Re: [DNG] Help with Spectre and Meltdown

[Irrwahn]

marc wrote on 17.01.2018 07:27:
[...]
> * Stop running code which you don't trust. That comes in two forms:
> Don't enable javascript on your browser, and don't use cloud-based
> systems or virtual hosts. Those things you don't want to do anyway
> if you care about security. 
>   
> Not sure how Devuan could help with those, except maybe make sure
> that none of the web-based infrastructure (devgalaxy, etc) require
> javascript or maybe package up some of the firefox forks which
> are more security focused.

Which would essentially boil down to a list of three candidates: 
waterfox, icecat, or palemoon. 

My 2¢: Out of these, currently waterfox is my personal favorite, as 
palemoon started to fail me on several occasions, not being able to
reasonably render several web pages I use regularly. Didn't have 
much exposure to icecat, though.

Best regards
Urban
-- 
Sapere aude!
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Help with Spectre and Meltdown

[marc]

> I wanted to explore whether Devuan can provide a solution to the
> Spectre/Meltdown fiasco.  Is there a guide to what elements of Devuan
> [jessie, ascii, ?] have been upgraded to address these issues?

Spectre has no patch in the conventional sense. But there 
are two types of things one can do:

* Move to a processor which doesn't speculate :) with so many 
side effects. Processors found on the raspberry PI, for example, 
are ok to use.

* Stop running code which you don't trust. That comes in two forms:
Don't enable javascript on your browser, and don't use cloud-based
systems or virtual hosts. Those things you don't want to do anyway
if you care about security. 
  
Not sure how Devuan could help with those, except maybe make sure
that none of the web-based infrastructure (devgalaxy, etc) require
javascript or maybe package up some of the firefox forks which
are more security focused.

regards

marc
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Help with Spectre and Meltdown

[KatolaZ]

On Tue, Jan 16, 2018 at 11:33:41PM +, jacksprat wrote:
> I wanted to explore whether Devuan can provide a solution to the
> Spectre/Meltdown fiasco.  Is there a guide to what elements of Devuan
> [jessie, ascii, ?] have been upgraded to address these issues?
> 
> If I need to move to ascii to achieve this [I am on jessie], what do I need
> to put in /etc/apt/sources.list so that apt-get can be perform the
> upgrade?  I have a spare computer where an ascii-based solution can be
> tested .
> 

The only affected component is the kernel. Patch exist for jessie,
ascii, and unstable, but only for Meltdown. AFAWN, there is no way to
effectively patch Spectre.

The patch for Meltdown comes directly from Debian:

  https://security-tracker.debian.org/tracker/CVE-2017-5754

and the updates are available from jessie-updates and from
ascii-updates. So if you have updates enabled in your sources.list,
you might already have got the patch. Just check that the version of
your running kernel corresponds with that specified at the URL above.

HTH

KatolaZ

-- 
[ ~.,_  Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab  ]  
[ "+.  katolaz [at] freaknet.org --- katolaz [at] yahoo.it  ]
[   @)   http://kalos.mine.nu ---  Devuan GNU + Linux User  ]
[ @@)  http://maths.qmul.ac.uk/~vnicosia --  GPG: 0B5F062F  ] 
[ (@@@)  Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ  ]


signature.asc
Description: Digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] Help with Spectre and Meltdown

[jacksprat]

I wanted to explore whether Devuan can provide a solution to the
Spectre/Meltdown fiasco.  Is there a guide to what elements of Devuan
[jessie, ascii, ?] have been upgraded to address these issues?

If I need to move to ascii to achieve this [I am on jessie], what do I need
to put in /etc/apt/sources.list so that apt-get can be perform the
upgrade?  I have a spare computer where an ascii-based solution can be
tested .

Thanks, jacksprat
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] elogind testing for experimental and ascii-proposed

[Irrwahn]

Andreas Messer wrote on 16.01.2018 22:24:
> since we have to test elogind now with various setups, KatolaZ asked me to
> write a short guide what needs to be tested. So here we go:
[snipped procedure]

I gave it a quick spin on my ascii VM with lightdm and XFCE:

1. Simply installing elogind caused no regressions, as expected.

2. With consolekit/policykit and elogind fully enabled:

  - lightdm+XFCE graphical login: 

* login, logout, poweroff, reboot, USB drive mount: 
   working (same as without elogind, or disabled elogind)

  - ssh console login:

* screen sessions killed on logout 
  (regression, works with elogind disabled!)

