Slacko5.7-2015 and 2015a

For talk and support relating specifically to Puppy derivatives
Message
Author
User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#46 Post by 8Geee »

1.) No fix in 38.0.6 or in 39

2.) No its actually worse than 27 in that TLS is not fully supported... only SSL3 which has been hacked.

3.) Well, the 1.0.1.p version is patched.

4.) The openssl type 1.0.1, 1.0, or 0.98 is dependant upon the puppy. Thats why I asked you to open terminal and type in openssl version just as you see it here. If you have 1.0.1 then the correct patch is 1.0.1p.

5.) That Menu --> Setup portion will guide you to any fixes from the developer (Slackware, Debian, Ubuntu, etc.) I showed "Updates from Slackware" as the slacko path. I'm not sure about carolite 1.2.

6.) If you are running as a live-CD the patch would be put in memory. If running with a 2fs save, then the save-file gets bloated with the doc files (about 2.5 Mb) since theres no journaling (removal of deleted files gains free-space).

7.) Don't load anything until you have checked the version of openssl in #4. Carolite/Carolina is a Jemimah distro with lots of tweaks that make it better at the risk of making it "independent". I'll have a look at the massive Carolina thread to see whats going on in terms of compatability.

I didn't know if you had changed over to a different distro or not thus the long-wiinded posts.

*** EDIT *** I ran through the posts asociated with Carolina/Carolite. It seems that Geoffery claimed 1.0.1j in an X-Slacko environment. Still check into the build as requested above. With your setup this needs a remaster after upgrading the browser and openssl and wget and bash.

bash should be 4.3.30(1)
wget should be 1.16
openssl should be 1.0.1p
browser should be => FF27

The last remaining security patch is the toughest... glibc. That requires kernel 3.18.2 or better. Fixing this is very complex otherwise.
/EDIT
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
Mike7
Posts: 400
Joined: Tue 19 Feb 2013, 00:31

#47 Post by Mike7 »

8Geee-
its actually worse than 27 in that TLS is not fully supported... only SSL3 which has been hacked.
Okay, I take it then that there's nothing to be gained by looking backwards.
That Menu --> Setup portion will guide you to any fixes from the developer (Slackware, Debian, Ubuntu, etc.) I showed "Updates from Slackware" as the slacko path. I'm not sure about carolite 1.2.
But what are you looking at? Is "Menu->Setup->Update" in an SSL installation program or something? I don't know where we're at here.
If running with a 2fs save, then the save-file gets bloated with the doc files (about 2.5 Mb) since theres no journaling (removal of deleted files gains free-space).
I thought the savefile, as read/write, would allow this to happen. What, then, does journaling mean in the context of a savefile? (Frankly, journaling is a concept that I've never fully understood.)

Furthermore, I don't get what the problem is with the savefile; for example, what's the difference, insofar as savefile size is concerned, if you delete an app before installing the update? And even if you would save savefile space (which I don't see), isn't there a risk of components being missing, since many updates are designed to be done over the previous app?
It seems that Geoffery claimed 1.0.1j in an X-Slacko environment.

What exactly does "X-Slacko environment mean"? Is the compatibility with Slacko Puppy only, or also with Slackware?
Still check into the build as requested above.

Code: Select all

# openssl version
OpenSSL 1.0.0d 8 Feb 2011

# uname -r
3.2.13

# bash --help
GNU bash, version 3.00.16(1)-release-(i486-t2-linux-gnu)

# wget --help
GNU Wget 1.15

# firefox -version
Mozilla Firefox 38.0.5
With your setup this needs a remaster after upgrading the browser and openssl and wget and bash
Uh-oh <grin>.
The last remaining security patch is the toughest... glibc. That requires kernel 3.18.2 or better.
I should be okay, then, as my kernel is 3.2.13.

But, isn't this whole security updating and patching thing a full-time job these days? There seem to be new versions of things every week to counteract all the new threats. I mean, by the time I got all these security patches and updates installed and the OS remastered, wouldn't it already be out of date?

