**** BEGIN LOGGING AT Mon Mar 11 02:59:58 2013 Mar 11 03:02:40 ;) Mar 11 03:02:42 hola Mar 11 03:32:06 ~seen rlinfati Mar 11 03:32:08 rlinfati <~rlinfati@190.163.244.184> was last seen on IRC in channel #n9, 12d 22h 28m 44s ago, saying: '~logs'. Mar 11 03:56:27 what i would give for telepathy on this e7 heh Mar 11 03:57:17 i heard the telepathy front end in meego was even better. too bad the n9 doesnt have a hwkb Mar 11 04:00:34 i first played angry birds on N900. have since transferred the save from Nokia N900 -> HTC Incredible S -> Nokia N9 -> iPhone 5. good thing the save file is compatible across all devices Mar 11 04:01:38 heh Mar 11 04:01:47 cant say i got into angry birds Mar 11 04:02:05 i thought it funny MS was using it in their marketing Mar 11 04:02:28 wow! win8 can play a game that can run on 15 year old hardware! amazing! Mar 11 04:02:59 heh... they couldnt choose like maybe a pc version of halo or something? Mar 11 04:03:39 but then again the hardware coming out nowadays is low powered stuff... people gave up on 4 high powered gpus just to have the biggest e-nis Mar 11 06:01:29 two years Fuckooshima, dang the time passes by... Mar 11 08:43:42 tmobile has some web guard crap on by default set to young adult Mar 11 08:43:48 but i can look up fellatio on wikipedia Mar 11 08:44:39 not only that but it takes forever for it to turn off Mar 11 08:44:49 maybe next time the modem disconnects Mar 11 09:14:23 GeneralAntilles: Morning Mar 11 09:14:34 well, I think you shouldn't allow anybody to use internet at all before you told her/him about facts of life Mar 11 09:14:42 hi Jaffa Mar 11 09:15:38 to block XXX is another thing Mar 11 09:15:58 but blocking wikipedia for young adults? c'mon! Mar 11 09:17:40 probably you would forbid your kids to use your paper Encyclopedia as well? Mar 11 09:44:32 Jaffa: GeneralAntilles: we'll switch DNS on Thursday 1700UTC (tentatively scheduled), to point to our new server infra Mar 11 10:11:03 :eduroam: OT but still might be interesting for fremantle as well: http://lists.openmoko.org/pipermail/community/2013-March/068357.html Mar 11 10:15:37 @all: please review this http://pastebin.com/2ai6FqEK DNS changes planned for Thursday. Please holler if we missed anything, did typos or whatever Mar 11 10:16:06 you got ~60min for that Mar 11 10:16:26 we need to send it to Nokia, to get stuff done in time Mar 11 10:18:20 if that helps, here's the zonefile we got now on Nokia NS: http://pastebin.com/3kfwzNGw -- for reference Mar 11 10:18:57 tabletsdev.maemo.org? Mar 11 10:21:24 wow. i didnt know bind could do wildcards Mar 11 10:21:32 * Macer facepalm Mar 11 10:23:11 we actually don't plan to use that "new zonefile" as is, rather we'll ask Nokia to just edit each record accordingly to that list - which means old records will stay Mar 11 10:33:36 DocScrutinizer05: Looks good Mar 11 10:33:48 thanks Mar 11 10:34:41 Jaffa: please ponder to publish a /etc/hosts hack for the unfortunate case that Nokia doesn't manage the DNS switching until 15.3. and Nemein shuts down old stuff Mar 11 10:34:43 DocScrutinizer05: any plans for scratchbox? Mar 11 10:35:05 plans? thedead1440 is setting it up Mar 11 10:35:39 I'd guess on Friday it should work Mar 11 10:35:53 DocScrutinizer05: ok, great Mar 11 10:35:56 oooh, scratchbox domain? Mar 11 10:36:00 yep Mar 11 10:36:17 we asked Jussi about what to do with it Mar 11 10:36:25 thedead1440: any answer? Mar 11 10:41:42 nice of nokia to send over a list of all projects.maemo.org domains as well, heh Mar 11 10:43:07 well, it's not exactly sekrit Mar 11 10:45:01 and we actually should have seen that list months ago Mar 11 10:45:42 BTW... what is the current "best