EasyOS version 2.3.2, June 22, 2020

For talk and support relating specifically to Puppy derivatives
Message
Author
User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

Re: Floundering

#821 Post by rufwoof »

Rodney Byne wrote:Advice requested please.

For practice session, I want to insert this file;
tor-browser-7.5.3-x86_64.sfs
into a container
Copy or move that sfs to /mnt/sdd2/repository/easy-0.9.4

MENU, Filesystem, Easy Container Management.

Near the top (first box) use the drop down to select which container you want the sfs active in. Click the second box labeled 'Load Extra SFS File' and on the next dialog/window, tick your sfs and click 'commit'.

Now when you start/run that container the SFS should be loaded inside that container.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#822 Post by rufwoof »

Cu Chulinux wrote:If I open the seamonkey container with seamonkey running already as root then the resulting "container" seems to be another instance of the root seamonkey.
Best practice IMO is not to run seamonkey at the same time in both the main session and in a container. I haven't run seamonkey at all in the main system, I've just used the container version, by clicking the seamonkey icon at the top/centre of screen. I've had no problems with sound when playing youtubes using that.

Generally one of the greatest security risks are external facing programs such as a browser. The more that is isolated from the rest of the system the better IMO. Good practice as a single desktop setup is to have the power of running as root for all local things, but a highly protected browser session for external activities/tasks.

A nice feature of Easy is that you can one-time create a snapshot of the browser container before running it, thereafter you have a clean/pristine version that can be rolled back to either at the end of a browser session, so that the next browser session starts clean again, or before starting the browser so that you know you're starting a clean browser session. Not sure how that might sit with email however, personally I use online email accounts as local mailboxes present yet another potential risk/attack front.

User avatar
Cu Chulinux
Posts: 59
Joined: Sun 28 Jan 2018, 18:49
Location: About 180 degrees from Australia

#823 Post by Cu Chulinux »

If sound worked in the container I would just use that but it doesn't and I can't sort out why. Works fine when run outside container.

My thinking was to run outside container for such things as streaming music and inside container for such things as banking. But if the container one can access my bookmarks outside the container isn't that a serious flaw? Why can it even access that file at all?

I can run sakura inside and outside container simultaneously and they are completely independent as far as I can tell. The root directory inside and outside are independent.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#824 Post by rufwoof »

For reference, here's my dd write to MMC/SD speed

Code: Select all

acer# dd if=./easy-0.9.4-amd64.img of=/dev/rsd3c bs=1M
641+0 records in
641+0 records out
672137216 bytes transferred in 106.328 secs (6321326 bytes/sec)

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#825 Post by rufwoof »

Cu Chulinux wrote:If sound worked in the container I would just use that but it doesn't and I can't sort out why. Works fine when run outside container.
Did sound work straight off from the main system, or did you perhaps have to unmute the speaker? Guessing it might just be muted inside the container

I'd be inclined to copy over the normal /root config files into the containers i.e. run the container so you can access the files and go to the /mnt/wkg/containers/seamonkey/.session/root (from memory, which I may have wrong as I'm OBSD booted at present) and compare/copy files with /root.

Of course backup the container first (nice and easy to do :))

User avatar
Cu Chulinux
Posts: 59
Joined: Sun 28 Jan 2018, 18:49
Location: About 180 degrees from Australia

#826 Post by Cu Chulinux »

I have a suspicion that the container is trying to use the HDMI sound output instead of the PCI sound output. I do remember having to specify that on inital setting up something but I can't remember if it was Easy or one of the puppies or maybe something else entirely. When back home I will see what I can do in container (which is all still pretty new to me).

I can also try from a USB and see if sound works right off.

User avatar
don570
Posts: 5528
Joined: Wed 10 Mar 2010, 19:58
Location: Ontario

#827 Post by don570 »

BarryK wrote:I was thinking of naming this super-root "xeus", who was the king of the Greek gods. Unless there is a suitable doggy name...
There is a dog in Greek Mythology called 'Cerberus'
http://monster.wikia.com/wiki/Cerberus

_________________________________________

Berryboot has converted Barry's Quirky Arm7 to its format.
I was able to install it on my new raspberry pi3.

