<elvishjerricco>
TIL about buildroot.org. This might help with several issues I've been considering for a while now...
<samueldr>
it's been useful to me a couple times already for figuring out prickly cross compiling issues
<elvishjerricco>
samueldr: Can you get it to use packages you've already built (i.e. nix derivations), rather than building every package from source on its own?
<samueldr>
oh, didn't *use* buildroot, only read it for solutions
<elvishjerricco>
oh lol
<elvishjerricco>
I just really want a tiny little linux system for A) a boot loader and B) initrd.
<pie_>
<elvishjerricco> TIL about buildroot.org. This might help with several issues I've been considering for a while now...
<pie_>
now you have additional problems
<pie_>
;D
<elvishjerricco>
oh man, so many new things to explore :P
<elvishjerricco>
not-os doesn't seem much smaller than what you get when you deconstruct NixOS to its bare essentials. I'm guessing that's basically what not-os is?
<samueldr>
kind of
<samueldr>
it _does_ use nixpkgs after all
<pie_>
meanwhile im just sitting here trying to guess passwords again to a drive i crypted a while ago
<pie_>
good way to waste time
udev_error has joined #nixos-chat
udev_error has quit [Ping timeout: 248 seconds]
udev_error has joined #nixos-chat
<clever>
elvishjerricco: have you seen haskell-init and not-os?
<clever>
elvishjerricco: haskell-init gets even smaller, its a ~2mb initrd, and a kernel
<clever>
not-os didnt go that far into stripping every package to its bare-bones, it just stripped nixos down to the bare bones nixpkgs provided
<elvishjerricco>
clever: Mostly I just want a Linux boot loader so I can use an actual ZFS release to boot from ZFS rather than Grub's crappy implementation :P
<elvishjerricco>
But it'd also be nice to get a better system in initrd to get rid of all the crappy hard coded ordering in stage 1.
<clever>
elvishjerricco: ive had plans of doing the same thing, to get ssh into the "bootloader"
<elvishjerricco>
clever: I messed around with literally just having a nested NixOS config but I could never get it as small as I wanted
<clever>
sadly, i cant just ffi into kexec from haskell, because kexec does a lot of logic
<clever>
id have to turn kexec-tools into a c library first
<elvishjerricco>
Can't you just call the executable?
<clever>
going nuts :P
<clever>
i have a haskell binary as pid 1, and the only binary in the initrd
<clever>
why must i add other binaries!? :P
<clever>
just forkIO and ffi into everything you need!!
<clever>
thats enough to get a basic linux environment up
<clever>
but kexec's syscall api is rather dumb
<clever>
all you can do is load a blob into kernel space, and tell the kernel to jmp into it
<clever>
the userland tools are responsible for unpacking the kernel image, adding the initrd, and doing "bootloader" duties
<clever>
its mostly adding pre-compiled x86 stubs to the blobs, and then loading the whole blob into ram
<elvishjerricco>
Hm. Yea I guess I could just make a dumb init that literally just loads the kernel modules I need, mounts the disk, and reads a json file for boot options.
<clever>
what if you just enabled the generic-extlinux bootloader in nixos?
<clever>
its a very basic bootloader config, used by a number of bootloaders
<elvishjerricco>
clever: Well basically the only thing that I don't want on an encrypted volume is the boot loader. So the NixOS configurations should be 100% encrypted.
<clever>
that config can be on the encrypted /boot with the kernel
<clever>
oh yeah, there are hardening flags in the kernel, that let you ignore the kernel cmdline
<clever>
and there is also an option to embed an initrd into the kernel at compile time
<clever>
so you essentially have a single blob of a kernel, and no config at all
<elvishjerricco>
Right. I want a boot loader built that way which lets me choose between NixOS configurations in the encrypted disk. Grub is the only other boot loader that could do it and I don't wanna use its ZFS support if I can avoid it
<elvishjerricco>
clever: How would I have a custom Haskell init find the disk by uuid? Isn't that normally done by udev or something?
