Re: [gentoo-user] Re: Re[4]: Re: Portage, git and shallow cloning

On Sat, Jul 7, 2018 at 1:34 AM Martin Vaeth wrote: > > Rich Freeman wrote: > > > > Biggest issue with git signature verification is that right now it > > will still do a full pull/checkout before verifying > > Biggest issue is that git signature happens by the devel

Re: [gentoo-user] Re: Re[4]: Re: Portage, git and shallow cloning

On Sat, Jul 7, 2018 at 1:51 AM Martin Vaeth wrote: > > Davyd McColl wrote: > > > I ask because prior to the GitHub incident, I didn't have signature > > verification enabled > > Currently, it is not practical to change this, see my other posting. > You clearly don't understand what it actually

Re: [gentoo-user] Re: How long does "Verifying /usr/portage" take?

On Fri, Jul 6, 2018 at 4:43 PM Grant Edwards wrote: > > On 2018-07-06, Grant Edwards wrote: > > > Now that the public key stuff is working again (knock on wood), I'm > > curious if it's usual for an emerge --sync to take 10-15 minutes > > longer than it used due to the "Verifying /usr/portage"

Re: [gentoo-user] How long does "Verifying /usr/portage" take?

On Fri, Jul 6, 2018 at 3:02 PM Grant Edwards wrote: > > Now that the public key stuff is working again (knock on wood), I'm > curious if it's usual for an emerge --sync to take 10-15 minutes > longer than it used due to the "Verifying /usr/portage" step. > Again, the sync mechanisms are

Re: Re[4]: [gentoo-user] Re: Portage, git and shallow cloning

On Fri, Jul 6, 2018 at 7:57 AM Davyd McColl wrote: > > @Rich: if I understand the process correctly, the same commits are > pushed to infra and GitHub by the CI bot? > I'm pretty sure the repos are identical (well, aside from whatever order they're updated in). > I ask because prior to the

Re: Re[2]: [gentoo-user] Re: Portage, git and shallow cloning

On Fri, Jul 6, 2018 at 4:34 AM Davyd McColl wrote: > > I understand that git history will build over time -- I'm less concerned > with (eventual) disk usage than I am with the speed of `emerge --sync`, > which (and perhaps I'm sorely mistaken) appeared to be faster using git > than rsync -- hence

Re: [gentoo-user] All Gentoo signing key expired and no way to fix it

On Wed, Jul 4, 2018 at 1:34 PM Rich Freeman wrote: > > I wonder if we can have portage instead do a fetch, then do the > verification of HEAD, and then if it passes do a checkout. That will > still leave you with invalid data in the git history, but it won't > actually be

Re: [gentoo-user] All Gentoo signing key expired and no way to fix it

On Wed, Jul 4, 2018 at 12:20 PM gevisz wrote: > > 2018-07-03 16:04 GMT+03:00 Rich Freeman : > > > emerge --sync, with git at least, overwrites /usr/portage in place and > > so it will leave it in a bad state if verification fails. > > It sounds really aweful. > I

Re: [gentoo-user] All Gentoo signing key expired and no way to fix it

On Tue, Jul 3, 2018 at 8:44 AM gevisz wrote: > > 2018-07-03 14:47 GMT+03:00 Rich Freeman : > > On Tue, Jul 3, 2018 at 7:06 AM gevisz wrote: > >> > >> Why not to put new openpgp-keys-gentoo-release > >> into the portage tree BEFORE all existing Gentoo &g

Re: [gentoo-user] All Gentoo signing key expired and no way to fix it

On Tue, Jul 3, 2018 at 7:06 AM gevisz wrote: > > Why not to put new openpgp-keys-gentoo-release > into the portage tree BEFORE all existing Gentoo > singing keys expire? > My guess is that it was an oversight. I note that emerge --sync seems to update keys from the keyserver automatically, and

Re: [gentoo-user] Any utility to forcibly freeze or swap out a specific pid?

On Sun, Jul 1, 2018 at 9:40 PM Andrew Udvare wrote: > > YMMV on what processes will actually work properly after a SIGCONT. If > anything a process does is not re-entrant, then you could have very > unpredictable things happen including corruption of data. > If a process corrupts data of any

Re: [gentoo-user] Re: Hostile takeover of our github mirror. Don't use ebuild from there until new warning!

On Sat, Jun 30, 2018 at 12:50 PM Nikos Chantziaras wrote: > > On 30/06/18 19:15, Rich Freeman wrote: > > > > If you are using git syncing I believe that portage will verify that > > the top commit (which is the only one that really matters) is using a > > trusted key

Re: [gentoo-user] Hostile takeover of our github mirror. Don't use ebuild from there until new warning!

