00:23.02 | *** join/#maemo-ssu LaoLang_cool (~LaoLang_c@221.226.175.142) |
01:58.51 | *** join/#maemo-ssu nox- (noident@freebsd/developer/nox) |
02:21.15 | *** join/#maemo-ssu ekze (~nyan@bakaekze.ru) |
02:43.12 | *** join/#maemo-ssu amiconn_ (amiconn@rockbox/developer/amiconn) |
03:33.40 | *** join/#maemo-ssu DocScrutinizer05 (~HaleBopp@openmoko/engineers/joerg) |
05:49.36 | *** part/#maemo-ssu illuminata (illuminata@ipv6.deformedfeatures.com) |
06:19.53 | *** join/#maemo-ssu _rd (~rd@p57B4981A.dip0.t-ipconnect.de) |
06:31.36 | *** join/#maemo-ssu krayon (~fallen@pdpc/supporter/28for7/krayon) |
07:58.43 | *** join/#maemo-ssu _rd (~rd@p57B4981A.dip0.t-ipconnect.de) |
08:21.13 | *** join/#maemo-ssu NIN101 (~NIN@p5DD28515.dip0.t-ipconnect.de) |
08:38.43 | *** join/#maemo-ssu LaoLang_cool (~LaoLang_c@221.226.175.142) |
08:42.43 | *** join/#maemo-ssu timo^ (~timo@unaffiliated/tiempjuuh) |
08:46.06 | *** join/#maemo-ssu _rd (~rd@87.180.152.26) |
08:54.24 | *** join/#maemo-ssu M4rtinK (~M4rtinK@mail.melf.eu) |
09:01.19 | *** join/#maemo-ssu LaoLang_cool (~LaoLang_c@221.226.175.142) |
09:15.12 | *** join/#maemo-ssu M4rtinK (~M4rtinK@mail.melf.eu) |
09:46.01 | *** join/#maemo-ssu arcean (~arcean@aafq158.neoplus.adsl.tpnet.pl) |
10:10.11 | *** join/#maemo-ssu LaoLang_cool (~LaoLang_c@221.226.175.142) |
10:48.46 | kerio | do you guys think we could ever add proper /etc/shadow support? |
11:51.19 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
12:56.27 | *** join/#maemo-ssu _rd (~rd@p57B4981A.dip0.t-ipconnect.de) |
13:32.52 | *** join/#maemo-ssu timo^ (~timo@unaffiliated/tiempjuuh) |
15:01.30 | DocScrutinizer05 | kerio: please first check if support maybe already is in place. after all it's just about format of /etc/passwd entries and a few system calls that set or compare passwords |
15:03.00 | kerio | it's not a syscall |
15:04.25 | kerio | how i know there's no /etc/shadow support: |
15:04.29 | kerio | /etc/shadow: No such file or directory |
15:10.07 | DocScrutinizer05 | meh |
15:10.16 | DocScrutinizer05 | touch /etc/shadow |
15:11.21 | DocScrutinizer05 | and yes, it seems password support is a tad scarce, anyway there's (3)getpwent et al |
15:11.57 | DocScrutinizer05 | >> The getpwent() function returns a pointer to a structure containing the broken-out fields of a record from the password database (e.g., the local password file /etc/passwd, NIS, and LDAP). |
15:12.15 | DocScrutinizer05 | I'd hope this includes support for /etc/shadow as well |
15:13.05 | DocScrutinizer05 | probably a compile time option |
15:13.35 | DocScrutinizer05 | ...whether those calls support shadow, LDAP, NIS/YP |
15:14.34 | DocScrutinizer05 | (sorry for my noobish comments, I never looked into all that until now) |
15:23.20 | kerio | ooh, /usr/bin/passwd is suid |
15:23.31 | kerio | and not busybox |
15:23.33 | kerio | for obvious reasons |
15:24.53 | kerio | ooooooh |
15:24.59 | kerio | "/etc/shadow" is a string in /usr/bin/passwd |
15:25.51 | kerio | i don't know how to test this though |
15:25.53 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
15:28.58 | DocScrutinizer05 | just create a proper entry in /etc/passwd and corresponding entry in /etc/shadow |
15:29.18 | DocScrutinizer05 | [2012-09-09 17:25:00] <kerio> "/etc/shadow" is a string in /usr/bin/passwd ### that's what I meant |
15:30.09 | DocScrutinizer05 | in sudo you might find getpwent used and thus no reference to /etc/shadow |
15:31.01 | kerio | DocScrutinizer05: how the hell do i check if i can login as the new user |
15:31.03 | DocScrutinizer05 | anyway you need to check (1)passwd how it determines whether to use shadow or not. Maybe it's already sufficient to touch /etc/shadow |
15:31.32 | DocScrutinizer05 | su - newuser ? |
15:31.42 | kerio | DocScrutinizer05: oh you silly |
