EasyOS version 2.3.2, June 22, 2020

For talk and support relating specifically to Puppy derivatives
Message
Author
ras
Posts: 96
Joined: Thu 31 Oct 2019, 00:07

sfs easy

#2011 Post by ras »

Hi Barry
Got it working as an individual container on the main desktop finally. When I looked inside my sfs at /usr/sbin/ec-chroot-<name of app>. I found

Code: Select all

empty -f ec-chroot palemoon  ec-chroot palemoon
not sure how that snuck in there as I had never edited the file before, but I had run dir2sfs on the build directory with some dubious settings prior. I also noticed the absence of a link to the executable in /usr/bin, and added it for good measure. Not sure which did the trick, and am not even sure that a link in /usr/bin is necessary. ( I peeked into your firefox.sfs for guidance).

Just a small observation:
I guess it is obvious to most users of sfsget, that once you down load a sfs, and then click on a sfs in the window, the sfsget package installer morphs into the install mode and offers you the button to install.
In the case of a sfs manually placed into /mnt/wkg/sfs/easyos/debian/buster, a broken sfs can be seen in the window, but a click on it can give no response. Seems that once the sfs is constructed better, the morphing of the gui and appearance of the install button happens. In the paragraph Install Mode, an instruction to click on your sfs in the window and some information as to what is supposed to happen next would be useful, as I was not aware sfsget was supposed to morph and not sure how to proceed.

Thanks for your help
RAS

blgs
Posts: 34
Joined: Fri 07 Dec 2018, 17:37

kernel headers

#2012 Post by blgs »

Please include also the appropriate kernel-headers as a pet or sfs file in Easy os.
Currently only kernel-headers version 4.19.06 is available (as a pet)

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

Re: kernel headers

#2013 Post by BarryK »

blgs wrote:Please include also the appropriate kernel-headers as a pet or sfs file in Easy os.
Currently only kernel-headers version 4.19.06 is available (as a pet)
It is correct to have the 4.19.x kernel headers in the devx, as that is the kernel version that Debian 10 Buster was compiled for.

So, Easy Buster should really only be built with a 4.19.x kernel, as I think BusterPup and other Puppy Busters are doing.

But I want later kernels, for their new features. This does create a potential problem, as if use a matching headers pet, it may conflict with glibc, as scsijon has found.

Usually, the 4.19.x headers are fine when compiling in Easy with a later kernel.

Anyway, I plan to release next Easy with 5.4.2 kernel, and will include the headers pet in the repo.
[url]https://bkhome.org/news/[/url]

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

Re: sfs easy

#2014 Post by BarryK »

ras wrote:Just a small observation:
I guess it is obvious to most users of sfsget, that once you down load a sfs, and then click on a sfs in the window, the sfsget package installer morphs into the install mode and offers you the button to install.
In the case of a sfs manually placed into /mnt/wkg/sfs/easyos/debian/buster, a broken sfs can be seen in the window, but a click on it can give no response. Seems that once the sfs is constructed better, the morphing of the gui and appearance of the install button happens. In the paragraph Install Mode, an instruction to click on your sfs in the window and some information as to what is supposed to happen next would be useful, as I was not aware sfsget was supposed to morph and not sure how to proceed.
Yes, I know, there is a need to make this more logical. But, might target this for release-after-next.
[url]https://bkhome.org/news/[/url]

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#2015 Post by BarryK »

Bit of a quandary what to do about the 5.4.x kernel. I want the "lockdown" feaure, but audio is broken on my Apollo Lake CPU laptop, but does work on my Intel i5 CPU PC.

I don't know how many people are going to be affected.

Want to move ahead, get out the next releases. So maybe will do two builds, with 5.4.2 kernel and with an older kernel. People can try the build with 5.4.2 kernel, if no sound, they can use the other one.

Not very satisfactory though.

Blog post:

https://bkhome.org/news/201912/audio-fi ... ernel.html
[url]https://bkhome.org/news/[/url]

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#2016 Post by BarryK »

Easy Pyro 1.2.9 and 1.2.9.1 released:

https://bkhome.org/news/201912/easy-pyr ... eased.html

Easy Buster 2.1.9 and 2.1.9.1 released:

https://bkhome.org/news/201912/easy-bus ... eased.html
[url]https://bkhome.org/news/[/url]

User avatar
rerwin
Posts: 2017
Joined: Wed 24 Aug 2005, 22:50
Location: Maine, USA

#2017 Post by rerwin »

Testing EasyOS 2.1.9.1 on SanDisk Ultra USB3.0, with wired ethernet connection.

