Saturday, 2021-09-04

rinigusMorning! I wonder where and how is the security code stored on device?06:28
rinigusGot somehow reset to unknown value when I encrypted /home partition06:29
rinigusturns out that my trouble with the security code is induced by a bug:
krnlyngi'm back on irc o/14:51
rinigusmajor roadblock for encryption :(14:51
T42_<eugenio_g7> is /var/lib/sailfish-device-encryption/encrypt-home present when you hit the bug?15:02
makinop09Hey, I am looking to buy a device, and would like to port sailfish os to it. Is there anything in specific I should try avoiding? Like a specific vendor/SoC/something else that can make the porting process harder?15:02
T42_<TheVancedGamer> I would say avoid MTK if it's not xiaomi15:07
T42_<TheVancedGamer> If it's a Xiaomi and it's MTK then you're fine15:07
makinop09cool, anything else?15:08
rinigus@eugenio_g7: will have to check15:08
T42_<TheVancedGamer> Avoid no-label phones, they are a waste of money, Samsung's should only be bought if not upgraded to Android 1115:09
T42_<NotKit> makinop09, basically check if you can get kernel source code for that particular model and that it shipped with Android <= 1015:15
rinigus@eugenio_g7: will take a bit of time, sorry. polishing systemd units a bit15:19
T42_<eugenio_g7> rinigus: no worries, not even sure it will help in your case - but I assume that since that file being there triggers home encryption I think it's a cheap way to also determine if the unlock code has been set already (since it's required by the stock encryption stuff)15:21
rinigus@eugenio_g7: I don't think it is there. peeked right now, but would have to reflash to check it properly. I don't install Jolla's encryption packages on my port15:23
T42_<eugenio_g7> oh ok (that file is removed once encryption is done as far as I remember)15:24
rinigus@eugenio_g7: but I guess it comes from some package...15:25
rinigus... will check and report back when I get there.15:26
T42_<eugenio_g7> rinigus: not that I remember, it's only touched when you want to get the home partition encrypted (i.e. recent xperia official images ship the file since they encrypt /home by default)15:32
T42_<eugenio_g7> But now I see that the you implemented a custom setup wizard as well so it won't probably be set :) So it's probably something else15:32
rinigus@eugenio_g7: nope, it is not set in my implementation... but I do wonder ...15:37
rinigusAs far as I remember, SFOS screen lock is one more closed source component, right?15:44
T42_<eugenio_g7> yes...15:48
rinigusGOTCHA! PIN is set as luks keyslot 0 password on /dev/mapper/sailfish-home15:49
rinigusso, if I set LUKS password as 12345 and then continue with the setup, I can use 12345 in "confirm security code" question and ... pass it!15:51
rinigusI wonder if renaming /dev/mapper/sailfish-home into something different would help.15:52
riniguswas not an issue when I used /encrypted.img file. maybe just changing name will help. will test a bit later...15:53
T42_<eugenio_g7> omg, so on encrypted partitions it *only* uses the luks slot? Might explain why screen unlock has been slower since I enabled encryption15:54
rinigus2 seconds for luks check, I presume.15:54
rinigusbut it probably caches it somehow15:54
T42_<eugenio_g7> and I take that if you complete the sfos setup, then kill the slot it will still ask you for the unlock code15:55
rinigus@eugenio_g7: exactly! so, it didn't help to make setup, copy /home to /home.1, encrypt, get /home data back. suddenly, my pin which was fine on nonencrypted device didn't work.15:56
T42_<eugenio_g7> haha nice, I wonder if moving the LUKS header somewhere else might help15:57
rinigusto be fair, it is as good place to keep pin as any other. just it is a PAIN if you encrypt it properly :)15:58
T42_<eugenio_g7> so I guess either renaming (since well, you handle unlock yourself anyways) or (possibly) moving the header elsewhere (not sure how sfos will behave though!)16:01
rinigus@eugenio_g7: renaming will be first to test as it is easier16:05
rinigusone more tip - changing pin, changes it on luks slot. doesn't have to be 0 keyslot, but probably the first available one16:16
u0_a168TheVancedGamer: what's a no-label phone?16:50
