Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 23 Sep 2017, 03:51
All times are UTC - 4
 Forum index » Advanced Topics » Puppy Projects
DebianDog64 - 64 bit DebianDog-Jessie
Moderators: Flash, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 30 of 35 [518 Posts]   Goto page: Previous 1, 2, 3, ..., 28, 29, 30, 31, 32, 33, 34, 35 Next
Author Message
dancytron

Joined: 18 Jul 2012
Posts: 884

PostPosted: Thu 06 Apr 2017, 23:42    Post subject:  

Messed with Stretch64 a little bit more.

Set up mesa, installed Chrome and gksu to run Chrome, added my little wrapper scripts, and did a quick remaster as lz4. Posting from Chrome now. All seems good.

Filesystem01.squashfs is 549 meg, but that is without getting rid of Palemoon and as lz4, so I guess that is to be expected.

Seems good to go.

Dan
Back to top
View user's profile Send private message 
fredx181


Joined: 11 Dec 2013
Posts: 2452
Location: holland

PostPosted: Fri 07 Apr 2017, 16:04    Post subject:  

Thanks Dan & rufwoof,

rufwoof wrote:
But kodi still doesn't want to play.


I had the same problem but installing the "libgl1-mesa-dri" package made it work for me (after restart X).
In fact a bit strange that it isn't a real dependency. (same goes for some 3D games)

Fred

_________________
Dog Linux website

Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2097

PostPosted: Fri 07 Apr 2017, 16:38    Post subject:  

fredx181 wrote:
rufwoof wrote:
But kodi still doesn't want to play.
I had the same problem but installing the "libgl1-mesa-dri" package made it work for me (after restart X).

Thanks Fred. Installed that, added the 05-kodi.sfs I created earlier to /live, porteus booted and kodi's working fine. Different interface to what I use elsewhere, no longer the back-slash key to window it, now the hash key.
s.jpg
 Description   
 Filesize   60.43 KB
 Viewed   906 Time(s)

s.jpg

Back to top
View user's profile Send private message 
dancytron

Joined: 18 Jul 2012
Posts: 884

PostPosted: Fri 07 Apr 2017, 23:02    Post subject:  

Found something I think.

When I use the copy2ram parameter, instead of mounting sda2 when I click on sda2, it mounts sda2//mnt/live/memory/images/changes-exit. However, it works correctly without the copy2ram parameter.

I remember something vaguely like this from before.

Here are the entries from my menu.1st.

Code:

title stretch64 copy2ram   (sda2) noauto from=/stretch64/ changes=EXIT:/stretch64/
root (hd0,1)
kernel (hd0,1)/stretch64/live/vmlinuz1 noauto copy2ram from=/stretch64/ changes=EXIT:/stretch64/
initrd (hd0,1)/stretch64/live/initrd1.xz

title stretch64   (sda2) noauto from=/stretch64/ changes=EXIT:/stretch64/
root (hd0,1)
kernel (hd0,1)/stretch64/live/vmlinuz1 noauto from=/stretch64/ changes=EXIT:/stretch64/
initrd (hd0,1)/stretch64/live/initrd1.xz


If I go manually to /mnt/sda2, then it is correct.
Back to top
View user's profile Send private message 
fredx181


Joined: 11 Dec 2013
Posts: 2452
Location: holland

PostPosted: Sun 09 Apr 2017, 04:41    Post subject:  

dancytron wrote:
When I use the copy2ram parameter, instead of mounting sda2 when I click on sda2, it mounts sda2//mnt/live/memory/images/changes-exit. However, it works correctly without the copy2ram parameter.

I remember something vaguely like this from before.


Yes, thanks, it's weird because this problem seems to appear only on 64 bit, I mean: on all 32 bit Jessie, Xenial, Stretch versions it's OK, AFAIK.
DD64-jessie and Xenialdog64 have the same problem.
Although I can't figure out why it's only on 64-bit, I've found a fix already (in linuxrc script inside initrd1.xz) but need to test more for possible other side-effects.

Fred

_________________
Dog Linux website

Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2097

PostPosted: Wed 12 Apr 2017, 22:31    Post subject: LXDE weather plugin  

I haven't tried it in DD64, however in Debian Jessie stable the panels Weather plugin doesn't work.

I have found a workaround however



(Tip, lxde panel can be restarted using lxpanelctl restart)
Back to top
View user's profile Send private message 
fredx181


Joined: 11 Dec 2013
Posts: 2452
Location: holland

PostPosted: Sat 15 Apr 2017, 19:07    Post subject:  

Hi dancytron,

Added info in the First Post for your Debian Dog Chrome Remaster, you did a great job on that and I feel a bit ashamed I didn't test your build earlier. My compliments for your secure way of running google-chrome from 'cat' and 'puppy' user
I'm more used to Firefox and my past experiences using google-chrome were that it's heavier than Firefox, but comparing nowadays with the latest Firefox it seems not to make any difference anymore, So I'm starting to like Chrome Smile

Fred

_________________
Dog Linux website

Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2097

PostPosted: Sun 16 Apr 2017, 17:05    Post subject: chvt  

Just found a neat tool. If you apt-get install kbd then as part of that chvt is installed. For systems that have ctrl-alt-fx (where fx is one of the F1 to F7 function keys) ... that switches between consoles/sessions, running the command chvt 1 (for Ctrl-Alt-F1), chvt 7 (for Ctrl-Alt-F7) works the same.