* ssh-agent killed on logout 
  (regression, not killed with elogind disabled!)

*  urban@vboxascii:~$ loginctl reboot
   AUTHENTICATING FOR org.freedesktop.login1.reboot
   Authentication is required for rebooting the system.
   Authenticating as: ,,, (urban)
   Password: 
   AUTHENTICATION COMPLETE
   Failed to reboot system via elogind: Message recipient disconnected
 from message bus without replying
   urban@vboxascii:~$ 
   Broadcast message from root@vboxascii (console) (Tue Jan 16 23:25:17 
2018):
   The system is going down for reboot NOW!
   Connection to 192.168.2.167 closed by remote host.

*  root@vboxascii:~# loginctl reboot
   Failed to reboot system via elogind: Message recipient disconnected 
 from message bus without replying
   root@vboxascii:~# 
   Broadcast message from root@vboxascii (console) (Tue Jan 16 23:52:22 
2018):
   The system is going down for reboot NOW!
   Connection to 192.168.2.167 closed by remote host.

3. No consolekit/policykit, only elogind installed and activated
   (not sure if that even makes any sense, but what the heck):

  -lightdm+XFCE graphical login: 

* login, logout: working

* GUI poweroff, reboot, USB mount: NOT working!

  - ssh console login:

* screen sessions and ssh-agent killed on logout

*  urban@vboxascii:~$ loginctl reboot
   Failed to reboot system via elogind: The name org.freedesktop.PolicyKit1 
 was not provided by any .service files
   

TL;DR: 
The only immediately noticeable regression caused by enabling elogind 
in this setup was detached background processes (screen, ssh-agent) 
being killed upon session termination; user mount, poweroff, and reboot 
worked as expected.

HTH, best regards
Urban

-- 
Sapere aude!
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] elogind available in experimental and ascii-proposed

[Andreas Messer]

On Tue, Jan 16, 2018 at 04:09:58PM +0300, Hleb Valoshka wrote:
> On 1/16/18, Hleb Valoshka <375...@gmail.com> wrote:
> 
> > Not yet, devuan ci has issues with repos containing pristine-tar. I'll
> > build it locally and put it somewhere and then write its location
> > here.
> 
> https://mega.nz/#!IMFCWRBQ!7xA2eH0PpMqF9v3WF4DhTnAgVFEjRW0pPskA2XaSO78
> 
> This tarball contains versions for Ascii and Ceres (experimental),
> built only for amd64.

Sorry, didn't see that the package is already in git.devuan.org. I checked
it out and rebuild it without the elogind Conflict. i can install it in
parallel. I have made a short test:

- lightdm + KDE5: Sessions shows up in logind but not in consolekit
- textlogin: Sessions shows up in both

I think consolekit is handled by lightdm itself, without pam module. Maybe
it has some integrated logic which disables consolekit upond detecting
something else.

Btw, "ck-list-sessions" crashes for me:

#0  0x76fa0646 in strlen () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#1  0x76f68d78 in vfprintf () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#2  0x76f6f1f9 in printf () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#3  0x585b in list_session (ssid=, 
connection=0x5576b0c0) at list-sessions.c:245
lsid = 0x5577d0b0 "6"
x11_display = 0x5576fee0 ""
remote_host_name = 0x5577c470 ""
idle_since_hint = 0x5577c370 ""
vtnum = 4294967295
proxy = 0x55769e30
uid = 1100
session_type = 0x5577c230 ""
session_state = 0x0
is_active = 1
is_local = 1
short_ssid = 0x5577c2bc "Session4"
x11_display_device = 0x5577f360 ""
display_device = 0x5577c450 "/dev/tty1"
creation_time = 0x5577e2b0 "2018-01-16T21:43:10.770409Z"
runtime_dir = 0x1 
error = 0x0
sid = 0x55765bd0 "/org/freedesktop/ConsoleKit/Seat1"
session_class = 0x0
short_sid = 0x55765bec "Seat1"
#4  list_sessions (sid=, connection=0x5576b0c0) at 
list-sessions.c:343
iter = 0x557781e0
proxy = 0x55769da0
error = 0x0
res = 0x5577dcc0
#5  list_seats (connection=0x5576b0c0) at list-sessions.c:394
iter = 0x55777f70
proxy = 0x55769d10
error = 0x0
res = 0x55779d90
path = 0x5577d770 "/org/freedesktop/ConsoleKit/Seat1"
#6  main (argc=, argv=) at list-sessions.c:451
connection = 0x5576b0c0
context = 
retval = 
error = 0x0
do_version = 0
entries = {{long_name = 0x5f0d "version", short_name = 86 'V', 
flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0x557571a4 , 
description = 0x5f15 "Version of this application", arg_description = 
0x0}, {long_name = 0x0, short_name = 0 '\000', flags = 0, arg = 
G_OPTION_ARG_NONE, 
arg_data = 0x0, description = 0x0, arg_description = 0x0}}

