevel
2026-05-03 15:16:23 <quinq> Do I need to do anything for this to work?
2026-05-03 15:18:12 <quinq> I'm following https://wiki.alpinelinux.org/wiki/OpenRC#User_services (for xorg)
2026-05-03 15:18:13 <ikke> quinq: you need to create a directory in a specific path
2026-05-03 15:18:26 <quinq> Hummm, there's no instraction about that :/
2026-05-03 15:18:40 <quinq> Prerequisites
2026-05-03 15:18:40 <quinq> XDG_RUNTIME_DIR variable must be set
2026-05-03 15:18:42 <quinq> Have that
2026-05-03 15:19:24 <quinq> “Runlevels for user service are represented by directories in $XDG_CONFIG_HOME/rc/runlevels.” that?
2026-05-03 15:19:46 <ikke> Yes, I think so
2026-05-03 15:20:07 <ikke> so you need to create a directory named after the runlevel in there
2026-05-03 15:20:11 <quinq> ok, thank you
2026-05-03 15:20:16 <quinq> Yeah, seems to have worked
2026-05-03 15:20:30 <quinq> Important info missing from there :>
2026-05-03 15:20:39 <ikke> quinq: feel free to add
2026-05-03 15:21:37 <quinq> Free after registering yeah
2026-05-03 15:30:30 <quinq> bluetooth headset are paired, but do not appear in pavucontrol :(
2026-05-03 15:30:36 <quinq> pipewire-spa-bluez thing is installed
2026-05-03 15:31:25 <quinq> Any bluethumb people who could help debugging that?
2026-05-03 15:31:36 <quinq> Is there some magic needed to be done?
2026-05-03 15:31:49 <quinq> Followed https://wiki.alpinelinux.org/wiki/PipeWire#Bluetooth_audio
2026-05-03 18:12:21 <crimson_king> Why is the wiki replacing dd commands with "{{{1}}}" in the preview? e.g. {{cmd|dd if=key.img of=/dev/sdc obs=2560000 seek=1}}
2026-05-03 18:23:40 <crimson_king> Got it. I had to wrap it in a <nowiki>
2026-05-03 19:07:49 <crimson_king> Is there a way to persistently reference a disk when it doesn't have a partition table?
2026-05-03 19:09:21 <crimson_king> My first idea was to use /dev/disk/by-id, but that is empty in the Alpine installation media.
2026-05-03 19:11:24 <jvvv> crimson_king: you could check dmesg for kernel messages about the disk
2026-05-03 19:11:58 <ikke> It relies on (e)udev, which is not used by default (and hence not on the installation media
2026-05-03 19:19:05 <crimson_king> There are a few messages about it, but I don't know what to look for. BTW, it's for using a removable device to decrypt the root disk in the initramfs. The "cryptkey" option accepts a device containing the key, but it must be written at a specific offset, not as a regular file in a filesystem.
2026-05-03 20:09:41 <crimson_king> I've formatted the disk with a filesystem to get a UUID/LABEL, then used dd to write the key at an offset. I was afraid that would somehow destroy the filesystem, but it looks OK and, most importantly, works as a keydisk. Now I'll write a how-to on the wiki with what I've learned.
2026-05-03 20:10:54 <ikke> crimson_king: it works as long as you don't overwrite the superblocks / headers
2026-05-03 20:12:12 <crimson_king> They're at the beginning of the disk, right? I chose an offset of 25 MB.
2026-05-03 20:12:38 <ikke> crimson_king: I believe they are spread over the partition
2026-05-03 20:13:31 <crimson_king> ouch. I'll go read about it.
2026-05-03 20:22:45 <dwfreed> why not use PARTUUID, and then all you need is a partition table and a partition
2026-05-03 20:23:09 <dwfreed> and don't have to worry that you accidentally corrupt the data or the filesystem
2026-05-03 20:46:55 <Sertonix[m]> crimson_king: On simple file systems like ext4 you can create the file through the filesystem and determine the physical offset with some commands
2026-05-03 20:50:40 <crimson_king> Yeah, I was just reading about that here: https://serverfault.com/questions/309641/how-can-i-find-out-where-a-file-is-physically-located-on-the-disk-block-numbers
2026-05-03 20:50:40 <crimson_king> I'll test it.
