Hi,
For those cannot get powerapplet_tray working, I referenced it in xbatalarm.
Among other changes, I applied new icons and forced the right one to appear in the tray.
Changed the default alarm level to 10%.
Tested in Puli, probably works for other puppies, too.
As powerapplet_tray is a built-in feature in Puli, it is excluded from the attached pet package.
The full version is uploaded with my other post, see http://murga-linux.com/puppy/viewtopic. ... 2&start=12
Have fun!
Regards,
gjuhasz
Edit on Jan 28: xbat-p.pet uploaded again after some bugfix
Puli 32/64 bit
powerapplet_tray megred with xbatalarm
- Attachments
-
- xbat-p.pet
- MD5sum: 9da6003131a28e269dbd5d969c68204e
- (2.77 KiB) Downloaded 232 times
Last edited by gjuhasz on Thu 28 Jan 2016, 13:23, edited 4 times in total.
Vulnerability in the OpenSSH
Hi,
A new vulnerability in the OpenSSH client was detected yesterday. It affects all versions of the program, from 5.4 to 7.1. The detected bug (CVE-2016-0777) allows an attack leading to a leakage of the private key.
While patches and updates are being rolled out for affected distributions, the feature causing this security issue can be disabled manually in order to resolve the issue. This can be done by adding a line to your SSH configuration. Edit your /etc/ssh/ssh_config file as follows:
Note that servers could be also potentially affected in case key-based auth is used to connect to other servers by SSH. See https://access.redhat.com/articles/2123781
This patch / the fixed OpenSSH package will be included in the next Puli expected in Feb 2016.
Have fun!
Regards,
gjuhasz
A new vulnerability in the OpenSSH client was detected yesterday. It affects all versions of the program, from 5.4 to 7.1. The detected bug (CVE-2016-0777) allows an attack leading to a leakage of the private key.
While patches and updates are being rolled out for affected distributions, the feature causing this security issue can be disabled manually in order to resolve the issue. This can be done by adding a line to your SSH configuration. Edit your /etc/ssh/ssh_config file as follows:
- 1. Find the line that contains Host * (in the default ssh.config, this is Line 19)
2. Just after this line, create a new one with the following content:
Code: Select all
UseRoaming no - 3. Save this file.
4. Create a new folder on your boot pendrive as /patch/etc/ssh
5. Copy your updated /etc/ssh/ssh_config file to the new folder on the pendrive.
6. Unmount the pendrive.
Note that servers could be also potentially affected in case key-based auth is used to connect to other servers by SSH. See https://access.redhat.com/articles/2123781
This patch / the fixed OpenSSH package will be included in the next Puli expected in Feb 2016.
Have fun!
Regards,
gjuhasz
Re: Vulnerability in the OpenSSH
My ssh_config file looks like this:gjuhasz wrote: Find the line that contains Host * (in the default ssh.config, this is Line 19)
Code: Select all
ForwardAgent yes
ForwardX11 yes
There is also an sshd_config file in the same directory. Am i exposed to this bug? Why don't I have a line 19?
- I am not using Puli I'm on a Slacko 5.6 derivative but thought you might have some insight to offer.
cheers!
OpenSSH
As it is written in the bug description, this vulnerability is related to a non-public feature of the OpenSSH client. 
So, there there should be some lines as a mitigation in the ssh.config file regardless of the other content. (I mentioned Line 19 because I referenced the default ssh.config file of Puli 6.0.4.)
Analysis of the fix is available at http://www.openwall.com/lists/oss-security/2016/01/14/7 ... nice, isn't it?
More details could be answered by only those had been interested in putting this "feature" into OpenSSH... Be sure, I was not among the requestors. Maybe Mr. E.S. knows some of them.
Have fun!
Regards,
gjuhasz
So, there there should be some lines
Code: Select all
Host *
UseRoaming noAnalysis of the fix is available at http://www.openwall.com/lists/oss-security/2016/01/14/7 ... nice, isn't it?
More details could be answered by only those had been interested in putting this "feature" into OpenSSH... Be sure, I was not among the requestors. Maybe Mr. E.S. knows some of them.
Have fun!