status" of encrypting the N900's data? Mar 11 10:45:48 http://pastebin.com/sCJ4uw27 <-updated Mar 11 10:45:55 I read about one way, which has the problem that if you don't authenticate before receiving a SMS/EMail, you get a problem Mar 11 10:46:27 (he said you have to auth within 60 seconds, or email app will start using an empty mail folder, which is BAD when THEN receiving something) Mar 11 10:46:49 for email this is kinda easy to mitigate - don't bring up network before authenticated... but for SMS it seems more difficult Mar 11 10:47:55 basically, the way I would think this could be fixed, would be "somehow" integrating the encryption setup into the boot process at the right place... e.g. REPLACE the way the user home is currently mounted (but that sounds like it may break stuff, at least on next root reflash) Mar 11 10:48:22 actually nope it's not that difficult. You could link the password request sync to the lockcode request Mar 11 10:48:50 also, the issues others had with mounting the whole homedir as crypto volume MAYBE could be fixed by using ext*, not VFAT, for the MyDocs partition, and symlinking anything "important" from homedir to MyDocs/ (but then of course you lose access to it in USB mass storage mode) Mar 11 10:48:54 or rather: PIN request Mar 11 10:49:07 I also thought of a separate way, on this manner... clone what the iPhone does ;) Mar 11 10:49:15 i.e. encrypt by a fixed device password, stored in some area on the root fs Mar 11 10:49:19 but clear this key on a special SMS Mar 11 10:49:24 aka "remote wipe" Mar 11 10:49:47 less secure if the attacker knows what they are doing... Mar 11 10:50:00 but OTOH, if they have the device in their hands, they also can break a "good" encryption method easily Mar 11 10:50:13 patch rootfs to replace whatever does the password query by something that also sends the PW somewhere Mar 11 10:50:35 so the "remote wipe" way isn't MUCH less secure... the attacker then has to think of using a faraday cage ;) Mar 11 10:51:09 DocScrutinizer05: can it be linked to the power-on unlock code request? Mar 11 10:51:20 I thought the phone is already "online", and thus can receive SMS, at that point Mar 11 10:51:22 why not? Mar 11 10:51:24 at least that's what iOS and Android do Mar 11 10:51:48 (iOS actually TRIES, but fails, if the SIM card has the PIN required...) Mar 11 10:51:59 but does log into the WLAN immediately Mar 11 10:52:25 basically, I need the PW query as early as possible - ideally before anything on /home is use Mar 11 10:52:27 d Mar 11 10:52:39 divVerent: ask for a password in /sbin/preinit? Mar 11 10:52:45 right, that's basically the idea ;) Mar 11 10:52:46 divVerent: full disk encryption? Mar 11 10:52:56 kerio: encrypting /home and swap is sufficient Mar 11 10:53:03 but it seems to be almost as complex as full disk, if done right Mar 11 10:53:05 You can already work with input devices in preinit. Mar 11 10:53:12 and what about the screen output? Mar 11 10:53:20 can some sort of text mode be activated (framebuffer...)? Mar 11 10:53:20 text2screen or whatever it's called Mar 11 10:53:23 text2screen. Mar 11 10:53:27 yay Mar 11 10:53:38 Hurrian: in fact, i think that it would be better to do so in rcS-late Mar 11 10:53:55 divVerent: if you can be assed to copy rootfs to eMMC or SD card, you can do whole-disk encryption. Mar 11 10:53:59 also, is there some sort of N900 VM to try out such stuff? Mar 11 10:54:12 divVerent: Pali has a qemu thing going on i think Mar 11 10:54:15 The N900 QEMU works, but is slow. Really slow. Mar 11 10:54:20 Hurrian: right, THEN one could do it the same way as desktop linux, basically initrd sets up everything Mar 11 10:54:25 kerio: there's a QEMU included with the Maemo 5 QT SDK Mar 11 10:54:29 *Qt Mar 11 10:54:33 ok, then all I need is to get the SDK ;) Mar 11 10:54:37 which seems currently down Mar 11 10:54:38 divVerent: there's no initrd Mar 11 10:54:39 divVerent: exactly. Mar 11 10:54:52 kerio: I would ASSUME that one of the various bootloader supports initrds... Mar 11 10:55:03 but you can use the system on mtd to pivot_root somewhere else Mar 11 10:55:07 u-boot supports initrds. Mar 11 10:55:20 ...now that i think about it, full disk encryption on the n900 is *much* more difficult than just /home Mar 11 10:55:23 yes... but also... rootfs doesn't NEED to be encrypted Mar 11 10:55:32 and swap only needs to to avoid leaking stuff, thus the key for swap can be entirely random Mar 11 10:55:37 an encrypted /opt will be hell though Mar 11 10:55:38 (and generated on boot) Mar 11 10:55:53 for performance Mar 11 10:56:04 I could try living with encrypting MyDocs only, and symlinking certain dirs below ~ into that Mar 11 10:56:16 and adding hacks to kill processes on USB mass storage entry Mar 11 10:56:22 e.g. mail reception would have to be stopped then Mar 11 10:56:32 (and then, I'd probably NOT encrypt SMS/calls) Mar 11 10:57:03 divVerent: note that you'd have to be careful to encrypt everything personal, and know what gets leaked into unencrypted filesystems. Mar 11 10:57:20 The N900 won't refuse binaries loaded by NOLO over USB. Mar 11 10:57:20 Hurrian: that's why full disk encryption would be better, i think Mar 11 10:57:52 Hurrian: of course Mar 11 11:04:11 Hurrian: my biggest worries would be the stored passwords, not even the emails :P Mar 11 11:05:34 divVerent: Encrypting /home sounds solid for the moment - nothing writes above it outside of program installations and the usual tweaking. Mar 11 11:23:06 Hurrian: yes, the only issue is that /home is accessed too early... I NEED to unlock it before the desktop (and maybe some other services) start up Mar 11 11:23:06 basically, it needs to somehow be integrated at the right point in bootup Mar 11 11:23:06 11:57:20 Hurrian | The N900 won't refuse binaries loaded by NOLO over USB. Mar 11 11:23:06 exactly that's the issue why any encryption is SOMEWHAT futile, and I may consider implementing remote wipe instead Mar 11 11:23:06 (maybe "remote wipe" with a way out, though) Mar 11 11:23:06 way out being, having a copy of the key file elsewhere, so it can be restored after the keyfile has been "wiped" Mar 11 11:23:06 [GENERAL NOTICE] *.maemo.org will go read-only mode in , to do final sync to new infra. Possibly *some* services will need to get shut down completely for several hours Mar 11 11:23:11 and I know that SSDs still would typically contain the data even after overwriting, but software can't get at these blocks any more, so it'd be "good enough" Mar 11 11:23:59 divVerent: receiving SMS kinda requires the Ofono stack outside of Maemo. Mar 11 11:24:36 basically, my "ultimate" goal would be asking for password BEFORE anything using /home is running Mar 11 11:24:53 also, the MyDocs area does not NEED to be encrypted for my purposes... or maybe I will use encfs for the photos only Mar 11 11:25:03 /home however is somewhat needed Mar 11 11:25:13 as I assume that is where stored passwords end up Mar 11 11:27:28 I am mainly worried about a possible attacker getting hold of my email account, the other data (video, audio, photos) don't matter much Mar 11 11:27:52 even the emails themselves aren't as critical Mar 11 11:28:23 but once one can receive NEW messages, one can password reset virtually everything Mar 11 11:28:41 so one option would also be entering email password at bootup... if that's easier to do Mar 11 11:29:05 divVerent: and how do you store this passphrase? Mar 11 11:29:13 in RAM of course Mar 11 11:29:17 lock screen would protect that Mar 11 11:29:25 I assume the area should be mlock'd of course ;) Mar 11 11:29:25 no, I mean, how does the OS check, where is the password stored. Mar 11 11:29:39 how the OS checks? Mar 11 11:29:44 plain LUKS or dm-crypt is secure, and should do fine. Mar 11 11:29:51 right, if viable Mar 11 11:30:03 has anoyne already done it, in a way it's properly integrated into the bootup process? Mar 11 11:30:09 because, IF that is possible, it's what I would want Mar 11 11:30:34 also, how important is /opt for bootup? Mar 11 11:30:44 divVerent: someone's done a password field for /home in console once, iirc Mar 11 11:30:53 in console, yes Mar 11 11:30:55 also, /opt doesn't matter until you start using it. Mar 11 11:31:07 but it had the side effect of losing SMS if the PW is not entered quickly enough Mar 11 11:31:07 e.g. Xorg starting Mar 11 11:31:28 and querying the PW from device keyboard is possible without xorg? good then Mar 11 11:31:35 on desktop linux it's easy of course ;) Mar 11 11:32:03 divVerent: you could probably edit the init scripts to wait on a single task before continuing. Mar 11 11:32:16 upstart makes things slightly more painful than reordering init. Mar 11 11:32:26 yes, I know Mar 11 11:32:42 but the N900 doesn't seem to ONLY use upstart, or does it? Mar 11 11:32:53 it uses only upstart. Mar 11 11:33:00 well, past /sbin/preinit. Mar 11 11:33:14 oh, so /sbin/init IS upstart Mar 11 11:33:18 what is /etc/inittab good for then? Mar 11 11:33:46 Diddly squat on the N900. Mar 11 11:34:06 plain tty doesn't play well with SGX driver. Mar 11 11:35:15 and what mounts /home? Mar 11 11:35:25 currently trying to find out where upstart service files are Mar 11 11:35:33 I only know bsd, sysvinit and systemd yet Mar 11 11:35:35 rcS-late, iirc mounts /home. Mar 11 11:36:51 ah, nice... found where /home is mounted Mar 11 11:36:57 /etc/init.d/rcS Mar 11 11:37:03 hm... so upstart still uses /etc/init.d? Mar 11 11:37:47 Nope. Mar 11 11:37:53 Check /etc/event.d/rcS-late Mar 11 11:38:12 hm... suppsoedly upstart usrs /etc/init/* bugt I don't have that Mar 11 11:39:36 ok, I see then what to do Mar 11 11:40:09 can input be read "safely" from /dev/tty in these scripts? (and using text2screen for output) Mar 11 11:40:47 the biggest problem is large danger of bricking it... because stuff is optified Mar 11 11:40:47 Without anything else, it's preferred that input from keyboard is read using evkey. Mar 11 11:41:12 In rcS-late, you can wedge most of Maemo's init. Mar 11 11:41:34 well, I already saw that if this script fails mounting /home, the N900 will reboot Mar 11 11:42:02 evkey seems kinda bad for querying passwords... Mar 11 11:42:32 text2screen works fine Mar 11 11:42:53 divVerent: if the script exits, nothing launches, watchdog kicks in. Mar 11 11:43:36 Wait, so you want to add a password query while /inside/ Maemo? Mar 11 11:43:49 The boot splash makes that not-quite-easy. Mar 11 11:44:12 "inside"? Mar 11 11:44:14 You're going to have to forego the tiny dots, and use fbcon to get a proper, easily-working text input going. Mar 11 11:44:16 I mean from rcS-lagt Mar 11 11:44:25 and if I have to enter the PW blindly, it's ok too Mar 11 11:44:29 divVerent: see BM Mar 11 11:44:30 divVerent: yes, "inside" maemo is anything past rcS-late Mar 11 11:44:32 am more worried about input Mar 11 11:44:41 well, is "in rcS-late" the same as "past rcS-late"? Mar 11 11:44:43 ;) Mar 11 11:44:44 whoops, I mean preinit, not rcS-late Mar 11 11:44:50 oh, I see Mar 11 11:45:06 one other way would be doing it from preinit, AND changing rcS-late to use the /dev/mapper/* device if available Mar 11 11:45:13 the one one gets after cryptsetup Mar 11 11:45:35 honestly, check source of BM Mar 11 11:45:39 what is BM? Mar 11 11:46:03 that boot menu thing that already is in /sbin/preinit? Mar 11 11:47:10 ~bm Mar 11 11:47:10 backupmenu is, like, http://talk.maemo.org/showthread.php?t=63975 Mar 11 11:47:17 basically yes Mar 11 11:48:30 hm... this thing just reads from stdin Mar 11 11:48:35 the existing preinit Mar 11 11:48:40 and seems to have mixed use of echo and text2screen Mar 11 11:48:49 does that mean echo would actually work, and just possibly end up ugly? Mar 11 11:48:53 I think you could query your password there, write it to a tmp-file and use that tmp-file on mount time Mar 11 11:49:01 well, if I _am_ there Mar 11 11:49:06 I am thinking of an even more nasty hack :P Mar 11 11:49:11 query PW there, cryptsetup etc. Mar 11 11:49:18 and THEN, delete the mmc device normally used for home Mar 11 11:49:26 and instead put there a symlink to the /dev/mapper device from cryptsetup Mar 11 11:49:35 then MAYBE an unmodified rcS-late would work Mar 11 11:49:57 delete device? Mar 11 11:50:03 replace it by a symlink Mar 11 11:50:19 as in, /dev/mmc0blkp2 -> /dev/mapper/crypt Mar 11 11:50:44 AFTER the crypto device has been opened, and thus dm-crypt holds a reference to the partition Mar 11 11:51:18 you're aware that at this point in time nothing got mounted yet? Mar 11 11:51:22 that's the idea Mar 11 11:51:31 udev probably is there, though... or not yet? Mar 11 11:51:38 it does rely on some device nodes in /dev Mar 11 11:52:10 alternative would be chanigng rcS-late to use /dev/mapper/crypt if available, the mmc nodes if not Mar 11 11:53:21 hm... cryptsetup is not packaged? Mar 11 11:54:17 oh, only extras-devel Mar 11 11:54:33 does there happen to be a packages.debian.org-like site for Maemo? Mar 11 11:54:46 where one can search for package contents? Mar 11 11:55:04 ~pkgs Mar 11 11:55:05 methinks #maemo pkg is http://maemo.org/packages/ Mar 11 11:55:31 that only looks for names but still good :) Mar 11 11:55:42 packages.debian.org also indexes path names used by packages Mar 11 11:55:48 so you can e.g. look for what installs /bin/ls Mar 11 11:59:30 ok, when I can get hold of the Maemo SDK VM, I will try getting that to work Mar 11 11:59:39 (and if it means running qemu in virtualbox... don't care) Mar 11 12:00:23 one other part I am somewhat afraid of is properly converting the /home partition to be encrypted... because, what if something goes wrong during the transfer ;) Mar 11 12:00:50 I'd probably put a tarball on the VFAT partition, cryptsetup, mkfs.ext3, restore... and hope nothing will happen during that Mar 11 12:33:52 Jaffa, morning. Mar 11 12:33:53 Jaffa, got lazy last night. Damn DST. Mar 11 12:36:36 GeneralAntilles: Yeah, me too (damned work) Mar 11 12:36:58 Although DST in the US before Europe does mean only a 7 hour time difference when I go to California next week Mar 11 13:05:07 http://www.youtube.com/watch?v=3iGm4dl0Ys4 Mar 11 13:05:11 omg i love the steve jobs part Mar 11 13:05:15 i cried laughing Mar 11 13:27:56 [GENERAL NOTICE] *.maemo.org will go read-only mode in , to do final sync to new infra. Possibly *some* services will need to get shut down completely for several hours. We probably will need to completely shut down most of *.m.o for a short while, after Thu 1700UTC when DNS switch supposed to have happened Mar 11 13:35:37 how to fix these?Failed to fetch http://repository.maemo.org/extras-devel/pool/fremantle/free/c/cryptsetup/cryptsetup_1.0.7-12maemo0_armel.deb Hash Sum mismatch Mar 11 13:35:55 skeiron's extras-devel doesn't seem to have this yet Mar 11 13:36:32 (but checking again) Mar 11 13:37:05 yes, doesn't have it Mar 11 13:39:45 Failed to fetch http://maemo.jacekowski.org/mirror/repository.maemo.org/extras-devel/pool/fremantle/free/c/cryptsetup/cryptsetup_1.0.7-12maemo0_armel.deb Hash Sum mismatch Mar 11 13:39:55 maybe it IS me... when two repos have the same problem. Just how to fix it? Mar 11 13:41:05 Jaffa, SF? Mar 11 13:57:47 GeneralAntilles: LA Mar 11 13:59:11 GeneralAntilles: For two weeks. Then maybe a relocation there for a year Mar 11 13:59:34 OK, first test works... I used text2screen to write something on the screen from preinit. echo however did not work properly. Mar 11 13:59:46 Haven't even been to SoCal. Mar 11 13:59:49 as in, I couldn't find it Mar 11 13:59:50 Sounds like it could be fun. Mar 11 13:59:56 Pain to relocate for just a year, though. Mar 11 14:00:42 also, cryptsetup has an option to wait for a timer to expire before exiting... so "bricking" could be prevented that way (obviously, for playing around with it, I will have to use something else than /home then) Mar 11 14:02:34 what happens if the VFAT partition is in broken state? Does that hinder booting? Mar 11 14:03:01 also, would it silently reformat it? Mar 11 14:03:57 yes indeed, echo output ends up nowhere, only text2screen works... kinda bad as I would LIKE to see cryptsetup's messages... Mar 11 14:04:02 but can live without them Mar 11 14:06:03 so next thing to check is whether I can get input properly Mar 11 14:08:58 DocScrutinizer05: sorry for the late reply; no reply till date from Jussi :( Mar 11 14:09:12 In total 3 reminders have been sent to him for various issues Mar 11 14:09:20 the latest was the one 2 days ago Mar 11 14:09:21 WORKS, "read" command does successfully read. So will quite likely cryptsetup. Mar 11 14:13:34 text2screen -xHERE -yTHERE -text "cryptsetup says: `cryptsetup -foo -bar` " Mar 11 14:13:43 yes, that's not interactive Mar 11 14:13:49 but that's what I will use as workaround on error Mar 11 14:17:08 cryptsetup -foo -bar hm... that I know, but don't trust much ;) maybe will try when the rest works Mar 11 14:19:13 as in, can I be sure the output is lne buffered Mar 11 14:21:10 also, I want to get the exit status of cryptsetup if possible Mar 11 14:21:32 ok, first attempt failed, cryptsetup not in $PATH ;) but I did get the error message Mar 11 14:24:02 is -y in pixels or rows? Mar 11 14:24:21 DocScrutinizer05: [r00t^home] (~r00t@port-83-236-58-48.dynamic.qsc.de) Mar 11 14:26:05 r00t^home: huh? Mar 11 14:27:36 what the heck is this now, except a highlight pestering me for dunno what? Mar 11 14:28:09 an I supposed to have any idea what to do with this "info"? Mar 11 14:29:12 (not that I couldn't gain same info with a /who ) Mar 11 14:29:57 hm... looks like text2screen coordinates are broken Mar 11 14:31:54 they might not be what you think they should Mar 11 14:32:11 well, x and y are simple concepts :P Mar 11 14:32:32 it looks like it calculates byte positions from corodinates wrong, like, based on the wrong screen size Mar 11 14:32:50 yeah, and *usually* they are even 90° to each other Mar 11 14:33:19 byte positions? Mar 11 14:33:36 OH Mar 11 14:33:40 the coordinates DO work fine at bootup Mar 11 14:33:44 it's just screwed up while X runs Mar 11 14:33:52 lol Mar 11 14:34:00 so that's ok for me... except it didn't find cryptsetup Mar 11 14:34:13 but how can it fail to find /usr/sbin/cryptsetup but finds /usr/bin/text2screen Mar 11 14:34:34 it is not a PATH issue, as I specified the paths explicitly Mar 11 14:35:01 well, maybe the former is iptified? Mar 11 14:35:03 maybe a library cryptsetup needs lives in /opt? Mar 11 14:35:06 that would be... bad Mar 11 14:35:32 lsof is your friend Mar 11 14:35:43 I guess Mar 11 14:35:45 cryptsetup indeed lives in /opt... that's stupid Mar 11 14:36:07 well, yeah Mar 11 14:36:11 is there a "proper" way to un-optify a path? Mar 11 14:36:15 so deoptify it Mar 11 14:36:18 or is the only real way to make my own copy of the file Mar 11 14:36:32 I don't want it to get optified again when the package gets upgraded Mar 11 14:36:45 allegedly the optify scripts support de-optification as well Mar 11 14:36:55 hm... if dpkg -L is true Mar 11 14:37:01 then optification is done BEFORE building the .deb Mar 11 14:37:05 and not a feature hacked into e.g. dpkg Mar 11 14:37:16 so I will actually have to copy the file Mar 11 14:37:35 that kinda makes me want to stop... at least, to stop considering encrypting whole /home Mar 11 14:37:51 hmm, probably osso-autooptify.sh should still work Mar 11 14:37:55 and instead apply it to the normally VFAT partition, but formatting it as something else and symlinking homedir stuff into it Mar 11 14:38:23 because, what if e.g. a package cryptsetup depends on (e.g. the device mapper libs) suddenly get optified Mar 11 14:38:32 IIRC the decision whether or not to optify depends by file size, and code grows Mar 11 14:39:16 is there any known issues when the MyDocs partition is ext3/ext4? Mar 11 14:39:20 then otoh I wouldn't feel any bad by mv `which cryptsetup` /sbin Mar 11 14:39:26 yes, that will work Mar 11 14:39:37 but what if then some device mapper libs suddenly are optified too Mar 11 14:40:24 nothing ever is "suddenly optified" Mar 11 14:41:29 and, as mentioned above, the auto-optify-once.sh or whatever the name has a config file with option to DEoptify as well Mar 11 14:45:12 * RST38x moos Mar 11 15:00:51 DocScrutinizer05: oh, so it is NOT the .deb that is already optified? Mar 11 15:02:20 I dunno Mar 11 15:02:39 but optify-script is not depending on .deb aiui Mar 11 15:03:14 it simply moves FQN files or dirs to and from /opt Mar 11 15:03:27 and creates/deletes symlinks Mar 11 15:03:32 no, the .deb is already optified Mar 11 15:03:42 so what? Mar 11 15:03:52 https://gist.github.com/5134857 Mar 11 15:03:57 so what? Mar 11 15:04:02 that means, when ANOTHER package gets optified too, I may get a problem Mar 11 15:04:09 basically, what i _want_ is a statically linked cryptsetup :P Mar 11 15:04:23 then build it Mar 11 15:04:29 for that I need the SDK Mar 11 15:04:35 for which I need the VM image that's currently not availablöe Mar 11 15:04:54 the VM is terribly obsolete anyway Mar 11 15:04:57 well Mar 11 15:05:03 the SDK only exists for 32bit systems Mar 11 15:05:08 I don't have any PC with a 32bit distro Mar 11 15:05:19 I'd rather set up an own VM and install normal SDK in it Mar 11 15:05:31 so I'd have to set up my own VM... and that I'd prefer to avoid unless I really must Mar 11 15:05:40 I'd prefer taking an existing ready made VM, if possible Mar 11 15:05:48 unless we KNOW it won't appear again Mar 11 15:06:25 ~skeiron Mar 11 15:06:26 it has been said that skeiron is the semi-official backup and emergency standin for all internet borne maemo resources: http://skeiron.org/tablets-dev/ http://talk.maemo.org/showthread.php?p=1315143#post1315143 Mar 11 15:06:29 I know :P Mar 11 15:06:34 but exactly this file is not on skeiron Mar 11 15:06:45 his "download" for the SDK goes to *.nokia.com Mar 11 15:06:45 hmm, too bad then Mar 11 15:06:48 which has the dead link Mar 11 15:07:43 lol, the mirror of course doesn't fix stupid .php scripts to point to mirror instead original nokia.com page Mar 11 15:08:49 but anyway, which Ubuntu release does the SDK require? Mar 11 15:08:57 I wouldn't be surprised if 12.10 does NOT work :P Mar 11 15:10:38 is 9.04 still the "recommended" version? Mar 11 15:10:57 the VM image is ubuntu 10.10 afaik Mar 11 15:11:04 ok, then that's what I will use Mar 11 15:11:29 don't want to have to mess with compatibility issues Mar 11 15:11:37 use the VM image though Mar 11 15:11:43 I would, if I could Mar 11 15:11:47 but the download of it is dead Mar 11 15:11:50 and it's not mirrored on skeiron Mar 11 15:12:10 for what I am going to do, even the outdated image will be good enough Mar 11 15:12:14 as all I want is a static binary Mar 11 15:12:15 aww, did he delete them Mar 11 15:12:18 no Mar 11 15:12:21 he never mirrored them Mar 11 15:12:24 sure he did Mar 11 15:12:25 the link goes to nikia.com Mar 11 15:12:42 http://skeiron.org/tablets-dev/ where? Mar 11 15:12:49 the "Download" below goes to Nokia Mar 11 15:12:58 thus, my question Mar 11 15:13:19 or do you still have the VM image? maybe the file name of the original archive will yield another mirror Mar 11 15:14:44 http://maemovmware.garage.maemo.org/2nd_edition/ is what skeiron ultimately points to for the SDK... the link http://tablets-dev.nokia.com/maemo-dev-env-downloads.php is not very helpful Mar 11 15:16:20 GeneralAntilles: Think you'll have some time to day? (I might, but it'll be later, ans suspect working out what's happening with HiFo may take a while) Mar 11 15:16:48 Yeah, I'll have some free time in the afternoon. Mar 11 15:20:59 ok, trying something else... now cryptsetup and ALL libs it depends on copied to /crypto, still fails... cannot communicate with device mapper. I suspect I know why, but donÄt like it... Mar 11 15:21:09 (lack of udev at this point) Mar 11 15:22:14 /srv/tablets-dev.nokia.com/maemo-dev-env-downloads/Maemo_Ubuntu_Intrepid_Server_SDK_Virtual_Image.zip Mar 11 15:22:16 /srv/tablets-dev.nokia.com/maemo-dev-env-downloads/Maemo_Ubuntu_Lucid_Desktop_SDK_Virtual_Image_Final.7z Mar 11 15:22:17 /srv/tablets-dev.nokia.com/maemo-dev-env-downloads/Maemo_Ubuntu_Lucid_Server_SDK_Virtual_Image_Final.zip Mar 11 15:22:19 /srv/tablets-dev.nokia.com/maemo-dev-env-downloads/Readme_Ubuntu_Intrepid_Server_SDK_Virtual_Image.txt Mar 11 15:22:20 /srv/tablets-dev.nokia.com/maemo-dev-env-downloads/Readme_Ubuntu_Lucid_Desktop_SDK_Virtual_Image_Final.txt Mar 11 15:22:24 trying to mknod /dev/mapper/control from my script :P Mar 11 15:22:28 oh, thanks Mar 11 15:22:35 so he has mirrored it, just not linked it :) Mar 11 15:23:06 or, you? is skeiron.org yours? Mar 11 15:26:06 http://skeiron.org/tablets-dev/maemo-dev-env-downloads/Readme_Ubuntu_Lucid_Desktop_SDK_Virtual_Image_Final.txt Mar 11 15:29:37 s http://${subdomain}.nokia.com http://skeiron.org/${subdomain}/ Mar 11 15:30:32 divVerent: well... no, it's not "mine" Mar 11 15:31:12 HAHA, ALMOST bricked it... I forgot to redirect input from awk to /proc/misc to find the device inode of device mapper :P Mar 11 15:31:16 though I could get quite some pizza for the money it costs each month Mar 11 15:31:24 luckily, ctrl-d works at this point Mar 11 15:31:48 where "brick" means "hate having to reflash" Mar 11 15:33:43 YES, blinking dots... it does boot up still Mar 11 15:33:57 it failed to boot up all the time when USB was connected Mar 11 15:34:23 shouldn't you build in a saftety fallback, like... BM? Mar 11 15:35:35 that would help here? Mar 11 15:35:36 or rescue-boot or what's the name, which will check open cam door or sth and restores last safed events.d/ etc/ if detected Mar 11 15:36:06 too bad my changes are not in /etc Mar 11 15:36:27 (help?) well depends in which sequence you call those early bootup extensions I guess Mar 11 15:36:29 but... camera lock... that's an idea Mar 11 15:36:36