2026-05-03 21:31:47 <dwfreed> a problem arises when that file moves on disk
2026-05-03 21:42:17 <Nivex> I'm still not understanding the "no parititon table" constraint. What you are describing sounds almost exactly like why the bios_grub parititon type exists.
2026-05-03 21:42:29 <Nivex> also dwfreed, fancy meeting you here :)
2026-05-03 21:46:19 <dwfreed> I wouldn't use bios_grub, because grub might use it, but I'm sure there's some GPT type UUID for "leave this alone"
2026-05-03 21:46:56 <dwfreed> Nivex: hi
2026-05-03 21:47:03 <ikke> Nivex: did you ask about RDNSS support?
2026-05-03 21:48:04 <Nivex> ikke: I was talking about it on fedi, yeah. I figured it out last night.
2026-05-03 21:48:57 <ikke> How did you get it working?
2026-05-03 21:49:30 <Nivex> ikke: https://tenforward.social/@nivex/116508434163772431
2026-05-03 21:50:09 <Nivex> tl;dr: apk add dhcpcd
2026-05-03 21:50:18 <ikke> ah, cool
2026-05-03 21:50:28 <ikke> Maybe it could be an option for the installer
2026-05-03 22:25:37 <unvFK9I3vgc> ikke: i might have come over a bit meh earlier, let me tell you, you are the most awesome, kind and very much competent person here on this "support" channel, when i see your interactions i'm always happy to have you share your wisdom with those that come here for guidance.
2026-05-03 22:28:53 <ikke> No worries, and thanks, I appreciate that
2026-05-03 22:34:37 <unvFK9I3vgc> i really wish more people would be like you
2026-05-03 22:35:51 <quinq> got a fan
2026-05-03 22:42:10 <unvFK9I3vgc> quinq: jealous? :)
2026-05-03 22:42:26 <unvFK9I3vgc> we can share
2026-05-03 23:07:46 <quinq> On the contrary jeje
2026-05-03 23:14:50 <unvFK9I3vgc> you don't wanna share?
2026-05-03 23:23:04 <quinq> Sorry, share what?
2026-05-03 23:23:47 <quinq> I resorted to the openrc user thing in the end
2026-05-03 23:24:06 <quinq> Looks like otherwise the slightest thing makes pipewire break
2026-05-03 23:24:14 <quinq> “modern” software.
2026-05-03 23:25:16 <quinq> Added the user to pipewire group too
2026-05-03 23:25:27 <quinq> I think that's mostly it
2026-05-03 23:25:37 <quinq> But I'll share more if you want… Tomorrow though!
2026-05-03 23:25:39 <quinq> good night
2026-05-03 23:25:44 <unvFK9I3vgc> the commandline i shared works for me perfectly (don't remember users anymore though)
2026-05-03 23:26:17 <unvFK9I3vgc> but yeah, maybe i'm just lucky
2026-05-03 23:50:24 <popefucker2> Has anyone had luck with Julia? I've managed to compile it but I can't install JLL libraries such as GLFW.jl.
2026-05-03 23:50:47 <popefucker2> Even though I have glfw and glfw-dev installed
2026-05-04 00:38:41 <popefucker2> Ah its because some .so files aren't named as they expect
2026-05-04 15:45:54 <f_> Case_Of: (pmOS ships a newer kernel for XU4 fyi)
2026-05-04 15:46:33 <f_> which tells me XU4 should work with regular mainline linux at this point
2026-05-04 15:50:18 <realroot[m]> how build https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=touche in alpine?
2026-05-04 15:50:52 <realroot[m]> i mean build() and the package()
2026-05-04 15:51:05 <realroot[m]> *then
2026-05-04 20:19:59 <WhyNotHugo> I'm having some issues with Firefox+Librewolf on sway recently. Of note, pop-up menus sometimes don't render, or sometimes blink.
2026-05-04 20:20:19 <WhyNotHugo> The behaviour changes when I move the window to another output.
2026-05-04 22:03:30 <popefucker2> I would be surprised if that was a packaging problem, it's most likely a Firefox bug.