Regards,
gjuhasz
Puli defends Linux Kernel Vulnerability (CVE-2016-0728)
Dear Puli users,
Just FYI...
the newly discovered Linux kernel vulnerability (CVE-2016-0728) is unable to impact (any version of) Puli operated either in the Crazy or the Lazy security profiles.
Have fun!
Regards,
gjuhasz
Just FYI...
the newly discovered Linux kernel vulnerability (CVE-2016-0728) is unable to impact (any version of) Puli operated either in the Crazy or the Lazy security profiles.
Have fun!
Regards,
gjuhasz
Re: powerapplet_tray merged with xbatalarm
Hi,gjuhasz wrote:For those cannot get powerapplet_tray working, I referenced it in xbatalarm.
The full version is uploaded with my other post, see http://murga-linux.com/puppy/viewtopic. ... 2&start=12
There are updates for xbatalarm available (bugfixes, new features). See the referenced forum thread for details. Package updated at http://murga-linux.com/puppy/viewtopic. ... &start=154, too
Have fun!
Regards,
gjuhasz
Netsurf 3.4
I compiled netsurf 3.4
Download link:
http://smokey01.com/gjuhasz/packages/netsurf-3.4.pet
Runs fine in Puli. Probably works with most of 32-bit puplets, too.
Have fun!
Regards,
gjuhasz
Download link:
http://smokey01.com/gjuhasz/packages/netsurf-3.4.pet
Runs fine in Puli. Probably works with most of 32-bit puplets, too.
Have fun!
Regards,
gjuhasz
- Attachments
-
- Netsurf--3.4.jpg
- (78.93 KiB) Downloaded 361 times
PROBLEM
1. Used a 2nd Puppy to copy the Netsurf pet file into the Puli Packages folder, and added a "netsurf" entry in the .../profiles/Common/smartload file.
Then rebooted to Puli.
2. During the loadup...
I could see that netsurf was being loaded ok.
But then...
3. A warning was given in red that additional packages were failing to load.
4. Once into Puli there was no sign of Netsurf being available.
1. Used a 2nd Puppy to copy the Netsurf pet file into the Puli Packages folder, and added a "netsurf" entry in the .../profiles/Common/smartload file.
Then rebooted to Puli.
2. During the loadup...
I could see that netsurf was being loaded ok.
But then...
3. A warning was given in red that additional packages were failing to load.
4. Once into Puli there was no sign of Netsurf being available.
Netsurf
Dear Sylvander,Sylvander wrote:PROBLEM
1. Used a 2nd Puppy to copy the Netsurf pet file into the Puli Packages folder, and added a "netsurf" entry in the .../profiles/Common/smartload file.
Then rebooted to Puli.
2. During the loadup...
I could see that netsurf was being loaded ok.
But then...
3. A warning was given in red that additional packages were failing to load.
4. Once into Puli there was no sign of Netsurf being available.
If you "conventionally" install my netsurf-3.4.pet (by clicking the filename), it works.
However, you are right, smartloading the same netsurf-3.4.pet file fails.
So, I created another pet file in a different way then uploaded it to my storage.
http://smokey01.com/gjuhasz/packages/netsurf-3.4.pet
This version is OK for smartload, too. Tested in Puli.
Thanks for the notification and sorry for the inconvenience.
Have fun!
Regards,
gjuhasz
-
roadster3043
- Posts: 7
- Joined: Wed 19 Oct 2005, 11:12
Puli Smartload
Hi.
I've been testing Puli 6.0.4, but can't seem to load anything that I've placed in the smartload file and the packages directory.
Sometimes at boot it says omit even though I pressed a key to load it.
What could I be doing wrong?
Thanks.
I've been testing Puli 6.0.4, but can't seem to load anything that I've placed in the smartload file and the packages directory.
Sometimes at boot it says omit even though I pressed a key to load it.
What could I be doing wrong?
Thanks.
--
Take care.
Juan
Take care.
Juan
Re: Puli Smartload
Dear roadster3043,roadster3043 wrote:Hi.
I've been testing Puli 6.0.4, but can't seem to load anything that I've placed in the smartload file and the packages directory.
Sometimes at boot it says omit even though I pressed a key to load it.
What could I be doing wrong?
Thanks.
Please check whether you hit the key in time and this key correctly identifies the package(s) you want to smartload.
