Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 20 Nov 2018, 17:39
All times are UTC - 4
 Forum index » Advanced Topics » Puppy Derivatives
EasyOS Pyro 0.9.8, November 14, 2018
Moderators: Flash, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 70 of 72 [1069 Posts]   Goto page: Previous 1, 2, 3, ..., 68, 69, 70, 71, 72 Next
Author Message
rufwoof

Joined: 24 Feb 2014
Posts: 2647

PostPosted: Sun 07 Oct 2018, 13:39    Post subject:  

belham2 wrote:
I un-installed the chromium from Easy 0.9.6 PPM, restarted, then installed your chromium.pet and the apulse. Every thing works good. Still cannot get Chromium to work in a Container (for some reason, 'Easy Container Management' won't recognize chromium is installed, so that one could make a container for it and run it in that.

It's no biggie, though, I am using rufwoof's trick he mentioned, and I run the "Container Desk", then download your apulse.pet & chromium.pet, install them, and chromium runs great (with sound) while inside the 'Container Desk'. Hopefully that'll afford some protection if I come across something bad while browsing, since it'll be operating inside the container-desk.

Visualise a container as using the same base sfs, but having its own save area. When you install something in the main session then that's stored in the main sessions save area, which isn't visible by containers (that only see the base sfs + the containers own save area). If after installing into the main session you remastered a new base sfs, then containers would see the additional programs.

A problem is how can you install additional things into a container. That's easy in the desk container as its a full desktop setup, so you can run petget/PPM etc. inside that, but for other containers you'd have to manually copy files across.

Running chrome with --no-sandbox does remove much of Chrome's own internal security, but being in a container somewhat reinstates that security. Running a container as non-root should enable chrome to work as intended so you'd have both the internal chrome security and security of running inside a container. Barry however dropped being able to setup a container to run under a non-root userid, so AFAIK that isn't a current option.

_________________
( ͡° ͜ʖ ͡°) :wq
Back to top
View user's profile Send private message 
scsijon

Joined: 23 May 2007
Posts: 1364
Location: the australian mallee

PostPosted: Tue 09 Oct 2018, 21:07    Post subject: using qt5? /etc/profile  

i'm adding the link in case barry is not following the quirky thread anymore.
http://www.murga-linux.com/puppy/viewtopic.php?p=1006946#1006946
Back to top
View user's profile Send private message Visit poster's website 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 8710
Location: Perth, Western Australia

PostPosted: Wed 10 Oct 2018, 07:21    Post subject:  

rufwoof wrote:
Running chrome with --no-sandbox does remove much of Chrome's own internal security, but being in a container somewhat reinstates that security. Running a container as non-root should enable chrome to work as intended so you'd have both the internal chrome security and security of running inside a container. Barry however dropped being able to setup a container to run under a non-root userid, so AFAIK that isn't a current option.


Note that the goal-posts will have shifted with the upcoming Easy 0.9.7, as have moved to using the 'pflask' utility to run containers.

It will have the option of running as user 'zeus' in a container, so hopefully will be able to run Chromium without needing that "--no-sandbox".

I think 0.9.7 should be ready in about a week from now, maybe sooner.

_________________
http://bkhome.org/news/
Back to top
View user's profile Send private message Visit poster's website 
rufwoof

Joined: 24 Feb 2014
Posts: 2647

PostPosted: Wed 10 Oct 2018, 07:49    Post subject:  

pflask looks like a interesting alternative to Fatdogs http://distro.ibiblio.org/fatdog/web/faqs/uml.html choice of UML
_________________
( ͡° ͜ʖ ͡°) :wq
Back to top
View user's profile Send private message 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 8710
Location: Perth, Western Australia

PostPosted: Sun 14 Oct 2018, 09:37    Post subject:  

Easy 0.9.7 is out, blog post:

http://bkhome.org/news/201810/easyos-097-released.html

Forum feedback here:

https://easyos.org/forum/index.php?topic=15.0

_________________
http://bkhome.org/news/
Back to top
View user's profile Send private message Visit poster's website 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 8710
Location: Perth, Western Australia

PostPosted: Sun 14 Oct 2018, 09:52    Post subject:  

rufwoof wrote:
pflask looks like a interesting alternative to Fatdogs http://distro.ibiblio.org/fatdog/web/faqs/uml.html choice of UML


James is working on the next FatDog, I think that is 800? I told him about 'pflask' (container security and chroot utility) that I am now using in Easy, and he plans to use it also.