15:31.51 | kerio | do i have to remind you that su is actually busybox |
15:31.53 | DocScrutinizer05 | MEEE? ;-P |
15:31.55 | kerio | which is not suid root? |
15:32.07 | kerio | and thus doesn't actually do *anything* |
15:32.31 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
15:32.43 | kerio | hmm |
15:32.51 | kerio | ok, passwd actually seems to work |
15:33.00 | kerio | but there's no cool hashing support in crypt(3) |
15:33.09 | kerio | so we're still stuck with 8-character passwords |
15:34.08 | DocScrutinizer05 | >> |
15:34.09 | DocScrutinizer05 | <PROTECTED> |
15:34.11 | DocScrutinizer05 | <PROTECTED> |
15:34.21 | kerio | DocScrutinizer05: well your man page is full of lies |
15:34.37 | DocScrutinizer05 | lol, your system is full of lies |
15:36.01 | DocScrutinizer05 | btw use friggin sudo if you got no proper su on your system ;-D |
15:37.18 | kerio | /usr/bin/ld: Warning: /usr/lib/gcc/arm-linux-gnueabi/4.2.1/libgcc_s.so: Unknown EABI object attribute 34 |
15:37.18 | kerio | ah balls |
15:37.27 | kerio | wtf is this shit |
15:37.53 | kerio | libc6-dev is already the newest version. |
15:39.12 | DocScrutinizer05 | maybe ld isn't, though |
15:39.27 | DocScrutinizer05 | which would pretty much explain it |
15:39.39 | kerio | well what's the ld i'm supposed to use? |
15:39.48 | DocScrutinizer05 | :shrug: |
15:39.55 | kerio | (this is on the n900, mind you) |
15:40.22 | kerio | meh, fuck this, i'm removing the dev stuff |
15:42.11 | kerio | huh, why do i have gcc-4.2-base installed? |
15:43.41 | kerio | installed manually, i mean |
15:46.22 | DocScrutinizer05 | btw (maybe overly) simple test if sudo reads from /etc/shadow: mkfifo /etc/shadow |
15:46.44 | DocScrutinizer05 | cat /etc/shadow will block on read |
15:46.52 | DocScrutinizer05 | so I hope would sudo |
15:47.16 | kerio | DocScrutinizer05: even better, echo -n >/etc/shadow |
15:47.26 | DocScrutinizer05 | so what? |
15:47.44 | DocScrutinizer05 | how will you know if sudo reads shadow file then? |
15:47.46 | kerio | so sudo reads an empty file, and doesn't actually get stuck |
15:47.53 | kerio | because the write succeeds :) |
15:48.02 | kerio | i meant with /etc/shadow as a fifo |
15:48.04 | DocScrutinizer05 | sudo does writes to shadow? |
15:48.22 | kerio | no, sudo reads from shadow |
15:48.25 | kerio | if you read from a pipe, you get stuck |
15:48.32 | kerio | unless there's something writing on the other side |
15:48.40 | DocScrutinizer05 | that's the idea |
15:52.56 | DocScrutinizer05 | but of course you can use strace sudo to find out whether it reads from shadow file or not |
16:25.16 | kerio | DocScrutinizer05: which debian is fremantle supposed to be similar to? |
16:25.56 | DocScrutinizer05 | err |
16:26.24 | kerio | was it etch? |
16:30.46 | NIN101 | there not too many similiarities besides the package format and a few other things... |
16:31.28 | kerio | hm, i should really repartition this :s |
16:31.41 | kerio | meh, let's do this |
16:31.49 | kerio | leeroooooooooooooooy jeeeeeeeeeeenkinsss |
17:01.10 | *** join/#maemo-ssu _rd (~rd@p57B4981A.dip0.t-ipconnect.de) |
17:06.20 | kerio | cdebootstrap_0.5.9_armel.tar.gz is pretty neat :D |
17:15.48 | Sicelo | what is it? |
17:17.24 | Sicelo | checks to see what difference exists between that one and debootstrap |
17:20.10 | *** join/#maemo-ssu arcean (~arcean@aafq158.neoplus.adsl.tpnet.pl) |
17:22.39 | kerio | Sicelo: cdebootstrap is a binary |
17:22.50 | kerio | and it has a distro-independent, statically-compiled tarball |
17:22.59 | kerio | that should work pretty much everywhere |
17:39.16 | kerio | DocScrutinizer05: i have no idea how to chroot \_o_/ |
17:39.31 | kerio | i mean, what should be exposed inside of the jail? |
17:41.49 | kerio | man, this stuff is hard |
17:46.15 | kerio | for instance, what to do with /dev/pts? |