On Sat, Jun 30, 2018 at 9:54 AM Francisco Blas Izquierdo Riera (klondike) wrote: > > El 29/06/18 a las 18:33, Peter Humphrey escribió: > > On Thursday, 28 June 2018 22:15:36 BST Francisco Blas Izquierdo Riera > > (klondike) wrote: > >> Hi! > >> > >> I just want to notify that an attacker has

Re: [gentoo-user] Hostile takeover of our github mirror. Don't use ebuild from there until new warning!

On Fri, Jun 29, 2018 at 11:46 AM gevisz wrote: > > 2018-06-29 0:15 GMT+03:00 Francisco Blas Izquierdo Riera (klondike) > : > > > > I just want to notify that an attacker has taken control of the Gentoo > > organization in Github and has among other things replaced the portage > > and musl-dev

Re: [gentoo-user] Gentoo-sources : stable versions

On Wed, Jun 27, 2018 at 1:51 AM Bill Kenworthy wrote: > > I think its more complex than just falling behind - anything later gets > the spectre fixes etc. and it appears not to be quite stable yet in some > cases. This may have been your intent and I might be misreading your email, but I just

Re: [gentoo-user] Gentoo-sources : stable versions

On Tue, Jun 26, 2018 at 10:41 PM Philip Webb wrote: > > 180626 Rich Freeman wrote: > > On Tue, Jun 26, 2018 at 8:58 PM Philip Webb wrote: > >> Does anyone know why the latest stable version of Gentoo-sources is 4.9.xx > >> ? > >> I installed 4.9.16 ,

Re: [gentoo-user] Gentoo-sources : stable versions

On Tue, Jun 26, 2018 at 8:58 PM Philip Webb wrote: > > Does anyone know why the latest stable version of Gentoo-sources is 4.9.xx ? > I installed 4.9.16 , which I continue to use, on 2017-04-06 . > The tree contains versions of 4.14 4.16 4.17 , but all are still testing. > I believe that some

Re: [gentoo-user] gcc failed to compile, mpfr-4 compiled successfully...

On Sun, Jun 24, 2018 at 2:28 PM wrote: > > Since the unstable packages of today are the stable packages of > tommorrow one needs to bite the bullet (and hopefully this sentence > is not complete nonsense...I am no native speaker...not at all!) > Presumably if you're running stable on a host you

Re: [gentoo-user] Re: default CONFIG_PROTECT behavior

On Tue, Jun 19, 2018 at 11:15 AM Ian Zimmerman wrote: > > On 2018-06-18 11:34, Rich Freeman wrote: > > > Oh, the other tool you'll want to use is etckeeper to manage /etc in a > > git repo and auto-commit changes/etc with package manager hooks. That > > is a cross-dist

Re: [gentoo-user] Re: default CONFIG_PROTECT behavior

On Mon, Jun 18, 2018 at 3:27 AM Neil Bothwick wrote: > > There are other config managers that handle this differently, if you > don't like etc-update try another. I tried a few some years ago and > settled on conf-update, others swear by cfg-update. Since nobody else is shilling it, I will. I

Re: [gentoo-user] NFS and user IDs

On Sat, Jun 9, 2018 at 4:31 PM Wol's lists wrote: > > On 09/06/18 18:09, Rich Freeman wrote: > > I feel like this is something that Windows natively gets "better" than > > POSIX. They have a concept of UIDs being specific to a machine or > > authenticat

Re: [gentoo-user] NFS and user IDs

On Sat, Jun 9, 2018 at 12:34 PM Grant Taylor wrote: > > NFS will quite happily work with dissimilar IDs if you're using "other" > permission to access everything. }:-) > There are a few network filesystems with this property. As long as you just mount the whole filesystem with one user/group

Re: [gentoo-user] [Maybe OT]: Instability of system

On Thu, May 24, 2018 at 7:21 PM john wrote: > On Sun, 20 May 2018 23:20:36 +0100 > Mick wrote: > > On Sunday, 20 May 2018 21:54:32 BST Alan Mackenzie wrote: > > > > > > My system is an AMD Ryzen processor on an Asus Prime X370-Pro > > >

Re: [gentoo-user] Re: Non-opnerc init scripts

On Mon, May 21, 2018 at 3:43 PM Ian Zimmerman wrote: > openrc scripts have their own "API". Converting a straight sysvinit > script into an openrc one takes some work. Look at some existing > openrc script to see the kind of work that is needed. Unless the upstream

Re: [gentoo-user] Where are the AMD microcode updates for spectre?