1. Xerrs.log repeatedly appends:
/usr/local/pup_event/netchg: script entered
[Appears to be a debug leftover.]

2. Although xerrs.log contains:
Playing Sparc Audio '/usr/share/audio/2barks.au' : Mu-Law, Rate 8000 Hz, Mono
and no error messages, when I run 2barks it shows an error:
# /usr/share/audio/2barks.au
bash: /usr/share/audio/2barks.au: cannot execute binary file: Exec format error

From PupSysInfo:
Audio device [0403]: Intel Corporation 82801H (ICH8 Family) HD Audio Controller [8086:284b] (rev 02)
• Kernel Driver: snd_hda_intel
• Memory Used: 32.00 KB
• Path: /lib/modules/5.4.2/kernel/sound/pci/hda/snd-hda-intel.ko
• Description: Intel HDA driver
and:
!!Sound Servers on this system
!!----------------------------
No sound servers found.
!!Soundcards recognised by ALSA
!!-----------------------------
0 [Intel ]: HDA-Intel - HDA Intel
HDA Intel at 0xdffdc000 irq 29

3. In PupControl panel, I selected Hardware > Sound Setup > Single card, which logged:
sh: alsawizard: command not found

HTH


My PC:
PC Manufacturer: Dell Inc.
Product Name: Dell DXP061

Motherboard Vendor: Dell Inc.
Product Name: 0WG855

BIOS Vendor: Dell Inc.
Version: 2.1.2
Release Date: 12/01/2006

Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz

scsijon
Posts: 1596
Joined: Thu 24 May 2007, 03:59
Location: the australian mallee
Contact:

#2018 Post by scsijon »

Downloading Pyro 1.2.9.1 now to try,

However the reason for the message is that I came across 'proot' the other day https://proot-me.github.io/, ?interesting, get a copy of the current and compile it yourself, that's what everone seems to be doing, the prebuilt are years out of date. Also if you scroll down to the Rootfs tag on the page, it has a link to containers.org's multi bases images, I wonder if they would work with your EasyOS System using a proot container of course to switch with?

EDIT: and I wonder if there is the possability of having Permanent and separate Temporary Containers. Permanent exist in their own savefile and don't loose parts until deliberately deleted, Temporary are 'cleaned out' when closed.
Last edited by scsijon on Tue 10 Dec 2019, 05:30, edited 1 time in total.

rwishlaw
Posts: 22
Joined: Thu 02 Apr 2009, 09:17

#2019 Post by rwishlaw »

rwishlaw wrote:
BarryK wrote:Ha ha, two weeks is long enough, new versions Pyro 1.2.8 and Buster 2.1.8:

https://bkhome.org/news/201911/easy-pyr ... eased.html

The same changes in both of these releases, see release notes.

The next release? I'm hanging out for the 5.4 kernel, to make use of the new "lockdown" security feature. Will probably aim for the next releases of Pyro and Buster when the 5.4.1 kernel is available.
Radeon 580 Video card.

USB Buster 2.1.8 O.K.

USB and ISO Pyro 1.2.8 will not start X.

Same kernel? vmlinuz are different sizes on Buster and Pyro.

This problem is way above my pay scale.
USB install Pyro (EasyOS 1.2.9.1) has eliminated the above problem. I am assuming that the ISO will work as well.

Thank you.

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#2020 Post by BarryK »

I found why sound was not working on my laptop with 5.4 kernel:

https://bkhome.org/news/201912/sound-fi ... -lake.html

If you are running 2.1.9.1 or 1.2.9.1, with 5.4.2 or 5.4.1 kernels, and sound doesn't work, and it is Intel audio, then run "lspci -nnk" to see what kernel module has claimed control of the audio.

In my case, it was 'snd_soc_skl', and I went to /lib/modules/5.4.2/kernel/sound/soc/intel/skylake, and renamed snd-soc-skl.ko to HIDEsnd-soc-skl.koHIDE -- renamed the other one also, but don't think that is really the cause.

Note, blacklisting snd_soc_skl doesn't work. Don't know why.

Then ran "depmod" and rebooted, and sound works. Let me know if that fix works for you.

Note, I am planning to upload major releases, Buster 2.2 and Pyro 1.3, either by xmas or the new year, for announcement on distrowatch. It will use the 5.4.3, or later kernel.