17:46.31 | kerio | i already have a fake /etc/mtab |
17:46.42 | kerio | should i try to make newinstance for devpts work? |
17:46.51 | kerio | i don't even know if it's in 2.6.28 or if it was added later |
17:48.10 | kerio | man, no wonder the easydebian guys made such a mess |
18:15.21 | Sicelo | :P |
18:15.37 | Sicelo | what do you want out of it kerio? |
18:16.23 | kerio | Sicelo: i don't know! D: |
18:17.30 | kerio | i just wanted a working gcc |
18:17.38 | DocScrutinizer05 | that's been the point where I stopped posting wise statements last time we discussed the topic |
18:17.41 | DocScrutinizer05 | ;-P |
18:18.11 | kerio | ._. |
18:20.24 | DocScrutinizer05 | kerio: for a gcc you probably need not much more than a working shell |
18:21.09 | DocScrutinizer05 | IOW you don't care about much of the original infra getting "re-used" in your chroot |
18:21.19 | kerio | eh, i suppose you're right |
18:21.38 | kerio | i'm not even entirely sure chrooting like this is a sensible thing to do, considering that debian uses different libraries anyway |
18:21.50 | DocScrutinizer05 | :nod: |
18:22.43 | DocScrutinizer05 | given the rationale that gcc shouldn't run a s root generally, you'll most likely get away with symlinks for a few of the fat library pathes from / to /opt |
18:24.54 | DocScrutinizer05 | I E much like you would do on any arbitrary other linux system: chreate new user, place user's home in a convenient place, get some symlinks form /usr/src to /opt/usr/src etc |
18:25.33 | DocScrutinizer05 | su - developeruser |
18:25.38 | DocScrutinizer05 | profit |
18:26.55 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
18:30.12 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
18:37.25 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
18:41.18 | kerio | ponders about optifying /usr/lib/gcc/arm-linux-gnueabi |
18:42.40 | DocScrutinizer05 | sounds as sane as it gets |
18:42.55 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
18:43.00 | DocScrutinizer05 | nah |
18:43.09 | DocScrutinizer05 | optify /usr/lib/gcc ! |
18:43.15 | kerio | k |
18:44.07 | DocScrutinizer05 | # (*) only optify the lowest base folder possible |
18:44.08 | DocScrutinizer05 | # ie /foo/bar |
18:44.09 | DocScrutinizer05 | # instead of /foo/bar/one |
18:44.31 | DocScrutinizer05 | (from /etc/maemo-optify-auto-opt.conf) |
18:46.03 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
18:46.10 | DocScrutinizer05 | merlin1991: aiui you're involved in migration task from Nokia/Akamai servers to community infra? |
18:46.24 | kerio | how do i manually trigger the boot/postinst optification? |
18:46.57 | DocScrutinizer05 | merlin1991: I just wonder *how much* of the Nokia closed blobs repos (and src?) Nokia will allow to move? |
18:47.25 | DocScrutinizer05 | maemo-optify-auto-opt.sh maemo-optify-firstboot.sh maemo-optify-lib.sh maemo-optify-make-mountbind.sh |
18:47.28 | DocScrutinizer05 | pick sth |
18:48.03 | kerio | (by the way, isn't -firstboot horrendously dangerous?) |
18:48.39 | DocScrutinizer05 | (it's the thing that actually does the whole magic of *creating* /opt ;-D) |
18:48.50 | kerio | (i know, but if you launch it again it fucks up your /opt) |
18:48.59 | DocScrutinizer05 | yeah, probably XP |
18:49.41 | kerio | meh, i'm rebooting |
18:49.56 | DocScrutinizer05 | # minimal script to cleanup /home/opt under very specific circumstances. |
18:49.57 | DocScrutinizer05 | # will copy contents of rootfs /opt to /home-opt to allow image to be optified. |
18:49.59 | DocScrutinizer05 | # will only run if do-not-clean-home-opt does not exist. |
18:50.00 | DocScrutinizer05 | # postinst will create this file if used within scratchbox. |
18:50.06 | *** join/#maemo-ssu timo^ (~timo@unaffiliated/tiempjuuh) |
18:50.31 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
