💾 Archived View for gemini.ctrl-c.club › ~phoebos › logs › kisslinux-2021-11-15.txt captured on 2023-01-29 at 03:52:15.

View Raw

More Information

⬅️ Previous capture (2021-12-17)

-=-=-=-=-=-=-

[2021-11-15T00:47:35Z] <adwu> hey how am I exactly supposed to install kiss linux with cryptsetup? I know I will need to use tinyramfs but sadly I couldn’t find anything that documents that
[2021-11-15T00:48:24Z] <tleydxdy[m]> I mostly just followed what I do on arch
[2021-11-15T00:48:29Z] <tleydxdy[m]> and used dracut
[2021-11-15T00:49:01Z] <tleydxdy[m]> wait no, I did handroll one eventually I think
[2021-11-15T00:49:03Z] <tleydxdy[m]> lemme find it
[2021-11-15T00:50:09Z] <adwu> I should encrypt the drive and then start compiling everything on the pseudo drive right?
[2021-11-15T00:50:42Z] <tleydxdy[m]> well, you should install onto a encrypted drive, yes
[2021-11-15T00:52:22Z] <adwu> ok and thats the thing, I am not really sure how to do that because first I need to add the community repo which has cryptsetup and then I need to build cryptsetup but then how am I supposed to encrypt the drive
[2021-11-15T00:53:39Z] <tleydxdy[m]> I installed from an arch system, so I had everything I needed
[2021-11-15T00:53:39Z] <tleydxdy[m]> lol
[2021-11-15T00:53:59Z] <adwu> will cryptsetup handle that qhen I encrypt the drive?
[2021-11-15T00:54:35Z] <tleydxdy[m]> anyway, there's the important parts of my initramfs https://bpa.st/WQVA
[2021-11-15T00:54:50Z] <tleydxdy[m]> you just package it as the init and all the tools it uses and it's good
[2021-11-15T00:55:05Z] <tleydxdy[m]> * it uses into the initramfs and it's
[2021-11-15T00:55:16Z] <tleydxdy[m]> adwu: I didn't get it
[2021-11-15T00:56:18Z] <adwu> wtf
[2021-11-15T00:57:35Z] <adwu> weird anyway how can I package it as the init
[2021-11-15T00:57:55Z] <tleydxdy[m]> you can read up on how to make a initramfs
[2021-11-15T00:59:28Z] <adwu> tinyramfs has no documentation (at least in the github)
[2021-11-15T00:59:32Z] <tleydxdy[m]> e.g. here https://wiki.gentoo.org/wiki/Custom_Initramfs
[2021-11-15T01:01:29Z] <adwu> oh I get it, this is more minimal as well right?
[2021-11-15T01:01:50Z] <tleydxdy[m]> yeah
[2021-11-15T01:01:55Z] <tleydxdy[m]> initramfs is pretty simple
[2021-11-15T01:02:07Z] <tleydxdy[m]> just whatever is needed to mount your root
[2021-11-15T01:02:23Z] <adwu> I sometimes forget that gentoo wiki has everything
[2021-11-15T01:03:41Z] <adwu> thanks man
[2021-11-15T01:03:56Z] <dilyn> theoretically you can just write a shell script that does the commands you would normally do to unlock and mount your disk and embed that in the kernel :v 
[2021-11-15T01:04:18Z] <tleydxdy[m]> yep, what's what I'm doing
[2021-11-15T01:04:28Z] <tleydxdy[m]> kernel efistub
[2021-11-15T01:04:54Z] <dilyn> oh that's what the wiki page is about! nice 
[2021-11-15T01:04:56Z] <dilyn> incredible
[2021-11-15T01:05:08Z] <dilyn> slackware had a guide floating around for writing a small initramfs in C haha
[2021-11-15T01:05:17Z] <tleydxdy[m]> lol
[2021-11-15T01:05:28Z] <tleydxdy[m]> at that point just don't use a initramfs XD
[2021-11-15T01:05:36Z] <dilyn> :v 
[2021-11-15T01:13:44Z] <bujeddhazeus> So, if I may ask... the old kisslinux repos are now active again
[2021-11-15T01:13:57Z] <bujeddhazeus> Why still keep it split?
