Re: [gentoo-user] Every other startup results in a black screen (possibly SDDM related?)
However, it does wake up if I switch to another TTY (e.g. ctrl+alt+F4) and lets me log on, so it has obviously booted up. If I switch back to TTY 8 from there it just shows a blinking cursor (i.e. not SDDM, which is what I'd expect). If I reboot from the TTY that lets me log on, the boot process is usually normal and leaves me at the SDDM login. Any tips on how to debug this would be much appreciated. Since you can switch ttys, this means your computer “properly” booted. So as far as we know, the only culprit is your login manager which failed to start, or started improperly. For starters you could check, once logged in, if it is actually running or not. ps faux | less will output the whole list of processes on your computer, check it to see if you can find sddm in the list. If not, then it failed to start, so you want to check if the service in charge to start it has been run. rc-service sddm status # for openrc systemctl status sddm # for systemd These commands should tell you if the process has been started and failed, or if it never started in the first place. If it started and failed, search for logs, or even try to start it manually. This will give you indications as to why it won’t run. Otherwise, if it was never run by your service manager, this means something earlier in the dependency tree failed to run. Same solution here: search for logs, `rc-status` will give you the list of running services on your computer and their state for openrc. Good luck, Hoël signature.asc Description: PGP signature
Re: [gentoo-user] masked packages
Am Mon, Apr 01, 2024 at 03:53:19PM +0200 schrieb Hoël Bézier: That’s a different thing than masking a package using a package.mask file, where the package is technically available for your architecture but someone (usually you or the gentoo developpers) decided it wasn’t fit to be installed: for instance the recent discovery of a backdoor in xz-utils-5.4.6 led the xz-utils-5.6.0, my bad. See lines 46 to 60 of /var/db/repos/gentoo/profiles/package.mask. gentoo developpers to mask this package, by adding it to the /var/db/repos/gentoo/profiles/package.mask file which you retrieved by syncing your gentoo tree. Hoël signature.asc Description: PGP signature
Re: [gentoo-user] masked packages
Hi, Am Mon, Apr 01, 2024 at 03:19:27PM +0200 schrieb n952162: How do you see that radicale is marked for testing? [snip] The actual error mesg: / !!! All ebuilds that could satisfy "radicale" have been masked.// // !!! One of the following masked packages is required to complete your request:// // - www-apps/radicale-3.1.7::gentoo (masked by: ~amd64 keyword)// // - www-apps/radicale-3.1.5::gentoo (masked by: ~amd64 keyword)// / The ~amd64 keyword means www-apps/radicale is only available on testing, otherwise the keyword would have been amd64 (without the tilde). So portage is telling you it can’t install www-apps/radicale-3.1.7 because it’s only available on testing, which it does by saying it’s “masked by [the] ~amd64 keyword”. That’s a different thing than masking a package using a package.mask file, where the package is technically available for your architecture but someone (usually you or the gentoo developpers) decided it wasn’t fit to be installed: for instance the recent discovery of a backdoor in xz-utils-5.4.6 led the gentoo developpers to mask this package, by adding it to the /var/db/repos/gentoo/profiles/package.mask file which you retrieved by syncing your gentoo tree. Hoël signature.asc Description: PGP signature
Re: [gentoo-user] Musl custom initramfs kernel panic
Am Sat, Mar 09, 2024 at 06:59:15PM +0100 schrieb efeizbudak: How could I go about finding which library it is? lddtree is only giving me libblkid and libmount, both of which are already inside the initramfs. I will try to learn about busybox. Thank you. You can try to run mount with strace on your host, and see which shared libraries are opened. signature.asc Description: PGP signature
Re: [gentoo-user] Sending HUP to OpenVPN after WiFi reconnect in Mesh
Am Wed, Jan 03, 2024 at 05:50:52PM +0100 schrieb Florian Gamböck:
[snip]
What bugs me however is, that OpenVPN loses connection to the VPN server
after such an AP change and is not able to reconnect automatically
again.
[snip]
While this is happening, I cannot access the internet. I suspect, this
is because of the "persist-tun" setting in the OpenVPN config, but I
don't want to remove it because I'd rather have no internet at all than
having suddenly internet without VPN ("kill switch").
I can manually "repair" this situation by sending SIGHUP to OpenVPN,
which causes a hard reconnect.
Now, with this background information, I need your help to come up with
a strategy to survive an automatic Mesh WiFi reconnect, without the need
of manually restarting OpenVPN all the time.