18:51.06 | DocScrutinizer05 | # IMPORTANT! this is called from upstart scripts, so make sure there are no |
18:51.07 | DocScrutinizer05 | # error codes returned |
18:51.12 | kerio | oh lol |
18:51.14 | DocScrutinizer05 | seems it's called each boot |
18:51.27 | DocScrutinizer05 | and knows what to (not) do |
18:52.01 | DocScrutinizer05 | #only clean the /home/opt if needed |
18:52.03 | DocScrutinizer05 | [ -e $optifyflagfile ] && return 0 |
18:52.51 | kerio | well this is dumb |
18:52.54 | kerio | it doesn't want to work |
18:53.08 | DocScrutinizer05 | # if /home is not mounted r/w for some reason -- bail out |
18:53.15 | DocScrutinizer05 | # if the /opt->/home/opt mountbind exists -- bail out |
18:53.23 | kerio | i see |
18:54.02 | DocScrutinizer05 | <PROTECTED> |
18:54.04 | DocScrutinizer05 | <PROTECTED> |
18:54.58 | DocScrutinizer05 | # move /opt contents to /home/opt only if they exist |
18:54.59 | DocScrutinizer05 | # ensure we update the donotclean flag now so we do not run again. |
18:55.49 | DocScrutinizer05 | . |
18:55.52 | DocScrutinizer05 | # use a variable to store do-not-clean file location |
18:55.54 | DocScrutinizer05 | optifyflagfile="/var/lib/maemo-optify-firstboot-do-not-clean-home-opt" |
18:55.57 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
18:56.26 | DocScrutinizer05 | ~ # ls -l /var/lib/maemo-optify-firstboot-do-not-clean-home-opt |
18:56.28 | DocScrutinizer05 | -rw-r--r-- 1 root root 0 Mar 6 2011 /var/lib/maemo-optify-firstboot-do-not-clean-home-opt |
18:56.45 | kerio | I SEE |
18:56.52 | DocScrutinizer05 | ;-P |
18:57.04 | kerio | anyway, i did the optification manually |
18:57.16 | kerio | i have no idea how maemo-optify-auto-opt.sh is supposed to work |
18:57.35 | DocScrutinizer05 | shouldn't be too hard, given there's stuff like cp -l |
18:58.15 | kerio | ew |
18:58.36 | kerio | i just mv'd |
18:58.43 | kerio | well, cp-a'd and then rm'd |
18:58.47 | kerio | and then ln-s'd |
18:59.10 | kerio | verbing is my new favourite thing |
19:00.53 | DocScrutinizer05 | kerio: |
19:00.55 | DocScrutinizer05 | # get_optified_path: check if entry or any of its parent dirs was already optified |
19:00.56 | DocScrutinizer05 | # conditions: the entry is a symlink and points to equivalent path under /opt |
19:01.24 | kerio | it's /usr/lib/gcc |
19:01.49 | DocScrutinizer05 | I gather the supposed operation mode is: echo /usr/lib/gcc >>/etc/maemo-optify-auto-opt.conf |
19:01.49 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
19:01.55 | kerio | i did |
19:02.09 | DocScrutinizer05 | then on next boot it will get optified aiui |
19:02.49 | DocScrutinizer05 | or run maemo-optify-auto-opt.sh manually |
19:03.01 | kerio | i did both, but /usr/lib/gcc wasn't optified |
19:03.03 | DocScrutinizer05 | should do the same |
19:03.07 | kerio | i did that manually, no biggie |
19:03.25 | DocScrutinizer05 | still puzzling, I'll eventually look into it |
19:05.29 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
19:09.42 | *** join/#maemo-ssu _rd (~rd@p57B4981A.dip0.t-ipconnect.de) |
19:18.14 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
19:21.08 | *** join/#maemo-ssu Sc0rpius (~naikel@190.201.107.179) |
19:33.05 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
19:35.53 | *** join/#maemo-ssu toxaris (~toxaris@s83-180-246-172.cust.tele2.se) |
19:38.31 | *** join/#maemo-ssu nox- (noident@freebsd/developer/nox) |
19:47.17 | *** join/#maemo-ssu BCMM (~ben@unaffiliated/bcmm) |
20:22.22 | amiconn | fireforks? o.O |
20:41.26 | *** join/#maemo-ssu arcean (~arcean@aafq158.neoplus.adsl.tpnet.pl) |
21:20.51 | kerio | do i really need /usr/share/locale in the rootfs? |
23:19.20 | DocScrutinizer05 | yes |
23:44.36 | *** join/#maemo-ssu _xnt14 (~xnt14@xceleo.us) |
23:45.07 | *** join/#maemo-ssu MohammadAG (~MohammadA@ool-45772b34.dyn.optonline.net) |