Woof CE Debian Stretch and Devuan Ascii Based Development

A home for all kinds of Puppy related projects
Message
Author
foxpup
Posts: 1132
Joined: Fri 29 Jul 2016, 21:08

64 bit

#706 Post by foxpup »

I am missing a 64 bit dpup Stretch. Am I overlooking one?
If there is none, is it possible to build one in woofCE?
Or is woofCE not ready for 64bit dpup Stretch?

belham2
Posts: 1715
Joined: Mon 15 Aug 2016, 22:47

Re: 64 bit

#707 Post by belham2 »

foxpup wrote:I am missing a 64 bit dpup Stretch. Am I overlooking one?
If there is none, is it possible to build one in woofCE?
Or is woofCE not ready for 64bit dpup Stretch?

Hi foxpup,

Well, I think many of us have been waiting for one. Any chance you wanna give it a go and build us a stable, 64-bit Dpup-Stretch? As things stand, only 32-bit exists, and we've really only three people keeping the dpup-stretch brand alive (listed in no particular order):

--musher and the gang on the French side
--radky's recent release (best 32-bit release, imho)
--oscartalks (who's done a different kernel he compiled)


It seems until "ELVIS" re-enters the building (translation: Mr. Ttuuxxx) things with Dpup-Stretch are pretty much at a standstill except for the three mentioned above.

But, hey, like I said, we'd all welcome a 64-bit if you can compile a kernel and all, plus compile the other stuff, and put it together & it was usable and stable :shock: ....then quite a few of us would be singing the praises of one mighty, great Mr. Foxpup! :wink:

foxpup
Posts: 1132
Joined: Fri 29 Jul 2016, 21:08

very steep learning curve for me !!

#708 Post by foxpup »

Thanks belham2 for confirming what I suspected. It is not a disaster though: 32bit runs on all machines.
Any chance you wanna give it a go and build us a stable, 64-bit Dpup-Stretch?
That would be a very steep learning curve for me! I've never used woofCE, 've never compiled a kernel, etc...
I guess it is not a 'simple translation' from 32bit to 64bit?

I just use puppies. I've used the dpups-stretch from musher0, OscarTalks and ttuuxxx. I will try radky's.
For a 64bit debian stretch I tried the new Knoppix, which is nice, but I like a Puppy better.

It's too bad Puppy does not come to a final release of a spup or a dpup or whatever, although there are many good RC's. That may become a disaster for Puppy in the long run, imho.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

Re: very steep learning curve for me !!

#709 Post by rufwoof »

foxpup wrote:It's too bad Puppy does not come to a final release of a spup or a dpup or whatever, although there are many good RC's. That may become a disaster for Puppy in the long run, imho.
Puppy is lacking in its ability to not run as root well which will be its downfall IMO. The dogs are better in that respect as they support multi-user. Whilst most pup's support running programs as user puppy, often that doesn't work well such as if the browser is upgraded. Its saving grace has been low usage, but sooner or later a ransomware hack will be extended to include it and will leave it wide open to all local drives and PC's being more vulnerable than other *nix systems that run as user.

User avatar
Billtoo
Posts: 3720
Joined: Tue 07 Apr 2009, 13:47
Location: Ontario Canada

Woof CE Debian Stretch and Devuan Ascii Based Development

#710 Post by Billtoo »

I installed Radky's new release (woof-CE thread) to a 16gb SDHC card for use on my Acer desktop:

# inxi -bw
System: Host: puppypc10527 Kernel: 4.1.45 i686 (32 bit) Desktop: JWM 2.3.7 Distro: Dpup Stretch 7.0.0a2
Machine: Device: desktop Mobo: Acer model: Aspire X3950 serial: U02C120500059
BIOS: American Megatrends v: P01-A3 date: 05/05/2010
CPU: Dual core Intel Core i3 540 (-HT-MCP-) speed/max: 1200/3067 MHz
Graphics: Card: Intel Core Processor Integrated Graphics Controller
Display Server: X.org 1.19.2 drivers: modesetting (unloaded: fbdev,vesa)
tty size: 136x24 Advanced Data: N/A for root
Network: Card: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller driver: r8169
Drives: HDD Total Size: 516.1GB (0.1% used)
Weather: Conditions: 37 F (3 C) - Overcast Time: November 4, 11:49 AM EDT
Info: Processes: 126 Uptime: 6 min Memory: 112.5/5997.3MB Client: Shell (bash) inxi: 2.3.8
#

I added some appications with PPM.

