Conditional PAM modules

I spent some time trying to setup PAM so that I could authenticate (locally for now) using my Yubikey. There are several resources on how to do that out there, so I won’t discuss the Yubikey setup and all, but I thought I’d drop a note about how I ended up doing “conditional” PAM entries. […]

Debugging Ncurses to fix a Mutt segfault on Gentoo

This all started after a regular package upgrade on my Gentoo box: $ mutt Segmentation fault Meh, another breakage. This one already had a bug filed on the Gentoo bug tracker: #651552. However, there was no fix available yet. So time to rebuild with debug enabled (-ggdb3) and sources installed, disable PaX on the binary, […]

Minor annoyances while installing GitLab

I’ve installed GitLab on my server, and it hasn’t exactly been a smooth ride. So here goes, what went wrong in my case — and how to fix it. First off, I should mention the server is a LXC container running Debian 9 (Stretch) 64bits. Prerequisites install failures Following along the GitLab install guide, the […]

OpenSSL 1.1.0 and the plague of implicit function declarations

I’m currently rebuilding my Gentoo packages after switching to the (hard-masked) dev-libs/openssl-1.1.0g. The OpenSSL 1.1.0 branch has been available for a while now, and brings with it a lot of sane-looking changes to the OpenSSL API, like opaque structures that don’t let anyone go poking around their insides, and less kludgy handling of library initialization, […]

Cheap torification in C with self-applied LD_PRELOAD

So I was playing around with a lab for exploring the OpenSSL C API, and wanted to add a command-line flag to make connections go through Tor, so that I could e.g. fetch SSL certificates from .onion addresses. An easy way to do it would just have been to use torify, but I figured, why […]

Restoring package.use from currently installed packages

So I screwed up while re-installing my Gentoo system. Backup was not set, and I had not been committing my /etc/portage in a while as it kept changing. I was in the process of migrating my single-file package.use to a directory, and I made a mistake: end result, my package.use was gone, and any backups […]

Unwrapping a LZ4-compressed kernel

So I’m reinstalling my Gentoo system from scratch, and I want it to boot with UEFI and Secure Boot. That means I want to embed the kernel’s initramfs into the kernel image, so that the signature-checking performed by the firmware covers both the kernel and the initramfs. Roughly following Sakaki’s awesome EFI install guide, I […]

Samba with LTO… not!

So my Gentoo now builds with LTO –mostly. A number of packages fail to compile properly with LTO, so I disable it on a per-package basis using portage.env. Samba (4.2.11) is one of those packages. I get the exact same failure as reported in this thread, which remains unanswered to date. So I disabled LTO […]

$TERM issues with tmux and vim

tmux 2.1 is out (well it’s been out for a few months now), and brings with it a shiny new terminfo file: tmux-256color. Unfortunately, switching my $TERM from screen-256color to tmux-256color inside tmux doesn’t work as expected: when starting Vim, … nothing happens. It just sits there, not showing up Vim, not giving me back […]

chroot rm-ing disaster recovery

So you’re setting up your chroot, mounting or bind-mounting important parts of your filesystem (commonly /dev, /sys, /proc), you do some work, and then you realize you missed something and you have to start over. No biggie, it’s just a chroot, let’s … rm -rf /path/to/chroot it. But you forgot to unmount mounts in the […]