IRC log of #maemo for Saturday, 2017-07-08

*** louisdk has joined #maemo00:35
*** xorly has quit IRC01:23
*** Kabouik_ has joined #maemo01:35
DocScrutinizer05Pali: (CVE) https://botbot.me/freenode/devuan/2017-07-04/?msg=88110981&page=101:46
DocScrutinizer05could say "I knew it"01:47
Palimore interesting part, that CVE was assigned by Red Hat Security01:49
DocScrutinizer05CVE >>systemd v233 and earlier fails to safely parse usernames starting with a numeric digit<< is incorrect01:50
DocScrutinizer05LOL01:50
DocScrutinizer05so that's an even more evil spin? create an incorrect CVE just to close it as NOTABUG as well then?01:51
Palitechnically CVE description is correct. systemd does not parse usernames with with digit correctly01:52
Palithat is truth01:52
DocScrutinizer05fact is (according to explanation from the poettering horse's mouth): systemd DOES parse the parameter value, but detects it's malformed and thus ignores the whole parameter01:52
Palifrom security point of view, this is unsafe parsing01:53
DocScrutinizer05when user= parameter gets ignored, the default kicks in which is user=root01:53
DocScrutinizer05yes, from security POV, but obviously not from Pezzering's POV01:53
DocScrutinizer05poettering*01:53
DocScrutinizer05he intentionally designed stuff that way01:54
DocScrutinizer05though obviously when right side of = is incorrect MUST be another class of error than when left side of = is incorrect01:54
Palilooks like some rh sec team see it differentely as poettering and assigned for it cve even poettering disagreed...01:55
DocScrutinizer05in systemd it's all the same01:55
DocScrutinizer05please see https://botbot.me/freenode/devuan/2017-07-04/?msg=88110981&page=101:55
Palisystemd-sysusers... bah!01:56
DocScrutinizer05this is a bug in concept/design01:56
DocScrutinizer05indeed X-P01:56
DocScrutinizer05>>when a parameter has syntactically invalid *value* then the whole parameter is considered as "unknown". This makes extreme NONsense here since when admin writes "user=" they _never_ expect that parameter gets silently ignored because of syntactically invalid value (user="666poettering") and thus the job gets ran as default root instead<<01:57
PaliI read it how it was designed, and... no comment01:59
DocScrutinizer05actually that's a bug from OVERdoing sanity checks. A simple check if right side value of "user=" is an *existing user allowed for that job* would completely suffice02:00
DocScrutinizer05let the system take care about users that start with a number, it's not systemd to judge if that's allowed username or not02:01
DocScrutinizer05https://xkcd.com/1700/ <- systemd02:04
*** merlin1991 has quit IRC02:09
*** merlin1991 has joined #maemo02:10
DocScrutinizer05simply comment out that cruft bullshit syntactical check of user= *value* and everything fine02:14
*** Pali has quit IRC02:19
*** dafox has joined #maemo02:23
*** louisdk has quit IRC02:46
*** florian has quit IRC02:47
*** xy2_ has quit IRC02:58
*** dafox has quit IRC03:01
*** xy2_ has joined #maemo03:01
*** xy2_ has quit IRC03:08
*** xy2_ has joined #maemo03:09
*** infobot has quit IRC03:19
*** infobot has joined #maemo03:21
*** Kabouik_ has quit IRC03:29
*** Kabouik_ has joined #maemo03:30
*** rosseaux has joined #maemo03:33
*** jrg has left #maemo05:03
*** xes has joined #maemo05:25
*** Kabouik_ has quit IRC05:41
*** Kabouik has quit IRC05:43
*** pagurus has quit IRC06:17
*** pagurus has joined #maemo06:18
*** Pakke has joined #maemo06:47
*** Pakke has quit IRC06:55
*** mrs has joined #maemo08:15
*** mrs has quit IRC08:16
*** Pali has joined #maemo10:08
*** err0r3o3 has joined #maemo10:15
*** err0r3o3_ has quit IRC10:18
*** Vajb has quit IRC11:16
*** louisdk has joined #maemo11:19
*** L29Ah has left #maemo11:22
*** Vajb has joined #maemo11:33
*** L29Ah has joined #maemo11:38
*** L29Ah has left #maemo11:45
*** Vajb has quit IRC11:56
*** Vajb has joined #maemo11:58
*** xorly has joined #maemo11:59
*** L29Ah has joined #maemo12:02
siceloi have annoying random reboots on my n900. nothing useful shown by syslog12:33
