From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 3FF75139085 for ; Wed, 21 Dec 2016 01:02:37 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4D8F521C096; Wed, 21 Dec 2016 01:02:23 +0000 (UTC) Received: from alt1.smtp5.plusvps.com (alt1.smtp5.plusvps.com [89.201.164.167]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B536DE0D58 for ; Wed, 21 Dec 2016 01:02:22 +0000 (UTC) Received: from lin16.mojsite.com ([178.218.164.164]) by smtp5.plusvps.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.84) (envelope-from ) id 1cJVIR-000Fkb-J3 for gentoo-user@lists.gentoo.org; Wed, 21 Dec 2016 02:02:19 +0100 Received: from 78-1-154-21.adsl.net.t-com.hr ([78.1.154.21]:52820 helo=g0n.localdomain) by lin16.mojsite.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.87) (envelope-from ) id 1cJUaO-0002f8-L0 for gentoo-user@lists.gentoo.org; Wed, 21 Dec 2016 01:16:48 +0100 Received: by g0n.localdomain (Postfix, from userid 1000) id 31B27F4C0; Wed, 21 Dec 2016 01:17:18 +0100 (CET) Date: Wed, 21 Dec 2016 01:17:18 +0100 From: Miroslav Rovis To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Reading the (SSL) traffic with Pale Moon Message-ID: <20161221001718.GA31137@g0n.xdwgrp> References: <20161217224455.GA9477@g0n.xdwgrp> <20161217232554.GB9477@g0n.xdwgrp> <20161218015637.GC18283@waltdnes.org> <20161218055009.GA11155@g0n.xdwgrp> <20161218070441.GA19833@waltdnes.org> <20161218181616.GA13242@g0n.xdwgrp> <20161218184347.GB13242@g0n.xdwgrp> <20161218202933.GA23487@waltdnes.org> <20161219122519.GB31077@g0n.xdwgrp> <20161220080036.GA16916@waltdnes.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="rwEMma7ioTxnRzrJ" Content-Disposition: inline In-Reply-To: <20161220080036.GA16916@waltdnes.org> User-Agent: Mutt/1.7.2 (2016-11-26) X-PlusHosting-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details, Found to be clean X-PlusHosting-MailScanner-SpamCheck: X-Spam-Status: No, No X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - lin16.mojsite.com X-AntiAbuse: Original Domain - lists.gentoo.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - croatiafidelis.hr X-Get-Message-Sender-Via: lin16.mojsite.com: authenticated_id: miro.rovis@croatiafidelis.hr X-Authenticated-Sender: lin16.mojsite.com: miro.rovis@croatiafidelis.hr X-PlusHosting-MailScanner-Information: Please contact the ISP for more information X-PlusHosting-MailScanner-ID: 1cJVIR-000Fkb-J3 X-PlusHosting-MailScanner-From: miro.rovis@croatiafidelis.hr X-Archives-Salt: 90f18d67-33d2-4cc7-ae7e-f5001627a18d X-Archives-Hash: fb55021eed1c62ccf2fb13ae869c856f --rwEMma7ioTxnRzrJ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 161220-03:00-0500, Walter Dnes wrote: > On Mon, Dec 19, 2016 at 01:25:19PM +0100, Miroslav Rovis wrote >=20 > > And I'm very curious to learn how to install in Air-Gapped, from git, > > through intermediary action, that is acceptable, but in a verifiable > > way, as I asked in my other reply email to this message. >=20 > The Pale Moon project is located at... > https://github.com/MoonchildProductions/Pale-Moon That is certainly also what the official overlay uses, the one listed in: https://overlays.gentoo.org/ which has updated, as I attempted to work with your scripts. Just pulled: miro@g0n /Cmn/src/palemoon-overlay $ git pull remote: Counting objects: 8, done. remote: Total 8 (delta 6), reused 6 (delta 6), pack-reused 2 Unpacking objects: 100% (8/8), done. =46rom https://github.com/deuiore/palemoon-overlay 237160b..d0b6f90 master -> origin/master Updating 237160b..d0b6f90 Fast-forward www-client/palemoon-bin/Manifest | 3 + www-client/palemoon-bin/palemoon-bin-27.0.3.ebuild | 112 ++++++++++++++++++++++++ www-client/palemoon/Manifest | 3 +- www-client/palemoon/palemoon-27.0.2.ebuild | 6 +- www-client/palemoon/palemoon-27.0.3.ebuild | 239 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 359 insertions(+), 4 deletions(-) create mode 100644 www-client/palemoon-bin/palemoon-bin-27.0.3.ebuild create mode 100644 www-client/palemoon/palemoon-27.0.3.ebuild But I spent hours studying your scripts, and their fine, but my system is