<clever>
elvishjerricco: either the blkid binary, or just opening /dev/sda1 and parsing the filesystem headers yourself
<clever>
which is why uefi introduced partition uuids in the gpt tables
<clever>
so it doesnt have to understand (and parse) the FS's
drakonis has quit [Quit: WeeChat 2.4]
endformationage has quit [Quit: WeeChat 2.4]
jtojnar has quit [Read error: Connection reset by peer]
jtojnar_ has joined #nixos-chat
<elvishjerricco>
clever: Yea I have a feeling this boot loader is just gonna pull in a bunch of binaries :P Sucks because they'll come with lots of files I don't need
<eyJhb>
Hmm. Command injection, how to abuse json_decode, I need my experts! gchristensen samueldr pie_ , lets have fun with FBCTF challenge! :p
<eyJhb>
Just seems weird, that even the touch commands RUNs, but... Does nothing. The posted code isn't all, but yeah..
<pie_>
special characters seem to be checked afaict
<pie_>
theres like a bajillion different types of php exploits ive never done that apparently exist
<pie_>
might not be a code injection vuln though? idk how sneaky fbctf is
<pie_>
eyjhb, hold on, does the preg match only match the command onceß
<pie_>
?
<pie_>
not sure im reading that right
<tilpner>
Unicode escapes are caught, if anyone wondered
<pie_>
well actually...then again, it matches anything in there once, so its game over either way
<pie_>
tilpner, i wondered
<tilpner>
Did you compare the list of keywords to the actual keywords?
<tilpner>
Would be very boring if they "forgot" one
<pie_>
tilpner, not sure how that would help?
<pie_>
eyjhb, how high is this on the per level points score difficulty
<tilpner>
pie_: Depends on the keyword
<eyJhb>
pie_: dynamic, currently 988 points
<eyJhb>
Also...
<tilpner>
Oh, is that much?
<eyJhb>
https://termbin.com/207b allowed chars vs not allowed chars (upper row is allowed, lower is not)
<eyJhb>
Maximum is 1000
<eyJhb>
13 solves currently on it
<eyJhb>
Compared to the most solved web => 380 solves, but this is fairly new
<eyJhb>
But I would expect stuff like.. env, uname, etc. to give SOME kind of output
<pie_>
how did you get the source of the scrip
<eyJhb>
It is uploaded to the challenge ;)
<eyJhb>
So it is given
<pie_>
note that PATH is set
<eyJhb>
But I would guess, that it has something to do with the deserialization, as it checks BEFORE it decodes
<pie_>
oh right huh path is set
<eyJhb>
Oh
<eyJhb>
But.. That should still yield in env saying something :(
<pie_>
i feel like theres going to be some php f***ery involved here somewhere
<pie_>
php is like bash but even more obscure
<eyJhb>
_deserialization_
<eyJhb>
Haha
<pie_>
is it on an old php version
<pie_>
wait is json_decode something fancy
<eyJhb>
php/7.2.18
<eyJhb>
Nope, basically just decode of json
<eyJhb>
But they do have objects set too, but without [], that is somewhat useless
<pie_>
im imagining !is_string doesnt have some horrible failure mode
<pie_>
eyjhb, oh right something that makes sense, the allowed characters are exactly the ones needed to have a minimum working json object for this
<eyJhb>
Yeah... Which doesn't make for much fun.. Can't even put a `"` inside quotes
<eyJhb>
Because.. Backslash
<pie_>
haha i think i got it
<pie_>
or at least part of it
<pie_>
no output yet tho
<pie_>
i mean, even assuming this actually runs anything, which one would hope its not some castrated emulator
<pie_>
hmm no just atempting to run command with an empty output which is what seems to happen for everything including commands that dont exist -_-
<pie_>
ok i misremembered how something works so nevermind about that :I
<eyJhb>
Haha, considering just trying all commands, and see what gives me something
<pie_>
the path setting probably limits you
<pie_>
im trying to figure out how to break the regex but i dont see anyhting
<pie_>
i tried to google if .* misses anything but agaict no (im not sure)
<pie_>
apparently . might miss newlines, but apparently not in this case (i dont quite get it)
<eyJhb>
pie_ newlines are restricted as part of the regex ;)
<eyJhb>
I got a error at least now ;) But that only gives us our path
<pie_>
eyjhb, sure but _if_ (which it doesnt seem to) say, . did not match \n, then the regex would fail if you started with a \n and did some other stuff, no?