2026-05-04 22:12:44 <Sertonix[m]> realroot: Should be similar except for using abuild-meson and trying to avoid nvm
2026-05-05 00:01:40 <jvvv> Has anyone tried running alpine on a Radxa Dragon Q6A?
2026-05-05 00:35:29 <jvvv> Looks like support for it in not in linux-lts, but is in linux-stable and linux-firmware-qcom.
2026-05-05 00:41:02 <longnoserob[m]> pmOS hS supoort for it
2026-05-05 00:51:46 <jvvv> longnoserob[m]: Thanks for letting me know. I'll take a look at that.
2026-05-05 01:56:22 <WhyNotHugo> Looks like bootstrapping Bun won't be an issue in future. Anthropic seems to be preparing to have their LLM rewrite it into Rust.
2026-05-05 02:56:18 <runxiyu> ?
2026-05-05 02:56:27 <runxiyu> bleh
2026-05-05 02:56:49 <runxiyu> well, at least javascriptcore isn't changing, right...
2026-05-05 09:49:53 <Leahh> I need to build mesa with the main branch for some experimental drivers on Alpine, How can I do this? Using an RC release with the commits I need doesn't work as abuild rejects it as an invalid version. How can I use the main mesa branch or an RC release when abuilding a package?
2026-05-05 10:18:06 <omni> you can use something like pkgver=0_git<dateofcommit>
2026-05-05 10:22:26 <Leahh> ohhh
2026-05-05 10:22:31 <Leahh> i'll try that in a bit :)
2026-05-05 12:30:38 <Leahh> Trying it now, And had to bump libdrm to 2.4.133, It built fine, but where do I find the apk file / how do I install the updated library?
2026-05-05 12:38:58 <Leahh> https://wiki.alpinelinux.org/wiki/Creating_an_Alpine_package#Testing_the_package_locally
2026-05-05 12:38:58 <Leahh> Didn't see this, we'll see :)
2026-05-05 12:42:38 <Leahh> yep, added the dir to /etc/apk/repositories and then `apk upgrade` installed the new libdrm :D
2026-05-05 13:33:33 <runxiyu> has anyone been experiencing increased kernel pannics or whatever with zfs?
2026-05-05 14:11:23 <runxiyu> nvm
2026-05-05 14:11:27 <runxiyu> it kernel panics when i shake it
2026-05-05 14:12:41 <quinq> baby
2026-05-05 14:47:58 <penguinz_rule[m]> i am making an ecl-dbg package in order to figure out a segfault inside the system, but uh, prepare() seems to break with changing the name to ecl-dbg
2026-05-05 14:48:12 <penguinz_rule[m]> i am working with the v3.23 definition
2026-05-05 14:48:24 <penguinz_rule[m]> (breaks as in ./configure cannot be found)
2026-05-05 14:51:43 <penguinz_rule[m]> is something like _dbg meant to be how i do that
2026-05-05 14:53:40 <penguinz_rule[m]> trying that
2026-05-05 14:57:13 <ikke> penguinz_rule[m]: generally just declaring a $pkgname-dbg should be enough 
2026-05-05 14:58:00 <penguinz_rule[m]> well i made _dbg because idk how the ./configure would be altered, and i think --enable-debug affects the lisp also, so its not like one can just use CFLAGS
2026-05-05 15:21:08 <penguinz_rule[m]> ok i installed ecl-dbg and now its getting exec format errors. i dont know what happened for that to occur
2026-05-05 15:26:41 <penguinz_rule[m]> wait im daft give me a second
2026-05-05 15:27:40 <HolidayJesus> go on
2026-05-05 15:32:09 <penguinz_rule[m]> add-symbol-file in gdb
2026-05-05 15:32:25 <penguinz_rule[m]> but because of what i am at, idk if the debug symbols persist
2026-05-05 15:36:33 <penguinz_rule[m]> because this is making another executable
2026-05-05 16:20:55 <Sertonix[m]> <penguinz_rule[m]> "(breaks as in ./configure cannot..." <- This sounds like you are changing the pkgname= line which shouldn't be changed when trying to create a debug build. The recommended way is to ether add $pkgname-dbg to subpackages= or set DEBUG=1 when invoking abuild.