_________________
http://bkhome.org/news/
Back to top
View user's profile Send private message Visit poster's website 
rufwoof

Joined: 24 Feb 2014
Posts: 2647

PostPosted: Sun 14 Oct 2018, 11:55    Post subject:  

BarryK wrote:
rufwoof wrote:
pflask looks like a interesting alternative to Fatdogs http://distro.ibiblio.org/fatdog/web/faqs/uml.html choice of UML

James is working on the next FatDog, I think that is 800? I told him about 'pflask' (container security and chroot utility) that I am now using in Easy, and he plans to use it also.

Sounds good. Not sure that UML worked that well (I gave it a try some time back but from a cursory go it didn't work for me - but that was a very brief/quick trial).

Primarily I boot user running X, where chrome is pretty much my desktop (use it as a calculator, text editor, PDF viewer/creator, mp4 player, online email ...etc). Where user isn't in wheel (no su, gksu ... etc.) and is pretty well tied down. Chrome under OpenBSD is both pledged and unveiled ... so highly restricted both as to disk and memory access.

For root, I use just cli (tmux, mc). mc is also my primary file manager in X as well. I just have two windows, tmux and chrome running, both with their tabs and I alt-tab between those as user, ctrl-alt-F1 into root cli/tmux for root type actions. Normally both are maximised (unlike in the attached image). I use cwm as the window manager so no icons/taskbar etc. just a 1 pixel gap at the top of screen that right mouse shows a list of all windows, left mouse shows programs (lists). exec key and a couple of the letters of a program name is usually enough to filter down the exec list to the desired program to launch. Extremely minimalist, but highly functional. Works out to base OpenBSD + 83 additional libs/packages in total (most of which is chrome). Base OBSD includes a web server as well (that I have a ddns fixed domain name that directs to that).

pflask could make things similar to OpenBSD's pledged/unveiled chrome type lock-down, especially if it utilises its own X client/server. Will that be the case?
s.jpg
 Description   
 Filesize   58.51 KB
 Viewed   466 Time(s)

s.jpg


_________________
( ͡° ͜ʖ ͡°) :wq
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1587

PostPosted: Sun 14 Oct 2018, 14:14    Post subject:  

BarryK wrote:
Easy 0.9.7 is out, blog post:

http://bkhome.org/news/201810/easyos-097-released.html

Forum feedback here:

https://easyos.org/forum/index.php?topic=15.0



Hi Barry,

Easy 0.9.7 installed via EasyDD onto USB stick.............................. (hey, I have to ask: did you know when one uses EasyDD from inside any running Easy OS version, that once you open EasyDD & choose the gz.file and pick the correct USB stick, and hit "Continue", that the EasyDD popup disappers with no dialog and/or install status box pops up, and you're left to wonder what is going on? g. No finish popup, no communication popup, nothing. Yet, EasyDD installs the .gz file IF you know enough to wait however long despite being in the dark what is going on. Perhaps a dialog box of what's going on and when EasyDD is finished would be nice Wink )

Anyhow, put 0.9.7 on USB stick, it booted up and everything is running good. Biggest thing for me is your Firefox.pet from ibiblio now has sound---YIPPIE!!!---sound both in a Container and/or outside it. This is huge, as Seamonkey sort of drives me nuts.

