| rinigus | Morning! I wonder where and how is the security code stored on device? | 06:28 |
|---|---|---|
| rinigus | Got somehow reset to unknown value when I encrypted /home partition | 06:29 |
| rinigus | turns out that my trouble with the security code is induced by a bug: https://forum.sailfishos.org/t/security-code-requested-before-set-on-fresh-install | 14:51 |
| krnlyng | i'm back on irc o/ | 14:51 |
| rinigus | major roadblock for encryption :( | 14:51 |
| rinigus | o/ | 14:52 |
| T42_ | <eugenio_g7> is /var/lib/sailfish-device-encryption/encrypt-home present when you hit the bug? | 15:02 |
| makinop09 | Hey, I am looking to buy a device, and would like to port sailfish os to it. Is there anything in specific I should try avoiding? Like a specific vendor/SoC/something else that can make the porting process harder? | 15:02 |
| T42_ | <TheVancedGamer> I would say avoid MTK if it's not xiaomi | 15:07 |
| T42_ | <TheVancedGamer> If it's a Xiaomi and it's MTK then you're fine | 15:07 |
| makinop09 | cool, anything else? | 15:08 |
| rinigus | @eugenio_g7: will have to check | 15:08 |
| T42_ | <TheVancedGamer> Avoid no-label phones, they are a waste of money, Samsung's should only be bought if not upgraded to Android 11 | 15:09 |
| T42_ | <NotKit> makinop09, basically check if you can get kernel source code for that particular model and that it shipped with Android <= 10 | 15:15 |
| rinigus | @eugenio_g7: will take a bit of time, sorry. polishing systemd units a bit | 15:19 |
| T42_ | <eugenio_g7> rinigus: no worries, not even sure it will help in your case - but I assume that since that file being there triggers home encryption I think it's a cheap way to also determine if the unlock code has been set already (since it's required by the stock encryption stuff) | 15:21 |
| rinigus | @eugenio_g7: I don't think it is there. peeked right now, but would have to reflash to check it properly. I don't install Jolla's encryption packages on my port | 15:23 |
| T42_ | <eugenio_g7> oh ok (that file is removed once encryption is done as far as I remember) | 15:24 |
| rinigus | @eugenio_g7: but I guess it comes from some package... | 15:25 |
| rinigus | ... will check and report back when I get there. | 15:26 |
| T42_ | <eugenio_g7> rinigus: not that I remember, it's only touched when you want to get the home partition encrypted (i.e. recent xperia official images ship the file since they encrypt /home by default) | 15:32 |
| T42_ | <eugenio_g7> But now I see that the you implemented a custom setup wizard as well so it won't probably be set :) So it's probably something else | 15:32 |
| rinigus | @eugenio_g7: nope, it is not set in my implementation... but I do wonder ... | 15:37 |
| rinigus | As far as I remember, SFOS screen lock is one more closed source component, right? | 15:44 |
| T42_ | <eugenio_g7> yes... | 15:48 |
| rinigus | GOTCHA! PIN is set as luks keyslot 0 password on /dev/mapper/sailfish-home | 15:49 |
| rinigus | @eugenio_g7 | 15:49 |
| rinigus | so, if I set LUKS password as 12345 and then continue with the setup, I can use 12345 in "confirm security code" question and ... pass it! | 15:51 |
| rinigus | I wonder if renaming /dev/mapper/sailfish-home into something different would help. | 15:52 |
| rinigus | was not an issue when I used /encrypted.img file. maybe just changing name will help. will test a bit later... | 15:53 |
| T42_ | <eugenio_g7> omg, so on encrypted partitions it *only* uses the luks slot? Might explain why screen unlock has been slower since I enabled encryption | 15:54 |
| rinigus | 2 seconds for luks check, I presume. | 15:54 |
| rinigus | but it probably caches it somehow | 15:54 |
| T42_ | <eugenio_g7> and I take that if you complete the sfos setup, then kill the slot it will still ask you for the unlock code | 15:55 |
| rinigus | @eugenio_g7: exactly! so, it didn't help to make setup, copy /home to /home.1, encrypt, get /home data back. suddenly, my pin which was fine on nonencrypted device didn't work. | 15:56 |
| T42_ | <eugenio_g7> haha nice, I wonder if moving the LUKS header somewhere else might help | 15:57 |
| rinigus | to be fair, it is as good place to keep pin as any other. just it is a PAIN if you encrypt it properly :) | 15:58 |
| T42_ | <eugenio_g7> so I guess either renaming (since well, you handle unlock yourself anyways) or (possibly) moving the header elsewhere (not sure how sfos will behave though!) | 16:01 |
| rinigus | @eugenio_g7: renaming will be first to test as it is easier | 16:05 |
| rinigus | one more tip - changing pin, changes it on luks slot. doesn't have to be 0 keyslot, but probably the first available one | 16:16 |
| u0_a168 | TheVancedGamer: what's a no-label phone? | 16:50 |
| T42_ | <TheVancedGamer> Some generic no name Chinese phones | 16:50 |
| u0_a168 | also, why do i need an android device that shipped with android <= 10? | 16:51 |