- 1. Proper timing - To select a package set to be smartloaded, you need to hit a key within a specific timeslot in the boot process. It begins as soon as the purple "copying to ram" text appears and ends 5 seconds after Puli asks you for the selection.
2. Unique reference - For example, if you hit key "a", it is expected to have a smartload file named "smartloada" in the /profiles/Common folder of your boot pendrive. If you hit "x" while you don't have "smartloadx" there or if you hit the spacebar, then nothing will be smartloaded. If you don't hit any key or if you hit Enter, Puli seeks the default "smartload" file there.
In the case you use a laptop without a separate numeric keypad, some character keys can be interpreted as numbers at boot time. Also, if you have non-US keyboard, some keys are placed differently. (The default numlock and language settings can be controlled by the syslinux.cfg and the puli.cfg files).
The selected smartload file should list the requested packages, referencing them by the first few characters of their filename. Of course, if this type of reference is ambivalent, i.e., points to multiple packages, then only one of them will be smartloaded.
3. Existing packages - The packages, with file extensions .pet and/or .sfs and/or one (chrome) .deb, should be placed in the /packages folder of the boot pendrive. For smartload, I recommend to use the packages tested in Puli.
Note that none of the smartloaded packages appear among the installed ones in the Puppy Package Manager.
FYI: You may include references to all your favorite packages in all your smartload files (for example, I do this) but in this case those need to be skipped in a particular smartload file should begin with "-" minus sign.
Regards,
gjuhasz
Ransomware vs Puli
Dear Sylvander,Sylvander wrote:Just wondering...
Would Puli counteract Ransomware?
Or does Ransomware only act against servers?
Ransomware can encrypt your files even in Linux environment. It can be activated if you open an attachment of an email. However, Puli can block ransomware if you are careful enough and avoid common traps:
- First of all, do not use the Puli pendrive for other purposes, e.g., do not plug it into an infected machine - don't use it as temporary storage of Windows files.
Second, after you booted Puli, unplug the pendrive as soon as Puli recommends this (i.e., before the network connection is established). It is an advantage if you boot Puli from a USB device with write protection switch - a simple SD card is good for this purpose.
Third, use the safest (Lazy) security profile of Puli. While you are browsing using Chrome in the Lazy mode, the /bin folder is hidden thus the malicious code, such as ransomware, gets no resources to auto-install then infect. Note that this defense is active only while you are browsing in Lazy mode - so using a web based mail service is strongly recommended.
(Actually, the above is true for Chrome browser only. I write this post in the next Puli version that allows Lazy mode also for Slimjet and Iron - I am thinking on Firefox yet.)
Regards,
gjuhasz
Hello gjuhasz,
Thanks for your reply.
I...
Never use my Puli pendrive for other purposes.
Never knowingly plug it into any computer unless I believe that computer to be uninfected.
Never store Windows files on it.
Always remove the Puli pendrive when prompted.
So far I've not installed Puli to an SD memory card.
Just now switched my Puli to loading "force_lazy" in "/mnt/sdb1/profiles/Common/smartload".
I never fetch email in Puli.
When fetching my POP3 email in other Puppies, I first view the emails using "SaveMyModem" [smm], and delete any that I suspect may not be genuine/safe, and I seldom if ever open attachments.
So far I only use the natively included Chrome web-browser.
Thanks for your reply.
I...
Never use my Puli pendrive for other purposes.
Never knowingly plug it into any computer unless I believe that computer to be uninfected.
Never store Windows files on it.
Always remove the Puli pendrive when prompted.
So far I've not installed Puli to an SD memory card.
Just now switched my Puli to loading "force_lazy" in "/mnt/sdb1/profiles/Common/smartload".
I never fetch email in Puli.
When fetching my POP3 email in other Puppies, I first view the emails using "SaveMyModem" [smm], and delete any that I suspect may not be genuine/safe, and I seldom if ever open attachments.
So far I only use the natively included Chrome web-browser.
Suspicious links
I just received an email that looked like a training proposal from a famous company. Then I moved the cursor over a link and recognized that each of the six links point to the same URL.Sylvander wrote:... and delete any that I suspect may not be genuine/safe, and I seldom if ever open attachments.
See the attached screenshot.
Have fun!