On Mon, May 21, 2018 at 8:02 AM Corbin Bird wrote: > I noticed something odd about the microcode however ... > > amd-ucode/microcode_amd_fam15h.bin7876 -> 5356 bytes > . > The size dropped by 2Kb? > So is the "fix" actually disabling fixes for other problems? > . As

Re: [gentoo-user] Where are the AMD microcode updates for spectre?

On Sun, May 20, 2018 at 12:16 PM Volker Armin Hemmann < volkerar...@googlemail.com> wrote: > oh come on. Spectre on AMD isn't even much of a problem. Why the panic? What do release notes have to do with Spectre, and how is wanting them a "panic?" -- Rich

Re: [gentoo-user] Where are the AMD microcode updates for spectre?

On Sun, May 20, 2018 at 4:59 AM Adam Carter wrote: >> As far as I can tell there is no official AMD microcode update page, or any >> kind of official release notes. I'm not sure where linux-firmware actually >> gets the microcode files from (I'm sure they wouldn't load if

Re: [gentoo-user] which microcode gets loaded?

On Mon, May 14, 2018 at 10:46 AM Corbin Bird wrote: > No Spectre/Meltdown fixes in these files, apparently. As far as I'm aware AMD has not directly released any public microcode fixes to address spectre (AMD is not vulnerable to meltdown). They've apparently given

Re: [gentoo-user] Where are the AMD microcode updates for spectre?

On Sat, May 12, 2018 at 8:52 PM Corbin Bird wrote: > If the MB makers aren't updating their UEFI builds for CURRENT products, > how do we get hold of them? This has indeed been pretty frustrating. As far as I can tell there is no official AMD microcode update page, or

Re: [gentoo-user] Re: Spectre-NG

On Thu, May 10, 2018 at 1:34 AM Martin Vaeth wrote: > As a simple example, assume that you have read a password file > into a string of your language and now access a single password. > No matter, how you mark the end of the password (fixed-length, \0, \n, > ...) speculative

Re: [gentoo-user] Re: Spectre-NG

On Wed, May 9, 2018 at 2:18 PM Martin Vaeth <mar...@mvath.de> wrote: > Rich Freeman <ri...@gentoo.org> wrote: > > On Tue, May 8, 2018 at 4:19 AM Martin Vaeth <mar...@mvath.de> wrote: > > > >> Rich Freeman <ri...@gentoo.org> wrote: > >> &g

Re: [gentoo-user] secure programing language?

On Tue, May 8, 2018 at 5:41 PM Canek Peláez Valdés wrote: > On Tue, May 8, 2018 at 4:33 PM wrote: > > > > So are there currently any languages (currently in use/supported) designed to avoid the problems with C and other languages? > > > >

Re: [gentoo-user] Re: Spectre-NG

On Tue, May 8, 2018 at 4:19 AM Martin Vaeth <mar...@mvath.de> wrote: > Rich Freeman <ri...@gentoo.org> wrote: > > > > Higher-level languages will probably become nearly immune to Spectre just > > as most are nearly immune to buffer overflows. > Quite the oppo

Re: [gentoo-user] Spectre-NG

On Mon, May 7, 2018 at 7:15 AM Mick wrote: > Rich was right when he mentioned more related vulnerabilities are bound to > show up soon: I haven't dug up the details on that report, but again Spectre should be seen as a class of vulnerabilities and not one particular

Re: [gentoo-user] Dell Precision Workstation Overheating

On Thu, Apr 19, 2018 at 9:22 PM, R0b0t1 wrote: > > Is there a way to at least mimic the conservative CPU usage that > Windows exhibits? > I'll set aside the obvious hardware issues and touch on workarounds. I had an old system that had some heating issues (my guess is due to

Re: [gentoo-user] Linux-4.16.* & NVidia

On Sat, Apr 14, 2018 at 9:11 AM, András Csányi wrote: > Stay at stable kernel version, imho. There are a few people here waiting for > nvidia with ~x86 flagged kernel. > This is pretty much the reality of using any out-of-tree kernel module, and especially the case for a

Re: [gentoo-user] AMD Opteron microcode updates for spectre

On Thu, Apr 12, 2018 at 9:20 PM, taii...@gmx.com wrote: > When is gentoo going to receive these? > Has AMD actually released anything publicly? I find AMD's microcode updates to be horribly documented in general, unless there is some website somewhere published by AMD that

Re: [gentoo-user] List of Intel CPUs that wont get Meltdown/Spectre fixes

On Thu, Apr 5, 2018 at 3:36 PM, Wols Lists <antli...@youngman.org.uk> wrote: > On 05/04/18 17:54, Rich Freeman wrote: >> I >> haven't checked recently but the last time I looked at it even my >> current Ryzen CPU doesn't have a microcode fix out yet for lfence. >

Re: [gentoo-user] List of Intel CPUs that wont get Meltdown/Spectre fixes

On Thu, Apr 5, 2018 at 12:34 PM, Mick wrote: > > Does the lack of a microcode patch mean the in-kernel and other software fixes > won't be sufficient to protect PCs running these old CPUs? I'm interested if somebody has a more informed answer, but my guess is that it

Re: [gentoo-user] sys-libs/e2fsprogs-libs causing sandbox violation in /root/.ccache?