No problems, working great!
Thanks.
Attachments
screenshot2.jpg
(42.88 KiB) Downloaded 900 times
screenshot.jpg
(13.79 KiB) Downloaded 925 times

musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

Re: very steep learning curve for me !!

#711 Post by musher0 »

rufwoof wrote:
foxpup wrote: It's too bad Puppy does not come to a final release of a spup or a dpup or whatever,
although there are many good RC's. That may become a disaster for Puppy in the long
run, imho.
Puppy is lacking in its ability to not run as root well which will be its downfall IMO.
The dogs are better in that respect as they support multi-user. Whilst most pup's
support running programs as user puppy, often that doesn't work well such as if the
browser is upgraded. Its saving grace has been low usage, but sooner or later a
ransomware hack will be extended to include it and will leave it wide open to all local
drives and PC's being more vulnerable than other *nix systems that run as user.
Hello rufwoof.

You should have added an "imho" to your reply, like foxpup did for his. You are
parroting a popular misconception.

If you think you are safe because you are running as user "fido" or "spot", you should
also know that there are ways to attack a computer that do not involve user status.

As we have to keep repeating to people, Puppy is safe because it is invisible on the
web. As I understand it, we have to thank BarryK for having thought of line 161 in the
xwin script: this line opens tcp "inwards" (the --nolisten parameter), so Puppy does
not reveal its presence directly to the world. Puppy opens the tcp connection and then
moves itself out of the way, and lets freebee or similar utility establish the connection.

Therefore, Puppy is very safe: nobody on the web knows it's there. Tell me: where
does "kiddo" hit the Puppy if (s)he can't see the Puppy? This is far superior security,
IMO, compared to running as user "buddy" or "spot" or "fido": invisibility.

Please do the tests that forum member lobster provides in his GROWL package
before relaying misinformation about Puppy's perceived -- I repeat: "perceived" --
vulnerability. TIA.

BFN.
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

Re: very steep learning curve for me !!

#712 Post by rufwoof »

musher0 wrote:As we have to keep repeating to people, Puppy is safe because it is invisible on the web...Therefore, Puppy is very safe: nobody on the web knows it's there. Tell me: where does "kiddo" hit the Puppy if (s)he can't see the Puppy? This is far superior security,
IMO, compared to running as user "buddy" or "spot" or "fido": invisibility.
Every web page you visit pulls in content from all over the place. A web page could for instance include a 1x1 pixel transparent image installed by a hacker that will connect to retrieve that image from the hackers web site and thus broadcast your 'hidden' system. If as is sometimes the case a execute arbitrary code bug exists in a browser then potentially something might be installed/run within memory. If that code is a 'pull and execute' to the hackers web site then under puppy that is running as root and could mount partitions, format or change disks ... etc. In contrast as user there's the additional barrier of having to privilege elevate before mounting partitions/re-writing partition tables ...etc can be performed. In a secure standard *nix setup privilege elevation (user getting root authority) is difficult enough even when local to the system. Much of *nix file/folder permissions are specifically set to prevent just that.

Security is a process, not a package. You can run in a more secure manner by following good practices such as having important content partitions/disks only mounted to access that content before unmounting again. That way a breach will more likely not be able to mount, view or change the content/layout. Some programs such as vlc, chrome ...etc. specifically attempt to install good-practice i.e. prevent them from being run as root, that has valid reasons ... not just to be difficult.

In my main system I try to restrict only installing things from reliable providers and run securely i.e. I was running pure Debian main repositories only. Even that however had over 1000 vulnerabilities when I scanned my installation (admittedly many of those were elements of duplication such that there were only around 70 serious cases). More recently I've switched over to OpenBSD where security is the #1 consideration that even eliminates the xorg type known vulnerabilities. I run fvwm that is part of the core X system supplied with that i.e. I haven't even installed my preferred jwm window manager, and as user (that is tightly restrained), and only use root to do things like mounting drives from cli level, otherwise everything is run as user. I had tried FreeBSD but OpenBSD comes pre-configured (firewall, default settings etc.) whilst FreeBSD comes pretty much totally unconfigured so far greater risk of incorrectly configuring to leave security risks open.

Things have moved on from the days of ...

http://barryk.org/puppylinux/technical/root.htm
Remote access as root

What are you afraid of? Someone getting at your personal files and data, especially such things as identification and login/password data. Much of this is on your computer, and if you run a distro in which you login as a non-root user, are in files owned by your non-root account, meaning they are accessable equally by someone breaking in as non-root user or as root.