<pie_>
howd you get an error
<eyJhb>
{"cmd": {"ls": "nope"}} ;)
<pie_>
how does that get past !is_string
<pie_>
php type coercion shenanigans?
<tilpner>
pie_: decode happens after is_string
<pie_>
ah
<pie_>
i blame it on being tired :p
<eyJhb>
Haven't you slept?
<pie_>
messy sleep schedule right now
* tilpner
.oO( There should be mandatory ircd-side sleeping schedule enforcement )
<MichaelRaskin>
All is lost, there is the matrix bridge…
<eyJhb>
:( My calculator was better?
<eyJhb>
!*
<tilpner>
eyjhb: Is this you figuring out the solution and being disappointed about it, or you giving up?
<eyJhb>
tilpner: a little bit of everything :p
udev_error has quit [Ping timeout: 272 seconds]
udev_error has joined #nixos-chat
udev_error has quit [Ping timeout: 272 seconds]
ivan has quit [Quit: lp0 on fire]
ma27 has quit [Quit: WeeChat 2.4]
ma27 has joined #nixos-chat
udev_error has joined #nixos-chat
jtojnar has joined #nixos-chat
jtojnar_ has quit [Quit: jtojnar_]
jtojnar has quit [Ping timeout: 245 seconds]
Jackneill has joined #nixos-chat
Jackneill has quit [Remote host closed the connection]
<eyJhb>
pie_ I expect you have it solved now? You too tilpner ;)
<MichaelRaskin>
At some point I used tabs in Vim — before it had native tabs, actually — but it was completely obvious to me that multiple rows is a hard requirement
<samueldr>
gchristensen: with fancy rounded corners too
<samueldr>
(the apparent glitch on the left is the other screen from a bad crop)
<gchristensen>
:|
<gchristensen>
too good
<gchristensen>
samueldr: never heard of toilet before, only knew of figlet
<gchristensen>
hrm. my everyaws account stopped tweeting in my server move, and since it is stateful, it has been annoying to move. which is stupid, because the only state is "number of tweets tweeted"
<MichaelRaskin>
What do you use as a source of clean and safe nouns?
<samueldr>
:/ can't seem to figure out why xbindkeys doesn't want to work as a systemd user unit; I did import-environment DISPLAY XAUTHORITY
<samueldr>
(though it might not even have been needed as synergy was fine and is still fine)
<MichaelRaskin>
Well, Amazon is reverse-bookable — if a prosecutor decides to throw a book at them, the question will be what _doesn't_ stick, not what sticks
<MichaelRaskin>
samueldr: how do I avoid feeling Schadenfreude from complaints «something doesn't work with systemd for mysterious reasons»?
<MichaelRaskin>
samueldr: also, maybe start a script that does strace on xbindkeys with -o …
<samueldr>
the reason that's mysterious to me seems to be "what is xbindkeys using from env that it doesn't tell me it needs"
<samueldr>
yeah, was thinking about it
<samueldr>
though wanted to poke around in case someone had the answer :)
<MichaelRaskin>
Well, you could also consider ltrace on getenv
<tilpner>
samueldr: strace? Is PATH correct?
<samueldr>
tilpner: in that case PATH is not an issue
<samueldr>
(absolute PATH to a reduced test case)
<samueldr>
xbindkeys is started, and catches keys
<samueldr>
but eventually crashes with [xcb] Unknown sequence number while processing queue [xcb] Most likely this is a multi-threaded client and XInitThreads has not been called [xcb] Aborting, sorry about that.