2026-05-05 16:51:02 <mkoshka> hi everyone! telegram-desktop on edge seems to be misconfigured and displays an API_ID_PUBLISHED_FLOOD error on the login screen
2026-05-05 16:51:21 <mkoshka> https://github.com/telegramdesktop/tdesktop/issues/4717 seems to be related
2026-05-05 17:15:25 <mkoshka> and another question: is gcc going to be updated to 16.1, and when?
2026-05-05 17:17:37 <achill> after alpine 3.24 is out
2026-05-05 17:19:41 <mkoshka> achill: thanks! 
2026-05-06 08:21:25 <shakugan> HI 
2026-05-06 08:21:42 <shakugan> i need ask how can install code-server
2026-05-06 08:22:20 <shakugan> i need install and make pkage "apk"
2026-05-06 08:29:23 <shakugan> ?
2026-05-06 08:41:54 <r0eme> shakugan: use the install script of code-server. refer to upstream documentation: https://github.com/coder/code-server
2026-05-06 08:42:39 <r0eme> assuming this is the one you're referring to.
2026-05-06 08:44:17 <shakugan> i test no working
2026-05-06 08:44:28 <shakugan> and i try build from source
2026-05-06 08:44:32 <shakugan> and no working
2026-05-06 09:08:06 <quinq> Most likely incompatible with Alpine, shakugan 
2026-05-06 09:08:15 <quinq> They say: “The only requirement to use the standalone release is glibc”
2026-05-06 09:09:49 <ikke>   They probably ship / install pre-compiled binaries, which is indeed not compatible with alpine linux, both technically and policy wse
2026-05-06 09:12:41 <shakugan> is install and work but no all "terminal" no work
2026-05-06 09:13:29 <shakugan> i make docker image if you can fix this problem ?
2026-05-06 09:30:38 <shakugan> ???
2026-05-06 10:05:32 <shakugan> Hi you can help
2026-05-06 17:04:59 <latex> https://bpa.st/raw/JY6Q anyone know how to fix this?
2026-05-06 17:05:13 <latex> I'm trying to upgrade from 3.22 to 3.23
2026-05-06 17:26:05 <lopid> can you remove the conflicting packages first?
2026-05-06 20:45:59 <latex> I can't remove them
2026-05-06 20:48:16 <latex> https://bpa.st/raw/2QGA
2026-05-06 20:50:07 <dwfreed> revert the apk configuration back to 3.22 then try to remove them
2026-05-06 21:03:31 <Sertonix[m]> I would manually edit /etc/apk/world and then apk upgrade -a (ether first with --simulate or interactive)
2026-05-07 04:18:05 <ikke> Any output from apk list --orphaned?
2026-05-07 07:02:08 <frag> havent used anything microsoft since forever... anyway can you view/listen to a microsoft teams presentation through librewolf without any account or anything? remember trying it once and something was wrong i think i didnt have sound iirc
2026-05-07 07:08:18 <frag> maybe can use browser on my phone..
2026-05-07 07:10:53 <frag> maybe i tried that last time too..
2026-05-07 07:10:58 <frag> oh well..
2026-05-07 07:15:23 <longnoserob[m]> I think I used the team-online client in FF last year or so
2026-05-07 07:20:36 <frag> will try both, otherwise meh..
2026-05-07 07:49:18 <ayex[m]> indeed, ms teams is utter garbage, unfortunately I have to put up at work with it. there I use helium browser to keep that junk at least in a browser sandbox, and when I have the invitation link to a meeting, then it is possible to connect to that without an account. ( frag other already participation meeting members will need to allow you into the meeting though)
2026-05-07 08:02:30 <frag> it seems to work this time, both on phone and linux :]
2026-05-07 13:01:47 <wyk72> I have an issue with a package, maybe someone can help me
2026-05-07 13:02:34 <wyk72> basically is this situation:
2026-05-07 13:02:35 <wyk72> cloud-utils-localds requires cdrkit.  virt-install requires xorriso.