Mike
Carolite-1.2 w/FF38 on bootable 16G flash drive; Asus eeePC 1000HA, Atom CPU, 2G RAM, 160G HDD.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#48 Post by 8Geee »

As it turns out I'm glad I asked questions here.

It seems Carolite is a different distro than a slackware derivative. Thanks for posting openssl and wget. The reason you are having difficulty understanding things here is that our menu's are much different, with things located in different places. So your openssl is 1.0.0 and different, and sourced differently. There must be a repository (collection) of files for carolina that should work for the lite version you have. With in that collection should be updates for wget, bash, and openssl. I would leave a post or two over at the Carolina 1.3 thread, and see whats up.

Now for 2fs and journalling, 2fs is a read-only save file, meaning that once something get put into it, such stuff cannot be over-written, even if blank space. It like a write-once, then read-only file. Journalling is a word that means the file can be over-written, so 3fs and 4fs can be modified in this way. It also means that a file can be removed from the 3fs (4fs) save. Journalling (re-writing) shortens the life of a USB flash stick in particular, and does "wear-down" SSD's (but these have a system to shift files to a less worn down area). In general journalling can be minimized by only rewriting at shutdown, or when important things get updated. In puppy there is pupmode 13, and coupled with No timed-save, and save on shutdown, things for me work OK. Obviously, if running puppy as a live-CD, its better to shutdown and forget.

The 2fs save file will copy the whole file if changed, and this causes the save file to grow fast, and take up a lot of room (the original file is not re-written, but flagged as old: both copies are in the save-file).

HTH
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
Mike7
Posts: 400
Joined: Tue 19 Feb 2013, 00:31

#49 Post by Mike7 »

Hi, 8Geee.

Sorry I've been so long in replying but I've had a health issue.
The reason you are having difficulty understanding things here is that our menu's are much different, with things located in different places.
You can say that again <grin>.
There must be a repository (collection) of files for carolina that should work for the lite version you have. With in that collection should be updates for wget, bash, and openssl.
The PPM in my Carolite-1.2 shows newer versions of all three:
  • openssl-1.01j-i486
    bash-4.3.39
    wget-1.16-i486
However, it's a Carolina repo, not a Carolite repo. And aside from openssl, what's the real point in updating? I mean, I could try to update everything in my OS, since it was written three years ago. But I'd have to uninstall the built-in versions first, which is risky because they were designed for Carolite-1.2 and what's more are no longer available anywhere. What's the gain for all this work and the danger of destabilising the system irremediably?
I would leave a post or two over at the Carolina 1.3 thread, and see whats up.
What works for Carolina-1.3 doesn't necessarily work for Carolite-1.2, and the people in the Carolina threads don't necessarily know what works and what doesn't, since they aren't using Carolite-1.2 any more (if they ever did). So that's just looking for more trouble, I believe.
2fs is a read-only save file, meaning that once something get put into it, such stuff cannot be over-written,
Well, this is bad for me, isn't it? My savefile is huge (Carolitesave.2fs > Properties > 536.9Mb, and /mnt/dev_save > 657.6Mb). But what choice did I have between the 2fs savefile I've got and a 3fs or 4fs savefile? (BTW, does this have something to do with the ext filesystem on the drive?)

All these confusing, negative, and depressing issues that I don't fully understand and am in no position to fix are just making me feel like hanging up Carolite and the other Puppies.

I appreciate your help, I really do, but I haven't got enough time to devote to this, it seems, and that's what remastering Carolite with updates and fixes for everything is starting to entail. If I would have to single-handedly create a "Carolite-1.3" in order to achieve some sort of security, then I'll just have to abandon it.

Mike
Carolite-1.2 w/FF38 on bootable 16G flash drive; Asus eeePC 1000HA, Atom CPU, 2G RAM, 160G HDD.

User avatar
rg66
Posts: 1158
Joined: Mon 23 Jul 2012, 05:53
Location: Vancouver, BC Canada / Entebbe, Uganda Africa!?!