On Thu, Mar 29, 2018 at 8:46 AM, J García wrote: > 2018-03-28 22:33 GMT-06:00 P Levine : > >> The relevant part of the build: >> >>> make[1]: 'compile_et' is up to date. >>> make[1]: Leaving directory >>>

Re: [gentoo-user] Ubuntu with Gentoo somehow...

On Mon, Mar 26, 2018 at 9:00 AM, R0b0t1 wrote: > > > On Sunday, March 25, 2018, wrote: >> Hi, >> >> is there a way to download the archive (or how is it called in the >> world of Ubuntu ?) of a program, from which I only know the >> apt-get and apt-install

Re: [gentoo-user] Re: A new AMD CPU weakness?

On Sat, Mar 17, 2018 at 9:53 AM, Fast Turtle wrote: > > All this does is makes damn sure I will not buy any used hardware > since you can change embed into the UEFI firmware what ever you want - To be fair that is hardly anything new either. Sure, this particular attack is

Re: [gentoo-user] Are VirtualBox moduli loaded by themselves?

On Tue, Mar 6, 2018 at 4:21 AM, gevisz wrote: > > So, I do not know how to disable this service. > IMO disabling module autoloading by openrc seems like trying to kill a fly with a shotgun. Just disable the configuration file that loads the particular modules that you don't

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

On Fri, Mar 2, 2018 at 6:34 PM, Grant Taylor <gtay...@gentoo.tnetconsulting.net> wrote: > On 03/02/2018 05:08 AM, Rich Freeman wrote: >> >> On the other hand, if netfilter were implemented in userspace such as via >> a microkernel, then if it contained a bug the re

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

On Fri, Mar 2, 2018 at 6:42 AM, Heiko Baums <li...@baums-on-web.de> wrote: > Am Thu, 1 Mar 2018 21:45:46 -0500 > schrieb Rich Freeman <ri...@gentoo.org>: > >> If they did move netfilter to userspace, then it would > > most likely be more insecure because

Re: [gentoo-user] [OT] Best *SIMPLE* firewall?

On Thu, Mar 1, 2018 at 8:48 PM, Walter Dnes wrote: > On Thu, Mar 01, 2018 at 12:58:44PM -0500, Tom H wrote >> On Wed, Feb 28, 2018 at 4:15 PM, Walter Dnes wrote: >> > >> > Is there something besides iptables? It seems to be like >> >

Re: [gentoo-user] Re: Best *SIMPLE* firewall?

On Wed, Feb 28, 2018 at 6:22 PM, taii...@gmx.com wrote: > Is there a windows style application layer firewall? Windows doesn't have an "application layer firewall" as far as I know. I believe that it does the filtering at the OS level, the same as Linux. Now, it is true that

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

On Tue, Feb 27, 2018 at 1:59 PM, Ian Zimmerman <i...@very.loosely.org> wrote: > On 2018-02-27 12:45, Rich Freeman wrote: > >> I use --with-bdeps=n because I really don't care that much about >> build-time deps, other than stuff that is going to get updated anyway >> l

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

On Tue, Feb 27, 2018 at 1:12 PM, Wols Lists wrote: > > If I emerge a new utility program (such as lame), I will change my > global flags to tell other programs to use it. That is what > --changed-deps is for - so the programs that were originally compiled > without

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

On Tue, Feb 27, 2018 at 12:43 PM, Michael Orlitzky wrote: > On 02/27/2018 12:05 PM, Ian Zimmerman wrote: >> >> When I read this, I realize I don't understand the difference between >> these two options. Or to be more accurate, I know that --deep means >> looking at dependencies

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

On Tue, Feb 27, 2018 at 12:05 PM, Ian Zimmerman wrote: > On 2018-02-27 16:44, Paul Colquhoun wrote: > >> > > Yes, I use --deep. I've run into cases many times in the past >> > > where portage was skipping updates unless I used --deep. >> > >> > You might want to avoid

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

On Mon, Feb 26, 2018 at 11:16 AM, Nikos Chantziaras <rea...@gmail.com> wrote: > On 26/02/18 17:59, Rich Freeman wrote: >>> >>> Can't you whitelist packages like automake so that they don't trigger >>> rebuilds? Or at least provide a configurable whitelist (for

Re: [gentoo-user] Re: Is --changed-deps going to be *that* useless?