| u0_a168 | coz halium? | 16:51 |
| u0_a168 | notkit: ^ | 16:51 |
| T42_ | <TheVancedGamer> Yep | 16:52 |
| T42_ | <TheVancedGamer> 11 doesn't exist yet | 16:52 |
| u0_a168 | oh, is support planned for it? | 16:52 |
| T42_ | <TheVancedGamer> Well libhybris kinda works but it's very minimal | 16:53 |
| T42_ | <TheVancedGamer> So right now it's nothing | 16:53 |
| u0_a168 | well, technically, one could try building lineage 18.1, and then use it right? | 16:55 |
| T42_ | <TheVancedGamer> Well actually no | 16:55 |
| T42_ | <TheVancedGamer> Binderized HALs make it hard | 16:56 |
| T42_ | <TheVancedGamer> u0_a168: why is your username like confined Android apps? | 17:02 |
| T42_ | <TheVancedGamer> /version@SailfishFreenodeIRCBridgeBot | 17:03 |
| u0_a168 | TheVancedGamer: I am on weechat, inside termux | 17:04 |
| u0_a168 | on android | 17:04 |
| T42_ | <TheVancedGamer> Ohh | 17:05 |
| T42_ | <TheVancedGamer> Oh so that's termux's id | 17:06 |
| u0_a168 | yeah | 17:06 |
| u0_a168 | is there a page that lists what components work and what don't under libhybris? | 17:12 |
| rinigus | @eugenio_g7: and renaming managed to hit security issue. I was asked to "confirm with the security code" and it was accepting either X or some random code. | 17:13 |
| rinigus | (all during setup) | 17:13 |
| rinigus | random code entered once and was set as security code. let's see if it persist over reboot | 17:13 |
| rinigus | persisted nicely. so, security code was set different to luks password. | 17:15 |
| rinigus | just was sufficient to rename LVM LV to home-open :) | 17:16 |
| T42_ | <elros34> ua_a168: that is device specific, here is some (probably outdated) list: https://wiki.merproject.org/wiki/Adaptations/libhybris | 17:18 |
| u0_a168 | would it be foolish to try lineage-18.1 for building libhybris? | 17:26 |
| u0_a168 | i see that the latest one at https://github.com/mer-hybris/android is 17.1 | 17:27 |
| T42_ | <elros34> obviously there is no point unless you want to prepare hybris-18 or you have found some fork | 17:28 |
| u0_a168 | preparing 18.1 will be goal then, when i get my android 11. i think its time for it, coz most phones now ship with android 11. android 12 is also going to be released soon, beta 4 was released a week ago i think | 17:31 |
| T42_ | <elros34> remember it's not only libhybris, also hybris-patches for new android base and many more components because new/ upgraded interface. It's not a job for one person | 17:32 |
| u0_a168 | we can all put in some effort, then ;) its just sad to know that newer devices may not be supported by sailfish | 17:33 |
| T42_ | <eugenio_g7> rinigus: nice | 17:57 |
| rinigus | @eugenio_g7: running strings /usr/lib64/qt5/plugins/devicelock/encsfa-fpd is in agreement with the guess :) | 18:05 |
| T42_ | <eugenio_g7> :) | 18:06 |
| T42_ | <goshawk22> I'm also facing this issue (re @unknown: HABUILD_SDK [] alex@...) | 18:22 |
| T42_ | <goshawk22> How did you fix it? | 18:22 |
| T42_ | <goshawk22> Sorry forgot not to use direct reply! | 18:24 |
| T42_ | <goshawk22> HABUILD_SDK [RMX1971] [adam@adam-PC ~]$ sudo mkdir -p $ANDROID_ROOT | 18:24 |
| T42_ | <goshawk22> sudo: account validation failure, is your account locked? | 18:24 |
| T42_ | <goshawk22> ❯ /srv/mer/sdks/sfossdk/mer-sdk-chroot | 18:24 |
| T42_ | <goshawk22> SDK targets location '/srv/mer/targets' does not exist - about to create it. | 18:24 |
| T42_ | <goshawk22> Continue, abort? [c/a] (c) | 18:24 |
| T42_ | <goshawk22> SDK toolings location '/srv/mer/toolings' does not exist - about to create it. | 18:24 |
| T42_ | <goshawk22> Continue, abort? [c/a] (c) | 18:24 |
| T42_ | <goshawk22> Mounting system directories... | 18:24 |
| T42_ | <goshawk22> Mounting /srv/mer/targets as /srv/mer/targets | 18:24 |
| T42_ | <goshawk22> Mounting /srv/mer/toolings as /srv/mer/toolings | 18:24 |
| T42_ | <goshawk22> Mounting / as /parentroot | 18:24 |
| T42_ | <goshawk22> Mounting home directory: /home/adam | 18:24 |
| T42_ | <goshawk22> Initializing machine ID from random generator. | 18:24 |
| T42_ | <goshawk22> Entering chroot as adam | 18:24 |
| T42_ | <goshawk22> Failed to create bus connection: No such file or directory | 18:24 |
| T42_ | <goshawk22> oneshot: /etc/oneshot.d/0/groupadd-user.later - OK | 18:24 |
| T42_ | <goshawk22> DBus unavailable, falling back to libssu | 18:24 |
| T42_ | <goshawk22> oneshot: /etc/oneshot.d/0/ssu-update-repos - OK | 18:24 |
| T42_ | <goshawk22> Anyone now how to fix? | 18:25 |
| mal | what are you trying to do? | 18:59 |
| T42_ | <goshawk22> In chapter 5.1 of the guide it asks you to run sudo mkdir -p $ANDROID_ROOT | 19:25 |
| T42_ | <goshawk22> But I tried running it as not superuser and it worked fine, so maybe it is a mistake in the guide? | 19:26 |
Generated by irclog2html.py 2.17.1 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!