IRC log of #maemo for Sunday, 2017-09-03

*** Kabouik has joined #maemo00:51
*** Wikiwide has quit IRC00:56
*** xy2_ has quit IRC01:01
Enrico_MenottiEhm... HAM catalogues. I can add a new one manually from the HAM itself, or by browsing to a proper installation file and clicking it. But what if I want to access this information via terminal? Where is the catalogue info stored?01:05
freemangordon/etc/apt01:13
freemangordonand in gconf database iirc01:13
*** err0r3o3 has joined #maemo01:18
DocScrutinizer05http://maemo.cloud-7.de/maemo5/session-log_enable-catalogs_README.txt  and  http://maemo.cloud-7.de/maemo5/usr/local/sbin/enable-catalogs01:29
DocScrutinizer05    ${cp} ${store}/${1}/etc/apt /etc01:32
DocScrutinizer05    ${cp} ${store}/${1}/etc/hildon-application-manager /etc01:32
DocScrutinizer05http://paste.ubuntu.com/2545420101:35
Enrico_MenottiWell, thanks, but I was looking for the uri's. I did dpkg -L hildon-application-manager and looked for catalogues. I found that the uri's are stored in /usr/share/hildon-application-manager/catalogues/variant-catalogues.xexp. I just added the muarf.org domain (maemo.muarf.org/apt-mirror/mirror/) and switched from https to http in the uri's. Opening the HAM again seems to work - catalogues are found and uri's are01:39
Enrico_Menotti correct. I think I did the right thing - what's your opinion?01:39
Enrico_MenottiI also noticed that the /etc/apt/sources.list.d/hildon-application-manager.list is automatically updated by the HAM once the catalogues are updated as I did. (However one needs to switch something, e.g. just click save on a catalogue, in order to trigger the apt source list update.)01:44
DocScrutinizer05or you just look at what I posted01:49
Enrico_MenottiYes, I looked at it, but in /etc/hildon-application-manager only the enabled/disabled settings are stored, for what I see.01:53
DocScrutinizer05you noticed there's also a file /etc/apt/sources.list.d/hildon-application-manager.list in that ls output?01:57
Enrico_MenottiYes, but if I change it, it gets rewritten by the HAM.01:59
DocScrutinizer05well... you are aware of FHS and the meaning of /usr ?01:59
DocScrutinizer05and of /etc02:00
DocScrutinizer05editing files that get installed from a fpkg is usually not the best idea02:01
DocScrutinizer05dpkg*02:01
Enrico_MenottiYeah, I agree. I admit I don't know about FHS and the meaning of /usr and /etc. It's a good time to learn it...02:03
DocScrutinizer05~fhs02:03
infoboti heard fhs is the Filesystem Hierarchy Standard and is at http://www.pathname.com/fhs/, or included in the debian-policy package02:03
DocScrutinizer05>>/usr is the second major section of the filesystem. /usr is shareable, read-only data. That means that /usr should be shareable between various FHS-compliant hosts and must not be written to. Any information that is host-specific or varies with time is stored elsewhere.<<02:05
DocScrutinizer05>>The /etc hierarchy contains configuration files. A "configuration file" is a local file used to control the operation of a program; it must be static and cannot be an executable binary. [4]<<02:06
*** err0r3o3 has quit IRC02:07
Enrico_MenottiThanks, that's very useful. I'm reading the document. I was looking for something explaining systematically the filesystem hierarchy. I just wonder what the names "etc" and "usr" mean.02:09
*** xorly has quit IRC02:11
DocScrutinizer05usr is something like "Unix System Resources"02:13
DocScrutinizer05it's _not_ "User"02:13
DocScrutinizer05"etc" it... etc02:14
DocScrutinizer05et cetera02:14
DocScrutinizer05the names are rather arbitrary, they just have to be well known and unique02:14
DocScrutinizer05for some cmdline tools literally nobody knows a meaning of their name02:15
Enrico_Menotti:)02:18
*** pagurus has joined #maemo02:21
*** pagurus` has quit IRC02:23
Enrico_MenottiIn any case, I'm trying to correct the default uri's for the catalogues and point them to muarf.org. Seems the way is to change the /usr/share/hildon-application-manager/catalogues/variant-catalogues.xexp, although yes, this should not be done, but hey, the links are dead. At this point HAM finds the repos, but gives a "wrong domain" error in the logs (I tried the update button). In /usr/share/hildon-application-manager02:27
Enrico_Menotti/ there is also a domains/ directory, where I find a file with keys. What are they? I tried, just to try, to comment them (I put a # in front of them, although probably this is not the right syntax). At this point no more wrong domain error, but a "#" character unexpected. Anyway I am proposed with an update (Maemo 5 security update). So now what is the right character to comment those lines? (Seems an xml...). And02:27
Enrico_Menotti what are those keys? There is also the maemo.org/extras repository, also with his keys. They work fine.02:27
DocScrutinizer05to correct the *default* uri's for the catalogues and point them to muarf.org, the correct way indeed is to change /usr/share/hildon-application-manager/catalogues/variant-catalogues.xexp02:30
DocScrutinizer05though you should do that in repo/CSSU02:31
DocScrutinizer05the keys are for security check02:33
DocScrutinizer05GAWD!!! doing a rsync copy from /home to external USB3 ext4 drive. This takes aaaaages, in 9h it copied just ~400GB02:35
*** luke-jr has quit IRC02:37
*** luke-jr has joined #maemo02:37
*** florian has quit IRC03:02
*** dafox has joined #maemo03:54
*** Kabouik has quit IRC03:55
*** dafox has quit IRC04:14
DocScrutinizer05ext4lazyinit my ass04:23
*** err0r3o3 has joined #maemo04:27
*** drathir has quit IRC04:30
*** drathir has joined #maemo04:39
*** DarioAlejandro has joined #maemo04:53
*** APic has quit IRC07:29
*** APic has joined #maemo07:38
*** rhn_mk1 has joined #maemo09:10
*** Pali has joined #maemo09:41
Enrico_MenottiSo. I changed /usr/share/hildon-application-manager/catalogues/variant-catalogues.xexp for the catalogues to point to muarf.org. Next I open HAM. The catalogues are ok. I go for updates. Result: no updates available. Log: http://paste.ubuntu.com/25456343/ (lines 2 and 3 are repeated many times, with many different package names. I just reported them one time in the pastebin). Now I close HAM. I remove (or rename)09:47
Enrico_Menotti /usr/share/hildon-application-manager/domains/variant-domains.xexp. Then open Ham. Catalogues ok. Go for updates. Result: one update available (Maemo5 security update). Log empty. Then refresh. Result: same update available. Log: http://paste.ubuntu.com/25456351/. Anybody who may explain to me what's going on?09:47
*** xy2_ has joined #maemo10:37
brolin_empeyDocScrutinizer05: Use eSATA to avoid SATA↔USB conversion overhead?10:48
brolin_empeyHas anyone else noticed the conceptual similarity between having an SSD on a PCI Express card and the HDDs on an ISA card used in the 1980s? ☺10:52
KotCzarnyisa is already burned down. that witch.10:52
brolin_empeyKotCzarny: There are Socket T AKA LGA775 (Intel Core 2 era) motherboards with at least 1 ISA slot but, if I recall correctly, Socket 478 (Pentium 4) is the last generation of motherboard with an ISA slot with working DMA for an ISA card.10:58
*** jkepler has quit IRC10:58
*** dmth|intevation has joined #maemo11:01
brolin_empeyIncidentally: After having a bulging battery in two models of smartphone with  a removable battery (Samsung Galaxy Note 3 and Geeksphone Revolution), I  do not think I want a mobile computer with a non-removable battery.11:03
brolin_empeyI was curious how to replace the “non-removable” battery of the  BlackBerry KEYone.11:03
brolin_empeyhttps://www.ifixit.com/Guide/BlackBerry+KEYone+Motherboard+Disassembly/9214911:03
brolin_empeyThat looks like a lot of work only to remove an internal battery.  I do  not have an electric blow dryer.11:03
brolin_empeyhttps://www.phonedog.com/2013/09/26/i-don-t-think-i-ll-ever-understand-the-point-of-non-removable-batteries11:03
KotCzarnytbh i do not know how is any samsung phone related to #maemo11:04
KotCzarny:P11:04
*** florian has joined #maemo11:21
*** jkepler has joined #maemo11:27
*** dmth|intevation has quit IRC11:28
*** florian has quit IRC11:31
*** florian_ has joined #maemo11:31
*** florian_ has quit IRC11:41
rhn_mk1did anyone try to use the 0xFFFF flasher recently? It complains about my libusb version, even though it seems correct11:59
Enrico_Menottirhn_mk1 It needs libusb0.1, not libusb1.0, nor libusb1.0 + compatibility layer to libusb0.1 (I don't remember its name).12:02
rhn_mk1Enrico_Menotti: hm, maybe I have both versions installed...12:03
Enrico_Menottirhn_mk1 ...and it sees the wrong one. May be.12:04
rhn_mk1Enrico_Menotti: libusb-devel-0.1.5-7.fc24.x86_64 looks good, doesn't it?12:05
rhn_mk1do you know what happens if the wrong one is used?12:05
Enrico_MenottiWell, as far as I know, libusb1.0 has a different interface from libusb0.1, or something of the kind. They are different packages. And if you use libusb1.0 + compatibility layer, it's too slow, or something of the kind. For further details, better ask Pali, I think.12:07
