Re: [DNG] ..alsa+apulse and torbrowser... rpath is /usr/lib/apulse and is too long???
On 2019-01-22 16:07, Alessandro Selli wrote: On 22/01/19 at 08:38, goli...@dyne.org wrote: On 2019-01-22 01:12, Arnt Karlsen wrote: On Tue, 22 Jan 2019 14:04:02 +0900, Simon wrote in message <24516662-997c-fa54-ab14-d12437192...@gikaku.com>: IMCO, If a piece of software requires PulseAudio, it deserves to be silent. ..agreed, except the Tor Browser users are a little too important to leave alone in PulseAudio/Systemd hands, for some Tor Browser users, this is a life or death issue, as some regimes actually do commit murders on people they like to see dead and buried. I run a studio and muck around with "pro" linux audio apps from time to time but mostly xwax. That is why I knew Systemd would be no good. I want to hear the excuses for wasting CPU cycles and damaging ears from you-know-who. ..I'd rather use this thread for practical advice on setting up alsa + apulse + torbrowser configurations, which will be more useful to Tor Browser users not trusting PulseAudio or Systemd. I've been waiting for a good apulse howto to appear for along time. Maybe that time has finally come. I would contribute. I did manually set XFCE's firefox launch buttons to run "apulse firefox" instead of firefox directly, I could also patch /usr/share/applications/firefox-esr.desktop to do the same, but I'd like to devise a way just installing apulse would set everything up for users automatically in the post-install script. This way people (especially not technically minded ones) would have less fiddling to do to customize their systems. And I'd bet even non techies would appreciate sparing themselves some time just to let their system behave in a sane way. But let's start with a simple howto first. Where shall we coordinate our effort, push our contributions to? Thanks for the offer Alessandro! The best place(s) to put that info would be a HowTo under 'Documentation' on the dev1galaxy.org forum or on the Friends of Devuan wiki at https://friendsofdevuan.org/doku.php/start. Actually would be good to have something in both places. Ping me if you have any questions. If you're coming to the d1conf, you could even do a presentation about it!! And if it's not definitively solved to your satisfaction by then, there could be a hacking session to get it done. :D golinux ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ..alsa+apulse and torbrowser... rpath is /usr/lib/apulse and is too long???
On 22/01/19 at 08:38, goli...@dyne.org wrote: > On 2019-01-22 01:12, Arnt Karlsen wrote: >> On Tue, 22 Jan 2019 14:04:02 +0900, Simon wrote in message >> <24516662-997c-fa54-ab14-d12437192...@gikaku.com>: >> >>> IMCO, If a piece of software requires PulseAudio, it deserves to be >>> silent. >> >> ..agreed, except the Tor Browser users are a little too important to >> leave alone in PulseAudio/Systemd hands, for some Tor Browser users, >> this is a life or death issue, as some regimes actually do commit >> murders on people they like to see dead and buried. >> >>> I run a studio and muck around with "pro" linux audio apps from time >>> to time but mostly xwax. That is why I knew Systemd would be no good. >>> I want to hear the excuses for wasting CPU cycles and damaging ears >>> from you-know-who. >> >> ..I'd rather use this thread for practical advice on setting up >> alsa + apulse + torbrowser configurations, which will be more >> useful to Tor Browser users not trusting PulseAudio or Systemd. > > I've been waiting for a good apulse howto to appear for along time. > Maybe that time has finally come. I would contribute. I did manually set XFCE's firefox launch buttons to run "apulse firefox" instead of firefox directly, I could also patch /usr/share/applications/firefox-esr.desktop to do the same, but I'd like to devise a way just installing apulse would set everything up for users automatically in the post-install script. This way people (especially not technically minded ones) would have less fiddling to do to customize their systems. And I'd bet even non techies would appreciate sparing themselves some time just to let their system behave in a sane way. But let's start with a simple howto first. Where shall we coordinate our effort, push our contributions to? -- Alessandro Selli VOIP SIP: dhatarat...@ekiga.net Chiave firma e cifratura PGP/GPG signing and encoding key: BA651E4050DDFC31E17384BABCE7BD1A1B0DF2AE signature.asc Description: OpenPGP digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ..alsa+apulse and torbrowser... rpath is /usr/lib/apulse and is too long???