On Mon, Feb 26, 2018 at 10:46 AM, Nikos Chantziaras wrote: > On 26/02/18 17:24, Michael Orlitzky wrote: >> >> On 02/26/2018 10:16 AM, Peter Humphrey wrote: >>> >>> >>> Well, I'm on amd64, not ~amd64, and this morning portage wanted to >>> remerge >>> 217 packages. Removing

Re: [gentoo-user] Re: "systemd sysv-utils blocker resolution"

On Sun, Feb 11, 2018 at 12:52 PM, Nikos Chantziaras wrote: > > Yes. How else is sys-apps/sysvinit going to be unmerged? Either you let > portage clean it up (depclean), or you need to do it manually. > He already has sysvinit unmerged. Portage unmerged that because it was a

Re: [gentoo-user] "systemd sysv-utils blocker resolution"

On Sat, Feb 10, 2018 at 10:02 PM, allan gottlieb <gottl...@nyu.edu> wrote: > On Sat, Feb 10 2018, Rich Freeman wrote: > >> >> Interesting. Does /sbin/reboot exist? > > gottlieb@E6430 ~ $ ls -l /sbin/reboot > lrwxrwxrwx 1 root root 16 Jan 28 13:08 /sbin/reboot -

Re: [gentoo-user] "systemd sysv-utils blocker resolution"

On Sat, Feb 10, 2018 at 7:16 PM, allan gottlieb wrote: > I have a question on this news item. > > I use systemd (gnome3) on a gentoo stable system. > eix reports that sys-apps/systemd-236-r5 is installed > > But >euse -I sysv-utils > reports >no matching entries found >

Re: [gentoo-user] Re: /var/tmp on tmpfs

On Sat, Feb 10, 2018 at 2:52 PM, Kai Krakow wrote: > Am Sat, 10 Feb 2018 19:38:56 + schrieb Wols Lists: > >> On 10/02/18 18:56, Kai Krakow wrote: >>> role and /usr takes the role of /, and /home already took the role of >>> /usr (that's why it's called /usr, it was user

Re: [gentoo-user] /var/tmp on tmpfs

On Thu, Feb 8, 2018 at 6:18 PM, Wol's lists wrote: > > /var/tmp is defined as the place where programs store stuff like crash > recovery files. Mounting it tmpfs is going to screw up any programs that > reply on that *defined* behaviour to recover after a crash. > Care

Re: [gentoo-user] Re: /var/tmp on tmpfs

On Thu, Feb 8, 2018 at 5:32 PM, gevisz wrote: > 2018-02-09 0:19 GMT+02:00 Nikos Chantziaras : >> On 08/02/18 23:31, gevisz wrote: >>> >>> I do not use ccache, and in my /var/tmp I only have /var/tmp/portage >>> and /var/tmp/genkernel (I use genkernel to

Re: [gentoo-user] Re: /var/tmp on tmpfs

On Thu, Feb 8, 2018 at 4:52 PM, gevisz wrote: > > However, it probably won't be sooner than > # emerge --update --deep --with-bdeps=y --newuse --backtrack=90 --ask > world --exclude chromium > fails because of the "--exclude chromium" part :), as I have already compiled > the

Re: [gentoo-user] /var/tmp on tmpfs

On Thu, Feb 8, 2018 at 2:17 PM, Dale wrote: > As someone else pointed out, if you > start using swap, that generally defeats the purpose of tmpfs. > I'll just add one thing to this, which I've probably already said ages ago: In an ideal world swap would STILL be better

Re: [gentoo-user] Re: /var/tmp on tmpfs

On Thu, Feb 8, 2018 at 2:05 PM, Nikos Chantziaras <rea...@gmail.com> wrote: > On 08/02/18 20:13, Rich Freeman wrote: >>> >>> If you're not using ccache, then you don't need /var/tmp to be on tmpfs. >>> You >>> should only put /var/tmp/portage on tmpfs.