[2021-11-15T01:14:16Z] <bujeddhazeus> I notice also that it's wayland vs x11
[2021-11-15T01:14:46Z] <bujeddhazeus> I saw a bit on the web about Dylan'a disappearance and I don't mean to pry
[2021-11-15T01:14:57Z] <bujeddhazeus> That's not really what I'm asking
[2021-11-15T01:27:32Z] <dilyn> there isn't a split 
[2021-11-15T01:28:03Z] <dilyn> kiss-community is now just maintaining a community repository which keeps to a similar style as the official repository 
[2021-11-15T01:28:19Z] <dilyn> it only keeps things which don't require X, libressl, etc. 
[2021-11-15T01:29:44Z] <bujeddhazeus> Hmm ok
[2021-11-15T01:30:11Z] <bujeddhazeus> So you dudes ended up reconnecting with Dylan a bit?
[2021-11-15T03:00:18Z] <testuser[m]> Hi
[2021-11-15T03:01:08Z] <bujeddhazeus> Hi
[2021-11-15T03:02:48Z] <dilyn> I just learned how to use macros in vim and it's so powerful 
[2021-11-15T03:05:41Z] <bujeddhazeus> Ah I've not looked into those yet
[2021-11-15T03:06:04Z] <dilyn> basically it's just q<some letter to map the macro to> 
[2021-11-15T03:06:09Z] <dilyn> do the shit you want 
[2021-11-15T03:06:13Z] <dilyn> press q again
[2021-11-15T03:06:36Z] <dilyn> then whenever you hit \@<that same letter you recorded> the macro will execute 
[2021-11-15T03:06:46Z] <dilyn> and you can do n\@<that letter> to do it n times
[2021-11-15T03:07:03Z] <dilyn> so I prepended text to every other line across a thousand lines in less than two seconds. was nice
[2021-11-15T03:07:29Z] <bujeddhazeus> That's pretty cool
[2021-11-15T03:08:10Z] <noocsharp> probably the most important feature that's missing in vi
[2021-11-15T03:08:32Z] <bujeddhazeus> You mean original vi?
[2021-11-15T03:08:40Z] <bujeddhazeus> Or busybox vi?
[2021-11-15T03:08:41Z] <dilyn> unfortunately all my text manipulation work lead to a single, missing :. somewhere in over a thousand lines of text 
[2021-11-15T03:08:42Z] <dilyn> smdh
[2021-11-15T03:08:58Z] <bujeddhazeus> Ouch.
[2021-11-15T03:09:10Z] <noocsharp> i think any vi
[2021-11-15T03:09:16Z] <bujeddhazeus> Ah
[2021-11-15T03:09:26Z] <dilyn> just have to find the line that isn't green but it hurts my eyes lmao 
[2021-11-15T03:10:17Z] <bujeddhazeus> Is there anything you can query for that comes to mind?
[2021-11-15T03:11:36Z] <noocsharp> wdym query for?
[2021-11-15T03:12:03Z] <bujeddhazeus> In vim
[2021-11-15T03:12:06Z] <bujeddhazeus> Press /
[2021-11-15T03:12:13Z] <bujeddhazeus> Then type text to search
[2021-11-15T03:12:38Z] <noocsharp> oh, you were responding to dilyn
[2021-11-15T03:12:40Z] <bujeddhazeus> query/search, whichever :)
[2021-11-15T03:12:43Z] <bujeddhazeus> yeah
[2021-11-15T03:12:50Z] <dilyn> no :\
[2021-11-15T03:13:00Z] <bujeddhazeus> Hrm
[2021-11-15T03:13:01Z] <dilyn> every other line ends in :, every other other line doesn't. lol
[2021-11-15T03:16:37Z] <bujeddhazeus> Search for three consecutive lines not ending with :.
[2021-11-15T03:17:01Z] <dilyn> that was certainly an option 
[2021-11-15T03:17:10Z] <dilyn> I opted for nuking the section and redoing the work 
[2021-11-15T03:17:15Z] <dilyn> with a macro, took five seconds
[2021-11-15T03:17:17Z] <dilyn> incredible 
[2021-11-15T03:17:32Z] <noocsharp> took 5 seconds to execute the macro?
[2021-11-15T03:17:43Z] <noocsharp> or to set it up and then execute it?
[2021-11-15T03:17:44Z] <dilyn> took four seconds to record the macro 
[2021-11-15T03:17:56Z] <bujeddhazeus> Heh coffee?
[2021-11-15T03:18:18Z] <noocsharp> was gonna say, 5 seconds is suspiciously slow...
[2021-11-15T03:18:21Z] <dilyn> it's late and I'm prepping for a presentation the morning and I need to collect this data >=| should've made coffee... 