#50 Post by rg66 »

Mike7 wrote:However, it's a Carolina repo, not a Carolite repo...

What works for Carolina-1.3 doesn't necessarily work for Carolite-1.2...
Carolite is nothing more than a stripped down Carolina. The repo packages will work in Carolite as long as the dependencies are there.
X-slacko-5b1 - X-tahr-2.0 - X-precise-2.4
[url=http://smokey01.com/rg66/]X-series repo[/url]

User avatar
Mike7
Posts: 400
Joined: Tue 19 Feb 2013, 00:31

#51 Post by Mike7 »

Hi, rg66.
The repo packages will work in Carolite as long as the dependencies are there.
I was told in this forum (can't remember which thread) that the libraries in Carolite-1.2 are not identical to those in Carolina-1.3 and that not all the apps written for Carolina-1.3 will work in Carolite-1.2. Was I misinformed?

M.
Carolite-1.2 w/FF38 on bootable 16G flash drive; Asus eeePC 1000HA, Atom CPU, 2G RAM, 160G HDD.

User avatar
Mike7
Posts: 400
Joined: Tue 19 Feb 2013, 00:31

#52 Post by Mike7 »

8Geee-

-- Will I be okay with openssl-1.01j, or must it be 1.01p for the security update? (I can't find openssl-1.01p in the Carolina repos at smokey01.com and archive.org.)

-- Is it okay, then, to install glibc with kernel 3.2.13? Where do I find glibc? (Is changing this library going to affect other things?)

M.
Carolite-1.2 w/FF38 on bootable 16G flash drive; Asus eeePC 1000HA, Atom CPU, 2G RAM, 160G HDD.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#53 Post by 8Geee »

As far as openssl- I would ask over at Carolina 1.3 thread. D/L a slacko version is not in your best interests. 101j has two major flaws that need update to 101p. These flaws include accessing any https webpage. You have the second, and related, problem of the FF26 browser. That needs to go to FF27 minimum. In this case, though the computer scripting is better, the browser is acting as a backdoor by letting weak password-schemes enter, and allowing strong password-schemes to be weakened. This is not really tin-foil hat stuff, its a serious and rather easy exploit.

glibc replace needs dedicated methods of removal/install. I can't go there myself, and instead choose to remove share apps manually. If its not there, it can't be an open door (but could maliciously reinstalled).
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

FF pdf reader patch

#54 Post by 8Geee »

It has recently come to my attention that the Firefox pdf reader uses a javascript layer that can be exploited. The exploit allows a hacker (reports are a team in at least the Ukraine) to enter the Computer and search for configurations of things like ftp and ssh configs, and bash history.

This is easily mitigated by using EDIT --> PREFERENCES --> APPLICATIONS and then about config in Firefox. The posting here outlines the simple directions. Remember to disconnect from the internet when performing this, Then close browser and then reopen. You may then connect to the internet again.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

Pelo

slackeee-57 : removed FFox

#55 Post by Pelo »

slackeee-57 : removed FFox because off boring duck duck go and other restrictions about browsing. replaced by a french version of Seamonkey.
Remasterized without browser. (browser from my tool case for each pup save
However i find the ISO size is big. I don't see where is the fat. Don't mind... Our Puppy get old,

unicorn316386

Re: slackeee-57 : removed FFox

#56 Post by unicorn316386 »

Pelo wrote:slackeee-57 : removed FFox because off boring duck duck go and other restrictions about browsing. replaced by a french version of Seamonkey.
Remasterized without browser. (browser from my tool case for each pup save
However i find the ISO size is big. I don't see where is the fat. Don't mind... Our Puppy get old,
In my test here, removing FF27/28 should make the puppy.sfs about 28MB smaller, if you resquash the whole filesystem without /usr/lib/firefox and/or move FF to it's own sfs file. Is that what number you are getting as difference?