I have a restricted user login (that I allocated a userid of ff and group of ff, and where its home folder is at the top of the partition and all other folders exclude ff group access (I also assigned that to use rbash (restricted bash)). I use that for browsing (and kodi/skpe ...etc), just in case. I do have a script to launch programs in restricted shell mode, however that can be a problem for sound not being heard, switching over to the desktop/session is more complete. Pressing ctrl-alt-Fx each time to switch between users/sessions was inconvenient however, having a desktop icon and using chvt command to make the switch is a lot easier to use Smile

EDIT : Problem. The restricted shell is limited from running su or sudo and chvt needs to be run as sudo/su. The solution was to create a script to do the chvt command and then apt-get install shc and shc -f scriptname ... to convert it to a binary and then SUI that binary after chown root (chown scriptname root and then shc -f scriptname ... which produces a file with a .x suffice (executable), which if you chmod u+s filename.x sets the SUID i.e. runs as the owner (scripts with SUID wont work with the suid bit set, only binaries work).
Code:
root@debian:/usr/local/bin# cat CHVT-7
#!/bin/bash
chvt 7

root@debian:/usr/local/bin# ls -l CHVT*
-rwsr-xr-x 1 root ff      20 Apr 16 22:51 CHVT-7
-rws--x--x 1 root staff 9488 Apr 16 22:40 CHVT-7.x
-rw-r--r-- 1 root staff 9305 Apr 16 22:40 CHVT-7.x.c
root@debian:/usr/local/bin#

Now have a CHVT-7.x binary, owned by root with SUID set so when the user (ff in my case) runs it ... it runs as root and switches to the 7th console (main system desktop).

UPDATE : ... Ahh!. No it doesn't work. I was running as root when I tested it. When run as ff it "Couldn't find a file descriptor referring to the console"
Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2097

PostPosted: Mon 17 Apr 2017, 14:42    Post subject:  

@Fred. Security hat on ... and I can now see why the overlay folder has to be unmounted to be 'seen' ... otherwise a normal/restricted user would be able to see and copy files in that folder. Without sudo access they can't unmount it to see any system wide changes.

A similar applies to seeing the filesystem.squashfs. If it can be seen, it can be copied and that copy moved to another machine to get at its content, such as /etc/shadow.

As you know I frugally boot with everything in the 'save file' (partition) and forward-time will make a conscious effort to leave the main filesystem.squashs empty (so not much use as-is even if copied). That way the individual file/folders permissions hold.

I appreciate that DD is somewhat in limbo/dead, but the same/similar might also hold for XenialDog.
Back to top
View user's profile Send private message 
dancytron

Joined: 18 Jul 2012
Posts: 884

PostPosted: Mon 17 Apr 2017, 17:58    Post subject:  

fredx181 wrote:
Hi dancytron,

Added info in the First Post for your Debian Dog Chrome Remaster, you did a great job on that and I feel a bit ashamed I didn't test your build earlier. My compliments for your secure way of running google-chrome from 'cat' and 'puppy' user
I'm more used to Firefox and my past experiences using google-chrome were that it's heavier than Firefox, but comparing nowadays with the latest Firefox it seems not to make any difference anymore, So I'm starting to like Chrome Smile

Fred


Thanks.

Chrome has always seemed a little bit lighter to me. I always turn off the "run tasks in background" in the settings.

That and it runs Netflix.
Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2097

PostPosted: Tue 18 Apr 2017, 18:40    Post subject:  

I run root in console only, a user of 'user' for gui with raised permissions .. for general admin and the store for private docs and a user of 'ff' (allocated to its own unique group of ff) for general stuff (browsing ...etc.) that has restricted access ... no su i.e. /etc/pam.d/su has a entry
Code:
auth       required   pam_wheel.so deny group=ff
no sudo, is assigned restricted shell (rbash) instead of full shell (bash) ...etc.

I boot from sda1 (ext3), store home on sda2 (ext3) and have a hang-over ntfs partition (sda3).

As per the attached I've been changing permissions around and came across a useful ntfs mount command. When mounted with that permissions command/parameter it enables you to set file/folder permissions of ntfs based files/folders in a linux like manner. I also play movie files under the ff user and accept that account having access to the ntfs partitions MOVIES folder, but not to anything else on that partition.

I've done similar on sda2 where home is at the top level and within that are user and ff folders, but where user folder is set to be inaccessible by ff. All other folders are beneath MAIN are also set to be inaccessible to user/group ff ('others').