On 22/01/19 at 18:28, Hendrik Boom wrote: > On Wed, Jan 23, 2019 at 01:37:17AM +0900, Simon Walter wrote: >> I don't see what sound has to do with that. Gotta have that video stream? > If you're a video journalist, yes. Even if you're not. Everybody (well, almost) has ears to hear and a mouth to speak, and it's been a pretty long time that software has been used to deliver not just text, but video and audio as well (jeez, I first did it on a Pentium-166!). -- Alessandro Selli VOIP SIP: dhatarat...@ekiga.net Chiave firma e cifratura PGP/GPG signing and encoding key: BA651E4050DDFC31E17384BABCE7BD1A1B0DF2AE signature.asc Description: OpenPGP digital signature ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ..alsa+apulse and torbrowser... rpath is /usr/lib/apulse and is too long???
On Wed, Jan 23, 2019 at 01:37:17AM +0900, Simon Walter wrote: > > I don't see what sound has to do with that. Gotta have that video stream? If you're a video journalist, yes. -- hendrik ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ..alsa+apulse and torbrowser... rpath is /usr/lib/apulse and is too long???
On 1/22/19 4:38 PM, goli...@dyne.org wrote: > On 2019-01-22 01:12, Arnt Karlsen wrote: >> On Tue, 22 Jan 2019 14:04:02 +0900, Simon wrote in message >> <24516662-997c-fa54-ab14-d12437192...@gikaku.com>: >> >>> IMCO, If a piece of software requires PulseAudio, it deserves to be >>> silent. >> >> ..agreed, except the Tor Browser users are a little too important to >> leave alone in PulseAudio/Systemd hands, for some Tor Browser users, >> this is a life or death issue, as some regimes actually do commit >> murders on people they like to see dead and buried. I don't see what sound has to do with that. Gotta have that video stream? >> >>> I run a studio and muck around with "pro" linux audio apps from time >>> to time but mostly xwax. That is why I knew Systemd would be no good. >>> I want to hear the excuses for wasting CPU cycles and damaging ears >>> from you-know-who. >> >> ..I'd rather use this thread for practical advice on setting up >> alsa + apulse + torbrowser configurations, which will be more >> useful to Tor Browser users not trusting PulseAudio or Systemd.> > I've been waiting for a good apulse howto to appear for along time. > Maybe that time has finally come. Hopefully torbrowser doesn't need much. If you know how PulseAudio works, apulse should be simple. Maybe there are backports for Ascii. If you want a hand building and testing apulse on Jessie, let me know. Happy to kick the tyres for you. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] Debian dev takes a break from packaging systemd
On Tue, Jan 22, 2019 at 12:42:15AM +0100, Alessandro Selli wrote: > > Later he seems surprised about how things roll there: > > > I'm amazed that I have to point this out > > > Yes, it's amazing. > Even more amazing is that such a software was almost universally > adopted as a key piece of the OS. And this: “I think this user rule was in error, and it worked for a while by luck, and now it doesn't. This happens all the time.” -- Tomasz TorczOnce you've read the dictionary, xmpp: zdzich...@chrome.pl every other book is just a remix. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] [cor...@debian.org: [SECURITY] [DSA 4371-1] apt security update]
Dear D1rs, a quite important security hole has been discovered (and patched) in apt. The hole allows remote code execution upon http redirects through malicious mirrors. Since Devuan repos are based on redirects, we urge everybody to upgrade the "apt" package. The full DSA is available below, and the corresponding CVE is at: https://security-tracker.debian.org/tracker/CVE-2019-3462 The safest way would actually be to manually download the deb packages of apt from the debian-security pool (more information available below), or to use pkgmaster.devuan.org in your sources.list to do the upgrade (pkgmaster.devuan.org is not a rough mirror...). The issue has not yet been fixed in buster/sid (beowulf/ceres), but I guess a patched version will be published soon. HND KatolaZ - Forwarded message from Yves-Alexis Perez - Date: Tue, 22 Jan 2019 13:17:26 +0100 From: Yves-Alexis Perez To: debian-security-annou...