Re: [gentoo-user] Re: /var/tmp on tmpfs

On Thu, Feb 8, 2018 at 12:47 PM, Nikos Chantziaras wrote: > On 08/02/18 19:11, gevisz wrote: >> >> I never used tmpfs for portage TMPDIR before and now decided to give it a >> try. >> >> I have 8GB of RAM and 12GB of swap on a separate partition. >> You can try it, but for

Re: [gentoo-user] [OT] A little help for non-native English speakers

On Thu, Feb 1, 2018 at 8:31 PM, Neil Bothwick wrote: > On Fri, 02 Feb 2018 00:41:29 +, Peter Humphrey wrote: > > Good for him. 10/10 means "well done, but you're never going to get any > better". A depressing concept :( > More like, "well done, and you will get better,

Re: [gentoo-user] Re: [OT] A little help for non-native English speakers

On Thu, Feb 1, 2018 at 2:09 PM, Grant Taylor wrote: > > IMHO that makes the name of the "/etc" directory all that much more > entertaining. As in Dennis R. and Ken T. couldn't be bothered to come up > with more directory names than they had, e.g. /bin /lib /boot /var

Re: [gentoo-user] [OT] A little help for non-native English speakers

On Thu, Feb 1, 2018 at 12:03 PM, Peter Humphrey wrote: > > I've been seeing some confusion recently about the abbreviations e.g. and > i.e. Their meanings are: > > E.g.Exempli gratia - Latin for "for the sake of example"; > I.e.Id est

Re: [gentoo-user] Re: gcc 7.3 + kernel 4.15 = spectre_v2 fixed

On Wed, Jan 31, 2018 at 7:07 AM, Nikos Chantziaras wrote: > > I was under the impression that it's the function that performs the call > that needs protection. The called function doesn't need protection, because > if it ends up being actually called, then it's too late already.

Re: [gentoo-user] Re: gcc 7.3 + kernel 4.15 = spectre_v2 fixed

On Wed, Jan 31, 2018 at 4:16 AM, Nikos Chantziaras <rea...@gmail.com> wrote: > On 30/01/18 23:43, Rich Freeman wrote: >> >> If you had some program that listened on a socket and accepted a >> length and a string and then did a bounds check using the length, it >>

Re: [gentoo-user] Re: gcc 7.3 + kernel 4.15 = spectre_v2 fixed

On Mon, Jan 29, 2018 at 11:35 PM, Nikos Chantziaras wrote: > On 30/01/18 00:36, Henry Kohli wrote: >> >> Would it be usefull to do a emerge -e @world with the new GCC 7.3 ? > > These flags are for *affected* applications only. That means application > that: a) run third-party

Re: [gentoo-user] PSA: GCC 7.3 allows to build kernel with full Spectre v2 mitigation

On Mon, Jan 29, 2018 at 4:19 AM, Nikos Chantziaras wrote: > For this to work, you need to enable CONFIG_RETPOLINE in the kernel: > > Processor type and features > [*] Avoid speculative indirect branches in kernel > Note that in general upstream recommends enabling these

Re: [gentoo-user] Downloading podcasts via the command line?

On Sun, Jan 28, 2018 at 8:13 AM, Stroller wrote: > >> On 27 Jan 2018, at 14:10, Neil Bothwick wrote: >> >> I use Airsonic for this now but fkr several years before that I used >> flexget. Flexget's config file is a little tricky at first but it

Re: [gentoo-user] Downloading podcasts via the command line?

On Sat, Jan 27, 2018 at 7:38 AM, Stroller wrote: > Can anyone recommend a command line podcast downloader, please? > I haven't used it recently, or for your specific podcasts, but this is basically exactly what media-sound/podracer was designed to do. I've used

Re: [gentoo-user] Re: Opinions on DVR/PVR backend?

On Fri, Jan 26, 2018 at 1:40 PM, Grant Edwards wrote: > > Pre-transocoding from MPEG-2 TS to MPEG-4 h264 would be nice. > So, that is a downside with Plex. I don't think you get that level of fine-grained control. You can't just pick the codec and features. You pick

Re: [gentoo-user] Re: Opinions on DVR/PVR backend?

On Fri, Jan 26, 2018 at 12:50 PM, Grant Edwards wrote: > > I'm guessing that Android client support is going to be better with > Plex than with the others. > I know nothing of TVheadend. MythTV on Android has always been kludgy at best, though I haven't touched it in

Re: [gentoo-user] Opinions on DVR/PVR backend?

