💾 Archived View for gemini.ctrl-c.club › ~phoebos › logs › kisslinux-2024-03-30.txt captured on 2024-05-26 at 15:54:31.
⬅️ Previous capture (2024-05-10)
-=-=-=-=-=-=-
[2024-03-30T06:01:33Z] <testuser[m]> https://codeberg.org/kiss-community/repo/issues/183#issuecomment-1721814 [2024-03-30T11:58:23Z] <Guest47> hi, is lvm2 and cryptseutp support static linking? [2024-03-30T12:14:32Z] <testuser[m]> Guest47 they should, but why? [2024-03-30T12:15:29Z] <solaare> why is a software like xz getting regular updates anyway?? shouldnt this type of stuff be "finished" software? [2024-03-30T12:15:44Z] <solaare> another example of useless engineering [2024-03-30T12:20:01Z] <Guest47> testuser: i'm trying to package them in oasislinux, so they should support static linking [2024-03-30T12:22:17Z] <Guest47> i can see that cryptsetup supports static linking. but I'm not sure about lvm2. however, i think from lvm2 i only need device mapper [2024-03-30T12:24:17Z] <Guest47> i hate to deal with all of those complex softwares just to encrypt my #HOME partition [2024-03-30T12:31:49Z] <testuser[m]> Guest47 you can check out ecryptfs [2024-03-30T12:36:19Z] <Guest47> this looks interesting as fuck! [2024-03-30T12:38:08Z] <Guest47> so i just need to enable it in my kernel? [2024-03-30T12:52:48Z] <Guest47> testuser: i can see there is other options too like fscrypt. what would you recomannd? [2024-03-30T12:52:51Z] <Guest47> bruh [2024-03-30T12:55:35Z] <Guest47> sorry my internet just disconnectd [2024-03-30T12:56:34Z] <Guest47> so about ecryptfs, i just need to enable it in the kernel? [2024-03-30T12:57:56Z] <Guest47> testuser: also, i see there is some other options, such as fscrypt. what would you recommand? [2024-03-30T12:58:25Z] <testuser[m]> ecryptfs yes but you need userspace helpers for it [2024-03-30T12:58:41Z] <testuser[m]> not heard of fscrypt, will check it out [2024-03-30T12:59:19Z] <testuser[m]> https://wiki.archlinux.org/title/Fscrypt fscrypt might be better according to this [2024-03-30T13:03:45Z] <Guest47> with ecryptfs, do you thing it is possible to a nation state to decrypt the partition, like seriously [2024-03-30T13:04:33Z] <testuser[m]> it just says its using older crypto, not broken crypto [2024-03-30T13:04:46Z] <testuser[m]> as for a nation state they would just put a gun to ur head and ask u to unlock, not try to crarck it [2024-03-30T13:08:24Z] <Guest47> lool i should stop pretending to be nerd [2024-03-30T13:09:11Z] <Guest47> thanks man, you was very helpful [2024-03-30T14:39:48Z] <midfavila> hey [2024-03-30T14:39:48Z] <midfavila> so [2024-03-30T14:39:54Z] <midfavila> don't think it affects kiss [2024-03-30T14:40:05Z] <midfavila> but it might so upstream should still check it out if they haven't already [2024-03-30T14:40:32Z] <midfavila> there's an exploit that was patched into xz's upstream source that ends up affected openssh because stack shenanigans or something [2024-03-30T14:40:55Z] <midfavila> https://boehs.org/node/everything-i-know-about-the-xz-backdoor [2024-03-30T14:42:04Z] <midfavila> also mentions the same user responsible for the xz problems messing with libarchive [2024-03-30T14:45:17Z] <midfavila> systemd and certain patches for openssh are known vulnerable but there's no guarantee for other combinations according to https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27 [2024-03-30T14:45:31Z] <midfavila> same gist also says that only glibc systems are affected due to musl lacking certain symbols [2024-03-30T14:45:44Z] <midfavila> so musl kiss is safe, but gkiss users might want to look into things [2024-03-30T14:57:22Z] <sad_plan> seems to have been resolved here by downgrading to 5.4.2. which is the newest without commmits from this individual iirc [2024-03-30T14:57:41Z] <sad_plan> atleast for kiss. I havent checked gkiss [2024-03-30T14:58:05Z] <sad_plan> alpine and arch, and probably others aswell, seems to instead just use the git tag instead of the generated tarball [2024-03-30T15:01:56Z] <midfavila> okay, cool. i figured someone here was aware of it but i wanted to make sure [2024-03-30T15:02:06Z] <midfavila> i'll have to drop my fork down a minor version [2024-03-30T15:02:09Z] <midfavila> it's still on 5.4.3 [2024-03-30T15:02:20Z] <midfavila> i mean not like i've used kiss in ages but still [2024-03-30T15:02:27Z] <midfavila> hoping to get back into it soon [2024-03-30T15:03:13Z] <sad_plan> yeah, better be on the safe side and let people know [2024-03-30T15:03:41Z] <midfavila> mmhm [2024-03-30T15:41:28Z] <phinxy> Phew, sometimes it pays to not upgrade. xz/liblzma 5.2.5. [2024-03-30T20:25:14Z] <sewn> when new tarball testuser[m]