Quirky Xerus 8.1.4 for Raspberry Pi 2 & 3 (397.7 MiB, 906 downloads) December 27, 2016
https://sourceforge.net/projects/berryb ... z/download
___________________________________________
Attachments
Cerberus.png
(247.8 KiB) Downloaded 547 times

User avatar
Cu Chulinux
Posts: 59
Joined: Sun 28 Jan 2018, 18:49
Location: About 180 degrees from Australia

#828 Post by Cu Chulinux »

Booting from USB shows me that I DID have to manually choose the sound card so I probably have to do the same in the container.

User avatar
Billtoo
Posts: 3720
Joined: Tue 07 Apr 2009, 13:47
Location: Ontario Canada

#829 Post by Billtoo »

I installed to a 32gb usb-3.0 flash drive.
video-info-glx 1.5.3 Sat 9 Jun 2018 on Easy Pyro64 0.9.4 Linux 4.14.44 x86_64X Server: Xorg Driver: radeon
X.Org version: 1.19.1
dimensions: 1920x1080 pixels (508x285 millimeters)
depth of root window: 24 planes
direct rendering: Yes
server glx vendor string: SGI
server glx version string: 1.4
OpenGL vendor string: X.Org
OpenGL renderer string: Gallium 0.4 on AMD REDWOOD (DRM 2.50.0 / 4.14.44, LLVM 3.9.1)
OpenGL version string: 2.1 Mesa 17.0.7
AMD Phenom(tm) II X6 1045T Processor
Core 0: @824 1: @850 2: @812 3: @1113 4: @799 5: @1056 MHz

I installed the usual pets, I'm playing a radio station from
the Seamonkey container.

Works well so far.
Attachments
screenshot.jpg
(76.2 KiB) Downloaded 483 times

Rodney Byne
Posts: 247
Joined: Fri 31 Jan 2014, 14:12

To rufwoof

#830 Post by Rodney Byne »

To rufwoof,

thanks for replying.

I followed your instructions;
"Near the top (first box) use the drop down to select which container you want the sfs active in.
Click the second box labeled 'Load Extra SFS File' and on the next dialog/window, tick your sfs and click 'commit

Now when you start/run that container the SFS should be loaded inside that container"

First, which container do I select, there are THREE
Seamonkey, sh0 and ssh0

Not knowing, I tried sh0, is this one ok?
I then ticked the commit box for my file.
Then, I am confused.
What explicitly do you mean by "start/run that container"
There is no start/run button that I can find.
Do you mean reboot the computer?
I tried rebooting the computer but my file that I loaded
if that's the right word doesn' t show up at all.
My file is still where you told me to put it.,
There's no sh0 container with my tor-browser program
inside showing on the desktop.
There must be a knack to this but I can't find the knack.

Please help me further I've been struggling with this
for many weeks and am climbing the walls here, thanks.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#831 Post by rufwoof »

@Rodney

The default install has two icons at the top centre of the screen, one WWW (for seamonkey) the other for console (sh0). Sounds like you've added the sfs to the console (sh0) container, so clicking that top centre console desktop icon will bring up a terminal window and within that session the sfs you've set to load in that container should be loaded/available. I've never used a tor browser, but assuming you can launch it with a terminal command such as 'tor-browser' then entering/typing that command inside the console window and pressing Enter would (after a short delay) launch the tor browser???

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#832 Post by BarryK »

There are some issues with LibreOffice:

http://murga-linux.com/puppy/viewtopic.php?t=113514

ctrl-click to open a hyperlink in the default browser, and online help, both now work.

Note:
I discovered that Zeus is a favourite dog name.