I’ve encountered the same issue as you. I fixed it by removing the persist-tun
option from my configuration file.
The way I understand this configuration option, is that OpenVPN allows itself
to destroy and recreate tun interfaces if needed. I’m not sure whether it means
you may end up on the internet without going through your VPN.
What I’m sure of is that sending SIGHUP to OpenVPN tells it to destroy and
recreate that tun interface of yours, bypassing the persist-tun instruction you
gave it in your configuration file.
Others may have more satisfying answers than mine, but I believe the
appropriate way to fix your issue is by allowing OpenVPN to recreate tun
interfaces when needed, such as after a disconnect, and so you need to remove
the persist-tun option. You might want to wait confirmation from other people
around before doing so, though.
I’d be very interested if anyone had further information on that matter,
whether they would contredict my claims or support them.
Hoël
signature.asc
Description: PGP signature
Re: [gentoo-user] Re: alsamixer - no sound
If I remember correctly, running alsamixer - allows you select certain cards, ESC exits alsactl store - would write the setting to a file, under user it would be ~/.asoundrc (I could be wrong). But in my case "alsactl store" doesn't do anything, It opens "master" setting single bar setting. From `man 1 alsactl`: ``` store This command saves the current driver state for the selected soundcard to the configuration file. […] FILES /var/lib/alsa/asound.state (or whatever file you specify with the -f flag) is used to store current settings for your soundcards. The settings include all the usual soundcard mixer settings. ``` ~/.asoundrc is your hand-edited card configuration (including which one is your primary soundcard, and /var/lib/alsa/asound.state contains the mixer settings for your cards, i.e. the volume levels. The latter is written by `alsactl store` and is owned by root, so your user has nothing to do with it. It’s usually read once at startup and written at shutdown to preserve sound volume between reboots. This is most likely not the file you want to edit, and `alsactl store` is not the command you want to run, unless I misunderstood your issue. Hoël signature.asc Description: PGP signature
Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.
Am Tue, Sep 19, 2023 at 12:36:13AM -0500 schrieb Dale: In the real world tho, how do people reading this make passwords that no one could ever guess? I use Bitwarden to handle website passwords and it does a good job. I make up my own tho when encrypting drives. I'm not sure I can really use Bitwarden for that given it is a command line thing, well, in a script in my case. I doubt anyone would ever guess any of my passwords but how do people reading this do theirs? Just how far do you really go to make it secure? Obviously you shouldn't give up much detail but just some general ideas. Maybe even a example or two of a fake password, just something that you would come up with and how. For storing passwords, I use app-admin/pass. For choosing passphrases, I write sentences. I know having space character at a predictable frequence in the passphrase makes it easier to find out, but using phrases makes it easier to come up with very long passphrases (which, I believe, balances the space thing, though I’m no crypto expert), which are also easy to remember. Hoël signature.asc Description: PGP signature
Re: [gentoo-user] convert: attempt to perform an operation not allowed by the security policy
Am Tue, May 02, 2023 at 03:07:30PM -0600 schrieb the...@sys-concept.com: Trying to use convert and getting security policy problem: convert -density 300 document.pdf -fuzz 10% -channel rgba -fill none -opaque "#d2d2d2" -opaque "#b8b8b8" daily_appointment.pdf convert: attempt to perform an operation not allowed by the security policy `PDF' @ error/constitute.c/IsCoderAuthorized/449. convert: no images defined `daily_appointment.pdf' @ error/convert.c/ConvertImageCommand/3342 Which security policy is it? Output of: cat /etc/ImageMagick-7/policy.xml By default conversion to pdf are forbidden. You may want to read the gentoo bug indicated in the file and if you still want to allow convert to create pdf files, remove or comment the line with pattern="PDF".
Re: [gentoo-user] Cgroup confusion
Hi, # This switch controls whether or not cgroups version 1 controllers are # individually mounted under # /sys/fs/cgroup in hybrid or legacy mode. #rc_controller_cgroups="YES" So, whether or not A or B. How do I translate that into English? Gentoo has three cgroups mode: legacy, hybrid and unified. cgroups v1 are created in legacy and hybrid modes, cgroups v2 are created in hybrid and unified modes. So the question here is, when cgroups v1 are created, i.e. in hybrid or legacy mode, do you want, yes or no, controllers to be individually mounted under /sys/fs/cgroup? This parameter has no effect when you are in unified mode, because there are no cgroups v1 in this mode, so it makes sense to specify it applies only “in hybrid or legacy mode”. signature.asc Description: PGP signature