Enrico_MenottiWhat is your OS?12:07
rhn_mk1Enrico_Menotti: Fedora 2512:08
rhn_mk1the source of the libusb-devel package is hard to understand...12:09
Enrico_MenottiI'm not used to it in any way. I managed to get 0xFFFF working on a Mac (yes, made some adjustments and recompiled). And had to install libusb0.1. I may look at the Debian available packages, but don't know whether that would help with Fedora.12:09
rhn_mk1Enrico_Menotti: worst case there's local installation or Docker :)12:10
rhn_mk1but I want to improve something, I guess, or I'd just flash with the closed flasher already12:11
Palilibusb1.0 is slow12:11
Paliso when you combine libusb1.0 + compat layer for 0.1 then it would be slow too12:12
Paliyou need to use libusb0.1 for 0xFFFF12:12
rhn_mk1Pali: what are the consequences of the slowness? no detection? fails in the middle?12:13
Palino detection or sometimes no detection12:13
Palifail in the middle can happen, if "middle" means to reconnect12:13
rhn_mk1Pali: why are delays critical? will the device timeout somehow?12:14
Paliyes, you need to start communication with device in time window12:14
Enrico_MenottiOn Debian the package is libusb-0.1-4. I believe the libusb-devel is not the correct one (but I may be wrong).12:15
rhn_mk1I just found that Fedora uses libusb-compat12:15
Enrico_MenottiYes, that's the compatibility layer. So you're using libusb1.0 + compat layer.12:15
rhn_mk1or actually I'm using libusbx + compar layer12:16
rhn_mk1thanks for the hints12:16
Enrico_MenottiYw.12:16
Enrico_MenottiPali: hello. Could you please have a look at what I asked earlier (08:47 CEST)? Maybe you can help.12:18
*** erland has quit IRC12:23
rhn_mk1is there some reputable source hosting N900 flash images?12:23
Enrico_Menotti~lf12:24
infoboti guess #maemo lazyflashing is http://wiki.maemo.org/Updating_the_tablet_firmware#The_Lazy_Approach12:24
*** sodadosa has joined #maemo12:24
rhn_mk1thanks12:24
Enrico_MenottiOr also a mirror I found on archive.org, up to PR1.3.12:24
Enrico_Menottihttp://web.archive.org/web/20131117073524/http://skeiron.org/tablets-dev/nokia_N900/12:25
rhn_mk1oh, that's quite good12:26
KotCzarny~flashing12:28
infobothmm... maemo-flashing is http://wiki.maemo.org/Updating_the_tablet_firmware, or - on linux PC - download&extract http://maemo.cloud-7.de/maemo5/patches_n_tools/maemo-my-private-workdir.tgz, cd into it, do sudo ./flash-it-all.sh; or see ~flashing-cmdline, or see ~lazyflashing12:28
KotCzarnyget the script, run it, forget about downloading anything else12:28
KotCzarnyall you need is already in the script12:28
rhn_mk1I don't like running random scripts as root :P12:28
KotCzarnyi assume you have the ability to read?12:29
rhn_mk1oh, I just did that12:31
*** Wikiwide has joined #maemo12:39
*** Wikiwide has quit IRC12:50
*** xorly has joined #maemo12:57
Wizzupfreemangordon: jenkins is now up, almost building the first package. we need to change one or two things on the git side to get it to build. then we can look at pushing it to a reprepro repo13:07
Wizzupand then we need more glue to automatically build packages and such, but that's OK13:08
Wizzupat least then the basics work13:08
Wizzupthe more complex thing will be to build fremantle packages that depends on other fremantle packages - then we need to ensure it also fetched those build deps ... from its own previously built repo13:08
*** hurrian has quit IRC13:18
*** florian_ has joined #maemo13:19
*** TheKit has joined #maemo13:19
*** xy2_ has quit IRC13:21
*** hurrian has joined #maemo13:21
*** NotKit has quit IRC13:22
*** xy2_ has joined #maemo13:28
*** TheKit has quit IRC13:42
parazydWizzup: we can ask if/how it works in the devuan setup13:53
Wizzupwe could13:54
WizzupI want to understand how the plugins want it work :p13:54
freemangordongreat!13:54
freemangordonin the meanwhile, I am finishing codelockui REing13:54
freemangordon:)13:54
Wizzupsweet!13:54
parazyd:)13:55
freemangordonBTW, anybody knows what it is used for?13:55
freemangordonI mean - is that devicelock?13:55
Wizzuphaha, finishing REing something without knowing where it is used, I like it13:55
Wizzup(and no, I can only guess) :D13:56
freemangordonREing was started by jonwil13:56
freemangordonalso, this is the lib used when you choose "remove operator lock" in control panel13:56
freemangordonbut I am not sure what it is supposed to do actually13:56
bencohfreemangordon: I dont exactly remember which is which, but one is used to unlock device14:00
bencohand the other is used in control panel14:00
freemangordonyep, this is the one used in cpl14:01
bencohiirc codelockui is basically the code dialog14:01
freemangordonyes, it is, but what it is used for?14:01
freemangordonwhat code is that one?14:01
freemangordon"operator lock"?14:01
bencohhmm no, the phone lock14:01
freemangordonWTF is that in terms of n900?14:01
freemangordonno, phonelock is libdevicelock14:01
freemangordonor devicelock14:01
freemangordonah, you mean this is the ui?14:02
bencohexactly14:02
KotCzarnymake some changes and see where they show up?14:02
bencohwell, from what I remember, at least14:02
bencohhaven't fiddled with those for quite a while (1.5y or something)14:02
freemangordonhmm14:03
bencohback then I wanted to fix it when in portrait mode... then I realized it was closed-source14:03
freemangordonno more :)14:03
bencohyay :)14:04
bencohfixing it should be possible soon then :)14:04
bencohhm btw, while you're here ... would it be possible to make hildon/mb2 a non-compositing wm?14:04
freemangordonno idea :D14:04
bencohand how well would it perform with llvmpipe on arm (has anyone tested it)?14:05
bencoh(assuming we have to keep it compositing)14:05
freemangordonok, I managed to lock my dev device and there seems to be a bug in codelockui so I can't unlock it :D14:06
bencohhaha14:06
KotCzarnylol14:06
bencohiirc there is some dbus call to unlock it14:06
freemangordonwell, I keep the original .so, so I will revert to it, but still, it is funny14:07
*** N-Mi has quit IRC14:10
Wizzuphttps://wizzup.org/first-build.png14:16
freemangordonWizzup: BTW, you clone from github to another repo, right?14:17
Wizzupright now from the maemo gitlab, yeah14:17
Wizzupbut we target any git URI14:17
Wizzups/maemo/devuan/14:17
freemangordonI think we'll have problems with branches, right? or not14:17
Wizzupyes14:18
Wizzuphttps://git.devuan.org/maemo/libcal14:18
freemangordonyou always build master?14:18
Wizzupparazyd already made some branches/files/tags14:18
Wizzupand we need to fix most of the control files14:18
parazydthe maemo/ascii branch14:18
Wizzupbut we'll get there, I don't have all the anwsers yet14:18
*** jonwil has joined #maemo14:18
freemangordonah, ok14:18
freemangordonjonwil: cheers https://github.com/community-ssu/codelockui14:19
*** Vajb has quit IRC14:19
bencohcongratz! :)14:19
jonwilGood to see that's finished14:20
jonwilAnd that hildon-plugins-notify-sv and libplayback also seem to be finished14:21
freemangordonmhm14:21
freemangordonthough there are still problems in codelockui, but I am chasing them14:22
jonwilGreat :)14:24
Enrico_MenottiHello everybody. Could you please have a look at the question I asked earlier, around 8.47 CEST? In particular bencoh (muarf.org is your mirror, right?)14:26
*** Vajb has joined #maemo14:26
bencohEnrico_Menotti: hey! the KEYEXPIRED warning isn't related to the mirror. it just means that nokia signing keys have expired (quite a long time ago, actually - even before they closed their mirror)14:28
Enrico_MenottiAh ok, so it's an unavoidable warning which I should live with. But one question: HAM was not working until I removed (renamed, actually) the /usr/share/hildon-application-manager/domains/variant-domains.xexp file. That contains some keys, which I don't know what are needed for. And a key is included also for repository.maemo.org - so I removed that as well, but this doesn't seem to affect that particular repository.14:31
DocScrutinizer05that's no question14:32
Enrico_Menottibencoh So what are those keys in variant-domains.xexp?14:32
Enrico_Menotti(This is the question.)14:32
DocScrutinizer05very interesting if somebody finds an answer that's a) not 15 times the max postlen of freenode, and b) not just "RTFM man apt"14:33
*** NeKit has joined #maemo14:34
jonwilIts good that we are getting more and more of the interesting stuff for the N900 (hildon-plugins-notify-sv for example) cloned :)14:34
bencohhmm, no idea what variant-domains.xexp is, I've never had to bother14:36
bencoh(not that I use HAM much, but ... it does work here)14:36
Enrico_MenottiDocScrutinizer05 Sorry, why man apt? Is not this related to HAM?14:36
DocScrutinizer05ham is apt based14:36
bencohDocScrutinizer05: this is still HAM-specific14:36
bencohand I doubt he'll find information regarding the HAM-apt glue in the apt manual :)14:37
DocScrutinizer05then b) already is off the table :-D14:37
DocScrutinizer05remains a)14:37
DocScrutinizer05but how are certs HAM specific? I thought that's a genuine apt thing14:38