hardened, and the /usr/src/ where I put pmmain/ failed. It was that gcc couldn't even create let alone the conftest, but not even conftest.c was created. And the Pale Moon that I have installed works just great (except for logging into the forum, but that's not its fault; btw, I logged into github, no problem...). And the overlay looks good, and all set properly... And it's official, more reliable than homemade. I'll try and see next how the updating will go with the official. =2E.. Doing it now. The line that I use, as admin (root is not much more poweful than just a regular user in grsecurity-hardened), ah, didn't need that, I only need that when there are more packages, this logs the same as what you have later in /var/log/portage/ ...: # emerge -tuDN palemoon 2>&1 | tee emerge-tuDN_palemoon_$(date +%y%m%d_%H%M= )_g0n These are the packages that would be merged, in reverse order: Calculating dependencies .. . .... done! [ebuild U ] www-client/palemoon-27.0.3::miro [27.0.2::miro] USE=3D"als= a gstreamer gtk2 official-branding optimize -dbus -gtk3 -jemalloc -necko-wi= fi -pulseaudio -shared-js -system-libs -valgrind -webrtc" 0 KiB Total: 1 package (1 upgrade), Size of downloads: 0 KiB Would you like to merge these packages? [Yes/No]=20 >>> Verifying ebuild manifests >>> Running pre-merge checks for www-client/palemoon-27.0.3 * Checking for at least 7 GiB disk space at "/var/tmp/portage/www-client/p= alemoon-27.0.3/temp" ... [ ok ] >>> Emerging (1 of 1) www-client/palemoon-27.0.3::miro >>> Unpacking source... * Fetching git://github.com/MoonchildProductions/Pale-Moon.git ... git fetch git://github.com/MoonchildProductions/Pale-Moon.git +refs/tags/27= =2E0.3_Release:refs/tags/27.0.3_Release remote: Counting objects: 362, done. =2E.. And more than 4 threads is fine: top - 01:03:03 up 3 days, 6:32, 9 users, load average: 14.08, 10.22, 7.75 Tasks: 171 total, 9 running, 160 sleeping, 2 stopped, 0 zombie %Cpu(s): 85.0 us, 11.3 sy, 3.7 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.= 0 st KiB Mem : 16398240 total, 1935348 free, 3362256 used, 11100636 buff/cache KiB Swap: 0 total, 0 free, 0 used. 12842124 avail Mem= =20 PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND= =20 15934 portage 20 0 292768 243536 15284 R 56.8 1.5 0:02.12 cc1plus= =20 15930 portage 20 0 352412 305772 15360 R 50.2 1.9 0:02.83 cc1plus= =20 15921 portage 20 0 369724 321532 15332 R 49.2 2.0 0:03.66 cc1plus= =20 15938 portage 20 0 200696 150028 15360 R 41.9 0.9 0:01.26 cc1plus= =20 31169 miro 20 0 442208 69132 20408 S 23.9 0.4 6:28.81 ffmpeg = =20 15942 portage 20 0 139212 90380 15064 R 16.9 0.6 0:00.51 cc1plus= =20 15955 portage 20 0 96876 56996 14292 R 9.6 0.3 0:00.29 cc1plus= =20 15952 portage 20 0 82248 46356 15008 R 9.0 0.3 0:00.27 cc1plus= =20 11468 miro 39 19 605396 153748 19432 R 3.7 0.9 1404:00 ffmpeg = =20 =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D= -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- And this is my itch, verification of these: /usr/portage/distfiles/git3-src/: total 4 drwxr-xr-x 6 portage portage 4096 2016-12-18 22:27 MoonchildProductions_Pal= e-Moon.git /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git: total 32 -rw-r--r-- 1 portage portage 66 2016-12-18 22:20 config -rw-r--r-- 1 portage portage 73 2016-12-18 22:20 description -rw-r--r-- 1 portage portage 114 2016-12-21 00:58 FETCH_HEAD -rw-r--r-- 1 portage portage 23 2016-12-18 22:20 HEAD drwxr-xr-x 2 portage portage 4096 2016-12-18 22:20 hooks drwxr-xr-x 2 portage portage 4096 2016-12-18 22:20 info drwxr-xr-x 4 portage portage 4096 2016-12-18 22:20 objects drwxr-xr-x 5 portage portage 4096 2016-12-18 22:24 refs /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/hooks: total 44 -rwxr-xr-x 1 portage portage 478 2016-12-18 22:20 applypatch-msg.sample -rwxr-xr-x 1 portage portage 896 2016-12-18 22:20 commit-msg.sample -rwxr-xr-x 1 portage portage 189 2016-12-18 22:20 post-update.sample -rwxr-xr-x 1 portage portage 424 2016-12-18 22:20 pre-applypatch.sample -rwxr-xr-x 1 portage portage 1642 2016-12-18 22:20 pre-commit.sample -rwxr-xr-x 