2026-05-07 13:02:54 <wyk72> but poackages conflict since they both use the binay mkisofsù
2026-05-07 13:03:02 <wyk72> I have no idea what to do
2026-05-07 13:03:23 <wyk72> apk refuses to install both packages but I need both
2026-05-07 13:10:17 <Biswa96[m]> wyk72: yup, it need some changes. let me send a quick merge request.
2026-05-07 13:13:01 <wyk72> thanks
2026-05-07 13:13:54 <wyk72> I used xorriso directly from command line, it worked (as a workaround)
2026-05-07 13:22:50 <Biswa96[m]> this merge request should fix it https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/102025
2026-05-07 13:23:49 <shadow> I don't think that's the correct fix though
2026-05-07 13:24:33 <shadow> xorriso is a legitimate front-end replacement for cdrkit, in fact cdrkit is kind of sus
2026-05-07 13:24:59 <shadow> why not make cloud-utils-localds depend on either?
2026-05-07 13:26:19 <Biswa96[m]> I have not seen other distribution to provide that symlink.
2026-05-07 13:27:42 <shadow> es@debian:~$ ls -l /usr/bin/mkisofs 
2026-05-07 13:27:42 <shadow> lrwxrwxrwx 1 root root 11 Nov 15  2024 /usr/bin/mkisofs -> genisoimage
2026-05-07 13:28:21 <shadow> I suppose that is cdrkit
2026-05-07 13:28:58 <shadow> debian "etc alternatives" allows to change that 
2026-05-07 13:29:16 <shadow> s/etc/update/
2026-05-07 13:30:10 <shadow> I guess that is not a strong argument against the change you've proposed, however.
2026-05-07 13:30:58 <Biswa96[m]> that symlink is provided in alpine's cdrkit package too.
2026-05-07 13:31:02 <Biswa96[m]> https://pkgs.alpinelinux.org/contents?name=cdrkit&repo=community&branch=edge&arch=x86_64
2026-05-07 13:41:47 <Biswa96[m]> btw, feel free to share your comment in that merge reqeust. ncopa may find other way to solve it.
2026-05-07 17:52:56 <Sertonix[m]> I think the better fix would be to depend on cmd:mkisofs
2026-05-07 18:18:17 <devgioele> I am looking for a mailing list or RSS feed to be notified about CVEs that are related to alpine linux. What do you recommend?
2026-05-07 18:19:03 <devgioele> The following does seem to be actively used: ~alpine/security-announcements+subscribe@lists.alpinelinux.org
2026-05-07 18:19:34 <devgioele> I would like to be informed when important package updates should be made.
2026-05-07 18:22:08 <ikke> We do not have a dedicated feed for 'important' package updates
2026-05-07 18:23:35 <devgioele> How do you stay up-to-date on security news?
2026-05-07 18:34:23 <ikke> I'm subscribed to oss-security (https://www.openwall.com/lists/oss-security/)
2026-05-07 18:45:27 <devgioele> thx
2026-05-07 19:12:47 <ahills> hey, some packages now install openrc scripts in /etc/user/init.d, which is great—but when I want to override them with my own in ~/.config/rc/init.d, openrc seems to start both of them, which causes some issues… is there a way to influence this behavior?
2026-05-07 19:13:19 <ahills> (this is for running services as a user, with --user)
2026-05-07 19:13:25 <ikke> ahills: Perhaps you can ask that in #openrc on libera.chat/
2026-05-07 19:13:30 <ahills> great idea, thanks!
2026-05-07 19:53:07 <ionxt> xmlsec-1.3.11-r0 wont install on edge
2026-05-07 19:53:42 <ikke> ionxt: apparently some packages still need to be rebuilt
2026-05-07 19:53:54 <ionxt> no errors but always in apk -u list 
2026-05-07 19:54:05 <ikke> ionxt: can you show the output of `apk add -s xmlsec=1.3.11-r0`?