[2021-11-15T03:18:35Z] <bujeddhazeus> :>
[2021-11-15T03:18:52Z] <noocsharp> powerpoint?
[2021-11-15T03:18:58Z] <dilyn> security related stuff 
[2021-11-15T03:18:59Z] <bujeddhazeus> Nooooo
[2021-11-15T03:19:06Z] <bujeddhazeus> That doesn't exist anymore
[2021-11-15T03:19:28Z] <bujeddhazeus> Neither PowerPoint nor security xD
[2021-11-15T03:19:41Z] <dilyn> there are some scripts that probe some information I have to make use of, but it's hard to get the scripts to run because of how locked down the system is (RO filesystem); that fact alone isn't evidence enough that the system is secure, soooo here I am /shrug 
[2021-11-15T03:20:01Z] <bujeddhazeus> O
[2021-11-15T03:20:21Z] <bujeddhazeus> What, squashfs / ?
[2021-11-15T03:20:26Z] <dilyn> mmhmm
[2021-11-15T03:20:39Z] <bujeddhazeus> Neat
[2021-11-15T03:21:10Z] <bujeddhazeus> Is tmpfs + overlayfs permitted?
[2021-11-15T03:21:15Z] <dilyn> so I have to add the contents of these files to a writeable space, and then bind-mount that writeable space over the read only section
[2021-11-15T03:21:17Z] <dilyn> in this case yes 
[2021-11-15T03:21:52Z] <bujeddhazeus> Like, you can tmpfs, mount bind to lowerdir, mount overlayfs, chroot and run script
[2021-11-15T03:22:13Z] <dilyn> yeah but I need to show it's feasible given the constraints of the system (snaps) 
[2021-11-15T03:22:26Z] <bujeddhazeus> snap eh
[2021-11-15T03:22:59Z] <dilyn> yeah. in some ways (like this case), they're a prime example of choosing security so much it's inconvenient 
[2021-11-15T03:23:10Z] <bujeddhazeus> Heh
[2021-11-15T03:23:14Z] <dilyn> i'm trying to prove it's secure and the only way to do that is abuse holes in security I made xD
[2021-11-15T03:23:15Z] <bujeddhazeus> Well
[2021-11-15T03:23:41Z] <noocsharp> what does "proving it's secure" entail?
[2021-11-15T03:24:06Z] <dilyn> showing that it checks a "large-enough" number of boxes under a CIS Benchmark audit 
[2021-11-15T03:24:35Z] <noocsharp> ah, so basically as rigorous as a mathematical proof
[2021-11-15T03:24:43Z] <bujeddhazeus> You mean https://snapcraft.io/ ?
[2021-11-15T03:24:52Z] <dilyn> yes those snaps bujeddhazeus
[2021-11-15T03:24:58Z] <bujeddhazeus> Ok
[2021-11-15T03:25:10Z] <bujeddhazeus> I'm still old school... qemu
[2021-11-15T03:25:12Z] <dilyn> noocsharp: less rigorous than maths but in a sense 
[2021-11-15T03:25:29Z] <noocsharp> i was joking
[2021-11-15T03:26:04Z] <dilyn> lmao 
[2021-11-15T03:26:13Z] <dilyn> CIS Benchmarks are literally just a PDF. for ubuntu, it's over 500 pages
[2021-11-15T03:26:16Z] <dilyn> fucking absurd 
[2021-11-15T03:26:33Z] <dilyn> 100% CIS is basically an airgapped box that no user can access because no users exist 
[2021-11-15T03:27:59Z] <bujeddhazeus> Heh
[2021-11-15T03:31:15Z] <noocsharp> did you check that the software you're using to read the pdf doesn't have any vulnerabilities
[2021-11-15T03:33:04Z] <bujeddhazeus> It's also a snap
[2021-11-15T03:33:19Z] <bujeddhazeus> Perhaps
[2021-11-15T03:33:48Z] <dilyn> xD 
[2021-11-15T03:34:07Z] <dilyn> my eyes are quite vulnerable so I'm using some *professional tools* (read: bash scripts) to do the testing 
[2021-11-15T03:36:07Z] <noocsharp> should port them to sh
[2021-11-15T03:38:42Z] <dilyn> in this case... probably wouldn't be too hard 
[2021-11-15T03:38:58Z] <bujeddhazeus> Heh
[2021-11-15T03:39:24Z] <bujeddhazeus> `export -f` is bad mkay?