Enrico_Menottibencoh How did you proceed to update the catalogues to muarf.org? Just disabled the original Nokia catalogues from the HAM GUI and installed the new catalogues?14:38
DocScrutinizer05I wouldn't be surprised if the answer is "yes" or "click an install file"14:39
DocScrutinizer05I for one never edited sourcelist files14:39
DocScrutinizer05I copy them however, in enable-catalogs14:40
Enrico_MenottiOk. When you click the install file, does that also install new keys? Or keys are not needed for the muarf.org mirror?14:41
DocScrutinizer05there are no keys for muarf14:41
DocScrutinizer05muarf is a mirror that doesn't build&sign stuff itself, so the original nokia keys apply14:41
KotCzarnywhat is stopping maemo team from repacking nokia debs with maemo.org keys?14:42
Wizzupmakes you wonder why we can't just resign it.14:42
Wizzup^^14:42
*** Kabouik has joined #maemo14:42
KotCzarnynot that there would be any new package in those repos14:42
DocScrutinizer05missing sources?14:42
Wizzupyou don't need sources to sign it14:42
KotCzarny+114:42
DocScrutinizer05bfc14:42
DocScrutinizer05nfc even. ask the experts14:42
KotCzarnydefine 'experts'14:43
DocScrutinizer05I think we looked into that for quite a few months, even Nokia dides did though they had no clue at all14:43
Wizzupdevuan does this on a daily basis14:44
Wizzupafaik14:44
Enrico_MenottiOk. So it's correct to "remove" the variant-domains.xexp, I guess. And what about repository.maemo.org? Does not produce any error nor warning without the key. And ehm, the original Nokia keys do not seem to apply to muarf: if I leave them there, I get the log I reported above (wrong domain).14:44
jonwilI think the issue is that there is no key in the stock firmware that is still valid (not expired)14:44
Wizzupjonwil: right, so cssu can add it14:44
KotCzarnybut since packages would barf on keyexpireds, does it change anything?14:45
Wizzupthis way one can change the repo url and add a key and be done14:45
jonwilYeah resigning all the Nokia things with another key belonging to CSSU (and signing all the CSSU packages as well) seems like a good idea.14:45
KotCzarnywould apt break if pkg key changes?14:46
*** florian_ has quit IRC14:47
Enrico_Menotti(Brb.)14:47
bencohEnrico_Menotti: I'm not a good example, since I added the mirror urls to apt conf. and I don't really remember what I had to do for HAM to work (if any)14:47
bencohs/any/anything/14:47
infobotbencoh meant: Enrico_Menotti: I'm not a good example, since I added the mirror urls to apt conf. and I don't really remember what I had to do for HAM to work (if anything)14:47
DocScrutinizer05Wizzup: no CSSU can't add it since we have no valid key to sign the new key14:49
bencohwell, technically CSSU has its own key14:49
DocScrutinizer05we would need to instruct users to add the new key manually14:49
bencohthe one used to sign CSSU14:49
bencohthat is installed when upgrading (migrating) to CSSU14:49
KotCzarnycouldnt cssu installer do that?14:50
WizzupDocScrutinizer05: then people click a link in the browser and add the key14:50
Wizzupwhatever, same thing14:50
*** NeKit has quit IRC14:50
DocScrutinizer05sorry, I really have only a foggy idea about that stuff. Not much more than "Pali, freemangordon, and/or jonwil and others looked into it back when Nokia asked us how to fix their fuckup, and there was no feasible way for CSSU to accomplish that without help from Nokia that never came"14:51
DocScrutinizer05I still have the emails14:51
jonwilMy understanding is that there was no valid key in the stock ROMs that could be used to re-sign the Nokia repos14:52
KotCzarnybecause they were thinking about proper fix14:52
DocScrutinizer05jonwil: yep14:52
KotCzarnyi propose just resigning the debs with cssu key14:52
DocScrutinizer05there was, but Nokia refused to use it14:52
KotCzarnywell, another way would be breaking the key14:53
DocScrutinizer05or just ignore it14:53
KotCzarnybreaking onto nokia servers14:53
Wizzupjonwil: but a key can be added via the browser easily14:53
Wizzup*shrug* requiring some user interactions seems fine14:53
DocScrutinizer05Wizzup: that been exactly the point14:54
Wizzupit's just that not fixing the re-signing is lame, but I can understand it if the issue is time constraints14:54
WizzupDocScrutinizer05: is it? people already have to jump through several hoops for cssu14:54
DocScrutinizer05prolly yes, with user interaction it's feasible14:54
jonwilAre CSSU debs currently signed?14:54
DocScrutinizer05the concern back when was for doofus users who don't have a clue14:55
DocScrutinizer05jonwil: nfc14:55
DocScrutinizer05prolly not14:55
DocScrutinizer05given they are built and packaged offline14:55
DocScrutinizer05so who would be the key owner?14:56
freemangordonthey are14:56
jonwilSo they get signed when they get pushed to cssu-testing/cssu-stable/whatever?14:56
freemangordonmaemo infra signs then14:56
freemangordonyes14:56
DocScrutinizer05ooh fine :-)14:56
jonwilOk so is the key that is used to sign those installed by CSSU (or as part of the CSSU process) or what?14:57
*** err0r3o3 has quit IRC14:58
*** NeKit has joined #maemo14:58
freemangordonjonwil: sorry, can't parse, please rephrase14:58
DocScrutinizer05took me a while too :-)14:58
jonwilOk so CSSU packages are signed by someone14:58
freemangordonyour english is better14:58
freemangordonjonwil: in the repo, yes14:59
DocScrutinizer05is the pubkey used to verify CSSU signature a part of the CSSU installation process?14:59
freemangordonyes14:59
*** err0r3o3 has joined #maemo14:59
jonwilOk so right now there are 3 possibilities. First is someone running a stock firmware in which case it doesn't matter since they will be pointing at the stock Nokia repos that no longer exist.15:00
Enrico_MenottiI will be busy for a couple of hours (F1 race). See you later. Thanks for the discussion so far.15:00
jonwilThe second possibility is someone who is running stock (or like me, stock with various replaced packages) but has changed their repos to point to a mirror15:00
jonwilThe third is someone running CSSU15:00
jonwilIMO we should do this:15:01
DocScrutinizer05jonwil: no CSSU????? o,O shame on you! ;-P15:01
freemangordonmhm15:01
*** Pali has quit IRC15:01
jonwilI am running a mix of various cloned/updated packages (some I cloned, others cloned or upgraded by someone else)15:02
DocScrutinizer05WAAH Pali has a terrible timing15:02
freemangordonanyway, codelockui seems to work :)15:02
*** Pali has joined #maemo15:02
DocScrutinizer05I'm pretty sure he investigated the whole issue in epic depth back when15:02
jonwilIMO we should do this:15:03
jonwil1.We re-sign all the Nokia packages with the CSSU key15:03
DocScrutinizer05in general I agree we finally should reclaim contrpol over *all* signature keys, particularly since original Nokia repos are no more15:04
DocScrutinizer05so not a single user can run updates without having CSSU installed and repo sourcelists fixed15:05
DocScrutinizer05ergo we need to take action about that, finally15:05
freemangordonWizzup: which branch should I use so it is easier for you?15:06
Wizzupfreemangordon: I don't know yet, once I do, I'll let you know15:06
WizzupI think just a tag is fine15:06
freemangordonok, I'll use gtk2 sisnce then15:06
Wizzupright now we're making it auto generate and sign a repo :)15:06
freemangordonis that ok?15:07
Wizzupgtk2? sure15:07
freemangordonok15:07
jonwilIMO we should do this:15:09
jonwil1.We re-sign all the Nokia packages with the CSSU key15:09
jonwil2.We put the re-signed packages in a mirror repo and make the CSSU installer update things to point there instead of the stock repo locations so anyone with CSSU gets all the stock packages properly signed and working again with no user interaction beyond installing or updating CSSU.15:09
jonwil3.For people who are running a device but dont want to run CSSU, we have the appropriate "click here to add the new key" and "click here to add the new repo" links available somewhere15:09
jonwilThat way anyone who just wants a stock device but wants to be able to pull Nokia packages without key errors can update their repos easily and those who want CSSU get CSSU and get it all done automatically.15:09
KotCzarnythat should fix all those cssu installs that require manual package installations?15:10
jonwilAnyone got any comments on whether my idea is good or not?15:13
freemangordonjonwil: I guess the idea is good, but I don;t see who is going to release it15:15
KotCzarnyjonwil seems to have run out of things to RE, so.. ;)15:16
freemangordonah, right :)15:17
KotCzarnyand he is keys expert too15:17
Wizzupjonwil: that is exactly what I thought/meant15:18
jonwilMy idea requires somewhere we can host a nokia repo mirror and someone who has the relavent CSSU key and the ability to download the nokia repo from an existing mirror, sign it all and then upload it to new space. None of which I can help with (I dont have space to put it or keys to sign it with or the bandwidth/speed to do a full repo download and re-upload)15:20