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#57 Post by 8Geee »

Pelo:

The bulk may be the video drivers. I removed all the ones not needed for ASUS-eeepc and iso went from 170 to 145Mb. When I removed unnecessary shares the iso went from 145 to 138Mb. So the distro 'can' be small. In fact, when I use the smallest version (138Mb) and add SoftOffice-FreeOffice v.697 with 'only US-en' language and default 'de', the iso is larger at 171Mb. All these versions fit in a 512Mb partition including a 128Mb save.

As others point out, putting the browser in its own sfs will reduce the loaded size quite a bit (browser on demand).

This distro preconfigures FF27 so that high-quality https security is used, lesser security invites the bad-guys. Duckduckgo or ixquick keeps the big guys out (Apple, Microsoft, Google, Facebook, Twitter) of 'your' and 'my' searching... unless you want news that only you prefer, and not the truth. (Yes, this IS what happens... your news gets filtered according to your taste, not for what is relevant or important!)
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

Pelo

puppy_slacko_5.7.sfs: 165 M

#58 Post by Pelo »

puppy_slacko_5.7.sfs: 165 M (seamonkey-2.13.2_fr.pet: 24 M included)

my aim was not so much decreasing ISO file than to get rid off FF27 version included.
"SoftOffice-FreeOffice v.697 with 'only US-en' language and default 'de' "
Sure Soft office is a big part, but Soft office is a little bit my interest. I will not remove it.
"keeps the big guys out (Apple, Microsoft, Google, Facebook, Twitter) of 'your' and 'my' searching.."
These are my prefered ones !

I am in my first steps with slackeee. It was just to taste it. If Soft Office is included, that means that Slackeee will be for working at home, :( after a hard day at the office with... Microsoft office.
I will inform you of what happening, the best and the worse.
Have a nice day, cher collègue Puppy
Attachments
juke-Box.jpg
My Juke-Box at Slacko's
(54.35 KiB) Downloaded 481 times

Gsyman
Posts: 7
Joined: Sat 04 Jul 2015, 06:23

Asus EEE 901

#59 Post by Gsyman »

Could you please let me know which version you are recommending for installation on the Asus EEE?
I want to do a fresh install with the latest version that works, also the partitions are in a mess.
What size SD card can be used to extend the memory?

Thanks

User avatar
Mike7
Posts: 400
Joined: Tue 19 Feb 2013, 00:31

#60 Post by Mike7 »

Hi, all.

Is there now a slimmed-down slacko specifically for the Asus EEEpc that works? That is, a slackeee-57 without Office and with a safe browser, and with ssl and glibc issues resolved? If so, where can I download the iso?

Thanks.

Mike
Carolite-1.2 w/FF38 on bootable 16G flash drive; Asus eeePC 1000HA, Atom CPU, 2G RAM, 160G HDD.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

2017 version of mini-eee

#61 Post by 8Geee »

There have been newer editions than these 2015 versions.

As of right now I have the mini-eee 2017 version (Feb. 1, 2017) brand new fresh from testing.

Please see this post for the D/L point.

regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
Mike7
Posts: 400
Joined: Tue 19 Feb 2013, 00:31

#62 Post by Mike7 »

Hi, 8Geee.

I looked over the whole "Slacko5.7-eee2017 and mini-eee" thread and quickly got discouraged. There would be so many problems for me with Openssl, wifi, glibc, etc., that I can't attempt the transition.

Thanks anyway.

M.
Carolite-1.2 w/FF38 on bootable 16G flash drive; Asus eeePC 1000HA, Atom CPU, 2G RAM, 160G HDD.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#63 Post by 8Geee »

Mike7

There is a brand new version just uploaded yesterday (Feb. 15). I've had a heck of a time getting all the spins together and updated. But they are finally done. All of those things you read about are done, and as they get updated, I'll post. Most are rather simple to do, but I see your point, there does get to be many of them. And a few are not easy. That is why I update the spins. Many folks just don't have the time for such things.

All of the eeePC spins are HERE.

The brand new base Slacko5.7-2017A is HERE.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#64 Post by 8Geee »

This thread will be locked (no new posts) soon. The object is to consolidate all of the previous spins to their most recent update. THe previous post indicates where things have moved.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

Locked