Maybe something to forward to upstream.

Cheers,
Andreas


signature.asc
Description: PGP signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

[DNG] elogind testing for experimental and ascii-proposed

[Andreas Messer]

Dear folks,

since we have to test elogind now with various setups, KatolaZ asked me to
write a short guide what needs to be tested. So here we go:

Lets start with a short overview about what logind is: It is about
session, user and seat management. Its main use is to track who is logged in
by which method into a system and which processes belong to such a session.
A session can then be assigned to a seat. Seat can be a remote access, x11
display... That information is then used by other software packages to
determine e.g. access permissions to hardware.

This topic was addressed with another software some time ago, called
consolekit. Many desktop environments and tools have been added support for
consolekit. e.g. KDE, GNOME, udisks, upower. At some time (e)logind was born
in context of systemd. (elogind) implements the same functionality like
consolekit and more. Today more and more applications are migrated to
(e)logind. Therefor this package is needed in Devuan to support modern
Desktop Environments.

For now, lots of packages in devuan assci still rely or can use consolekit
but this might change in future. This includes udisks (consolekit only), KDE
(maybe both). Some packages require (e)logind, e.g. GNOME, for installing
the package but at runtime they seem also be able to still use consolekit.

In principle consolekit and (e)logind can be used at the same time because
the use different D-Bus APIs and consolekit is merely a database. But
applications must implement this.

Main testing point is to figure out if elogind breaks anything which is
formerly working properly. In the currently prepared packages, elogind is
although being installed and started, not fully enabled because my internal
tests showed that this breaks user mounting, shutdown and reboot via 
consolekit. This probably requires changes to other packages. We still
need to know if anything else breaks by installing the elogind package, or
if things become functional after installing it. 

We need information about as many combinations of display managers and
desktop environments as possible, because there is interaction between
elogind and all of them and things which work with one display manager and
one desktop environment might not work with another display manager. I have
tested so far:

- text login
- lightdm/KDE
- lightdm/GNOME (only basic tests)

So for testing, you might take with the following steps:

- just install packages "elogind" and "libpam-elogind" package and check if
  they install cleanly. I expect problems when original systemd packages
  are used. Report any problems with it

- invoke "pam-auth-update" as root and ensure that elogind is not selected.
  This will effectively disable eloginds session management (daemon still
  runs and dbus api/library is available)

- after installing, invoke the command "loginctl". It should not list any
  session because elogind is not (yet) fully enabled.

- After installing, check if login/logout works properly. Especially the
  graphical logins are interesting. Please report tested display manager /
  desktop environment here.

- Now check if you can mount/unmount removeable media like USB, CDs. Report
  if it worked before installing elogind and if it still works afterwards

- Test if reboot/shutdown via desktop environment is functional. Report
  if it worked before installing elogind and if it still works afterwards

- Now, we should test with fully enabled elogind. Todo so invoke
  "pam-auth-update" again and enable elogind. Afterwards logout and login
  again. From now on, if any unexpected behavior occurs, things which work
  before, please report them.

- executing "loginctl" should now list the session. 

- Now check if you can mount/unmount removeable media like USB, CDs. 

- Test if reboot/shutdown via desktop environment is functional.