L29Ahoverclocking?12:35
sicelowhat is a bit strange is that the device time gets reset, hinting at a loose battery. however i can confirm that the battery is sitting snug in it's place. also, the reboot takes place with the device untouched, laying on flat table12:35
sicelono overclocking12:35
KotCzarnyyou've got a virus :P12:35
L29Ahthe time thing is very strange12:36
KotCzarnyyeah, it suggests loose power12:36
L29Ahhow frequently do you see the resets?12:36
sicelovery randomly. few minutes ago it rebooted, as well as about 8 hours ago12:37
L29Ahi'd start logging the battery voltage every second or so12:37
sicelowill do, but i don't think it's a problem with the battery itself (besides being loose somehow if that's the case)12:39
siceloanyone knows what relationship, if any, exists between KP53 and 2.6.28.10-cssu3 kernels?12:41
L29Ahdoes n900 support voice calls over 3g?12:54
buZzyes12:54
sicelois there a phone that doesn't?12:56
buZznokia 331012:58
L29Ahi remember i had to switch networks manually to be able to make calls when i was in .ua12:59
sicelohaha, should of said 'a phone with 3g that doesn't support voice calls over 3g12:59
L29Ahmaybe they've messed something up on their side12:59
sicelowhat could you do on 3G? just Internet?13:00
L29Ahyes13:01
siceloyes most of the problem must been on your provider's side, although N900's modem is not necessairly the best around :(13:02
siceloi'm facing opposite problem L29Ah - serious internet issues on 3g, so much that i've disabled it completely now13:03
buZzsicelo: oooooo ;)13:03
L29Ahworks like a charm for me atm13:03
sicelothe operator is at fault because i get the same problem on a 3g stick, but N900 is worse. at least the dongle and SGS4 eventually get through13:04
buZzi wonder if you could just block the nonfunctioning cell towers13:06
buZz(what this all sounds like)13:06
sicelo3.5G works fine. 3G absolutely not. i don't think it's cell tower problem because it is the same whether i remain in the same place or go somewhere else13:08
*** L29Ah has left #maemo13:10
siceloi guess they are oversubscribing their equipment capabilities13:10
sicelowild guess .. not sure if it would really cause the issue13:11
*** xes_ has joined #maemo13:16
*** louisdk has quit IRC13:17
*** xes has quit IRC13:18
*** TheKit has joined #maemo13:26
*** NeKit has quit IRC13:30
*** louisdk has joined #maemo13:58
*** L29Ah has joined #maemo14:06
*** L29Ah has left #maemo14:08
*** L29Ah has joined #maemo14:09
*** louisdk has quit IRC14:16
*** L29Ah has left #maemo14:42
*** Vajb has quit IRC14:54
*** louisdk has joined #maemo14:57
*** stryngs has quit IRC15:21
*** dafox has joined #maemo15:26
*** louisdk has quit IRC15:36
*** l_bratch has quit IRC15:37
*** louisdk has joined #maemo15:37
*** l_bratch has joined #maemo15:38
*** l_bratch has quit IRC15:42
*** l_bratch has joined #maemo15:46
*** louisdk has quit IRC15:48
*** xes__ has joined #maemo15:50
*** Vajb has joined #maemo15:51
*** xes_ has quit IRC15:53
*** heroux has quit IRC16:00
*** L29Ah has joined #maemo16:02
*** peetah has quit IRC16:06
*** xy2_ has quit IRC16:06
*** xes__ is now known as xes16:17
DocScrutinizer05sicelo: there's no difference between 3.5G and 3G. 3.5G is just 3G with turbo engaged, much like EDGE for 2G makes it 2.5G16:19
siceloyes, i am aware of that.16:20