Regards,
gjuhasz
- Attachments
-
- Malicious_email.jpg
- This is a screenshot only - never click such links in emails...
- (75.01 KiB) Downloaded 777 times
Fool Puli 6.0.4 into "booting" from internal SD card reader
So I need to move my laptop around a lot and it seems wise to boot off the internal SD card reader before I trash the USB ports or worse. Unfortunately, the BIOS does not allow booting from the internal card reader. In researching this I have seen several reports of success with this issue & puppy, for example: http://murga-linux.com/puppy/viewtopic. ... 19&t=68104 & http://murga-linux.com/puppy/viewtopic.php?t=77417.
Specifically for puli & this laptop, I am attempting to boot vmlinux & initrd.gz off the internal HD and then have it switch root and grab zdrv & puli sfs's off the SD card. This is similar in concept to using a boot floppy to boot to UBS or CD when the BIOS can't handle it. Puli has no problem using SD cards in the reader after booting is complete so I know all the modules needed are there, Turns out that all modules needed are built-in to the kernel except tifm_7xx1 so that means this approach cannot work without modifying initrd.gz. to provide the missing module. However I am going batty trying to get initrd.gz right. I get kernel panics due to sync failure because the module is not really loaded and the sfs's are not really read.
I use pfix=rdsh to drop into the shell and run commands manually to try and figure out where i am going wrong. probepart_init shows the SD card is not loaded and an ls of /lib/ shows the modules folder and subfolders are all missing even though initrd.gz can be shown to have them. So it seems like there is a problem with file system layering. More evidence pointing to this is when I use a usb drive for the sfs's (and HD for the kernel/root fs) puli boots but is crippled in that certain hardware like the touchpad do not work and /lib is missing folders and files related to kernel modules.
So I may have two separate problems: the separation of critical files on 2 devices and the mechanics of properly adding/modifying all required elements in initrd.gz. Does anyone have a solution to this issue? Can anyone point to a step by step example for moving one module into the initrd.gz that is relevant to puli's design?
(By the way I have made minor modifications to init that are specific to this laptop and puli's kernel and I have increased the sleep time for mmcblk device discovery as recommended by BK)
Edit-7/23/16: SUCCESS. For anyone researching a similar problem, I would like to report that I was able to boot puli 6.0.4 from the pci connected SD drive on this particular laptop. I am using it now to write this. After much troubleshooting, I found that (my) syntax errors were the source of all my woes (kernel panics). Along the way I also found that playing around with sleep commands (as recommended elsewhere) was unnecessary at least for this particular laptop. HOW TO:
1. place vmlinux & initrd.gz on the root directory of the hard drive.
2. place all other puli specific files on the SD card.
3. I use grub4dos as the boot loader. Use menu.lst to pass the location of the following files to the kernel like so: pupsfs=mmcblk0p1:/puppy_puli_6.0.4.sfs pdev=mmcblk0 zdrv=mmcblk0p1:/zdrv_puli_6.0.4.sfs
4. You will need to modify init within initrd.gz. Insert the following at line 193: insmod /lib/modules/TI/tifm_7xx1.ko #160605; tirdoldog (AJS) force loading for mmc discovery.
5. Copy tifm_7xx1.ko into the newly created TI directory located as indicated in initrd.gz.
That’s it. I have been testing/using for the last 6 weeks with no observed problems. IMPORTANT NOTE. Unless you have an HP compaq laptop made circa 2004-2006 with a TI internal card reader, this how to will likely not work for you. However, you can use it as a template to modify for your particular hardware. Hope you find this useful.
Specifically for puli & this laptop, I am attempting to boot vmlinux & initrd.gz off the internal HD and then have it switch root and grab zdrv & puli sfs's off the SD card. This is similar in concept to using a boot floppy to boot to UBS or CD when the BIOS can't handle it. Puli has no problem using SD cards in the reader after booting is complete so I know all the modules needed are there, Turns out that all modules needed are built-in to the kernel except tifm_7xx1 so that means this approach cannot work without modifying initrd.gz. to provide the missing module. However I am going batty trying to get initrd.gz right. I get kernel panics due to sync failure because the module is not really loaded and the sfs's are not really read.