1 portage portage 1239 2016-12-18 22:20 prepare-commit-msg.sample -rwxr-xr-x 1 portage portage 1348 2016-12-18 22:20 pre-push.sample -rwxr-xr-x 1 portage portage 4951 2016-12-18 22:20 pre-rebase.sample -rwxr-xr-x 1 portage portage 544 2016-12-18 22:20 pre-receive.sample -rwxr-xr-x 1 portage portage 3610 2016-12-18 22:20 update.sample /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/info: total 4 -rw-r--r-- 1 portage portage 240 2016-12-18 22:20 exclude /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/objects: total 8 drwxr-xr-x 2 portage portage 4096 2016-12-18 22:20 info drwxr-xr-x 2 portage portage 4096 2016-12-21 00:58 pack /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/objects/= info: total 0 /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/objects/= pack: total 270812 -r--r--r-- 1 portage portage 5090828 2016-12-18 22:24 pack-a682fc22249531= 22b74e217a9ca3773304b49d94.idx -r--r--r-- 1 portage portage 271104986 2016-12-18 22:24 pack-a682fc22249531= 22b74e217a9ca3773304b49d94.pack -r--r--r-- 1 portage portage 14540 2016-12-21 00:57 pack-d957d5915ac5c9= 8443a78373f3e25c5433d1dba2.idx -r--r--r-- 1 portage portage 1090901 2016-12-21 00:57 pack-d957d5915ac5c9= 8443a78373f3e25c5433d1dba2.pack /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/refs: total 12 drwxr-xr-x 3 portage portage 4096 2016-12-18 22:24 git-r3 drwxr-xr-x 2 portage portage 4096 2016-12-18 22:20 heads drwxr-xr-x 2 portage portage 4096 2016-12-21 00:58 tags /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/refs/git= -r3: total 4 drwxr-xr-x 3 portage portage 4096 2016-12-18 22:24 www-client /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/refs/git= -r3/www-client: total 4 drwxr-xr-x 3 portage portage 4096 2016-12-18 22:24 palemoon /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/refs/git= -r3/www-client/palemoon: total 4 drwxr-xr-x 2 portage portage 4096 2016-12-21 00:58 0 /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/refs/git= -r3/www-client/palemoon/0: total 8 -rw-r--r-- 1 portage portage 30 2016-12-21 00:58 __main__ -rw-r--r-- 1 portage portage 41 2016-12-21 00:58 __old__ /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/refs/hea= ds: total 0 /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/refs/tag= s: total 180 -rw-r--r-- 1 portage portage 41 2016-12-18 22:24 24.5.1_beta4 =2E.. [cut 40 lines here] ... -rw-r--r-- 1 portage portage 41 2016-12-18 22:24 27.0.2_Release -rw-r--r-- 1 portage portage 41 2016-12-21 00:58 27.0.3_Release -rw-r--r-- 1 portage portage 41 2016-12-18 22:24 GUID_working_base -rw-r--r-- 1 portage portage 41 2016-12-18 22:24 Milestone_25 The above is pretty clearly the Pale Moon repo, because this file, just 3 lines above here: -rw-r--r-- 1 portage portage 41 2016-12-21 00:58 27.0.3_Release contains: cat /usr/portage/distfiles/git3-src/MoonchildProductions_Pale-Moon.git/refs= /tags/27.0.3_Release cff1b1447aa25e27b7294bb6986e79c98ae04a03 the SHA1 hash name of the 27.0.3. I'm half true compiling it, and the above dir is not a problem hashing it, tar'ing it and moving it to Air-Gapped machine, the problem is verification of every single component of the process... Regards! Miroslav Rovis Zagreb, Croatia http://www.CroatiaFidelis.hr --rwEMma7ioTxnRzrJ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJYWcoNAAoJEOqYhIhPuvCuixkP/1CJCtGlHMNcpLm5EMqTyHu3 WTKo1VWukhISIwJvzq8mHLkTcPXhCXdSy1yO1ydHHtopw9kjZ4NVdwRXDgiDz0jn OfEpG5Vvpaw3YbirqVs50SoU6OzW2eEHIIn2mgotqItxAQ1qg7kn0xc2p3sOgzHs YVpEarSQcR3TXT03YwXW8D7GlZsKoYfMDBJsZkx4HLNGZOIDZz2ghweVx/2WFFs3 +M4qefjnpZzDGLlAFQFAwxHTcZtnuK/07LLQsryejGl8UqjGb81wUodrRLUbwGg8 sOMF5HlZMQ4lfhULjOfTy0JOBvh2HWniQSnDAVkJhBz+Xtt9q3wO0ApW9jteQ29M 24kY0f9LGqV5nexcfuDPNcBZla7Lvzvhjjx4qJFkcjM8FXRKyGerEZBbY07hR1Xo dBSmBkOBBEqI9R2D4KIQLlxjy3gcP8dzUW5QWJxaIEesqf9IjND/R5NWIPQc2Wio u4jjsK2e9Axo8k5M1dJ2PDhVERXzv3DxaMuOEXSCNWxbwOdn7zZaQ/YxF1U1ONdb IpQktoYpuvjsUI3L31yIIhePzR94BEe1iZf6jf3Q6FQsteQRyJiAnVdDC2uXiaEr PxQ++kbMwDYrNi4D5nKbgY4dGVU9lxpOB1ki+SN5MO9aO/9NyyhJwsKBAJDUrkh+ fWB4R707YDmZAtdxYdg+ =l/r4 -----END PGP SIGNATURE----- --rwEMma7ioTxnRzrJ--