See here:

https://pethelpful.com/dogs/16-Greek-Na ... -Male-Dogs
[url]https://bkhome.org/news/[/url]

Rodney Byne
Posts: 247
Joined: Fri 31 Jan 2014, 14:12

tor-browser

#833 Post by Rodney Byne »

rufwoof,

All noted above thanks.
I did manage to container Firefox ok.

You should try to-browser, it's a useful program
to hide your ip source address and be incognito,
as you're bounced three times around the world.

I posted on this forum some time ago, that with
Easy you can have anonymity and security
with tor-browser inside a container.

But nobody took me up on the fact that you can't
import your own sfs files, because at present Barry
hasn't allowed this to happen.
If anyone bothered to read it, the caveat is buried
in a sea of words in the help section.

So if it's not listed in PetGet, you can't container it!
And Petget is almost empty anyway.
So my weeks of struggling were all wasted.

Barry take note please and include tor-browser
in the Package Manager for future releases.
Regards.

Rodney Byne
Posts: 247
Joined: Fri 31 Jan 2014, 14:12

????

#834 Post by Rodney Byne »

Rufwoof,

Further to try t-b, It should be possible to google
and download the sfs for
tor-browser-7.5.3-x86_64.sfs
and pet
tor-browser-6.5.1-i686.pet

Sorry I overlooked your ????

Well if eventually it becomes possible to containerize
tor-browser, as now with SM, you would just click
on the newly created container and t-b will launch.
No need to use terminal, but yes that command works.

If all else fails, there's always Menu/Internet and
usr/share/applications to drag a shortcut to desktop.
Regards.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#835 Post by rufwoof »

Just tried it for myself Rodney. Seems to load/work OK for me. Downloaded the 64 bit tor ...sfs file, saving it to /mnt/sdd2/repository/easy-0.9.4. Then used the Menu, Filesystem, Easy Container Management option to select the sh0 choice at the top, and click the SFS button (all this as described earlier), and the next screen showed the tor sfs file as being available, so I clicked to tick it and pressed commit.

Back at the main desktop, I clicked the 'console' icon at the top just right of centre and a terminal window opened. At the terminal

Code: Select all

which tor-browser
showed /usr/bin/tor-browser

and running

Code: Select all

/usr/bin/tor-browser
brought up the tor browser connect/configure window. Clicking connect and a browser window was displayed.

Closed the session and the console terminal window (closed the container). Re clicked the console icon again and ran tor-browser command again and it loaded OK again (went through a update before showing the browser window).
Attachments
capture10263.png
(131.96 KiB) Downloaded 378 times

User avatar
Cu Chulinux
Posts: 59
Joined: Sun 28 Jan 2018, 18:49
Location: About 180 degrees from Australia

#836 Post by Cu Chulinux »

I am currently using firefox in the shell container, which I used the network wizard to configure my sound card in. Now I have sound in both firefox and seamonkey within this container. Don't know yet how to configure it in the seamonkey container. Maybe try editing the container config file.

I installed the firefox pet in the container in order to run it.

Next step I'll install firefox as root and create a separate container. See if it remembers the sound card setup when I do.

Not sure about this "super root" (super duper user?) idea. It seems a bit contorted to cripple root and then create a new user to do what root is intended to do. I get that running as root is a puppy convention but with the containers and all we are getting away from a single-user single-userspace OS.

A super-root user sounds like something dreamed up for PID0 systemd. After all they need to have access to all things at all times.

BTW I have been checking memory usage between seamonkey and firefox and they are pretty close to the same. Nice job Barry, In windows I've checked this and firefox is easily triple the memory usage of seamonkey.
Last edited by Cu Chulinux on Sun 10 Jun 2018, 16:50, edited 1 time in total.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#837 Post by rufwoof »

Now I have sound in both firefox and seamonkey within this container. Don't know yet how to configure it in the seamonkey container. Maybe try editing the container config file.
I like to create a sakura (terminal) container, as that way the container is like a separate system that you can log into at the command level and run commands etc.