On Fri, Jan 26, 2018 at 11:29 AM, Grant Edwards wrote: > > The main backend options seem to be MythTV, Plex, and TVHeadend. > You seem to understand the pros/cons fairly well. I moved from MythTV to Plex about two years ago, but as a result of moving from DVR to

Re: [gentoo-user] how to support a package going out of tree

On Fri, Jan 26, 2018 at 9:01 AM, Neil Bothwick wrote: > On Fri, 26 Jan 2018 12:13:32 +0100, Raffaele Belardi wrote: > >> One of my son's favourite games (hedgewars) is going out of tree due to >> dependency on deprecated QT4. >> >> I already have a local overlay with a

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

On Thu, Jan 25, 2018 at 1:39 AM, Adam Carter wrote: > > Seems to me like point versions of 4.9 and 4.14 are often released on the > same date, but fixes that have gone into 4.14 don't make it into 4.9 until > the subsequent release. Could be my imagination. One of the

Re: [gentoo-user] kernel 4.9.77 error segfault in compile.

On Tue, Jan 23, 2018 at 8:55 PM, Corbin Bird wrote: > > So ... I ran 'make mrproper' in '/opt/compile/linux-4.9.77/' If you're doing this right make mrproper won't do anything, since you're not writing to the source tree anyway. What happens when you build v4.9.76? I

Re: [gentoo-user] kernel 4.9.77 error segfault in compile.

On Tue, Jan 23, 2018 at 12:28 PM, Corbin Bird wrote: > > > FYI : > Just tried a different compile. > Switched off expert and flipped the CPU to "Generic x86_64" ( no other > changes ). > > It compiled. ?? > > So ... what you choose for CPU in the kernel determines if

Re: [gentoo-user] kernel 4.9.77 error segfault in compile.

On Mon, Jan 22, 2018 at 9:34 PM, Corbin Bird <corbinb...@charter.net> wrote: > On 01/22/2018 11:56 AM, Rich Freeman wrote: > > Tried both approaches ... the results : >> >> make distclean >> make mrproper >> --> copy over .config >> make O=/var/tm

Re: [gentoo-user] kernel 4.9.77 error segfault in compile.

On Mon, Jan 22, 2018 at 12:11 PM, Alexander Kapshuk wrote: > On Mon, Jan 22, 2018 at 5:51 PM, Corbin Bird wrote: >> Anyone else getting this error? ( kernel 4.9.77 ) >> >>> CC fs/ext4/mballoc.o >>> CC fs/ext4/block_validity.o >>>

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

On Sun, Jan 21, 2018 at 8:41 PM, Corbin Bird <corbinb...@charter.net> wrote: > On 01/18/2018 02:43 PM, Rich Freeman wrote: >> cat /sys/devices/system/cpu/vulnerabilities/meltdown > > Strange, get this response from kernel 4.9.76-r1 In the 4.9 series it was added in 4.9.77 up

Re: [gentoo-user] www-client/chromium-63.0.3239.132

On Fri, Jan 19, 2018 at 12:04 PM, Mick wrote: > > On my old i7 laptop it eats up all 4G of RAM and 4G of swap before it conks > out. So, I dropped the jobs to 3 and --load-average to 2, added a swapfile to > increase disk space and it now builds in around 13 hours. > >

Re: [gentoo-user] Re: USB3 external storage HD's

On Fri, Jan 19, 2018 at 8:49 AM, wrote: > On 01/19/2018 02:30 AM, Peter Humphrey wrote: >> On Thursday, 18 January 2018 18:45:41 GMT Nikos Chantziaras wrote: >>> On 18/01/18 20:33, the...@sys-concept.com wrote: Do those External Storage work with Linux (USB3)? I

Re: [gentoo-user] www-client/chromium-63.0.3239.132

On Fri, Jan 19, 2018 at 12:26 AM, victor romanchuk wrote: > local:jumbo-build:www-client/chromium: Combine source files to speed up > build process. > > setting that significantly speeds up emerge time (tried it twice; the second > attempt had the flag set) > > $ qlop -gHv

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

On Thu, Jan 18, 2018 at 2:31 PM, Ian Zimmerman wrote: > On 2018-01-18 19:28, Adam Carter wrote: > >> Nice; >> >> $ ls /sys/devices/system/cpu/vulnerabilities/ >> meltdown spectre_v1 spectre_v2 >> $ cat /sys/devices/system/cpu/vulnerabilities/meltdown >> Mitigation: PTI >>

Re: [gentoo-user] Re: fsck check of /usr on a separate partition fails during boot

On Sun, Jan 14, 2018 at 12:53 PM, Dale wrote: > > Yea, keep in mind, I didn't want a init thingy at all. Could have fooled us... -- Rich

Re: [gentoo-user] Microcode updates for "old" Intel CPU's

On Fri, Jan 12, 2018 at 2:58 PM, Corbin Bird wrote: > > The Fam16h and Fam17h microcode updates were new to Gentoo? > I don't recall ever seeing them before. > They're new in general - they first appeared last week and they're being treated as if they're related to