As said above, elogind is doing more than only recording the sessions. So
with fully enabled elogind the following things should be tested:

- Test if reboot/shutdown works via "loginctl poweroff" and "loginctl
  reboot"

- When using the "screen" terminal emulator original logind is killing
  everything, even the multiplexed application when the session closes.
  Please test if that happens for your system. I think we have to
  preconfigure it reasonable here.

- When terminating a session with a kill command, I have observed on debian,
  that the user services survive this and continue running. That means, that
  if the sessions crashes gpg-agent might be still running and if logging in
  again it might still have opened the key (not asking for passphrase)
  I think one can kill the session using the kill command and the login as
  another user and figure out if there are still processes running under the
  former user to test this.

Thanks for your help.



signature.asc
Description: PGP signature
___
Dng mailing list
Dng@lists.dyne.org

Re: [DNG] Backup plans: was Which is free, which is open source, et al.

[KatolaZ]

On Wed, Jan 17, 2018 at 01:42:26AM +0800, Brad Campbell wrote:
> On 14/01/18 06:30, KatolaZ wrote:
> >The bet ingredient for a successful "Primary Plan" is to assume that
> >there is no backup plan, an act accordingly ;)
> 
> Quite on the contrary. Having a well formulated and tested backup plan means
> you won't need it.
> 

Hi Brad,

I really struggle to follow your logic here, and in particular I don't
see how having a well-formulated backup plan can contribute to the
success of your primary plan. I actually think that a
too-well-formulated backup plan will hinder your potential success in
the primary one: if something tiny goes wrong in your main plan you
don't have to bang your head on the wall. Just switch to your perfect
backup plan, let the others continue banging their heads on that
bloody wall, and you'll be fine on your own.

I could switch to FreeBSD tomorrow, and most probably not even notice
the difference, but I would personally consider that a big
failure. Hence, for me that "backup plan" does not exist.  I will
continue to bang my head on the wall until Devuan works for me. If
there are more of us willing to bang their heads on the wall to make
Devuan work, each of us will bang his own head for less time, with
less harm, and with much larger probability of having the issue
solved.

What I meant is that the success of Devuan is definitely bound to none
of the Devuan users and developers giving up on Devuan. In other
words, to the Devuan community not stopping to cater and care for
Devuan. However it can. Whatever it costs.

My2Cents

KatolaZ

-- 
[ ~.,_  Enzo Nicosia aka KatolaZ - Devuan -- Freaknet Medialab  ]  
[ "+.  katolaz [at] freaknet.org --- katolaz [at] yahoo.it  ]
[   @)   http://kalos.mine.nu ---  Devuan GNU + Linux User  ]
[ @@)  http://maths.qmul.ac.uk/~vnicosia --  GPG: 0B5F062F  ] 
[ (@@@)  Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ  ]


signature.asc
Description: Digital signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] Backup plans: was Which is free, which is open source, et al.

[Brad Campbell]

On 14/01/18 06:30, KatolaZ wrote:

The bet ingredient for a successful "Primary Plan" is to assume that
there is no backup plan, an act accordingly ;)


Quite on the contrary. Having a well formulated and tested backup plan 
means you won't need it.


That applies as well to plans as it does to backups (although my well 
formulated and tested backup plan came in handy when I accidentally 
started 2 instances of the same VM on the same backing file last year. 
That ended ok, but the bit in the middle wasn't much fun).


It's those without a plan B that often have need for it.

I don't buy insurance for the "just in case". I buy it because those 
that have it don't generally need it. Murphy is a bit of a swine that way.


I'm a Debian escapee. My future is Devuan. My plan B is some form of 
BSD. I have it, but because I have it I know I won't need it.


Brad
--
Dolphins are so intelligent that within a few weeks they can
train Americans to stand at the edge of the pool and throw them
fish.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] elogind available in experimental and ascii-proposed

[Didier Kryn]

    Could you, experts, explain me (and maybe others) what the role of 
logind, consolekit and polkit is exactly?


    What I understand from your discussion is that consolekit and 
logind are doing the same thing and stepping on each others feet. 
Gentoo's consolekit wiki tells the following:


*ConsoleKit* is a framework for defining and tracking users, login 
sessions, and seats. ConsoleKit's primary function is to support 
multi-user setups. It also works for a single user, but offers no 
benefits compared to existing methods.