I then installed your Chromium.pet you compiled, along with your apulse.pet, and once again, it is impossible to set Chromium up in Easy 0.9.7 in a Container. Easy Container Management does not recognize Chromium is installed. Why? It recognizes when you install Firefox, but with Chromium, it is like the install of Chromium never took place. Strange.....


Overall, thanks for this latest edition and especially getting it out so early (was thinking you'd get it out next weekend, but you been uber busy & I was surprised checking murga today!).

Once the Chromium in a Container problem is licked, and maybe a few dialog boxes are added for a few other additional EasyOS programs (there are actually other programs that also have no dialog boxes after you open them & hit run, because once you run them, they disappear on the desktop (while still running) and you're left to guess what is going on)..once these are licked, EasyOS looks pretty darn good to me.
Easy-0.9.7.jpg
 Description   
 Filesize   113.61 KB
 Viewed   446 Time(s)

Easy-0.9.7.jpg

Chromium-cannot-be-put-in-Container.jpg
 Description   
 Filesize   153.52 KB
 Viewed   442 Time(s)

Chromium-cannot-be-put-in-Container.jpg

Back to top
View user's profile Send private message 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 8710
Location: Perth, Western Australia

PostPosted: Sun 14 Oct 2018, 20:23    Post subject:  

belham2 wrote:
Easy 0.9.7 installed via EasyDD onto USB stick.............................. (hey, I have to ask: did you know when one uses EasyDD from inside any running Easy OS version, that once you open EasyDD & choose the gz.file and pick the correct USB stick, and hit "Continue", that the EasyDD popup disappers with no dialog and/or install status box pops up, and you're left to wonder what is going on? g. No finish popup, no communication popup, nothing. Yet, EasyDD installs the .gz file IF you know enough to wait however long despite being in the dark what is going on. Perhaps a dialog box of what's going on and when EasyDD is finished would be nice Wink )


OK, I will look into that. It has been awhile since I used the GUI capability of easydd.

_________________
http://bkhome.org/news/
Back to top
View user's profile Send private message Visit poster's website 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 8710
Location: Perth, Western Australia

PostPosted: Sun 14 Oct 2018, 20:38    Post subject:  

belham2 wrote:
I then installed your Chromium.pet you compiled, along with your apulse.pet, and once again, it is impossible to set Chromium up in Easy 0.9.7 in a Container. Easy Container Management does not recognize Chromium is installed. Why? It recognizes when you install Firefox, but with Chromium, it is like the install of Chromium never took place. Strange.....


Do it within the "desk" container. That is, click on "desk" icon, then over in the containerized-desktop, run the PPM and install Chromium PET. Works great, no extra deps needed.

What you would have done, is install Chromium to the host system, then copy it into a container. It would seem that that process has left something behind.

Ah, I wonder... it may be that it is trying to run chromium in the container without the "--no-sandbox". In that case, there is a manual fix, edit /usr/sbin/ec-chroot-chromium, append onto this line:

Code:
urxvt -name eclaunch -iconic -e ec-chroot chromium --no-sandbox


...just thinking this through hypothetically, haven't tried it.

Um, but that doesn't explain why it is not in the menu. If you go to /mnt/wkg/containers/chromium/.session, you will be able to see if the files got installed.

I had better check this out!

I am planning in the future to offer direct install to a container, but held off on implementing, as still thinking about some details.

_________________
http://bkhome.org/news/
Back to top
View user's profile Send private message Visit poster's website 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 8710
Location: Perth, Western Australia

PostPosted: Sun 14 Oct 2018, 21:09    Post subject:  

belham2 wrote:

I un-installed the chromium from Easy 0.9.6 PPM, restarted, then installed your chromium.pet and the apulse. Every thing works good. Still cannot get Chromium to work in a Container (for some reason, 'Easy Container Management' won't recognize chromium is installed, so that one could make a container for it and run it in that.

It's no biggie, though, I am using rufwoof's trick he mentioned, and I run the "Container Desk", then download your apulse.pet & chromium.pet, install them, and chromium runs great (with sound) while inside the 'Container Desk'. Hopefully that'll afford some protection if I come across something bad while browsing, since it'll be operating inside the container-desk.


Right, getting the full picture now. Yes, "Filesystem --> Easy Container Management" has to be run to move an app into a container.

Checked for myself. Installed Chromium in host system, ran Easy Container Management, right, "chromium" isn't in the list.

So, the fix that I mentioned in previous post, won't apply.

_________________
http://bkhome.org/news/

Last edited by BarryK on Sun 14 Oct 2018, 21:12; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 8710
Location: Perth, Western Australia

PostPosted: Sun 14 Oct 2018, 21:11    Post subject:  

Note, 0.9.7 already has 'apulse'.
_________________
http://bkhome.org/news/
Back to top
View user's profile Send private message Visit poster's website 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 8710
Location: Perth, Western Australia

PostPosted: Mon 15 Oct 2018, 09:43    Post subject:  

Regarding Chromium, got it sorted, see blog post:

http://bkhome.org/news/201810/chromium-browser-pet-improved.html

@belham2
Uninstall the PET, and install the new one, then it should be ok to "containerize'.

_________________
http://bkhome.org/news/
Back to top
View user's profile Send private message Visit poster's website 
rufwoof

Joined: 24 Feb 2014
Posts: 2647

PostPosted: Mon 15 Oct 2018, 12:28    Post subject:  

BarryK wrote:
Regarding Chromium, got it sorted, see blog post:

http://bkhome.org/news/201810/chromium-browser-pet-improved.html

@belham2
Uninstall the PET, and install the new one, then it should be ok to "containerize'.

Conceptually wouldn't best-practice be to keep the main session as a not-used-for-internet (admin only) session i.e. can access HDD, moves files, admin the system/network etc. Boot, run through first-run-setup and then immediately make a snapshot of the desk container and use that desk container as your general daily session (browsing, playing video's etc.). In which case installing Chromium inside the desk container is the more appropriate choice anyway. i.e. start a 'clean' desk snapshot version, PPM (install) the chromium into that, close the desk container and create a new 'clean' snapshot (that also includes chromium). With data on HDD, booting (separate) system from USB and desk container having no access to the HDD (or main system), you're pretty immune from the likes of ransomware/other nasties that might come in over the net. And snapshots/rollbacks enable you to quickly/easily load up a clean desktop/browser (desk container) as often as you like.

_________________
( ͡° ͜ʖ ͡°) :wq
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1587

PostPosted: Mon 15 Oct 2018, 12:39    Post subject:  

BarryK wrote:
Regarding Chromium, got it sorted, see blog post:

http://bkhome.org/news/201810/chromium-browser-pet-improved.html

@belham2
Uninstall the PET, and install the new one, then it should be ok to "containerize'.



Thank you, Barry. Did as you said, and Chromium popped up inside "Easy Container Management" ready to be put into a Container---which I did. Runs great.

Only thing I changed is when the Container of Chromium was made, the icon that popped up on the desktop was the 16x16, with no purple-lock designating as a container item. Could barely see it, haha.

No problem, though, just grabbed a 48x48.png of
chromium, and then grabbed the ec-overlay48.png, opened them in Gimp, merged the layers, and voila, just like the rest of the desktop container items now.

With Seamonkey, Firefox and Chromium all in containers, plus the desktop and sakura, takes care of any/all website rendering and/or how I want to download something or if I want just one container of a browser reserved for special (i.e. fin'l things) items.

Thanks again!
chromium-now-in-container.jpg
 Description   
 Filesize   124.99 KB
 Viewed   259 Time(s)

chromium-now-in-container.jpg

Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 70 of 72 [1069 Posts]   Goto page: Previous 1, 2, 3, ..., 68, 69, 70, 71, 72 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Puppy Derivatives
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1188s ][ Queries: 13 (0.0436s) ][ GZIP on ]