For firefox for instance, after having created a sakura container I run it so that its activated, and then download the firefox...bz2 using the main (non container) seamonkey, and then use the main system to copy that file into the container and then extract it (I use /usr/lib as the location to extract to, so I end up with a /usr/lib/firefox folder with the firefox binary inside that folder). I also copy across the three libpulse type files that Oscar's apulse (64 bit apulse-0.1.11-x86_64.pet) pet installs (I install it to the main system using pet, and copy the /usr/lib/libpul... files to the containers /usr/lib folder).

That (terminal container) way you can also run other things such as sound configuring ...etc. within the container.

Will have to come back and edit the path as not in Easy at present, something like /mnt/wkg/containers/sakura/.session is the root folder, so /usr/lib within that would be /mnt/wkg/containers/sakura/.session/usr/lib To repeat however the container must be running, otherwise that folder is just empty.

The other way for a container such as seamonkey might be to edit the ec-chroot file in that containers / folder (/mnt/wkg/containers/sakura/container ??? (again I'll have to check that path)) so that it just ran sakura instead of seamonkey. Hard code EXE=sakura variable for instance and then close that container session and restart it again so it ran sakura instead of seamonkey ... so you could edit things, and then after having made edits revert back again to running seamonkey.

The other route might be via /mnt/sdd2/containers/ and then the particular container such as sakura folder. I think that is where the current rw overlay files are stored.
Attachments
libpulse-simple.so.0.gz
fake .gz /usr/lib apulse file
(16.61 KiB) Downloaded 112 times
libpulse-mainloop-glib.so.0.gz
(4.32 KiB) Downloaded 103 times
libpulse.so.0.gz
(93.67 KiB) Downloaded 116 times

User avatar
Cu Chulinux
Posts: 59
Joined: Sun 28 Jan 2018, 18:49
Location: About 180 degrees from Australia

#838 Post by Cu Chulinux »

I set up a container for firefox. I copied the etc/asound.conf file from the sakura container where sound works to the firefox container/ Now sound works in the firefox container. I made a snapshot of the container to revert back to initial state when required. Now I am surfing happily in a container.

I also copied the asound.conf file to the seamonkey folder. I could have just copied the asound.conf file from the main system /etc directory. It goes in the container's /mnt/wkg/containers/seamonkey/etc directory (for example, for seamonkey container). I figured this out by seeing what was different between the two container files.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#839 Post by rufwoof »

Re dd'd the MMC/SD card and started up sh0 container - so a pure/clean version. Installed firefox and no sound. Tried copying across those libs (pulseaudio) I posted earlier and still no sound. Installed Oscar's apulse pet and sound works OK (after a reboot). Ended up installing the pet to both the main system and container, so I'm not really sure as to what actually needs to be installed where to get pulse/firefox working.

Oddly a graphics/screencapture fullscreen doesn't capture the firefox splash screen that shows the version, despite it being visible on screen.
Attachments
capture5165.png
(146.27 KiB) Downloaded 309 times

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#840 Post by rufwoof »

Cu Chulinux wrote:Not sure about this "super root" (super duper user?) idea. It seems a bit contorted to cripple root and then create a new user to do what root is intended to do. I get that running as root is a puppy convention but with the containers and all we are getting away from a single-user single-userspace OS.

A super-root user sounds like something dreamed up for PID0 systemd. After all they need to have access to all things at all times.
Not keen on it myself either. I opine that root should just be console/cli only as even running X as root isn't a good idea. Elevate a super-user to root like admin levels hides that behind a dual userid and password being needed to be broken/hacked (makes brute force password cracking more difficult). By all means login to the main desktop gui as that super-user, and where the same userid is below average privileges in containers, but standard root on the main system and a unshare/capsh'd root inside containers ... just ain't right IMO. A heavily capabilities limited root might seem safe, but there's always the chance some corner somewhere is overlooked ... a mknod, cron or file descriptor link etc. type hack for instance. General advice for unshare/capsh is still not to run as root.

Post Reply