@lists.debian.org Subject: [SECURITY] [DSA 4371-1] apt security update -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4371-1 secur...@debian.org https://www.debian.org/security/Yves-Alexis Perez January 22, 2019 https://www.debian.org/security/faq - - Package: apt CVE ID : CVE-2019-3462 Max Justicz discovered a vulnerability in APT, the high level package manager. The code handling HTTP redirects in the HTTP transport method doesn't properly sanitize fields transmitted over the wire. This vulnerability could be used by an attacker located as a man-in-the-middle between APT and a mirror to inject malicous content in the HTTP connection. This content could then be recognized as a valid package by APT and used later for code execution with root privileges on the target machine. Since the vulnerability is present in the package manager itself, it is recommended to disable redirects in order to prevent exploitation during this upgrade only, using: apt -o Acquire::http::AllowRedirect=false update apt -o Acquire::http::AllowRedirect=false upgrade This is known to break some proxies when used against security.debian.org. If that happens, people can switch their security APT source to use: deb http://cdn-fastly.deb.debian.org/debian-security stable/updates main For the stable distribution (stretch), this problem has been fixed in version 1.4.9. We recommend that you upgrade your apt packages. Specific upgrade instructions: If upgrading using APT without redirect is not possible in your situation, you can manually download the files (using wget/curl) for your architecture using the URL provided below, verifying that the hashes match. Then you can install them using dpkg -i. Source archives: http://security.debian.org/pool/updates/main/a/apt/apt_1.4.9.dsc Size/SHA256 checksum: 2549 986d98b00caac809341f65acb3d14321d645ce8e87e411c26c66bf149a10dfea http://security.debian.org/pool/updates/main/a/apt/apt_1.4.9.tar.xz Size/SHA256 checksum: 2079572 d4d65e7c84da86f3e6dcc933bba46a08db429c9d933b667c864f5c0e880bac0d Architecture independent files: http://security.debian.org/pool/updates/main/a/apt/apt-doc_1.4.9_all.deb Size/SHA256 checksum: 365094 8880640591f64ab7b798f0421d18cba618512ca61ed7c44f6140423551d5 http://security.debian.org/pool/updates/main/a/apt/libapt-pkg-doc_1.4.9_all.deb Size/SHA256 checksum: 1004234 42f4c5945c4c471c3985db1cec7adcac516cc21a497a438f3ea0a2bfa7ffe036 amd64 architecture: http://security.debian.org/pool/updates/main/a/apt/apt-dbgsym_1.4.9_amd64.deb Size/SHA256 checksum: 4450936 1da507155c7b1ad140739c62fdacceaf5b5ee3765b1a00c3a3527d9d82a8d533 http://security.debian.org/pool/updates/main/a/apt/apt-transport-https-dbgsym_1.4.9_amd64.deb Size/SHA256 checksum: 292612 59f3e1c91664fe3b47048794560ebe9c41f1eeccbdd95f7715282f8cbe449060 http://security.debian.org/pool/updates/main/a/apt/apt-transport-https_1.4.9_amd64.deb Size/SHA256 checksum: 170820 c8c4366d1912ff8223615891397a78b44f313b0a2f15a970a82abe48460490cb http://security.debian.org/pool/updates/main/a/apt/apt-utils-dbgsym_1.4.9_amd64.deb Size/SHA256 checksum: 1289344 e3e157c291b05b2899a545331c7597ab36ca04e02cd9010562b9985b76af60db http://security.debian.org/pool/updates/main/a/apt/apt-utils_1.4.9_amd64.deb Size/SHA256 checksum: 409958 fb227d1c4615197a6263e7312851ac3601d946221cfd85f20427a15ab9658d15 http://security.debian.org/pool/updates/main/a/apt/apt_1.4.9_amd64.deb Size/SHA256 checksum: 1231594 dddf4ff686845b82c6c778a70f1f607d0bb9f8aa43f2fb7983db4ff1a55f5fae http://security.debian.org/pool/updates/main/a/apt/libapt-inst2.0-dbgsym_1.4.9_amd64.deb Size/SHA256 checksum: 221646