T42_<TheVancedGamer> Some generic no name Chinese phones16:50
u0_a168also, why do i need an android device that shipped with android <= 10?16:51
u0_a168coz halium?16:51
u0_a168notkit: ^16:51
T42_<TheVancedGamer> Yep16:52
T42_<TheVancedGamer> 11 doesn't exist yet16:52
u0_a168oh, is support planned for it?16:52
T42_<TheVancedGamer> Well libhybris kinda works but it's very minimal16:53
T42_<TheVancedGamer> So right now it's nothing16:53
u0_a168well, technically, one could try building lineage 18.1, and then use it right?16:55
T42_<TheVancedGamer> Well actually no16:55
T42_<TheVancedGamer> Binderized HALs make it hard16:56
T42_<TheVancedGamer> u0_a168: why is your username like confined Android apps?17:02
T42_<TheVancedGamer> /version@SailfishFreenodeIRCBridgeBot17:03
u0_a168TheVancedGamer: I am on weechat, inside termux17:04
u0_a168on android17:04
T42_<TheVancedGamer> Ohh17:05
T42_<TheVancedGamer> Oh so that's termux's id17:06
u0_a168is there a page that lists what components work and what don't under libhybris?17:12
rinigus@eugenio_g7: and renaming managed to hit security issue. I was asked to "confirm with the security code" and it was accepting either X or some random code.17:13
rinigus(all during setup)17:13
rinigusrandom code entered once and was set as security code. let's see if it persist over reboot17:13
riniguspersisted nicely. so, security code was set different to luks password.17:15
rinigusjust was sufficient to rename LVM LV to home-open :)17:16
T42_<elros34> ua_a168: that is device specific, here is some (probably outdated) list:
u0_a168would it be foolish to try lineage-18.1 for building libhybris?17:26
u0_a168i see that the latest one at is 17.117:27
T42_<elros34> obviously there is no point unless you want to prepare hybris-18 or you have found some fork17:28
u0_a168preparing 18.1 will be goal then, when i get my android 11. i think its time for it, coz most phones now ship with android 11. android 12 is also going to be released soon, beta 4 was released a week ago i think17:31
T42_<elros34> remember it's not only libhybris, also hybris-patches for new android base and many more components because new/ upgraded interface. It's not a job for one person17:32
u0_a168we can all put in some effort, then ;) its just sad to know that newer devices may not be supported by sailfish17:33
T42_<eugenio_g7> rinigus: nice17:57
rinigus@eugenio_g7: running strings /usr/lib64/qt5/plugins/devicelock/encsfa-fpd is in agreement with the guess :)18:05
T42_<eugenio_g7> :)18:06
T42_<goshawk22> I'm also facing this issue (re @unknown: HABUILD_SDK [] alex@...)18:22
T42_<goshawk22> How did you fix it?18:22
T42_<goshawk22> Sorry forgot not to use direct reply!18:24
T42_<goshawk22> HABUILD_SDK [RMX1971] [adam@adam-PC ~]$ sudo mkdir -p $ANDROID_ROOT18:24
T42_<goshawk22> sudo: account validation failure, is your account locked?18:24
T42_<goshawk22> ❯ /srv/mer/sdks/sfossdk/mer-sdk-chroot18:24
T42_<goshawk22> SDK targets location '/srv/mer/targets' does not exist - about to create it.18:24
T42_<goshawk22> Continue, abort? [c/a] (c)18:24
T42_<goshawk22> SDK toolings location '/srv/mer/toolings' does not exist - about to create it.18:24
T42_<goshawk22> Continue, abort? [c/a] (c)18:24
T42_<goshawk22> Mounting system directories...18:24
T42_<goshawk22> Mounting /srv/mer/targets as /srv/mer/targets18:24
T42_<goshawk22> Mounting /srv/mer/toolings as /srv/mer/toolings18:24
T42_<goshawk22> Mounting / as /parentroot18:24
T42_<goshawk22> Mounting home directory: /home/adam18:24
T42_<goshawk22> Initializing machine ID from random generator.18:24
T42_<goshawk22> Entering chroot as adam18:24
T42_<goshawk22> Failed to create bus connection: No such file or directory18:24
T42_<goshawk22> oneshot: /etc/oneshot.d/0/groupadd-user.later - OK18:24
T42_<goshawk22> DBus unavailable, falling back to libssu18:24
T42_<goshawk22> oneshot: /etc/oneshot.d/0/ssu-update-repos - OK18:24
T42_<goshawk22> Anyone now how to fix?18:25
malwhat are you trying to do?18:59
T42_<goshawk22> In chapter 5.1 of the guide it asks you to run sudo mkdir -p $ANDROID_ROOT19:25
T42_<goshawk22> But I tried running it as not superuser and it worked fine, so maybe it is a mistake in the guide?19:26

Generated by 2.17.1 by Marius Gedminas - find it at!