*** heroux has joined #maemo16:20
DocScrutinizer05technically it's just a channel bundling, when the base station offers to the phone to use more channels in parallel16:20
*** Sicelo009N has joined #maemo16:21
siceloi wish i knew why exactly i have the problems i have ... but t's all going to just be conjecture unless i get a listening, interested ear at the ISP16:23
DocScrutinizer05L29Ah: of course N900 can do 3G voice cals16:24
sicelothankfully 2.5G serves most of my needs well 90% of the time16:24
xes...but... since operators are removing 2g and 3g channels to install 4g devices... i would not expect much from edge and 3.5g16:24
L29Ahbtw how do i check out the modem status?16:25
DocScrutinizer05well, depends on where you are16:25
siceloyes xes. sucks16:25
L29Ahlike the used modulation and signal levels16:25
DocScrutinizer05then there's also coexistence of LTE with UMTS and GSM on same band afaik16:25
DocScrutinizer05L29Ah: there's an app "network monitor" or sth16:26
DocScrutinizer05as good as it gets regarding service data16:26
Sicelo009Ncellnet-info i think ..16:26
DocScrutinizer05Sicelo009N: your reboot problem sounds scary16:28
DocScrutinizer05did you check the reboot reason logs?16:28
DocScrutinizer05also make sure df -h isn't critical16:29
*** xy2_ has joined #maemo16:29
siceloi have 60% free rootfs, and nothing specific in syslog16:30
siceloi do think somehow my battery contcts are at fault as that's the only thing explaining the time resets16:31
DocScrutinizer05not syslog, those dsme logs16:32
sicelowhere can i get them16:32
Sicelo009N /proc/bootreason currently has '32wd to' - watchtdog .. no idea what was hung, if that's what it means16:33
DocScrutinizer05 /var/lib/dsme/stats/lifeguard_restarts16:34
DocScrutinizer0532vd TimeOut, yes16:35
DocScrutinizer05watchdog timeout16:35
DocScrutinizer05http://paste.ubuntu.com/25046492  I should clear that file16:36
sicelo4 lines should be safe to paste, from my lifeguard_restarts16:36
Sicelo009N/usr/bin/ohm-session-agent: 116:37
Sicelo009N/usr/bin/camera-ui: 116:37
Sicelo009N/usr/bin/syncd: 116:37
Sicelo009N/usr/bin/hildon-status-menu: 216:37
DocScrutinizer05you might want to run a htop sort:cpu% via ssh/WLAN, this will stall with most busy app on top on a reboot16:39
*** Kabouik_ has joined #maemo16:40
DocScrutinizer05syslog might not even catch the culprit. decent dmesg --follow (plus a few other options for getting all messages) will do a better job prolly16:42
DocScrutinizer05alas messybox dmesg is fubar, like everything messybox16:42
L29Ah/usr/bin/camera-ui: 9716:43
L29Ahhmm16:43
DocScrutinizer05you also may want to check mtdoops16:43
L29Ah/sbin/mce --force-syslog: 116:43
L29Ahi wonder what are those numbers16:43
DocScrutinizer05number of reboots?16:43
siceloyes i thout about mtdoops .. no idea how to read the info there however16:44
*** peetah has joined #maemo16:44
L29Ahhow does it correspond reboots with concrete binaries?16:44
DocScrutinizer05~pkg16:44
infobotpkg is probably http://maemo.org/packages/16:44
DocScrutinizer05L29Ah: task that caused reboot I guess16:44
L29Ahhow can a task cause a reboot?16:45
DocScrutinizer05via watchdog timeout?16:45
KotCzarnyhogging resources?16:45
DocScrutinizer05when the task stalls (busyloops, hangs) in a kernel syscall16:45
DocScrutinizer05or whatever16:45
DocScrutinizer05not entirely sure16:45
DocScrutinizer05never looked into details#16:45
*** peetah has quit IRC16:46
DocScrutinizer05http://maemo.org/packages/view/sp-oops-extract/16:48
DocScrutinizer05sp-oops-extract /dev/mtd216:50
*** Vajb has quit IRC16:50
Sicelo009Ninstalling. is output human readable?16:51
*** louisdk has joined #maemo16:51
DocScrutinizer05sort of16:52