2026-05-07 19:54:54 <ionxt> ERROR: unable to select packages:
2026-05-07 19:54:54 <ionxt>   xmlsec-1.3.9-r0:
2026-05-07 19:54:54 <ionxt>     breaks: world[xmlsec=1.3.11-r0]
2026-05-07 19:54:54 <ionxt>     conflicts: xmlsec-1.3.11-r0 xmlsec-1.3.11-r0[cmd:xmlsec1=1.3.9-r0]
2026-05-07 19:54:54 <ionxt>     satisfies: libreoffice-common-25.8.5.2-r1[so:libxmlsec1.so.1] xmlsec-nss-1.3.9-r0[so:libxmlsec1.so.1]
2026-05-07 19:54:57 <ionxt>   xmlsec-1.3.11-r0:
2026-05-07 19:55:00 <ionxt>     conflicts: xmlsec-1.3.9-r0 xmlsec-1.3.9-r0[cmd:xmlsec1=1.3.11-r0]
2026-05-07 19:55:02 <ionxt>     satisfies: world[xmlsec=1.3.11-r0] xmlsec-nss-1.3.11-r0[so:libxmlsec1.so.10311]
2026-05-07 19:55:05 <ionxt>   xmlsec-nss-1.3.11-r0:
2026-05-07 19:55:06 <ikke> Yeah, libreoffice
2026-05-07 19:55:08 <ionxt>     conflicts: xmlsec-nss-1.3.9-r0
2026-05-07 19:55:10 <ionxt>   xmlsec-nss-1.3.9-r0:
2026-05-07 19:55:13 <ionxt>     conflicts: xmlsec-nss-1.3.11-r0
2026-05-07 19:55:22 <dwfreed> please use a pastebin next time
2026-05-07 19:55:42 <ionxt> ok
2026-05-07 20:01:13 <ionxt> The last mesa update on edge breaks my xfce4 pager (workspace switcher) miniatur view and systray icons all other icons are ok some one can confirm this?
2026-05-07 20:02:31 <ionxt> The systray icons are ok if the size was set fixed
2026-05-08 00:02:59 <qiaoranmc> Hello!
2026-05-08 00:03:36 <qiaoranmc> Goodbye!
2026-05-08 05:35:36 <Forza> hi
2026-05-08 05:36:12 <Forza> is the new root escalation cve also affecting alpine?
2026-05-08 05:36:22 <ikke> Forza: which one exactly :)
2026-05-08 05:36:27 <Forza> https://www.openwall.com/lists/oss-security/2026/05/07/8
2026-05-08 05:36:29 <Forza> https://github.com/V4bel/dirtyfrag
2026-05-08 05:36:35 <ikke> Forza: probably
2026-05-08 05:36:35 <Forza> dirty frag
2026-05-08 05:36:40 <Forza> :(
2026-05-08 05:39:15 <Forza> I'm trying to understand if this is remotely exploitable, or only if you have a login to the machine 
2026-05-08 05:42:50 <ikke> It's described as a local privilege escalation
2026-05-08 05:42:57 <ikke> so you would already have to have access
2026-05-08 05:51:08 <Forza> good
2026-05-08 05:52:12 <Forza> well, not as bad as it could be
2026-05-08 06:06:37 <fission> I tried to get it to run on alpine but no dice yet
2026-05-08 06:09:04 <fission> it worked (too easily) on my ubuntu systems heh
2026-05-08 06:10:34 <Forza> it requires some ipsec modules loaded
2026-05-08 06:11:54 <fission> it will load them if using the lts kernel
2026-05-08 06:23:15 <fission> https://www.ldx.ca/tmp/dirtyfrag.txt    what I see so far
2026-05-08 06:23:32 <fission> maybe it's expecting root to have /bin/bash as its shell, there's some stuff that suggests maybe
2026-05-08 06:46:28 <Forza> fission: dont you need rhe esp4/6 modules loaded as well for it to work
2026-05-08 06:48:09 <fission> Forza: it is loaded
2026-05-08 06:48:36 <fission> dirtyfrag:~/dirtyfrag$ lsmod | grep esp
2026-05-08 06:48:36 <fission> esp4                   28672  0
2026-05-08 06:48:36 <fission> xfrm_algo              16384  2 esp4,xfrm_user
2026-05-08 06:50:27 <Forza> oh. then good it doesnt work. but maybe because like you say this particulate proof of concept assumes bash
2026-05-08 06:51:34 <fission> I changed it in /etc/passwd and it didn't seem to make a difference