freemangordonjonwil: iirc we are not allowed to host closed source packages15:21
KotCzarnyjonwil, would you be able to write a script for someone to run oh his server? (ie. bencoh)15:21
freemangordonno idea how relevent is this in 2017, but still15:21
jonwilI dont think whatever remains of Nokia (either the Microsoft Nokia who was releasing Windows based crap or the other Nokia that is now releasing crap running some different OS) actually cares anymore about what happens to the N900 and its software.15:22
jonwilI dont know enough about writing shell scripts or signing packages to write such a script :)15:23
KotCzarnyeager to learn pkg signing then? ;)15:23
jonwilActually, I need to stop procrastinating and talking on here and watching crap on YouTube15:24
jonwilI am exhibiting at https://www.facebook.com/events/259797684501353/ and I have a billion things I need to build and change and prepare before I am ready...15:25
jonwilSo I gotta stop messing about and actually start building :)15:25
bencohnote that re-signed packages can be host by 3rd parties15:26
bencohhosted*15:26
DocScrutinizer05((<freemangordon> jonwil: iirc we are not allowed to host closed source packages)) yes exactly15:29
DocScrutinizer05we are not even allowed to publish tablets-dev though in fact we always been the ones to host it, on maemo infra15:30
KotCzarnyare we allowed to RE packages?15:31
Wizzupwhy are you not allowed?15:31
Wizzupand if you host it anyway, might as well just sign it15:31
KotCzarnyand to publish/create debs out of the results?15:31
DocScrutinizer05Wizzup: because Nokia tells us so15:31
Wizzupbut I'm not maemo15:31
DocScrutinizer05you may do whatever you want, you are also the one to suffer any consequences. "We" (maemo 'official') do not discourage anybody hosting Nokia proprietary stuff, but Maemo is not allowed to do it15:33
bencoh:)15:33
Wizzupproblem solved15:33
jonwilI believe the deal that transferred maemo infra to community specified that community doesn't get any of the secret stuff (i.e. anything related to projects.maemo.org) and community isn't allowed to distribute the Nokia device repos.15:37
*** xorly has quit IRC15:38
jonwilBut there is nothing (other than the very very low risk of being sued by the ghost of Nokia) stopping someone that isn't "community" from redistributing the Nokia repos.15:38
jonwilSo we just need someone to come up with a way for whoever has a repo already to re-sign things.15:40
jonwilThen we make CSSU point to that 3rd party repo15:40
jonwiland we are in business :)15:40
bencohexcept that we don't want a 3rd-party to resign15:41
*** florian_ has joined #maemo15:41
bencohs/resign/re-sign/15:41
infobotbencoh meant: except that we don't want a 3rd-party to re-sign15:41
jonwilwell "community" (i.e. official infra) can't host a repo.15:42
bencohso you'd need maemo to re-sign packages at some point15:42
bencohyeah I know :)15:42
Wizzupreprepro can do this in a breeze15:42
jonwilOk so then we need someone who has the CSSU key to re-sign an existing (or new not-hosted-by-community) mirror somehow.15:44
jonwilThen we have a mirror signed by the CSSU key (which is what we want) but not hosted by community in a way that violates any nokia deals.15:45
bencoh"somehow" yeah :)15:45
Wizzupwell, if maemo does not want to be associated, they should not sign it15:47
bencohwho would you trust then?15:47
DocScrutinizer05http://mg.pov.lt/maemo-ssu-irclog/%23maemo-ssu.2013-01-24.log.html#t2013-01-24T13:13:2415:47
jonwilAnyhow, this isn't something I can do anything to help with really15:49
bencohohwell, that link has some info regarding the .xexp file as well15:50
bencohEnrico_Menotti: ^15:50
DocScrutinizer05((<jonwil> Then we make CSSU point to that 3rd party repo)) is arguable, but I *think* of manageable risk nowadays15:50
*** NeKit has quit IRC15:51
jonwilSo we need to figure out whether we have the repo signed by the CSSU key or by someone else and then make that happen.15:52
DocScrutinizer05*somehow* skeiron was exactly that15:52
DocScrutinizer05some folks inside maemo went nuts about it15:52
DocScrutinizer05a secret guerrilla crew did an awesome job setting up skeiron and mirror *everything* there, and in turn the only "support" by maemo council needed would have been that they finance a totally unrelated  backup server as compensation for the infra provided by skeiron team. We all know where that ended (fro those who don't: see my signature in tmo)15:55
*** NeKit has joined #maemo15:55
DocScrutinizer05hail hildon foundation >:-(15:58
DocScrutinizer05woody been one of that guerrilla crew, but later blamed me for lying at him. I mean, how insidious can it get?16:00
bencohI don't think going through this helps anymore ;)16:00
WizzupI don't know anything about this, and I do not know what good this does bringing it up again here and now16:01
DocScrutinizer05you're right, sorry16:01
DocScrutinizer05I just felt deep anger and frustration16:01
DocScrutinizer05had to vent16:01
jonwilWe need to stop talking about the past and look at the future. Do we intend to re-sign the repos or not? What mirror do we want to re-sign? And which key do we want to use to re-sign it?16:03
DocScrutinizer05I *think* we could create a maemo-hosted mirror with restricted access to host the new-signed stuff16:04
DocScrutinizer05as long as "nobody" (but those with the credentials) has access, we're fine with hosting on maemo16:05
DocScrutinizer05too bad when the credentials "leak"16:05
DocScrutinizer05;-)16:06
bencohDocScrutinizer05: you can actually re-use existing credentials ;)16:06
bencoh(that's what I did for ovi)16:06
DocScrutinizer05bencoh: it must not be too obvious16:06
*** NeKit has quit IRC16:07
jonwilAnyhow, this is 100% out of my hands, I have nothing to do with it :)16:07
bencohsame here :)16:07
DocScrutinizer05e.g. re-implementing that old "please enter your IMEI" thing won't fly16:07
*** NeKit has joined #maemo16:08
DocScrutinizer05I think of really installong a regular .htaccess with user/password, and some folks running a real non-affiliated mirror will find out about those credentials by social engineering, hacking or whatever16:09
DocScrutinizer05or similar to tablets-dev which is also still there, just nobody knows about it ;-)16:10
DocScrutinizer05NB I do _not_ suggest to use the "upstream secret" URL for sources.list in devices. They should use unaffilated mirrors. Those mirrors should sync to that hidden master16:12
bencohby the way ... https://github.com/postmarketOS/pmbootstrap/issues/438 :)16:14
*** florian_ has quit IRC16:14
bencoh(tl;dr: pavelmachek detailing n900 mainline status as a daily driver)16:14
*** TheKit has joined #maemo16:18
DocScrutinizer05nice16:18
*** NeKit has quit IRC16:20
DocScrutinizer05HMMMMM. about re-signing Nokia mirror: CSSU could validly claim they need a working Nokia mirror for their own building process, so they could host such mirror which is "only available to them" via above mentioned credentials16:25
DocScrutinizer05:-D16:25
DocScrutinizer05would make more than just some sense when such CSSU "private" mirror had been re-signed by CSSU keys16:26
DocScrutinizer05when some "ev17 h4x0r5" crack and mirror that private Nokia CSSU mirror, what could we possibly do?16:27
bencohthis is a public chan with public logs :p anyway16:29
*** N-Mi has joined #maemo16:29
*** N-Mi has joined #maemo16:29
DocScrutinizer05we will diligently change the credentials once a month and run fail2ban and everything against the mirror to protect it. NFC how those evil hax0rs manage to always copy it16:29
bencoh-_-16:30
DocScrutinizer05bencoh: the idea is we don't do anything evil. So we better discuss this publicly to make sure we didn't miss any aspect ;-)16:31
DocScrutinizer05meh, the Nokia repos are as static as it can get, we don't need to keep this "infra" dynamically working. It's a one-shot action, just take care the signatures expire no earlier than 2099 ;-)16:41
jonwilOk so the first thing we need to do is to figure out who is going to run this 3rd party mirror (either someone running an existing mirror if they are interested or someone with the ability to run a new 3rd party mirror). Once that happens I have a plan to make this all work with minimal risk to maemo infra/community people.16:43
*** N-Mi has quit IRC16:43
DocScrutinizer05keyholder of CSSU keys: merlin199116:45
DocScrutinizer05afaik16:45
DocScrutinizer05~mirrors16:45
infoboti guess mirror is http://maemo-archive.wedrop.it/ http://talk.maemo.org/showthread.php?p=1315143#post1315143  or extras-devel.merlin1991.at - for fighting hashsum error, or see ~rmo-new16:45
DocScrutinizer05hmm, no not those16:46
DocScrutinizer05jonwil: why would we need "to figure out who is going to run this 3rd party mirror"?16:48
jonwilI mean we need to figure out which mirror is going to be the one that hosts this re-signed repo.16:48
DocScrutinizer05we will see which mirror is it that picks up16:48
DocScrutinizer05;-)16:48