However, there are two scenarios in which running as root has a security risk, only one of which applies to Puppy.

Firstly, if you login non-root, you could bump up to root-level to perform certain operations such as keep a file of usernames and passwords. There are some applications also that use secret files owned by root, that non-root users are not supposed to read. Thus, anyone gaining access as root, can read all of those files.

A note on the side about the above paragraph: major distros such as Ubuntu allow the first user account to bump up to root just by prefixing commands with "sudo" or "su", without requiring root password, which makes the whole protection mechanism a joke. Considering that most Ubuntu users are using this first login account as their regular login.

Secondly, in a multi-user environment, the enemy may be another user. You would never have users logging in as root in that scenario. But, I repeat, Puppy is not multi-user.

Note, Puppy allows multiple session save-files, which are usually managed by one user for different usage profiles. However, this can also cater for different users, even with optional password protection on a save-file, however this is only intended to be used in a "friendly" local environment. It is a very light-weight alternative to a multi-user system.

Puppy supposes a "friendly" local environment, and the main threat is from someone gaining access to your computer via the network ports while you are online.
Which is highly unlikely in Puppy, due to the firewall, minimal daemons (with network capability disabled). But, the concern is still there...
Nowadays being able to read/view as root also means perhaps replacing partition tables or encrypting files i.e. ransomware, where even a brief breach for milliseconds can have considerable negative effect on both the local system and other systems on the same LAN. Doesn't even have to be installed to traverse reboots, just gain access for a very short period of time. Key is predominately running as a restricted user - barrier to performing root type command/getting root access and not enabling root command level access easily (not permitting passwordless sudo for instance).

User avatar
perdido
Posts: 1528
Joined: Mon 09 Dec 2013, 16:29
Location: ¿Altair IV , Just north of Eeyore Junction.?

Re: very steep learning curve for me !!

#713 Post by perdido »

rufwoof wrote: Every web page you visit < big snip> sudo for instance).
I fail to see the relevance of your post to the topic of this thread.

Since you feel so strongly about security maybe you could write a "how to lock down puppy" and post it to security section?

.



.

foxpup
Posts: 1132
Joined: Fri 29 Jul 2016, 21:08

FYI

#714 Post by foxpup »

I tried out radky's dPupStretch this weekend, as promised. Very nice it is!
I just discovered now he released a new one this weekend. But it is on the other thread, 'woofCE needs you'. LOL
So I will have another go ;-)

hamoudoudou

what about Osmo version ???

#715 Post by hamoudoudou »

what about Osmo version ???
Newbies for Puduan and Stretch will be surprised that Crew has gone away..after having made Puppies before Debian did final release..
Assistance should be LTS here. But DOGS !
Woof-ce Puppies are more Puplets than public releases.sure you can join to help development but be aware they are private released. Not official ones .
Support will depend on who is the builder.
"This Thread is for developers and testers of Woof Ce Debian based puppy Linux Versions."
Osmo 2.17 Gtk3 for Puduan (april 2017) Wonderful version !

User avatar
OscarTalks
Posts: 2196
Joined: Mon 06 Feb 2012, 00:58
Location: London, England

#716 Post by OscarTalks »

My remaster has Osmo 0.2.14 which I compiled, but configured without the address book feature because this requires libwebkitgtk which is very big. There is also the GFA simple address book and another address book within Sylpheed 3.6.0 which is compiled with plugins included.

Firefox ESR is now upgraded to version 52.5.0 and this is the Debian build (not the Mozilla build) so should be ideal for Dpup Stretch and does not require pulse or apulse.
Oscar in England
Image

hamoudoudou

Improvements are about colors in the calender..

#717 Post by hamoudoudou »

oscar talks, i don't need last version of anything.. Osmo and Firefox are perfect since years. Only last versions make problems.
Some absolutely needs last versions , on shelf.. old osmo will do what you need, don't care.. Improvements are about colors in the calender..
But For Puduan (Salor enceladus) PPM provides OSMO 2.1.4 .
people wo needs pretty colors in osmo calendar, Just use Puduan. That was my message..
The great improvment Osmo should do is to link tasks to contacts.. Colors . i don'tmind.. So Big libs for so minor changes...

User avatar
perdido
Posts: 1528
Joined: Mon 09 Dec 2013, 16:29
Location: ¿Altair IV , Just north of Eeyore Junction.?

Re: Stretch Pup 7.0.0.2a

#718 Post by perdido »

davids45 wrote:G'day,

Using makepup-0.12, I made a StretchPup (7002a) and included some pets to fix the application problems I had found earlier in Stretches during the build.