I use pfix=rdsh to drop into the shell and run commands manually to try and figure out where i am going wrong. probepart_init shows the SD card is not loaded and an ls of /lib/ shows the modules folder and subfolders are all missing even though initrd.gz can be shown to have them. So it seems like there is a problem with file system layering. More evidence pointing to this is when I use a usb drive for the sfs's (and HD for the kernel/root fs) puli boots but is crippled in that certain hardware like the touchpad do not work and /lib is missing folders and files related to kernel modules.
So I may have two separate problems: the separation of critical files on 2 devices and the mechanics of properly adding/modifying all required elements in initrd.gz. Does anyone have a solution to this issue? Can anyone point to a step by step example for moving one module into the initrd.gz that is relevant to puli's design?
(By the way I have made minor modifications to init that are specific to this laptop and puli's kernel and I have increased the sleep time for mmcblk device discovery as recommended by BK)
Edit-7/23/16: SUCCESS. For anyone researching a similar problem, I would like to report that I was able to boot puli 6.0.4 from the pci connected SD drive on this particular laptop. I am using it now to write this. After much troubleshooting, I found that (my) syntax errors were the source of all my woes (kernel panics). Along the way I also found that playing around with sleep commands (as recommended elsewhere) was unnecessary at least for this particular laptop. HOW TO:
1. place vmlinux & initrd.gz on the root directory of the hard drive.
2. place all other puli specific files on the SD card.
3. I use grub4dos as the boot loader. Use menu.lst to pass the location of the following files to the kernel like so: pupsfs=mmcblk0p1:/puppy_puli_6.0.4.sfs pdev=mmcblk0 zdrv=mmcblk0p1:/zdrv_puli_6.0.4.sfs
4. You will need to modify init within initrd.gz. Insert the following at line 193: insmod /lib/modules/TI/tifm_7xx1.ko #160605; tirdoldog (AJS) force loading for mmc discovery.
5. Copy tifm_7xx1.ko into the newly created TI directory located as indicated in initrd.gz.
That’s it. I have been testing/using for the last 6 weeks with no observed problems. IMPORTANT NOTE. Unless you have an HP compaq laptop made circa 2004-2006 with a TI internal card reader, this how to will likely not work for you. However, you can use it as a template to modify for your particular hardware. Hope you find this useful.
Last edited by tirdoldog on Sat 23 Jul 2016, 09:06, edited 1 time in total.
Re: Fool Puli 6.0.4 into "booting" from internal SD card reader
Dear tirdoldog,
I somehow missed your post, sorry for the late reply.
I will implement something to support this in the next version.
Until it is announced (soon), try to unplug the pendrive just after the boot process, then use the SD card as a storage. This way, neither the pendrive nor the USB slot are in danger while moving the laptop around.
Have fun!
Regards,
gjuhasz
I somehow missed your post, sorry for the late reply.
If I understand well, you prefer the SD card because it is swallowed into its slot within the laptop case. A nice idea to prevent physical damages..tirdoldog wrote:So I need to move my laptop around a lot and it seems wise to boot off the internal SD card reader before I trash the USB ports or worse.
I will implement something to support this in the next version.
Until it is announced (soon), try to unplug the pendrive just after the boot process, then use the SD card as a storage. This way, neither the pendrive nor the USB slot are in danger while moving the laptop around.
Have fun!
Regards,
gjuhasz
-
Pelo
Puli ? why not ?
Puli ? why not ? i will download it to-day. It could change a little from standard puppies.
However when a Puppy protects you, often it is by putting you in jail. Jail is the safest place, you are protected by the sheriff.
Bad Mind, wait and see, i download it.
299MB.. Hungarian Puppy ? oh, that is a quality label
I know that i will get support not only here, but in Facebook too and in the specific hungarian puppy forum.
Nota Bene : i read none of the fifteen english pages, we shall see.
However when a Puppy protects you, often it is by putting you in jail. Jail is the safest place, you are protected by the sheriff.
Bad Mind, wait and see, i download it.
299MB.. Hungarian Puppy ? oh, that is a quality label
I know that i will get support not only here, but in Facebook too and in the specific hungarian puppy forum.Nota Bene : i read none of the fifteen english pages, we shall see.
- Attachments
-
- puli.jpg
- If headhaches, i abandone
- (68.62 KiB) Downloaded 483 times