Between now and then, plan to write some more docs, and of course fix any bugs discovered, and there are some things that need improving.
[url]https://bkhome.org/news/[/url]

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#2021 Post by BarryK »

scsijon wrote:Downloading Pyro 1.2.9.1 now to try,

However the reason for the message is that I came across 'proot' the other day https://proot-me.github.io/, ?interesting, get a copy of the current and compile it yourself, that's what everone seems to be doing, the prebuilt are years out of date. Also if you scroll down to the Rootfs tag on the page, it has a link to containers.org's multi bases images, I wonder if they would work with your EasyOS System using a proot container of course to switch with?
EasyOS uses 'pflask' which is a very sophisticated and elegantly-implemented secure chroot system:

https://bkhome.org/news/201809/pflask-c ... roids.html
[url]https://bkhome.org/news/[/url]

vabene
Posts: 1
Joined: Sat 12 Oct 2019, 13:47

touchscreen

#2022 Post by vabene »

Hi Barry,
til the kernel 4.xx my big touchscreen - lenovo yoga home - works perfect. Since the kernel-version 5,xx it does not start automatically. the touchscreen-program does not work for me, because it hangs after the first point.
but all necessary modules are there and i found a solution: when i type in the console
- "modprobe hid-multitouch.ko" and
- "insmod /lib/modules/5.4.1/kernel/drivers/hid/hid-multitouch.ko"
(or "modprobe hid-multitouch.ko & insmod /lib/modules/5.4.1/kernel/drivers/hid/hid-multitouch.ko" )
my touchscreen (and the calibrate-touchscreen-program) works again perfect - but not automatically. I have to do the modprobe and the insmod at each booting. is there an chance to get back the auto-calibration for touchscreens?
I wrote this from the new easy pyro 1.2.9.1
vabene

blgs
Posts: 34
Joined: Fri 07 Dec 2018, 17:37

boot message error during "Copy session to RAM"

#2023 Post by blgs »

An error boot message occurs during "Copy session to RAM & disable drives"

See attachment for screen picture.
Attachments
image0.jpeg
(106.46 KiB) Downloaded 78 times

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

Re: touchscreen

#2024 Post by BarryK »

vabene wrote:Hi Barry,
til the kernel 4.xx my big touchscreen - lenovo yoga home - works perfect. Since the kernel-version 5,xx it does not start automatically. the touchscreen-program does not work for me, because it hangs after the first point.
but all necessary modules are there and i found a solution: when i type in the console
- "modprobe hid-multitouch.ko" and
- "insmod /lib/modules/5.4.1/kernel/drivers/hid/hid-multitouch.ko"
(or "modprobe hid-multitouch.ko & insmod /lib/modules/5.4.1/kernel/drivers/hid/hid-multitouch.ko" )
my touchscreen (and the calibrate-touchscreen-program) works again perfect - but not automatically. I have to do the modprobe and the insmod at each booting. is there an chance to get back the auto-calibration for touchscreens?
I wrote this from the new easy pyro 1.2.9.1
vabene
You shouldn't have to run both of those, "modprobe hid-multitouch" will do it (without the ".ko")

I don't know about getting it back automatically. You could put it into /etc/rc.d/rc.local, so it will be retained when you upgrade to later versions.
[url]https://bkhome.org/news/[/url]

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

Re: boot message error during "Copy session to RAM"

#2025 Post by BarryK »

blgs wrote:An error boot message occurs during "Copy session to RAM & disable drives"

See attachment for screen picture.
Ah yes, that is a non-fatal, just information message. I have appended "2>/dev/null" on that line, to suppress the error message.

Thanks for the report.
[url]https://bkhome.org/news/[/url]

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#2026 Post by BarryK »

Here is a new tutorial on the "Copy session to RAM & disable drives" boot menu option:

https://easyos.org/user/ultra-secure-web-browsing.html

I posted it last night, then edited it a bit this morning.

For maximum security, you need to be running Easy Pyro 1.2.9.1 or Buster 2.1.9.1, with 5.4.x kernel.

The thing is, is there any way to access the drives? The invitation is open to those with in-depth knowledge of Linux security to have a go at breaking out.

If there is a way of breaking out, then further steps can be taken to lock the user (and any intruder) into the RAM.

One thought is the possibility of getting at the UEFI setup. But the kernel lockdown might prevent that.
[url]https://bkhome.org/news/[/url]

zygo
Posts: 243
Joined: Sat 08 Apr 2006, 20:15
Location: UK

signing

#2027 Post by zygo »

Barry,

Why don't you sign your uploads and host the signing key elsewhere?