2026-05-08 06:51:49 <Forza> https://github.com/V4bel/dirtyfrag/blob/892d9a31d391b7f0fccb333855f6289507186748/exp.c#L1110
2026-05-08 06:52:09 <fission> but probably it's just an implementation detail of the PoC rather than that it wouldn't work entirely
2026-05-08 06:54:09 <Forza> i am thinking this
2026-05-08 06:55:31 <fission> [!] client sendmsg: Key was rejected by service
2026-05-08 06:55:42 <fission> ^ I don't really know why that is
2026-05-08 07:05:37 <Forza> fission: if the crafted key is not accepted, it could be that Alpine kernels are configured slightly different
2026-05-08 07:06:13 <Forza> Alpine FTW :)
2026-05-08 07:07:05 <fission> well it is good that the published exploit doesn't 'just' work out of the box on Alpine I suppose :)
2026-05-08 07:07:21 <fission> and the virt kernel doesn't even have rxrpc iirc
2026-05-08 07:08:04 <fission> I should compare this failed run to a successful one on my ubuntu box, brb
2026-05-08 07:09:44 <fission> https://www.ldx.ca/tmp/dirtyfrag-ubuntu.txt   it's, uh, slightly shorter heh
2026-05-08 07:10:03 <fission> hmm maybe due to busybox
2026-05-08 07:10:08 <fission> (on Alpine, I mean)
2026-05-08 07:11:10 <Forza> lol
2026-05-08 07:12:07 <fission> maybe if I install util-linux-login
2026-05-08 07:12:11 <fission> which has a 'real' su
2026-05-08 07:20:07 <fission> dirtyfrag:~/dirtyfrag$ ./exp -v
2026-05-08 07:20:07 <fission> I did that, and changed TARGET_PATH to /bin/su and:
2026-05-08 07:20:07 <fission> [su] wrote 192 bytes to /bin/su starting at 0x0
2026-05-08 07:20:07 <fission> [su] installed 48 xfrm SAs
2026-05-08 07:20:07 <fission> [su] /bin/su page-cache patched (entry 0x78 = shellcode)
2026-05-08 07:20:25 <fission> but it's still failing after that
2026-05-08 07:20:28 <fission> 
ACTION shrugs

2026-05-08 13:24:28 <telmich> Something is strange..I just installed alpine 3.23.4, but it seems not to try to decrypt the rootfs after installation
2026-05-08 13:25:12 <telmich> I added the cryptdm=root and cryptroot=/dev/nvmen1p3 parameters to grub, I added the cryptsetup module to /etc/mkinitfs/mkinitfs.conf and I recreated the initfs
2026-05-08 13:26:38 <telmich> nvm.. nvme0n1p3 not nvmen1p3... damn nvme naming
2026-05-08 13:40:48 <telmich> Hmm, libreoffice is broken in edge
2026-05-08 13:44:11 <quinq> Worksforme©
2026-05-08 13:51:55 <telmich> hmm, strange
2026-05-08 13:59:06 <Biswa96[m]> libreoffice need to be rebuilt after some dependencies update, see the grayed out .so files in 'Depends' drop-down https://pkgs.alpinelinux.org/package/edge/community/aarch64/libreoffice-common
2026-05-08 13:59:34 <telmich> apk add libreoffice
2026-05-08 13:59:34 <telmich>     required by: libreoffice-common-25.8.5.2-r1[so:libxmlsec1-nss.so.1]
2026-05-08 13:59:34 <telmich>   so:libxmlsec1.so.1 (no such package):
2026-05-08 13:59:34 <telmich>   so:libxmlsec1-nss.so.1 (no such package):
2026-05-08 13:59:34 <telmich> ERROR: unable to select packages:
2026-05-08 13:59:36 <telmich>     required by: libreoffice-common-25.8.5.2-r1[so:libxmlsec1.so.1]
2026-05-08 14:01:59 <crimson_king> How would I go about setting up unattended package updates? I could probably use cron to upgrade, but automatically restarting upgraded services isn't obvious to me. All I could find is this "apk-autoupdate" package (https://github.com/jirutka/apk-autoupdate/), but it doesn't seem very active, and I don't know the author.