<samueldr>
which seems a bit unique as far as xbindkeys goes according to a bit of googling
<samueldr>
so it really looks like something xcb or xbindkeys wants from env is missing
<gchristensen>
MichaelRaskin: I don't feel much concern I guess :)
<MichaelRaskin>
Well yes, I guess if it tweets something non-politically-correct those inflamed don't usually have qualification to find out anything about the origin, and those who are qualified understand how random selection from a dictionary works
<MichaelRaskin>
Interesting. I enabled WebRender on Linux+Intel (yeah, too raw to report bugs, I know) and the only problem I see so far is that activating the (previously hidden which is probably approximately the same as minimised in non-tiling WMs) Firefox window sometimes doesn't cause a redraw
<MichaelRaskin>
(So it becomes the top window but I still see the previous window underneath as it doesn't bother to paint)
<MichaelRaskin>
Causing a redraw in any of the obvious ways helps, though
<MichaelRaskin>
Do we have a duplicate section ID in NixOS manual?
<gchristensen>
do we?
<MichaelRaskin>
Apparently, I guess it was an unfortunate merge?
<gchristensen>
oops
<MichaelRaskin>
Release notes for future 19.09 release have _two_ sections on incompatible changes
<MichaelRaskin>
Adjacent to each other
<gchristensen>
:/
drakonis has joined #nixos-chat
<MichaelRaskin>
Maybe not anymore, it was a pull a few hours ago
<MichaelRaskin>
Ah indeed, Aaron has already fixed it
<MichaelRaskin>
aanderse++
<{^_^}>
aanderse's karma got increased to 6
<gchristensen>
aanderse++
<{^_^}>
aanderse's karma got increased to 7
<eyJhb>
eyJhb++
<{^_^}>
eyJhb's karma got decreased to -1
<eyJhb>
SO CLOSE!
<aanderse>
eh what did i fix?
<MichaelRaskin>
MiсhaelRaskin++
<{^_^}>
MiсhaelRaskin's karma got increased to 7
<MichaelRaskin>
NixOS manual bad merge
<aanderse>
oh
<eyJhb>
Hey ... Not cool MichaelRaskin :p
<aanderse>
yeah doesn't count though because a merge conflict that i introduced broke it -_-
<MichaelRaskin>
eyJhb: you have access to the same thing!
<MichaelRaskin>
Although I got an early bird discount, I guess
<eyJhb>
MichaelRaskin your good increased, mine got decreased? :p
<MichaelRaskin>
Meh, Emoji is the least interesting part of Unicode
<eyJhb>
MichaelRaskin you should look at the FB challenge then ! Might be some unicode fun
<MichaelRaskin>
There is one FB challenge worth considering
<MichaelRaskin>
Convincing ntitrust or data protection authorities to declare it a criminal organisation
<MichaelRaskin>
gchristensen: should have manually overriden the message to Amazon Service Status Transparency
<gchristensen>
haha
<samueldr>
erf, looking at xbindkey's source code I'm thinking I could look at alternatives, looks like it's shelling out to `sh` to run commands :/
<MichaelRaskin>
Is there a situation where untrusted input (file name from a USB drive?) gets into these commands?
<samueldr>
in the simpler form of the configuration no, not sure about the scheme one as I'm not using it
<samueldr>
so it's safe
<samueldr>
well, as safe as I make my bindings
<samueldr>
but it leaves a bad taste
<MichaelRaskin>
Come on, you are already using systemd
<samueldr>
come on, that's a low argument :)
<MichaelRaskin>
When the argument is called low, it means you couldn't call it untrue, right?
<samueldr>
it means I can't judge it in a truthful manner
<samueldr>
I can't honestly know what's meant
<samueldr>
and it is only tangentially related!
<MichaelRaskin>
Well, there are situations when shelling out is done wrong (with risk of unexpected problems), but if the question is just bad taste, shouldn't you have reached saturation?
<samueldr>
depends on whether I like or dislike systemd I guess
<samueldr>
and if it's all "shelling out" related, I haven't validated, but I think there's few instances where it does
<gchristensen>
systemd timer's OnCalendar definitions are a trip ... 16,18,20,22:00
<MichaelRaskin>
emotional backwards compatibility with cron!
<gchristensen>
hehe
<MichaelRaskin>
remind also has kind of weird cases
__monty__ has quit [Quit: leaving]
<pie_>
eyJhb, yeah man I dont know how to solve this challenge. The control flow looks fine, I dont see how to get around the regex, doesnt look like any bash shenanigans are possible