I've also changed the main sfs (filesystem.squashfs) to be read/write permissions only for root, so that user ff can see the file, but can't copy/access it (otherwise a hacker could copy that to their own system and extract the content).

So for general messing around/browsing I use that ff userid (I run LXDE so have a entry of autologin-user=ff in /etc/lightdm/lightdm.conf so by default the system boots into that userid), but Ctrl-Alt-F6 and login as 'user' also (that is almost like a gui root account) ... that can copy files to/from within ff's home folder to the user home folder if so desired (i.e securely stored should some hack manage to break out of the browser/programs that ff is running). I can then Ctrl-Alt-Fn switch between user and ff as required during a session.

Better (and working) security configuration potential along with multi-user is one of the primary benefits as I see it of the Dog's over the Pup's Smile
s.jpg
 Description   
 Filesize   80.21 KB
 Viewed   461 Time(s)

s.jpg

Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2097

PostPosted: Wed 19 Apr 2017, 21:15    Post subject: Security vulnerabilities fixed in Firefox ESR 45.9  

Security vulnerabilities fixed in Firefox ESR 45.9
If you manually update, Debian's just rolled out a updated Firefox-ESR that fixes a number of potentially exploitable crashes.

apt-get update
apt-get upgrade

Quote:
Description

Mozilla developers and community members Christian Holler, Jon Coppeard, Marcia Knous, David Baron, Mats Palmgren, Ronald Crane, Bob Clary, and Chris Peterson reported memory safety bugs present in Firefox 52, Firefox ESR 45.8, and Firefox ESR 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
Back to top
View user's profile Send private message 
dancytron

Joined: 18 Jul 2012
Posts: 884

PostPosted: Sun 23 Apr 2017, 17:15    Post subject:  

Not quite sure if this is a bug or a feature, but I noticed something when doing a quick remaster on my Stretch 64 remaster.

When it comes time to go and delete the extra files before it squashes them into the squashfs file, if I click on sda2 in the file manager, it takes me to /mnt/live/mnt/sda2 and the .../tmpa directory appears empty. But, if I go the long way via the filesystem to /mnt/sda2/stretch64/live/tmpa, then the files for the remaster are there as expected.

See screenshots attached.

Dan
debdog-20170423160320.jpg
 Description   
 Filesize   41.88 KB
 Viewed   347 Time(s)

debdog-20170423160320.jpg

debdog-20170423160247.jpg
 Description   
 Filesize   63.38 KB
 Viewed   345 Time(s)

debdog-20170423160247.jpg

Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2097

PostPosted: Tue 25 Apr 2017, 07:40    Post subject:  

Debian Jessie standard (command line only) LiveCD iso, installed filesystem.squashfs frugally. Updated, installed xorg, openbox and tint2 .... and booting in less than 15 seconds Smile (Operationally it's really quick).

Back to top
View user's profile Send private message 
fredx181


Joined: 11 Dec 2013
Posts: 2452
Location: holland

PostPosted: Tue 25 Apr 2017, 13:48    Post subject:  

dancytron wrote:
Not quite sure if this is a bug or a feature, but I noticed something when doing a quick remaster on my Stretch 64 remaster.

When it comes time to go and delete the extra files before it squashes them into the squashfs file, if I click on sda2 in the file manager, it takes me to /mnt/live/mnt/sda2 and the .../tmpa directory appears empty. But, if I go the long way via the filesystem to /mnt/sda2/stretch64/live/tmpa, then the files for the remaster are there as expected.

See screenshots attached.

Dan


Hi Dan, sorry for the delay, yes that might look strange but it can be explained.
The aufs branch mountpoint (used by quick-remaster) is not on /mnt/live/mnt/sda2/.. but on on /mnt/sda2/.., in my case on /mnt/sda6/...
Code:
root@stretch64:~# mount | grep tmpa
none on /mnt/sda6/dd64stretch/live/remaster/tmpa type aufs (rw,relatime,si=7e1aee1c95b5f8e5)
root@stretch64:~#


It's the result of the earlier found porteus-boot "double mountpoints" bug
I made change in initrd1.xz that should also fix the problem you found here
http://murga-linux.com/puppy/viewtopic.php?p=950604#950604
and hopefully the double mountpoints problem in general, new initrd1.xz:
https://github.com/fredx181/StretchDog/raw/gh-pages/amd64/Packages/Fixes/initrd1.xz

@ rufwoof, looks nice your openbox setup!

EDIT: dancytron, I noticed in your chrome-remaster that /etc/fstab is not empty.
It was mistake from the beginning from me, fstab should be empty otherwise there may be problems when someone makes a full install

Fred

_________________
Dog Linux website

Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 30 of 35 [518 Posts]   Goto page: Previous 1, 2, 3, ..., 28, 29, 30, 31, 32, 33, 34, 35 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Puppy Projects
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0938s ][ Queries: 14 (0.0358s) ][ GZIP on ]