2026-05-08 14:21:18 <WhyNotHugo> I ḿ trying to package py3-curl-cffi, an optional dependency for yt-dlp… it uses a custom libcurl with boringssl, but my resulting binary is missing some symbols for some reason. Would appreciate any insight on !102099
2026-05-08 14:23:28 <elagost> crimson_king: the author is an alpine commiter, so this is probably a fine piece of software to use. most recent commit was coauthored by another committer too :)
2026-05-08 14:38:37 <crimson_king> Yeah, it looks like you're right. I'll give it a try!
2026-05-08 14:40:30 <Sertonix[m]> The safest bet is always to restart the system. Everything else will always miss some services that could be restarted.
2026-05-08 14:41:28 <quinq> telmich, check your xmlsec package
2026-05-08 14:46:15 <Sertonix[m]> [@_oftc_WhyNotHugo:matrix.org](https://matrix.to/#/@_oftc_WhyNotHugo:matrix.org) Have you tried not using/building the static library?
2026-05-08 14:52:07 <Biswa96[m]> quinq: the so file changed in new version https://pkgs.alpinelinux.org/contents?name=xmlsec&repo=community&branch=edge&arch=x86_64
2026-05-08 14:57:41 <Nivex> Has anyone else been seeing a bunch of "DNS: transient error (try again later)" the last few days when fetching from dl-cdn.alpinelinux.org ?
2026-05-08 14:58:12 <f_> Nivex: usually it's an issue with your connection
2026-05-08 14:58:20 <f_> at least I've been able to install stuff with no issue today
2026-05-08 14:58:27 <staceee> how can I list all packages that refuse to be upgraded (because of conflict or wathever)?
2026-05-08 14:59:01 <Nivex> I figured it's probably because I'm the only weirdo running on an IPv6-only connection, but I thought I'd check outside my bubble first.
2026-05-08 14:59:23 <f_> I think it does have ipv6
2026-05-08 15:00:47 <Nivex> It does. What's probably happening is one of the entries in the CDN list doesn't have AAAA records, so when I get that entry it errors. Once that entry cache expires it grabs a new one that does have AAAA and I go on with life. It's just been happening way more often lately so I've been noticing it.
2026-05-08 15:01:12 <f_> It's probably a good idea to point that out in #alpine-infra then
2026-05-08 15:01:22 <Nivex> 
ACTION nods

2026-05-08 15:02:09 <dwfreed> Nivex: it would be helpful to get pcaps of dns queries and responses, both locally and from your resolvers
2026-05-08 15:04:19 <Nivex> Yeah I'll have to do a deeper dive before I report anything more concrete. It could also be Quad9 messing with the queries (I'm using pdns-recursor to forward to them over DoT at the moment).
2026-05-08 15:05:46 <ikke> Since sunday, we fixed reaching https for one server (but that accidentally broke rsync). But I would not expect dl-cdn to be affected by that
2026-05-08 15:28:27 <quinq> Biswa96[m], this is weird, apk upgrade -a doesn't try to update it
2026-05-08 15:28:54 <ikke> It does not update it if there is still a package requiring the old version
2026-05-08 15:29:12 <quinq> No package here
2026-05-08 15:29:12 <quinq> apk info -r xmlsec
2026-05-08 15:29:12 <quinq> xmlsec-nss-1.3.9-r0
2026-05-08 15:29:12 <quinq> libreoffice-common-25.8.5.2-r1
2026-05-08 15:29:12 <quinq> xmlsec-1.3.9-r0 is required by:
2026-05-08 15:29:17 <quinq> apk info -r xmlsec-nss
2026-05-08 15:29:17 <quinq> xmlsec-nss-1.3.9-r0 is required by:
2026-05-08 15:29:17 <quinq> libreoffice-common-25.8.5.2-r1
2026-05-08 15:30:09 <ikke> quinq: apk add -s 'xmlsec=1.3.11-r0'
2026-05-08 15:35:59 <quinq> That's an undocumented feature, what's it supposed to do?