Z

ras
Posts: 96
Joined: Thu 31 Oct 2019, 00:07

#2028 Post by ras »

scsijon wrote:EDIT: and I wonder if there is the possability of having Permanent and separate Temporary Containers. Permanent exist in their own savefile and don't loose parts until deliberately deleted, Temporary are 'cleaned out' when closed.
I have been wishing along the same lines. A desktop container that doesn't keep it's .session unless one chooses to. I know that one can rollback a container to the same effect, but a "save" or "don't save" dialog when exiting the container would be sweet, (with a way to tick a box to make either the default) . One could stay in the same desktop session and have a lite version of "copy session to ram" without having to reboot.
RAS

ras
Posts: 96
Joined: Thu 31 Oct 2019, 00:07

downloaded .deb in container

#2029 Post by ras »

Barry,
Did a frugal install of Easy 2.1.9.1 for a quick test to see if I could put a claws-mail .deb into a container. the deb worked fine on the main desktop, but when I created a container for it all seemed well until I clicked on the icon that was created. I could not find /../../claws-mail/container/mnt

Code: Select all

# ec-chroot claws-mail
mkdir: can't create directory '/mnt/sda1/b2/containers/claws-mail/container/mnt/wkg/': No such file or directory
snip
mkdir: can't create directory '/mnt/sda1/b2/containers/claws-mail/container/mnt/wkg/': No such file or directory
gtk-update-icon-cache: Cache file created successfully.
gtk-update-icon-cache: Cache file created successfully.
Executing: DISPLAY=:0  pflask --mount=bind:/mnt/sda1/b2/home/shared:/mnt/wkg/home/shared --keepenv --mount=bind:/tmp/.X11-unix/X0:/tmp/.X11-unix/X0 --no-ipcns --no-netns --mount=bind:/dev/snd:/dev/snd --mount=bind:/dev/mixer:/dev/mixer --caps=all,-sys_admin,-sys_boot,-sys_chroot,-sys_ptrace,-sys_time,-sys_tty_config,-chown,-kill,-dac_override,-dac_read_search,-fowner,-setfcap,-setpcap,-net_admin,-mknod,-sys_module,-sys_nice,-sys_resource --no-userns --chroot=/mnt/sda1/b2/containers/claws-mail/container --  /.control/ec-run claws-mail 
[✘] Could not create mount dest /mnt/sda1/b2/containers/claws-mail/container/mnt/wkg/home/shared: No such file or directory
[✘] Child failed with code '1'
Unmounting: /mnt/sda1/b2/containers/claws-mail/container
Unmounting: /mnt/sda1/b2/containers/claws-mail/.ro0
Container claws-mail stopped
and

Code: Select all

#Information for setting up and running the container

#Connect to X by abstract socket, pipe or unix domain socket (abstract|pipe|unix):
EC_XSOCKET='unix'
#Use Xorg or Xephyr server (xorg|xephyr):
EC_XSERVER='xorg'

#For security, unshare these namespaces:
EC_NS_UNSHARE_MOUNT='true'
EC_NS_UNSHARE_UTS='true'
EC_NS_UNSHARE_IPC='false'
EC_NS_UNSHARE_NETWORK='true'
EC_NS_UNSHARE_PID='true'

#Clear environment variables, except some such as TERM and DISPLAY:
EC_UNSHARE_ENV_VARS='false'
#Tick to run as user zeus in container:
EC_ENV_ZEUS='false'

#Specify what you are allowed to access outside the container:
EC_ACCESS_NET='true'
EC_ACCESS_SND='true'
EC_ACCESS_FOLDER='true'
EC_ACCESS_FOLDER_PATH='/home/shared'

#Drop these Linux capabilities:
EC_CAP_system='true'
EC_CAP_file='true'
EC_CAP_network='true'
EC_CAP_module='true'
EC_CAP_resource='true'
EC_CAP_mount=''

#If security-preset was ever chosen, this is it:
EC_SEC_PRESET='seclevel_3'

#Uncomment if you want to load another .sfs file, resident in the releases folder of the current version of Easy.
#Glob wildcard accepted, in fact is recommended for automatic version updating:
#EASY_LAYER_RO1='devx*.sfs'
will try a couple of different configurations when more time allows
RAS

User avatar
FeodorF
Posts: 293
Joined: Wed 07 Jul 2010, 09:44
Location: Heidelberg, Germany

Buster 2.1.9.1

#2030 Post by FeodorF »

Hi Barry!

Found one problem while running 'Buster-2.1.9.1 containerized desk'.

The extra characters '@{[]}..’ don't work - ’ÄÖÜß' do. (f.e. WWW, sakura)

Using easy-2.1.9.1-amd64.img.gz and a BIOS dual core box with German keyboard for testing. (Same problem while running easy-2.1.9-amd64.img.gz) At first run/install I'm using '11' for 'de' keyboard.

Post Reply