*** Vajb has joined #maemo16:52
DocScrutinizer05don't ask me what's >>[ 7497.347198] Kernel panic - not syncing: Fatal exception<<16:52
DocScrutinizer05http://paste.ubuntu.com/2504658016:53
Sicelo009Nhaha, i have a couple of those lines16:53
*** peetah has joined #maemo16:55
L29AhYou don't have permission to access /packages/view/sp-oops-extract/ on this server.16:55
DocScrutinizer05also timestamps are not really useful16:55
Sicelo009N /dev/mtd2 survives flashing? i see mention of cutetube, which i haven't installed since my reflash16:56
DocScrutinizer05err wut? blacklisted?16:56
*** peetah has quit IRC16:56
DocScrutinizer05dev/mtd{1,2} survive flashing, yes16:56
DocScrutinizer05so does dev/mtd416:57
sicelook16:57
DocScrutinizer05afaik16:57
DocScrutinizer05dev/mtd0 survices normal falshing, not coldflashing16:57
*** peetah has joined #maemo16:58
DocScrutinizer05dev/mtd4 initfs always bugged me due to its complete uselessness16:59
DocScrutinizer05Pali: couldn't we patch 0xffff to concat dev/mtd4 into dev/mtd3 kernel, to make it twice as large?17:00
PaliDocScrutinizer05: no17:01
Palipartition layout is hardcoded in NOLO17:01
DocScrutinizer05I *guess* kernel itself doesn't mind at all how long it is and if it extends over "partition" borders17:01
DocScrutinizer05WAAAH kill NOLO!!!17:01
DocScrutinizer05friggin pile of shit17:02
Palibut... in CAL is stored partition layout too17:02
DocScrutinizer05o.O oooooh17:02
Paliand IIRC NOLO first use partition layout from CAL and then fallback to hardcoded values17:02
DocScrutinizer05makes sense17:02
PaliI used this "hack" when debugged in qemu17:02
DocScrutinizer05do you know a keyword to search for in CAL?17:03
Paliso I was able to put larger zImage into nand17:03
DocScrutinizer05exactly my plan :-)17:03
Paliproblem is: format of partition layout is undocumented17:03
DocScrutinizer05:-S17:03
Palinokia released only tool called "qflasher" which prepares MTD dump for qemu17:03
Paliand fill it also with CAL data17:03
DocScrutinizer05oooooh17:04
Paliand one parameter for qflasher is size of each partition17:04
Palitool is of course closed, i386 only17:04
DocScrutinizer05F U NOKIA!!!!17:04
Paliand probably lost...17:04
Palisomewhere I have copy on my hdd17:04
DocScrutinizer05err lost?17:04
DocScrutinizer05please share!17:04
Palinot available on internet anymore17:04
*** florian has joined #maemo17:05
*** louisdk has quit IRC17:06
DocScrutinizer05http://wstaw.org/m/2017/07/08/plasma-desktopGy8317.png  ;-D17:08
xesmaybe qflasher is the same of meego? http://www.mmnt.net/db/0/0/sower.yandex.ru/mirrors/meego/releases/1.2.0/repos/non-oss/source17:10
*** florian has quit IRC17:11
*** florian has joined #maemo17:12
xesnon-oss... ops17:12
DocScrutinizer05http://maemo.cloud-7.de/maemo5/dirsnapshot2.png17:14
DocScrutinizer05xes: well, it still has a src.rpm, which stalls so far for me on opening it17:16
DocScrutinizer05URL: ftp://sower.yandex.ru/mirrors/meego/releases/1.2.0/repos/non-oss/source/qflasher-21-1.1.src.rpm  The requested operation could not be completed   Connection to Server Refused17:17
DocScrutinizer05rogue content?17:17
DocScrutinizer05http://www.mmnt.net/db/0/0/sower.yandex.ru/mirrors/meego/releases/1.2.0/repos/non-oss/source/qflasher-21-1.1.src.rpm (synthesized URL)  Requested page not found.17:19
xesDocScrutinizer05: yep for me too... but mmnt caches contents not always available. We should retry.. i think it is the first time i can see those files17:19
xesPali: maybe you already have those files? ^^17:21
PaliI have these files: qflasher-21-1.2.i586.rpm qflasher-21-1.1.src.rpm qflasher-17-1.3.src.rpm17:23
Palibut *src* files contains only spec file and ELF binary17:23
Palino source code17:23
