| T42_ | <oMinimalist> https://irc.thaodan.de/.imgstore/745d0b78/file_2673.jpg | 00:59 |
|---|---|---|
| T42_ | <oMinimalist> https://irc.thaodan.de/.imgstore/b1fc8c79/file_2674.jpg | 01:00 |
| T42_ | <oMinimalist> CONFIG_NETFILTER_XT_MATCH_QTAGUID is set. | 01:01 |
| T42_ | <oMinimalist> How can I do ? | 01:01 |
| T42_ | <oMinimalist> the log file: https://fars.ee/P963 | 01:11 |
| T42_ | <oMinimalist> 清理了 还是这些错误: https://fars.ee/E2qM | 01:58 |
| rinigus | piggz tried some time already... Didn't work | 04:34 |
| rinigus | piggz: have you had a chance to test hwcrypt based passwords on volla? that should be THE solution used by default as it would allow to use simpler/shorter passwords which we can actually remember | 07:48 |
| rinigus | as for actdead, more work is needed. there seems to be a host of services pulled into boot sequence during actdead target that very much wish to mount /home :( . will have to work through the logs | 07:49 |
| piggz | rinigus: not yet, trying to bring up PP | 08:11 |
| piggz | will trigger a build for volla | 08:11 |
| piggz | rinigus: several services have hard deps on droid/keymaster services which breaks boot on PP .... could those After/Requires be moved into device adaptation? | 08:44 |
| piggz | rinigus: also, i think a device config option for disabling the hwcrypt password type | 09:09 |
| piggz | rinigus: https://www.youtube.com/watch?v=jBQXJ09ZEvQ | 10:13 |
| rinigus | piggz: right! the both should be done. or maybe we can add hwcrypt config with dependencies on droid/keymaster into separate package. that way we don't need to reinvent the wheel with every device | 10:47 |
| rinigus | great video! | 10:47 |
| rinigus | piggz: maybe add to https://forum.sailfishos.org/t/rfc-revision-of-home-encryption-on-sfos ? | 10:48 |
| piggz | rinigus: sure | 10:48 |
| piggz | rinigus: systemd got in a right muddle and totally refused to boot with the default config! | 10:49 |
| rinigus | piggz: I had to force requirements to make sure all services are firing in the right order | 10:50 |
| piggz | rinigus: yeah, but i think those requirements could be added in /etc right? | 10:51 |
| rinigus | piggz: on keystore? probably. or in /usr/lib/systemd/system. I think I know how to partition it - if you file the issue will try to fix it tonight | 10:52 |
| piggz | rinigus: updared description and credited you :) | 10:52 |
| rinigus | thank-you-thank-you :) | 10:52 |
| piggz | ok | 10:52 |
| rinigus | 2 issues I guess - one for hwcrypt being optional and the other for keystore requirements | 10:54 |
| rinigus | off to meetings, will catch up later | 10:54 |
| piggz | rinigus: you can do eg for device adapation sparse/etc/systemd/system/systemd-ask-password-gui.service.d/local.conf, and adding After= in there | 10:56 |
| rinigus | piggz: exactly. but I would prefer to make some kind of separate rpm as a part of encryption-community that we can just add as a dependency for android devices | 12:01 |
| rinigus | then we don't need to add those sparse files in many devices | 12:01 |
| piggz | rinigus: ok | 12:02 |
| piggz | rinigus: obs has 4.2 | 12:05 |
| rinigus | piggz: yes, from last night - lbt was pinging you on SFOS channel regarding it :) | 12:07 |
| piggz | ah, i missed that | 12:08 |
| lbt | managed to get the EA out there | 12:08 |
| piggz | ah, chum has it already :) | 12:09 |
| lbt | I'm going to propose we do that in future - not sure it's enough to really have apps fully QA'ed and ready but at least they build and maybe we get an error report back | 12:09 |
| rinigus | lbt: if it is possible that would be great | 12:11 |
| piggz | rinigus: i noticed that on the CI server, the docker build environments are from coderus, but he has now left the sfos community to some extent. I wonder if those images will be updated, or if there is another option | 12:13 |
| Nico | piggz: coderus said he is going to still maintain them, because it is very low effort | 12:28 |
| piggz | ah cool | 12:29 |
| Nico | https://forum.sailfishos.org/t/contribution-required-my-orphaned-projects/6799/6?u=kuroneko | 12:29 |
| rinigus | piggz: I don't use CI images anymore - it is way easier for me to bake them on PC | 13:45 |
| piggz | rinigus: how quaint :D | 14:09 |
| piggz | i try to do as little as possible locally :D | 14:10 |
| rinigus | mal: have you had a chance to ask/look for that missing /dev/sailfish/home in the logs? | 18:33 |
| mal | rinigus: sorry, didn't have time to check more today yet | 19:08 |
| rinigus | mal: no worries - my job is now to ping you once in a while. thank you for helping out! | 19:08 |
| rinigus | piggz: pinephone related encryption issues should be sorted now | 19:13 |
| piggz | rinigus: i saw ... i approve of method, thats what i was considering doing, making a sub-package | 19:23 |
| piggz | will test tomorrow, pub time now :) | 19:23 |
| piggz | thx | 19:24 |
| piggz | some guy on telegram was arguing loads about how secure it was ... i argued it was better than stock, and was as good as dmcrypt, we are just a front end | 19:24 |
| piggz | then he deleted all his messages! | 19:25 |
| piggz | :D | 19:25 |
| rinigus | piggz: as it is pub time - it is VERY secure if you have hw key backing. you could use probably passwords with 5-6 or so random alphanum chars and know that you have 45 years before its cracked. assuming that there are no bugs in hw keystore | 19:30 |
| T42_ | <adampigg> Rinigus :sure, and on.PP, use a long phrase | 20:23 |
Generated by irclog2html.py 2.17.1 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!