[2021-11-15T03:48:58Z] <dilyn> `OpenSCAP Error: subtype 2 not supported` grrr
[2021-11-15T05:36:47Z] <Natris1979> building go projects is surprisingly difficult when you don't write go everyday :-/
[2021-11-15T05:41:41Z] <tleydxdy[m]> or don't have internet 
[2021-11-15T05:44:58Z] <Natris1979> ah, aur is my friend
[2021-11-15T05:45:18Z] <Natris1979> tleydxdy[m]: yeah, I can imagine. Everything seems to try to hit the internet
[2021-11-15T05:54:41Z] <Natris1979> actually seems quite tricky to make it install this thing and not download anything other than what's in `sources`
[2021-11-15T06:24:20Z] <Natris1979> huh, looks like most people who distribute any go packages of any complexity on kiss just distribute binaries.
[2021-11-15T06:26:35Z] <testuser[m]> I don't think it's possible to drop the network requirement easily
[2021-11-15T06:26:46Z] <testuser[m]> U need to vendor everything imto a folder
[2021-11-15T06:26:54Z] <testuser[m]> Then make go use that
[2021-11-15T06:27:10Z] <testuser[m]> But "modern" projects pull in tons of shit
[2021-11-15T06:27:14Z] <testuser[m]> Like 50-100 deps
[2021-11-15T06:28:06Z] <testuser[m]> Check the dnscrypt-proxy package, it's dependences come bundled in the Tarball only
[2021-11-15T06:29:11Z] <Natris1979> yeah.. I was going to pull in this colour version of `cat` called ccat. And it pulls in like 6 dependencies for a thing that's just some simple syntax highlighting. So now I'm thinking about just going with an old gnu program called source-highlight that does the same thing that was written in C (C++?)
[2021-11-15T06:29:16Z] <Natris1979> so much simpler
[2021-11-15T06:31:15Z] <testuser[m]> I just pipe stuff into my text editor 
[2021-11-15T06:31:23Z] <testuser[m]>  does the same thing
[2021-11-15T06:31:43Z] <testuser[m]> And will have searching capabilities too
[2021-11-15T06:34:09Z] <Natris1979> oh that's smart
[2021-11-15T06:36:07Z] <Natris1979> ls
[2021-11-15T06:52:27Z] <Natris1979> cd /var/db/kiss/community/community/
[2021-11-15T06:52:35Z] <Natris1979> grr. gotta stop doing that
[2021-11-15T06:53:18Z] <Natris1979> lol, my irc client even tab completed that for me for some reason
[2021-11-15T06:53:56Z] <bujeddhazeus> Yep :>
[2021-11-15T06:54:16Z] <bujeddhazeus> irssi does that
[2021-11-15T06:54:54Z] <Natris1979> I guess that could be useful if I was asking about a path or something
[2021-11-15T06:55:23Z] <bujeddhazeus> Yep. Dangerous too
[2021-11-15T06:55:44Z] <bujeddhazeus> Never irc in your work vm
[2021-11-15T06:56:09Z] <Natris1979> true enough. Don't think I ever have, but now I'll be careful not to start
[2021-11-15T06:56:16Z] <bujeddhazeus> Actually, nowadays I don't even directly use linux for irc...
[2021-11-15T06:56:37Z] <Natris1979> do you just use a web browser or something?
[2021-11-15T06:56:47Z] <bujeddhazeus> Phone
[2021-11-15T06:57:03Z] <bujeddhazeus> Hence the capital letters
[2021-11-15T06:57:03Z] <Natris1979> ah interesting. Never even thought about using it on my phone
[2021-11-15T06:57:23Z] <bujeddhazeus> Well actually I'm bridged onto libera via matrix
[2021-11-15T06:57:24Z] <Natris1979> And here I thought you were just a stickler for grammar
[2021-11-15T06:57:32Z] <bujeddhazeus> Haha
[2021-11-15T06:57:35Z] <bujeddhazeus> Both
[2021-11-15T06:57:52Z] <Natris1979> I can respect that.
[2021-11-15T06:58:34Z] <bujeddhazeus> Although, forget capitals on irc when typing
[2021-11-15T06:58:52Z] <bujeddhazeus> Too much of a waste of time
[2021-11-15T06:59:47Z] <Natris1979> I tend to too. But only the first letter of a line for some reason. Not sure how I picked up that habit
[2021-11-15T07:00:39Z] <bujeddhazeus> Heh
[2021-11-15T07:01:42Z] <bujeddhazeus> Probably best to practice for if ever I feel like it would be worth writing a novel or whatever
[2021-11-15T07:03:28Z] <Natris1979> I'm betting you could write a regex to fix that right up. Don't worry too much
[2021-11-15T07:03:47Z] <bujeddhazeus> True
[2021-11-15T07:04:08Z] <bujeddhazeus> After all, it would be written in vim
[2021-11-15T07:04:54Z] <Natris1979> Or if, one day, you feel really brave: vis.