Palisources were never released17:23
DocScrutinizer05o.O wow how nasty17:25
DocScrutinizer05hmm?  >> Защита от вируса «WannaCry»: прямые ссылки на заплатки от Microsoft, скрипт для проверки локальной сети на уязвимость<< ?17:28
*** Vajb has quit IRC17:29
xesads?17:32
*** Vajb has joined #maemo17:35
*** florian has quit IRC17:37
*** xes has quit IRC17:41
DocScrutinizer05no idea, I just see WannaCry17:42
*** utanapischti has quit IRC17:58
*** utanapischti has joined #maemo18:04
*** xes has joined #maemo18:12
*** Sicelo009N has quit IRC18:24
*** Konsieur has joined #maemo18:41
*** louisdk has joined #maemo18:42
*** Kabouik_ has quit IRC18:43
*** cyteen has quit IRC18:45
*** merlin1991 has quit IRC18:46
*** merlin1991 has joined #maemo18:46
*** Smily has quit IRC18:52
*** Smily has joined #maemo18:53
*** Smily has quit IRC19:06
*** Smily has joined #maemo19:13
DocScrutinizer05Pali: https://github.com/systemd/systemd/issues/630919:21
KotCzarnyhehe, you are now officially marked as a troll by poetterheads19:22
Palipoettering probably do not know about getpwnam() function19:23
Palifor converting username to uid19:25
PaliI bet that ticket would be locked and discussion about it forbidden19:26
DocScrutinizer05I give a shit about what tags poetterheads give me ;-)19:30
DocScrutinizer05Pali: feel free to comment on that ticket and mention getpwnam() function as the only "sytaxcheck" needed for the parameter value19:31
DocScrutinizer05note: >>The getpwnam_r() and getpwuid_r() functions are thread-safe.<<19:34
DocScrutinizer05but I guess poettering already does that, just he added a nonsensical syntax check for the username before, and - even worse - he makes systemd just ignore the whole parameter if that syntax check fails19:40
*** Kabouik_ has joined #maemo20:17
*** Konsieur has quit IRC20:20
*** stryngs has joined #maemo20:33
*** cyteen has joined #maemo20:54
*** xy2_ has quit IRC20:57
*** Konsieur has joined #maemo20:58
*** Kabouik_ has quit IRC21:01
*** Konsieur is now known as Kabouik_21:02
*** xy2_ has joined #maemo21:31
*** Kabouik has joined #maemo21:33
*** xy2_ has quit IRC21:42
*** xy2_ has joined #maemo21:45
KotCzarnydoc, your ticket is already closed as 'fixed' ;)21:48
*** xy2_ has quit IRC21:51
*** xy2_ has joined #maemo21:53
DocScrutinizer05LOL22:04
Wizzupwell, in their defence, they made a PR with the fix22:07
Wizzupthe PR just hasn't been merged yet, so perhaps closing the issue is a bit weird22:07
L29Ahi wonder if it will be silently merged w/o a word from lennart22:08
KotCzarnyor unmerged some time after ? ;)22:09
KotCzarnyor fixed the fix22:09
L29Ahnah, he's not /that/ asshole22:09
KotCzarnyhaha22:09
KotCzarnythat's what dead people say when someone stupid destroys whole civilisation22:09
L29Ahhe's a fulltime redhat employee, no?22:10
L29Ahi guess this would be noticed by a few enterprise customers22:11
DocScrutinizer05I already wonder how long until RH bosses will kick Lennart's arse22:20
sicelois he not a boss?22:21
DocScrutinizer05I mean, the evil "how to achive world dominion" plan made up by RH a decade ago already is one thing, poor coding skills and bug handling is a whole different story22:22
DocScrutinizer05Lennart is not RH boss afaik, not at all22:22
WizzupRH mostly doesn't like lennie.22:26
Wizzupbut surely we have better things to do with -our- time than worry about lennie22:27
siceloindeed22:38
*** xy2_ has quit IRC23:01
*** florian has joined #maemo23:03
*** xy2_ has joined #maemo23:07
DocScrutinizer05I'm not worried about that person, rather about the general direction the linux world gets pushed to, and by whom and why23:15
*** dafox has quit IRC23:25

Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!