DocScrutinizer05I suggest to consider indirection: point to a place with an .install file and only that .install file points to the recently valid mirrors16:49
*** xorly has joined #maemo16:50
DocScrutinizer05~jrrepos16:51
infobotwell, jrrepos is http://maemo.cloud-7.de/maemo5/et_al/HAM-catalogs/16:51
DocScrutinizer05for a really longterm stable URL I'd change this to sth not including cloud-7 though16:52
DocScrutinizer05might even be histed on maemo infra16:52
DocScrutinizer05hosted*16:52
DocScrutinizer05maybe a bootjob could download the .install file and edit the sources.list or /etc/hosts16:53
*** N-Mi has joined #maemo16:55
*** N-Mi has joined #maemo16:55
DocScrutinizer05echo "nokiareposymbolic `wget http://maemo.cloud-7.de/maemo5/et_al/HAM-catalogs/ | grep 'URI = '|cut -f 3`" >>/etc/hosts16:55
DocScrutinizer05sth like that16:56
DocScrutinizer05(obviously buggy, but you get the idea)16:56
Wizzupfreemangordon: http://sprunge.us/RANT17:06
DocScrutinizer05RANT ? ;-P17:09
APic;=P17:10
Wizzupyep, lol17:10
APiclol17:10
DocScrutinizer05new flavor of bullshit bingo ala sprunge?17:10
*** rzr-away has quit IRC17:13
Wizzupanyway: this is libcal built from a devuan ascii VM running jenkins17:13
Wizzupit auto generates a repo and signs it with a testing key17:13
Wizzupthis could essentially be rsynced to a public http server and we could play with it on a real device17:13
Wizzupwe'll add the arm arch once we've figured out the other parts17:14
Wizzupautomatically adding new packages, auto fetching new builds, documenting the branches / files required for git builds, and such17:14
Enrico_MenottiWow, I see my original question about HAM generated a lot of discussion. bencoh, I have read the log DocScrutinizer05 linked to. I admit openly that my present knowledge about keys, signatures and so on is null. So although I tried to read all, I didn't understand that much. That log gives some hints about the .xexp files, yes. But I haven't been able to learn substantially anything more than what I had already seen.17:57
Enrico_Menotti Recap: I understand the keys for the original Nokia repos are expired, nothing to do about that. So that issues a warning in the HAM log, but nothing else. Still, I didn't understand why apt-worker refuses to use packages from mirrored (on muarf.org) Nokia repos (says "wrong domain"). Next, by removing the domain and key files in /usr/share/hildon-application-manager/ apt-worker doesn't complain anymore. As far as I17:57
Enrico_Menotti understand at the moment, in this situation apt-worker has no keys to verify the signatures (is this correct?), so it should complain even louder! Also, I removed the keys for repository.maemo.org together with the others, and neither this repository causes apt-worker to complain! Sorry, I don't understand what's going on.17:57
Enrico_MenottiMay anybody help me to clarify the situation?17:58
bencohhow did you add the repositories to your device?17:59
DocScrutinizer05((apt-worker refuses to use packages from mirrored (on muarf.org) Nokia repos)) there's a setting in HAM red-pill mode to allow "3ed party sources" or somesuch, iirc17:59
*** jonwil has quit IRC18:00
DocScrutinizer05~redpill18:01
infobotextra, extra, read all about it, redpill is http://wiki.maemo.org/Red_Pill_mode18:01
DocScrutinizer05HAM "settings"-> "[ ] Ignore packages from wrong domains",  "[x] ignore the third party packages policy for SSU"18:04
Enrico_Menottibencoh I edited /usr/share/hildon-application-manager/catalogues/vairant-catalogues.xexp and added to the uri's indicated there the path to muarf.org's mirror: http://maemo.muarf.org/apt-mirror/mirror/. This fixes the standard catalogues by pointing them to muarf.org. HAM is not complaining it can't find the catalogues. Problems arise with apt-worker refusing the domain.18:04
DocScrutinizer05not sure which setting they'd need, but... usually your problem doesn't occur here18:04
bencohwhat happens when just using the .install files?18:06
DocScrutinizer05generally messing around with config preset files that are not meant to get altered by user and only will install from a verified repo is for sure not the best method to avoid unexpected probelms18:06
bencoh(I've never tried those, so ...)18:06
DocScrutinizer05editing /etc/* is the way to go for *user*, just make sure e.g. HAM is not running concurrently as otherwise it might overwrite your edits when terminating18:07
DocScrutinizer05well, actually for *user* the canonical way is to use HAM "catalogs" interface, or click an .install file in microB18:08
bencoh/60/6018:09
DocScrutinizer05again, I point to my enable-catalogs script that just works to switch different catalog settings, so whatever it does it does it the right way18:10
DocScrutinizer05when copying files into /etc/apt/* works, then editing same files must work too, right?18:12
Enrico_MenottiOk, I didn't try the .install files. I was first trying to correct the original Nokia links, so to avoid having disabled catalogues and side by side new ones. Yes, I can use the .install files and see what happens. I agree with the procedure suggested by DocScrutinizer05 , in the sense that this should not be done by the end user. But the original repos are no more, so in my opinion it does not make sense to disable18:12
Enrico_Menotti their catalogues and install others: it makes more sense to me to correct the original catalogues. Anyhow, at this point I'd like to understand how the .xexp files work.18:12
Enrico_MenottiDocScrutinizer05 /etc/apt/sources.list.d/ you mean?18:13
DocScrutinizer05whatever files are there under /etc/apt18:13
DocScrutinizer05I can't help with .xexp files, never heard of them before you came up with them18:14
DocScrutinizer05I guess THAT is a very HAM specific thing18:14
DocScrutinizer05only used once during initial config18:15
DocScrutinizer05maybe HAM checks if the .xexp is newer than the files under /etc/apt and /etc/hildon-applicationmanager and if so, it re-initializes the latter files according to the .xexp... Or whatever18:16
DocScrutinizer05you probably have to dig deep into HAM sources to get an answer to "how does .xexp work?"18:17
DocScrutinizer05all I know is: nobody sugested to mess with .xexp so far18:18
DocScrutinizer05the canoical way is via /etc/apt and /etc/hildon-app*ger18:18
Enrico_MenottiAbout /etc/apt: I am asking because I first tried to change the file inside /etc/apt/sources.list.d, but I found out that the HAM modifies this file according to the catalogues indicated in the .xexp files (and the "enabled/disabled" setting, which I have seen is stored in /etc/hildon-application-manager/catalogues: if a catalogue is disabled, its url doesn't appear in /etc/apt/sources.list.d). If one only modifies18:19
Enrico_Menotti /etc/apt/sources.list.d, then upon calling HAM GUI again and doing some actions, the sources.list.d files go back to their original content.18:19
DocScrutinizer05see http://maemo.cloud-7.de/maemo5/session-log_enable-catalogs_README.txt  and  http://maemo.cloud-7.de/maemo5/usr/local/sbin/enable-catalogs18:19
DocScrutinizer05and http://paste.ubuntu.com/2545420118:19
DocScrutinizer05and particularly the modification dates in there18:20
Enrico_MenottiOk, let me have a look.18:20
DocScrutinizer05>>If one only modifies /etc/apt/sources.list.d, then upon calling HAM GUI again and doing some actions, the sources.list.d files go back to their original content.<< no, evidently not, unless maybe you have HAM running concurrently to your edits18:21
Enrico_MenottiWell, I didn't remove the OVI catalogue from the /etc/apt/sources.list.d. I disabled it in the HAM GUI. But afterwards it disappeared from the /etc/apt/sources.list.d file as well.18:22
Enrico_MenottiThe file is /etc/apt/sources.list.d/hildon-application-manager.list.18:23
DocScrutinizer05http://paste.ubuntu.com/2545859618:24
Enrico_MenottiLet me do a test.18:28
DocScrutinizer05((I disabled it in the HAM GUI. But afterwards it disappeared from the /etc/apt/sources.list.d file as well.)) yes, that's how HAM manages stuff, it has "enabled"/"disabled" in /etc/hildon-application-manager/catalogues and adjusts the sources.list files accordingly, so apt also *should* use same repos18:29
DocScrutinizer05AIUI18:29
freemangordonWizzup: cool!!!18:30
Wizzup:)18:30
DocScrutinizer05that's why you shouldn't just edit sources.list since HAM will interfere. Use HAM "catalogs" GUI instead. Or edit *all* files that need an edit18:30
Wizzupnow I have a headache though18:30
Wizzupenough jenkins for today18:30
freemangordonwhere is the repo?18:31
Wizzupit's not yet online. I can rsync it somewhere if you want to look at it18:31
WizzupIt's on the vm only18:31
freemangordonah, no, no hurry18:31
DocScrutinizer05it's not just any wiskey, it's Jenkins whatthefuck18:31
*** ecc3g has quit IRC18:31
freemangordon:)18:31
Wizzupso yeah, what's left is what I wrote above18:32
Wizzupshould be a bit more work, but doable18:32
freemangordonin the meanwhile I managed to build and run hildon-control-panel in devuan VM :)18:32
Wizzupsweet18:33
WizzupI'm really looking forward to getting a first devuan up and running with the repos18:34
Wizzupjust add the repo; apt-get install hildon-desktop and done18:34
Enrico_MenottiDocScrutinizer05 I checked. Yes, if I edit /etc/apt/sources.list.d/hildon-application-manager.list, then open HAM GUI and trigger an action (I went to catalogues, opened the apps one and saved it without any modification), afterwards the /etc/apt/sources.list.d/... file is recreated. So it is enough to edit the .xexp file (/usr/share/hildon-application-manager/catalogues/variant-catalogues.xexp). HAM automatically18:34
Enrico_Menotti mirrors the edits in /etc/apt/sources.list.d/hildon-application-manager.list.18:34
freemangordondo we have any known FOSS cpl applet?18:34
*** ecc3g has joined #maemo18:34
Wizzupcpl?18:34
freemangordoncontrol panel18:34
freemangordonaka settings18:34
DocScrutinizer05Enrico_Menotti: no, we don't edit .xexp18:35
DocScrutinizer05/usr/* is read-only for all that matters18:35
Wizzupfreemangordon: I don't know. I would assume so. external keyboard?18:36
Wizzupor operator name?18:36
freemangordonextkbd is mine, but it is qt18:36
Wizzupis that a problem?18:36
*** florian_ has joined #maemo18:36
freemangordonstill no qt18:37
Wizzupack18:37
Wizzupbtw, if anyone knows how to connect to a bluetooth keyboard that seems to do 'auto pair', that would be nice (e.g. you never get to fill in a pin code)18:37
Wizzupit works on android, but the n900 gets stuck in a weird way and wants to fill in a pin18:37
Wizzup(windows has the same problem)18:37
DocScrutinizer05Enrico_Menotti: honestly, I have a very simplistic approach to that: make a copy of /etc, then use HAM GUI to add or remove a catalog, then see what it did to /etc (usinf diff tool or whatever you like). So you see what's the correct way to do stuff, then implement that in your script or whatever you are about to create18:38
DocScrutinizer05for advanced tasks, use strace to watch what exactly it is HAM is doing18:39
DocScrutinizer05when using strace, watch out not to miss forks18:39
Wizzupstrace -f follows forks18:39
DocScrutinizer05yep18:40
DocScrutinizer05that's what I leaft to the reader to figure out ;-)18:40
Enrico_MenottiDocScrutinizer05 Ok, I understand your position. However, one can play with his system in the way he likes to. It depends on what one wants to achieve. I'd like to correct the original catalogues instead of creating new ones. By editing the .xexp files this can be done, it seems, with all the risks this implies.18:41
Enrico_MenottiAbout tracing HAM actions: yes, I was thinking about something of the kind. Thanks for the hints. Never used strace. Will investigate.18:41
DocScrutinizer05well, what can be done and what will work in the end are two segregate things18:41
DocScrutinizer05editing files in /usr is a *very* poor idea since apt itself will override them next time you install/update stuff18:42
Enrico_MenottiSegregate? You mean separate?18:42
Enrico_MenottiOh yes I got it.18:42
Enrico_MenottiThat's absolutely correct. I realise it. One should modify packages on the repository they are fetched from by apt.18:43
Enrico_MenottiRight?18:43
DocScrutinizer05yes18:43
Enrico_MenottiYeah, I am conscious of this downside.18:43
DocScrutinizer05and there's no point in musing about the signing keys in (or next to) /usr/share/hildon-application-manager/catalogues/ for you, since you don't have any alternative keys to provide there anyway18:46
DocScrutinizer05how to correctly turn a signed into an unsigned repo for HAM is an entirely different and pretty complicated topic18:47
DocScrutinizer05stuff n /etc/apt/trustdb.gpg. And whatnot else18:49
DocScrutinizer05probably HAM takes care about that too. So I really suggest using HAM for editing HAM catalogs18:51
Enrico_MenottiRight. Is the mirror at muarf.org signed or not? If yes, is the signature the same as for the original Nokia repos? When you use the .install files, do they install any key for verifying the signature, besides creating new catalogues? All questions that arise in my mind. I don't want to annoy you by pretending an answer. It's just what I am thinking about.18:51
rhn_mk1is there a way to use .install files from command line?18:52
Enrico_MenottiAnd yes, I'd use HAM to edit catalogues, but the default ones cannot be edited that way, as far as I know. They can only be disabled.18:52
DocScrutinizer05it's a mirror, so the signatures are original nokia signatures and they don't match the mirror's URL18:52
DocScrutinizer05when you use .install they don't explicitly create a new signature key18:53
Enrico_MenottiYeah, that's what I was suspecting!18:53
DocScrutinizer05it feels a little pointless to discuss this stuff in epic width without knowing what's the goal of that exercise18:55
Enrico_MenottiSo if one removes the keys in the .xexp files, or put in another way creates another catalogue without signature by using the .install files, why does that work? Since there are no keys to verify the signature of the repos, should not HAM (or apt-worker) complain?18:56
Enrico_MenottiOk, yes, this is pure speculation (almost pure).18:56
Enrico_MenottiThe practical goal would be to have the original catalogues working by pointing to a mirror.18:56
DocScrutinizer05that's an oxymoron18:57
DocScrutinizer05original catalogues != mirror18:57
Enrico_MenottiWell, the catalogues are the info on the local system, pointing to a repo, is that right?18:58
DocScrutinizer05unless you add a indirection to /etc/hosts18:58
Enrico_MenottiI mean I want to modify this info to point to the mirror, instead of disabling it and creating a new one.18:58
DocScrutinizer05why?18:59
DocScrutinizer05not that it'd be impossible (CSSU done similar), but the purpose is unclear19:00
Enrico_MenottiWell, it's a matter of taste, let's say. Since the original repos are down and forever will be, there's no sense in keeping the original catalogues as they are and creating others. This is what I thought initially.19:01
Enrico_MenottiRight, the other way in the end produces the same result.19:01
DocScrutinizer05why would you want an immutable catalog entry pointing to an arbitrary mirror?19:02
DocScrutinizer05would complicate matters to no end for users, once that mirror changes19:03
Enrico_MenottiYes, true.19:03
Enrico_MenottiI was not thinking about other users - it's just for my personal use. If the mirror changes, I know how to correct again the catalogue entry.19:04
DocScrutinizer05it's arguable if we should remove the original Nokia repos since they are and always will be dead. But replacing them by a random mirror doesn't feel like it's the right thing to do19:04
DocScrutinizer05anyway, good luck, I'm afk for today19:05
DocScrutinizer05o/19:05
Enrico_MenottiBye DocScrutinizer05 . I will stop here for now - will investigate later.19:06
Enrico_MenottiThanks.19:06
rhn_mk1is it possible to use the mirrored repositories with plain apt-get? `apt-get update` complains about old signatures for me19:31
KotCzarnycomplains doesnt equal 'not worky'19:31
rhn_mk1errors out actually19:31
KotCzarnypastebin the error19:31
rhn_mk1KotCzarny: http://pasted.co/f5a366a519:36
rhn_mk1sources.list: http://pasted.co/d581e5db19:38
*** jja2000 has joined #maemo19:47
*** arcean has joined #maemo19:50
KotCzarny~maemo-repos20:08
infobotit has been said that maemo-repos is http://wiki.maemo.org/Repository#List_of_Maemo_repositories20:08
KotCzarnyare you sure those linenoise mirrors match?20:08
KotCzarnythey do, hmm20:09
rhn_mk1copied from there20:09
KotCzarnybut what about:20:09
KotCzarny# This is another mirror for the same thing as those above. Temporarily OFFLINE20:09
rhn_mk1KotCzarny: I tried with muarf with the same error20:10
KotCzarnyuhum20:10
KotCzarnywas long time since i last updated20:10
KotCzarnybut if apt dies on keyexpired it's another reason to resign packages in the mirrors20:10
rhn_mk1that *does* work with FAM and HAM, but those seem to be using different source lists20:11
rhn_mk1same URLs, nevertheless20:11
DocScrutinizer05rhn_mk1: "W: " is *warning*20:13
KotCzarnyErr http://maemo.linenoise.info ./ Release20:13
KotCzarnyshouldnt it be wrn then?20:13
DocScrutinizer05look at http://maemo.linenoise.info/, it's not any repo structure20:14
DocScrutinizer05there's none of "Release" or any of the module dirs20:14
DocScrutinizer05http://maemo.linenoise.info/downloads.maemo.nokia.com/fremantle/ssu/mr0  404, right?20:15
DocScrutinizer05hmm actually not20:16
KotCzarnynope, loaded20:16
KotCzarnyrhn_mk1: can you install any pkg from those mirrors via apt?20:17
DocScrutinizer05anyway, I guess the error is about Release file not found in one of the places apt looks for them20:17
rhn_mk1KotCzarny: can you give me an example?20:17
DocScrutinizer05it's obviously _not_ a gpg error20:17
KotCzarnytutorial-home-applet ?20:18
KotCzarnyseems safe enough to try20:18
KotCzarnyif it's already installed you might add --reinstall to force reinstall20:19
rhn_mk1http://paste.debian.net/984271/20:20
rhn_mk1it worked20:20
KotCzarnythen i guess you can ignore those warnings20:20
rhn_mk1KotCzarny: can you give me a random package from CSSU?20:21
DocScrutinizer05anyway "W: GPG error: http://maemo.linenoise.info ./ Release: The following signatures were invalid: KEYEXPIRED 1349249546 KEYEXPIRED 1349249546 KEYEXPIRED 1349249546" is a *W*arning20:21
rhn_mk1I'd like to figure out if these work20:21
KotCzarnywhich cssu flavour do you have?20:21
rhn_mk1stable, if that's what you mean20:21
KotCzarnycssu server seems slow20:22
KotCzarnystatus-area-orientationlock-applet20:23
rhn_mk1thanks20:23
rhn_mk1also works!20:23
KotCzarnydid you install cssu via installer ?20:23
rhn_mk1KotCzarny: yes, and I added the line manually later20:24
rhn_mk1the point of this exercise was to install CSSU from command line to save myself from typing20:24
KotCzarnyum20:24
DocScrutinizer05not recommended20:24
KotCzarnycssu installer does more than just changing repos20:25
DocScrutinizer05indeed20:25
KotCzarnyit should always be installed via recommended method20:25
rhn_mk1it does, but does it need GUI for that?20:25
DocScrutinizer05yes20:25
* rhn_mk1 is baffled but okay20:25
KotCzarnyif you played around and run into troubles remember what you did20:26
DocScrutinizer05long answer: not if you know *exactly* what and how to start, in which sequence, from cmdline. and even then a GUI will open20:26
KotCzarnyeasier to debug for cssu folks20:26
rhn_mk1ack20:26
KotCzarnyyou can try dissecting installer to check if you missed any steps20:27
rhn_mk1KotCzarny: I'm not concerned about that actually20:27
rhn_mk1only about making a "simple" script to bring a system up to date, and publishing that if I can20:28
KotCzarnyi would refrain from publishing, unless it gets  blessed by cssu folks20:29
KotCzarnyotherwise you will create more troubles than help20:29
rhn_mk1that's why I'm here, asking questions :)20:29
DocScrutinizer05rhn_mk1: if that had been any feasible, CSSU would have done it20:29
DocScrutinizer05the point (among others) is about CSSU installer changing repos, and for that HAM needs to be inactive. Later on you need HAM again to run the CSSU update20:30
rhn_mk1CSSU is one piece of the mess, mirrors are another, dead repositories and useless apps are one more20:31
KotCzarnythank nokia for that situation20:31
KotCzarny:)20:31
rhn_mk1I thank CSSU people for trying to fix that, but if I can make improvements, why not try?20:32
KotCzarnyin perfect world we would have already patched firmware update20:32
KotCzarnybut for various reasons it's not going to happen20:32
KotCzarnydo you know good lawyer?20:32
DocScrutinizer05lazyflashing, click recommended.install, one-click install CSSU and follow the instructions (it actually needs more than one click, which is the point)20:32
DocScrutinizer05this is the canonical method to bring a device up-to-date20:33
KotCzarnyespecially one that tackled big corpo issues20:33
rhn_mk1I figured that's the case20:33
KotCzarnyif you manage to clear the way, we are golden20:33
DocScrutinizer05rhn_mk1: quite a few people looked into CSSU to improve the procedure. If you nevertheless can come up with improvements, don't hesitate to suggest them. However it takes quite some study to avoid the pitfalls in that process CSSU needs to use to switch standard SSU to CSSU20:35
rhn_mk1DocScrutinizer05: the necessary step to updating (and then to customizing) installation is to get the command line to work. but if you're saying it's impossible to update CSSU this way, then I guess there's nothing to be done20:37
rhn_mk1s/update/install/20:37
infobotrhn_mk1 meant: DocScrutinizer05: the necessary step to updating (and then to customizing) installation is to get the command line to work. but if you're saying it's impossible to install CSSU this way, then I guess there's nothing to be done20:37
rhn_mk1huh, neat20:37
DocScrutinizer05it's a two-step process where HAM installs CSSU-enabler and then quits. And CSSU-enabler changes the repos (while HAM being inactive) and then starts HAM (and apt) again to do the real update20:39
DocScrutinizer05iirc20:39
rhn_mk1sounds simple enough, thanks20:40
rhn_mk1does CSSU-enabler use the system-wide sources.list or the HAM one?20:40
DocScrutinizer05you can't automate that process in a simple manner, unless you exploit alarmd or whatever to restart stuff after everything terminated20:40
KotCzarnycssu enabler uses ham in the process20:41
*** err0r3o3_ has joined #maemo20:41
DocScrutinizer05^^^20:41
rhn_mk1I see20:41
rhn_mk1if I get anywhere, I'll let you know20:41
KotCzarnyand most tricky part is ham failing quietly for some users with weird repos/packages20:41
KotCzarnywithout reporting it20:41
rhn_mk1why does it use HAM instead of just apt-get?20:42
DocScrutinizer05there's a possible way to schedule a timed execution of CSSU-enabler from CSSU-enabler's post-install script20:42
DocScrutinizer05but that's... icky20:42
DocScrutinizer05because HAM does more than apt-get20:43
DocScrutinizer05that's why you never install core system stuff via apt20:43
DocScrutinizer05always use HAM for that20:43
rhn_mk1that's important advice, I didn't know20:43
rhn_mk1what is the extra stuff then?20:44
DocScrutinizer05stuff like stoping/starting services etc iirc20:44
*** err0r3o3 has quit IRC20:44
DocScrutinizer05priorities, whatnot else20:44
DocScrutinizer05requesters the user needs to nod off20:44
*** ecc3g has quit IRC20:45
DocScrutinizer05when you e.g install sshd from apt, you nevertheless get a GUI requester you need to nod off, or in this case even enter new password iirc20:46
DocScrutinizer05there's quite some HAM specisic stuff in some packages, and system updates cause HAM dto take care about needed reboots and service restarts and whatnot20:47
DocScrutinizer05I don't know details20:47
DocScrutinizer05I just know "NEVER EVER do a apt-get upgrade|dist-upgrade"20:48
DocScrutinizer05which is what it basically boils down to20:48
DocScrutinizer05((if I get anywhere, I'll let you know)) the problem with this approach usually is: others been there, done that, and found about the hidden issues during weeks of research and bugfixing20:50
DocScrutinizer05it's not as simple as "seems to work for me"20:51
rhn_mk1indeed20:51
rhn_mk1now I agree that it's not something I can do in a weekend20:51
rhn_mk1which is a shame anyway :( scriptability rules20:52
*** ecc3g has joined #maemo20:53
DocScrutinizer05we all agree on that, and it's a sticky topic on CSSU. You may consider CSSU as a "as good as it gets" probably20:54
DocScrutinizer05if there had been a way to streamline it further, *for sure* it had been implemented20:54
DocScrutinizer05the above mentioned alarmd (sort of atd alike cronjob thing) "improvement" has usability / UX issues20:55
DocScrutinizer05the device acts weird, starting stuff without clear plan that would be obvious to the user. Also involves timing isses aka race conditions etc20:57
DocScrutinizer05I *think* "recently" Pali looked into exactly that20:58
rhn_mk1I imagine there's also backwards compatibility issue with all the packages which were written assuming they are installed by HAM too20:58
*** drcode has quit IRC20:58
DocScrutinizer05yes, of course20:58
DocScrutinizer05not in CSSU installation context maybe20:59
DocScrutinizer05but generally of course20:59
*** xy2_ has quit IRC21:00
*** ecc3g has quit IRC21:01
DocScrutinizer05looking at http://wiki.maemo.org/Red_Pill_mode gives an idea what HAM does "behind the scenes"21:07
*** drcode has joined #maemo21:07
DocScrutinizer05note that red pill got re-activated by CSSU21:07
*** ecc3g has joined #maemo21:10
rhn_mk1it's similar to what dnf is doing21:10
DocScrutinizer05age old stuff but maybe still interesting: http://wiki.maemo.org/Task:Improving_the_Application_manager21:11
DocScrutinizer05also note:21:14
DocScrutinizer05~speedyham21:14
infobotextra, extra, read all about it, speedyham is 30 times faster than HAM https://github.com/community-ssu/hildon-application-manager, now included in CSSU.21:14
rhn_mk1is this stable?21:15
PaliI'm using it without any known error21:16
Palifreemangordon optimized parsing apt list/cache so it is really 30 times faster21:16
*** drcode has quit IRC21:17
DocScrutinizer05yes, actually like 32 times21:17
DocScrutinizer05it's in CSSU, that says all about being stable21:18
DocScrutinizer05https://github.com/community-ssu/hildon-application-manager has a nice readme21:19
DocScrutinizer05plus more docs21:20
DocScrutinizer05https://github.com/community-ssu/hildon-application-manager/tree/master/doc21:20
DocScrutinizer05Enrico_Menotti: https://github.com/community-ssu/hildon-application-manager/blob/master/doc/scripting.txt  -  for xexp which actually are X-expressions21:22
*** xy2_ has joined #maemo21:24
DocScrutinizer05>> - `essential`     ::   When present, marks the catalogue as essential.  Essential  catalogues can not be removed or edited by the user.<<21:25