ConsoleKit is a D-Bus daemon and creates for each PAM session its own 
session. All applications in that session can make use of the 
permissions granted to this session. ConsoleKit determines if the 
session is local (created by a local user in contrast to users logged 
in over the network), and if the session is active (meaning it's the 
most recent session). Based on these distinctions, ConsoleKit assigns 
device file permissions (e.g. for audio, video and more) to the 
session. Other software like polkit  also make use of these distinctions



 According to this wiki, the role of consolekit (and/or logind) is 
to make a distinction between local and remote sessions, to grant more 
permissions to the first (which seems futile). But why do we need both 
logind/consolekit and polkit ?


    I understand udisks asks the permission (through PAM)to either 
logind or consolekit for mounting removable disks, which is a 
priviledged operation. I'm not sure how pmount does, but, on my Ascii 
install, udisks fails on mmcblk0p1 while pmount succeeds.


    Thanks.

                                        Didier



___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] elogind available in experimental and ascii-proposed

[Hleb Valoshka]

On 1/16/18, Hleb Valoshka <375...@gmail.com> wrote:

> Not yet, devuan ci has issues with repos containing pristine-tar. I'll
> build it locally and put it somewhere and then write its location
> here.

https://mega.nz/#!IMFCWRBQ!7xA2eH0PpMqF9v3WF4DhTnAgVFEjRW0pPskA2XaSO78

This tarball contains versions for Ascii and Ceres (experimental),
built only for amd64.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] elogind available in experimental and ascii-proposed

[Hleb Valoshka]

On 1/16/18, Andreas Messer  wrote:

> Yes we have to figure out if any of the DM works without the pam stuff, but
> there are people who use terminal sessions :-) And for them, enabling the

Quite strange, but even systemd has the following pam config (only
relevant part):
Session:
optionalpam_systemd.so

while ck has:
Session-Final:
optionalpam_ck_connector.so nox11

So unlike with CK, pam module for (e)login should be enabled unconditionally.

> module will break consolekit. So an example, when elogin pam is not enabled

We can make ck2 and elogind mutually exclusive.

...

> know why this happens. I need to try with consolekit2, maybe this is fixee
> already. Original consolekit is pretty old stuff. Btw. did you put the
> consolekit2 package somewhere already?

Not yet, devuan ci has issues with repos containing pristine-tar. I'll
build it locally and put it somewhere and then write its location
here.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] elogind available in experimental and ascii-proposed

[Andreas Messer]

On Tue, Jan 16, 2018 at 01:00:30PM +0300, Hleb Valoshka wrote:
> On 1/16/18, Andreas Messer  wrote:
> ...
> > When elogind pam module is enabled, the session is correctly registered
> > with elogind. This can be done by following steps:
> 
> Afaik pam module is required only for terminal sessions, for DM it
> usually isn't required unless your DM doesn't support it directly, but
> as elogind is a replacement for logind it should be supported by any
> DM which supports logind.

Yes we have to figure out if any of the DM works without the pam stuff, but
there are people who use terminal sessions :-) And for them, enabling the
module will break consolekit. So an example, when elogin pam is not enabled
the following works with devuan if consolekit and udisks is installed:

1) login
2) plug in usb stick
3) udisksctl mount 

But when enabling pam elogind you will get:
1) login
2) plug in usb stick
3) udisksctl mount
   

Which is because when the elogin pam module is enabled, consolekit does not list
the session anymore, so activating it effectively breaks consolekit. I don't
know why this happens. I need to try with consolekit2, maybe this is fixee
already. Original consolekit is pretty old stuff. Btw. did you put the
consolekit2 package somewhere already?

Tomorrow, I'll provide a lists of steps what to test with elogind so we can 
check what
is working and what not.


signature.asc
Description: PGP signature
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] elogind available in experimental and ascii-proposed

[Hleb Valoshka]

On 1/16/18, Andreas Messer  wrote:
...
> When elogind pam module is enabled, the session is correctly registered
> with elogind. This can be done by following steps:

Afaik pam module is required only for terminal sessions, for DM it
usually isn't required unless your DM doesn't support it directly, but
as elogind is a replacement for logind it should be supported by any
DM which supports logind.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng