Posts

Showing posts from January, 2018

Step Outline For Rebuilding AUR Packages In Arch

Once again Arch updates for webkitgtk breaks gnucash. Gnucash is an accounting / cash application i depend on for keeping track of my expenses. It's been moved from the official repos to the Arch User Repo or AUR. What this means for users is that responsibility for updates (including dependencies) passes solely to users. Any dependencies that gets updates must be rebuilt. The only problem with webkitgtk rebuilt is that it takes ages to build it. In my case it is 4 hours.
First, check if your system has the tools. # sudo pacman -S base-devel git dev-tools --needed
Prepare the filesystem on which you will build the package. # sudo mount -o remount,exec,suid /tmp # sudo mkdir /tmp/source/chroot -p # cd /tmp/source
Create the chroot. # sudo mkarchroot chroot/root base-devel
It's time to get the package sources. # git clone "https://aur.archlinux.org/package_name.git" # cd package_name_directory # makechrootpkg -T -r ../chroot/ The -T flag creates a temporary chroot directory whil…

Update Firefox 57 -->> 58

Mozilla made a new version of Firefox browser available for download.

Problem With Mail Authentication In Evolution Mail

Image
I encounter this pervasive and nagging bug in Evolution Mail's strange relationship with its co-GNOME app called Seahorse (although this app goes by the name of Password And Keys now in GNOME 3.26). I have a secondary email account and I want to use it for sending mail (smtp) temporarily (just in this case). So I finished composing my email and clicked send. Then it asked me for my smtp password and I thought that was odd because I have been receiving my email in the inbox for this account. It's unlikely a user would have a different password for login and another for sending email. But I found my password from my password manager and gave it the correct one ( copy and paste). And here it began, the Mail Authentication Failure window from Evolution continually asking for the password. I checked Seahorse for the password by entering a filter in the search bar. It has my password and it is the correct password. So what is happening here?
I found this same problem in the Ubuntu fo…

Add Support To Your Firefox For Torrent Files Magnet Links

I found it tedious to add magnet links manually to my torrent client, Transmission. By manually, I mean I right click on the magnet link icon on the torrent web site and copy the link to memory. Then I open Transmission and type CNTRL+U, then ENTER,twice. When I click that magnet link I want firefox to be able to transfer control to another application which can handle the type of file I'm clicking.
I found a solution in the Mozilla forums, thanks.
Open a new tab in firefox. Then go to about:config. Be careful when you're editing your firefox config. In the search bar type handler.expose. Right click anywhere in the window and choose New-->>Boolean. In the new window popup, type Network.protocol-handler.expose.magnet. Then close the tab.
You should be able to click (normally) on the magnet link of that torrent web site and firefox will transfer control to your default torrent client. Otherwise a popup will prompt you to fill in your preferred torrent client.

Firefox Update 57.0.3.x -->> 57.0.4-1

~]$ sudo pacman -Syu
[sudo] password for USER:
:: Synchronizing package databases...
 core is up to date
 extra                                    1639.0 KiB   144K/s 00:11 [#####################################] 100%
 community                                   4.2 MiB   115K/s 00:37 [#####################################] 100%
 DEB_Arch_Extra                           1994.0   B  0.00B/s 00:00 [#####################################] 100%
 DEB_Arch_Extra.sig                        280.0   B  0.00B/s 00:00 [#####################################] 100%
:: Starting full system upgrade...
resolving dependencies...
looking for conflicting packages...

Packages (4) firefox-57.0.4-1  python-setuptools-1:38.4.0-1  subversion-1.9.7-4  whois-5.2.20-1

Updates for firefox 57.0.3 to 57.0.4-1 includes patches for mitigating Meltdown and Spectre. While operating system vendors are pushing patches for their users it isn't clear how much is enough to stop the exploits. Some say this problem with…

Massive Vulnerability Resulting In Meltdown and Specter Attacks

I planned to update Arch every 10 days but since updating some 3 days ago, news of a massive vulnerability in the chip processor all computers use came out. There are two demonstrated attacks called Meltdown and Specter. So let me use the language of the OpenSuse security patch email here to explain what these are.

CVE-2017-5753 / "SpecŧreAttack": Local attackers on systems with modern
     CPUs featuring deep instruction pipelining could use attacker
     controllable speculative execution over code patterns in the Linux
     Kernel to leak content from otherwise not readable memory in the same
     address space, allowing retrieval of passwords, cryptographic keys and
     other secrets.

     This problem is mitigated by adding speculative fencing on affected code
   paths throughout the Linux kernel.


   - CVE-2017-5715 / "SpectreAttack": Local attackers on systems with modern
     CPUs featuring branch prediction could use mispredicted branches to
     speculatively execut…

DNScrypt

It is important to encrypt your dns traffic. That's the queries from your computer to a dns server. My dns resolv.conf contains:
nameserver 8.8.8.8 nameserver 203.111.231.106

I went ahead and installed dnscrypt-proxy package from the official repository. To check files for dnscrypt-proxy type this in the terminal.  $ sudo pacman -Ql dnscrypt-proxy. It will be /etc/dnscrypt-proxy.conf. The config file for dnscrypt is explicit and looks like this essentially:
ResolverName random
You can change "random" to a specific dnscrypt-proxy name from /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv. I recommend this because I encounter a "unable to read" error in the logs when I try it the "random" way. Use chattr +i "path-to-file" to set the property of the file to read-only. NetworkManager will try to modify /etc/resolv.conf. Modify this file to:
nameserver 127.0.0.1
Use dig to check the status of your dns server.
# dig 127.0.0.1 google.c…

SMTP Is Now Working With S-nail (Simple Sendmail)

The new Arch install needs to be able to send email to an outside smtp server. Or use an outside smtp server like my google account. Arch has s-nail by default and could out of the box send mail within its own network. But what I'm talking about is using Google smtp to send mail. The configuration file for s-nail are /etc/mail.rc and ~/HOME/.mailrc.
I began my config file with these in it.
set smtp=smtp://email_addr:password-app ##colon separated values
I saved the text file in ~/.mailrc. Then do a test send mail with the -d flag on to see what's happening wrong. It will tell you what's being loaded and line by line call of the config file. This is how my config file looks now with my goals accomplished.
set smtp-use-starttls set smtp=smtp://smtp.gmail.com:587 set smtp-auth=login set smtp-auth-user=USERNAME set smtp-auth-password=<password-app> set from="USER_EMAIL_ADDR<hostname.domain>"
For Google Mail it is important that you use the app password for the …