DocScrutinizer05>> If you want to test a multi-package installation script, put the Application Manager into red-pill mode; then it will use the multi-package confirmation dialog when there is more than one package to install.<< gives me some ideas :-D  Particularly re ~jrtools etc21:32
*** arcean has quit IRC21:33
*** ecc3g has quit IRC21:35
DocScrutinizer05Pali: how about creating a multi-package install file to get a "recommended set of tested and found useful packages" installed by one click? Sounds like a convenient thing for (particularly new) users21:37
DocScrutinizer05the multi-package confirmation dialog (known from hildon restore) still allows user to choose which packages to actually get and which to reject21:39
* DocScrutinizer05 glares at http://maemo.cloud-7.de/maemo5/et_al/HAM-catalogs/BM.install in light of `with-temporary-catalogues` instruction. Prolly I should fix that21:42
DocScrutinizer05hmm wait, that's scripting, not installfiles#21:44
DocScrutinizer05LOL!  >> Whenever a memory card is inserted that contains a file called `.auto.install`, that file is processed by the Application Manager. Usually, the `.auto.install` file contains a `card\_install` group, of course.<<21:49
DocScrutinizer05meh! no `with-temporary-catalogues` in .install files21:53
DocScrutinizer05hmm, https://github.com/community-ssu/hildon-application-manager/blob/master/doc/temporary.txt22:01
*** drcode has joined #maemo22:15
freemangordonPali: how am I supposed to install gconf chema file?22:16
*** drcode has quit IRC22:25
DocScrutinizer05https://projects.gnome.org/gconf/  >>Schema files     Application developers create files called schema files, traditionally ending in the .schemas extension. These are in a nice human-readable format.  These files are not used by GConf directly. Instead, when you "make install" or install an RPM/deb package, gconftool can be invoked to take the schemas in the schema file for an application and install them into one of the configuration22:26
DocScrutinizer05sources. The schema install process also associates schema names with keys, so GConf can find the right schema for a given key. ...<<22:26
freemangordonI found something called gconf-schema22:26
bencoh"something"?22:28
Palifreemangordon: see some postinst debian script of some package22:29
Palithey are installed by postinst scripts22:29
Wizzupfreemangordon: so any package on github needs to be packaged, aye?22:30
Wizzupfrom https://github.com/fremantle-gtk222:30
freemangordonWizzup: excluding one or 2, yes22:30
freemangordonWizzup: and most (if not all) need debian/changelg fixed, by the autobuilder script or dunno22:31
*** jkepler has quit IRC22:31
Wizzupthey probably also need control file fixes and such22:31
WizzupSource-Version has to become $source:Version, and other things22:31
WizzupI'd probably aim for all deps of hildon-desktop + hildon-desktop itself first22:32
Wizzupshould be plenty of fun22:32
Wizzupwe have forked gtk2, right?22:32
Wizzupshould we call it gtk2 on disk, or perhaps call it mgtk? (yes, we'd have to change everything that depends on it)22:34
Wizzupjust wondering22:34
freemangordonno, keep it gtk22:38
Wizzupok22:38
Wizzupso it won't break 'normal' applications?22:39
freemangordoniirc I changed debian/changelog22:39
freemangordonyes22:39
Wizzupsweet22:39
Wizzupwe will have to keep it at a higher version than devuan's, or otherwise lock it somehow22:39
freemangordonso hildon-desktop (or some other package) should depend on that modified version22:39
Wizzupmy idea was to add our maemo-devuan things as extra repo22:39
Wizzupok22:39
Wizzupinstead of one 'merged' repo22:39
Wizzupseems easier for us22:39
freemangordonright22:39
parazydWizzup: if you go that way, i'd recommend investigating apt pinning a bit more22:47
parazyddepending on it, you could have the repo push its priority through a specific (meta)package22:48
parazydthis of course applies only for packages existing in devuan22:48
Wizzupshouldn't be too hard22:54
WizzupI've done pinning before I think22:54
Wizzupand to be honest, I don't care if things break in the start, a fix is probably a simple apt-command away22:55
WizzupLet's just get her going, and then we'll figure out what breaks22:55
parazydagree22:57
*** jkepler has joined #maemo22:59
*** rhn_mk1 has quit IRC23:06
*** jja2000 has left #maemo23:13
Enrico_MenottiDocScrutinizer05 https://github.com/community-ssu/hildon-application-manager/blob/master/doc/repository.txt explains extensively what I wanted to know about package domains and the domain file. Thanks for pointing me there. What I miss now is: where is the info stored about the domain a package was originally installed from?23:15
DocScrutinizer05with a ton of salt: I think it's never stored anywhere. with all the puzzling consequences23:17
DocScrutinizer05hildon backup stores a list of package names to re-install, plus a list of cirrently activated repos. If the packages are not mathing the repo list, just too bad23:18
freemangordonit is stored23:18
freemangordonbut I can;t remember where23:18
freemangordonI would guess somewhere in /var/23:19
* freemangordon checks23:19
DocScrutinizer05maybe inside the .deb cache somewhere23:19
DocScrutinizer05I'm pretty sure hildon backup doesn't backup that info, though they rather should23:20
Enrico_MenottiIt should be stored: >>The AM classifies the package repositories into 'domains' and upgrades23:20
Enrico_Menottito already installed packages must (usually) come from the same domain23:20
Enrico_Menottithat the package was originally installed from.<<23:20
freemangordonyes, it is stored23:20
DocScrutinizer05hmm, ok. Take that salt for the soups you eat the rest of your life, then :-D23:21
Enrico_Menotti:)23:23
freemangordonEnrico_Menotti: /var/lib/hildon-application-manager23:25
Enrico_MenottiThanks. I'm investigating.23:27
Enrico_MenottiMaybe I got the whole process. (Or maybe I'm still missing some detail.) I try to recap.23:41
Enrico_Menotti>>Repositories are associated with domains based on the key that they23:41
Enrico_Menottihave been signed with.<<23:41
Enrico_MenottiThe association is in /usr/share/hildon-application-manager/domains/variant-domains.xexp.23:42
Enrico_MenottiWhen a package is installed, the domain it is installed from is recorded.23:42
Enrico_MenottiIn /var/lib/hildon-application-manager there are files beginning with domain. and ending with the domain name, one for each domain defined above. When a package is installed, its name is recorded in the file corresponding to the domain it has been installed from. (Well, I think so.)23:44
Enrico_MenottiNow HAM finds, from the catalogues, a new version available for some package, stored in a certain repo, signed with a certain key.23:45
Enrico_MenottiFrom the key, the repo is associated to a domain.23:45
freemangordonalso, there are domain priorities :)23:45
Enrico_MenottiIf the domain the new version comes from is different from the domain the original package had been installed from, HAM issues the "wrong domain" error.23:46
freemangordonyou can;t install a package from a domain with a lower priority over a one from a domain with a higher23:46
freemangordonno, wrong domain is only where the priority is lower, iirc23:46
freemangordon*when23:47
Enrico_MenottiWith the exception that there is the "trust level" (rather than priority): a package may move from a domain to another with higher trust level.23:47
Enrico_Menottifreemangordon A min, I'm still writing.23:47
Enrico_MenottiNow what I think happens here: the key used for signing the version of the original Nokia repos which is mirrored in muarf.org is not inside my variant-domains.xexp file. As a consequence, the domain associated to the mr0 repo becomes "signed" (it's a fallback of HAM, defined by default). This has trust level 1.23:49
Enrico_MenottiThe original domain of packages contained in mr0 is nokia-system, which has trust level 600.23:50
Enrico_MenottiSo a package having a new version in mr0 may not be installed since it would be moved to a domain with lower trust level.23:51
Enrico_MenottiIf I remove the variant-domains.xexp file, all repos become "signed", but most important the trust levels of all domains are lost. So the nokia-system domain gets trust level 0.23:52
Enrico_MenottiAt this point all updates may be installed, since packages move to a domain identical to the original one, or to signed, which has trust level 1, higher than the trust level of the original domain.23:53
Enrico_MenottiOk, it's just an hypothesis. Does this make sense?23:53
Enrico_Menottifreemangordon Finished, thanks.23:53
*** florian_ is now known as florian23:54
Enrico_MenottiA check would be by finding out the fingerprint of the key used to sign the original Nokia repos mirrored in muarf.org, and see whether or not it is stored in my variant-domains.xexp.23:54
Enrico_MenottiPlease let me know your opinion about this reconstruction.23:55
freemangordonsounds about right23:58
*** l_bratch has quit IRC23:59

Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!