Re: [gentoo-user] Microcode updates for "old" Intel CPU's

On Fri, Jan 12, 2018 at 1:42 PM, Mick <michaelkintz...@gmail.com> wrote: > On Friday, 12 January 2018 17:47:46 GMT Rich Freeman wrote: > >> The other odd thing is that a firmware update was released for my >> motherboard (ASRock AB350 Pro4) on the 10th, and if I flash i

Re: [gentoo-user] Microcode updates for "old" Intel CPU's

On Fri, Jan 12, 2018 at 11:23 AM, Corbin Bird <corbinb...@charter.net> wrote: > > On 01/11/2018 05:02 PM, Rich Freeman wrote: >> >> IMO Spectre is going to drive some microcode updates for relatively >> recent CPUs, compiler improvements, and some hand-tuning of

Re: [gentoo-user] OT: cleanup after USB backup drive unplugged?

On Fri, Jan 12, 2018 at 6:39 AM, Mick wrote: > On Friday, 12 January 2018 09:58:17 GMT Adam Carter wrote: >> >> Pretty sure you'd risk filesystem corruption by not umounting before you >> remove the device. Did it used for force an fsck on each mount because the >>

Re: [gentoo-user] Microcode updates for "old" Intel CPU's

On Thu, Jan 11, 2018 at 5:41 PM, Mick wrote: > > Most vendors only sell Intel in their laptops. I could build a desktop I > guess, but Ryzen is also affected by Spectre. With Intel's burning platform I > want to jump off, but I'm not sure if spending money at this

Re: [gentoo-user] Microcode updates for "old" Intel CPU's

On Tue, Jan 9, 2018 at 8:33 PM, Corbin Bird wrote: > > On 01/09/2018 01:56 AM, Mick wrote: > > At this point, the only sure bet, is a non x86, x86_64, ARM, ARM64 CPU. > > Don't know enough to make a recommendation on a particular CPU arch at this > point. > Good luck with

Re: [gentoo-user] WARNING: DO NOT update to sys-apps/attr-2.4.48

On Tue, Jan 9, 2018 at 2:47 PM, Holger Hoffstätte wrote: > > Desaster Warning Time! > > Unless you enjoy restoring from backups in the most creative ways, > DO NOT casually install today's update of sys-apps/attr-2.4.48, or > your box WILL be hosed. > > If you are

Re: [gentoo-user] microcode applied?

On Tue, Jan 9, 2018 at 4:26 AM, Wols Lists <antli...@youngman.org.uk> wrote: > On 08/01/18 13:52, Rich Freeman wrote: >> There is also a lot of discussion on lkml about the right fix. We >> might very well end up seeing both AMD- and Intel-specific fixes with >>

Re: [gentoo-user] microcode applied?

On Sun, Jan 7, 2018 at 11:42 PM, wrote: > You really can't fix it completely in > software on either brand, at best you are counting on code to protect code > from a hardware on intel, and more mild but still dangerous design issues > on both. As far as I

Re: [gentoo-user] Re: Expect a ~15% average slowdown if you use an Intel processor

On Sat, Jan 6, 2018 at 8:58 AM, Walter Dnes wrote: > > I'm running openrc. On my 32-bit install, Intel Core2 duo, I get... > > zgrep BPF /proc/config.gz > CONFIG_BPF=y > # CONFIG_BPF_SYSCALL is not set > # CONFIG_NETFILTER_XT_MATCH_BPF is not set > # CONFIG_TEST_BPF is

Re: [gentoo-user] Connman refuses to work

On Sat, Jan 6, 2018 at 7:33 AM, Melleus wrote: > After last system update my connman refuses to work. It throws a > message: > The name net.connman was not provided by any .service files > > There is connman service installed in default runlevel. Connman version > is

Re: [gentoo-user] Re: Expect a ~15% average slowdown if you use an Intel processor

On Fri, Jan 5, 2018 at 7:26 PM, Adam Carter wrote: >> > So, HAVE_EBPF_JIT=y just means that BPF JIT _can_ be done on x86. There >> > is a separate BPF_JIT setting to actually enable it. >> >> Well, that doesn't seem to be present here. Just the HAVE_ symbol. > > > Careful,

Re: [gentoo-user] Re: old kernels are installed during the upgrade

On Fri, Jan 5, 2018 at 7:34 AM, Walter Dnes wrote: > > I wonder if it's possible to compile a web browser with protection > against the exploits, but turn it off for other apps. That would > protect against external attacks, while not hurting local app speed. > There

<    2   3   4   5   6   7   8   9   10   11   >