[2021-11-15T07:05:47Z] <testuser[m]>  busybox vi if you're  braver
[2021-11-15T07:06:19Z] <testuser[m]> Has anyone used it ? It doesn't even redraw properly
[2021-11-15T07:06:21Z] <Natris1979> I've been using that for a few days as I play with kiss. Close to biting the bullet for vim though 
[2021-11-15T07:06:34Z] <Natris1979> been fine for me, but it's only been quick edits
[2021-11-15T07:06:36Z] <bujeddhazeus> Heh plan9 eh. Is haiku shipping with vis?
[2021-11-15T07:06:50Z] <bujeddhazeus> testuser: I do
[2021-11-15T07:06:54Z] <bujeddhazeus> Sometimes
[2021-11-15T07:07:37Z] <Natris1979> I haven't actually used vis. I've only read about it. But it seems interesting
[2021-11-15T07:08:10Z] <bujeddhazeus> Heh
[2021-11-15T07:08:10Z] <Natris1979> used to be an Emacs guy
[2021-11-15T07:09:36Z] <bujeddhazeus> Oh wait. Haiku is based on BE os
[2021-11-15T07:10:27Z] <Natris1979> yeah, vis I think is for your modern standard os's. But it's a combination of vim and sam from plan9
[2021-11-15T07:11:16Z] <Natris1979> *OSes
[2021-11-15T07:11:20Z] <bujeddhazeus> Ah I see
[2021-11-15T11:34:13Z] <soliwilos> I've been using vis for a while, instead of vim. It's nice.
[2021-11-15T14:37:12Z] <cem> testuser[m]: busybox vi isn't that bad tbh
[2021-11-15T14:37:38Z] <cem> But then again, I don't mainly use vi
[2021-11-15T14:38:34Z] <cem> I prefer neatvi out of all the vi implementations I've used, and neatvi's biggest problem is that it never redraws automatically
[2021-11-15T14:39:41Z] <cem> You have to do it manually when you spawn a new window in a tiling wm or something like that
[2021-11-15T14:40:35Z] <testuser[m]> couldn't that be fixed trivially
[2021-11-15T14:41:27Z] <cem> Probably, but since I use it for very trivial purposes, I don't mind it that much
[2021-11-15T14:42:01Z] <cem> Pressing Ctrl+L every once in a while is easier than editing its source code
[2021-11-15T14:43:35Z] <cem> Also, I don't think neatvi has a window event loop that catches things like resizes
[2021-11-15T14:46:15Z] <testuser[m]> how else would it poll input then, without loop
[2021-11-15T14:46:24Z] <testuser[m]> kyx0r's fork seems to have it , atleast
[2021-11-15T14:47:32Z] <cem> I think it loops for input rather than window events
[2021-11-15T14:47:50Z] <cem> I'll check kyx0r's fork
[2021-11-15T14:48:37Z] <testuser[m]> yeah i mean that only
[2021-11-15T14:48:47Z] <testuser[m]> it could have a signal handler that just sets a variable
[2021-11-15T14:48:50Z] <testuser[m]> and the loop checks that
[2021-11-15T14:49:03Z] <cem> why a build.sh instead of Makefile
[2021-11-15T14:49:07Z] * cem shakes head
[2021-11-15T14:50:06Z] <cem> yeah, it doesn't have the same issue with upstream
[2021-11-15T14:50:09Z] <cem> neat!
[2021-11-15T14:51:20Z] <cem> Ah, it seems upstream also fixed this issue
[2021-11-15T14:51:29Z] <cem> It's just not released yet
[2021-11-15T20:17:12Z] <acheam> yay with git 2.34, commits can now be signed with OpenSSH!
[2021-11-15T20:17:20Z] <acheam> always happy to see less dependence on GNU
[2021-11-15T21:40:49Z] <noocsharp> signify when
[2021-11-15T22:01:11Z] <phoebos> cem: the build.sh was to keep to POSIX while getting the #defines right across *nixes
[2021-11-15T22:03:06Z] <phoebos> personally i'd have used an #ifdef BSD in the code but idk