Printing = "filter failed" :oops: : I had added the older ghostscript pet files to the build and did not include the default faulty ghostscript version. But I omitted a pet to add a link missing in /lib so had to do this extra fix once the new Stretch was up and running. This entailed making a link in /lib from the lib file "ld-2.24.so" called "ld-lsb.so.3" (screenshot).

'Open-file' = still a mess :x : I don't know how to fix this 'Places' clutter where every partition on my computer is listed in the left panel (screenshot)? So the place I normally want to open a file from, or save something to (my main data partition, sda5) is off-panel at the bottom of this unwanted list. This is not a problem in Ubuntu-Pups where I can add my wanted partitions to the left panel which starts out empty and uncluttered. I don't think this clutter of places are mounted so it strikes me as odd to have them all here.

Apart from this major annoyance as a user, Stretch Pup is or would be fine for what I do on this computer.

David S.
A fix for this "places" issue has been posted by pemasu.
http://www.murga-linux.com/puppy/viewto ... a64#975391

Just posting this here in case anyone else finds this question by a search so that it will point to an answer.
Original post / question for reference

.

hamoudoudou

Seems much slower than artfulpup.

#719 Post by hamoudoudou »

My stretch is outdated.. just installed.. Don't care.Seems much slower than artfulpup. I take a glance to PPM, often Stretch has some apps in advance compared to Xenial.
Understood, the new version is radky's one.. Mine is Oscartalks.. Obsolete...
Dpup stretch downloaded will be installed asap... ISO lost, not found where it should be :( To start again, later.

Mercedes350se
Posts: 790
Joined: Wed 16 Apr 2008, 11:28

#720 Post by Mercedes350se »

perdido wrote:This is a remaster ofttuuxxx stretch-7.0.0a1 with the fixes/changes suggested in this thread. It is the puppy I have transitioned to, replacing Precise 5.7.1
Downloaded and installed - runs well.

Printing using the Samsung ML-1640 was solved by installing the splix-samsung-en-2.0.0-i486.pet

Deleted Palemoon and installed seamonkey 2.26.1 - for the reason see my Westpac thread. As I now have a built in email client sylpheed was uninstalled.

Gnumeric was installed.

Freecell and sudoku installed and running - took some time to bring the tcl and tk info over though.

I am in the process of trying to get MUT - as in Mount Unmount Tool running - I get the window popup but it is not populated.

What do I need to do to make it work correctly?

Failing this how do I install pmount say as in 5.2.8?

foxpup
Posts: 1132
Joined: Fri 29 Jul 2016, 21:08

samba not working in dPupStretch from OscarTalks

#721 Post by foxpup »

I use the build from OscarTalks all the time. Since he put it on offer in this thread I report this here. I do not know (yet) whether this applies to the 'main' RC Stretch build from radky too. I will look for that.

The problem is samba. It is not installed properly. It asks for sambalibs of an earlier version: version 4.2.14 (jessie!) whereas 4.5.12 is supposed for stretch.

User avatar
OscarTalks
Posts: 2196
Joined: Mon 06 Feb 2012, 00:58
Location: London, England

#722 Post by OscarTalks »

Hello foxpup,

For anyone who is wanting to try Dpup Stretch now I would recommend that the build by Radky should be their first stop. I think there is a good chance that samba will be fully working in that.

My version is based on a build published some time ago by billtoo, although it is now extensively remastered. I do still use it at home for browsing, media and some other tasks.
It is mainly a personal test-bed though. I do update the .iso from time to time, most recently I added transmission 2.94 which I compiled from source (Qt interface version).

Thanks for the report. To be honest I have never used samba, so never felt any urgency to look at it in my experimental remaster. I might try to see if I can get it working properly when I get some time. Since this Stretch Pup was based on an early build there are always likely to be things that still don't work, but some people might find things in it which are interesting or even useful. If that is the case then of course they are welcome to use it.
Oscar in England
Image

foxpup
Posts: 1132
Joined: Fri 29 Jul 2016, 21:08

#723 Post by foxpup »

Hello Oscar

I use your build because it has some nice features included like dillo and easy VPN and it has firefox, not palemoon and psip is the latest version... .
And because it generally looks nice.
I think you are too modest, you make very nice builds/remasters.

In fact I seldom use samba, but I just noticed it does not work. Nevermind though.
Samba does work in radky's version. It is 'simple' samba there.

I've just installed radky's latest RC to help testing it. I hope it will make it to the final release stage.

Post Reply