aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2024-02-02T21:19:15Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15745[package request] bisoncpp2024-02-02T21:19:15ZKasper K[package request] bisoncpphttps://fbb-git.gitlab.io/bisoncpp/
https://tracker.debian.org/pkg/bisonc++
this is useful for c++ oriented compiler construction projects.https://fbb-git.gitlab.io/bisoncpp/
https://tracker.debian.org/pkg/bisonc++
this is useful for c++ oriented compiler construction projects.https://gitlab.alpinelinux.org/alpine/aports/-/issues/15744Mounting an XFS filesystem breaks on Alpine 3.192024-02-07T09:01:15ZLars AndringaMounting an XFS filesystem breaks on Alpine 3.19For our infrastructure, we mount a file-based XFS filesystem into our Alpine docker container:
```
apk update && apk add xfsprogs xfsprogs-extra
touch xfs.bin && mkfs.xfs -d size=5g -n ftype=1 xfs.bin && mkdir /xfs
mount -o prjquota -t x...For our infrastructure, we mount a file-based XFS filesystem into our Alpine docker container:
```
apk update && apk add xfsprogs xfsprogs-extra
touch xfs.bin && mkfs.xfs -d size=5g -n ftype=1 xfs.bin && mkdir /xfs
mount -o prjquota -t xfs xfs.bin /xfs
```
The mount fails with the following error:
```
mount: mounting /dev/loop2 on /xfs failed: Invalid argument
```
I start the docker container using:
```
docker run -it --privileged alpine:3.19
```
This used to work perfectly fine on alpine:3.18https://gitlab.alpinelinux.org/alpine/aports/-/issues/15743Add GitLab bot to automate package upgrades2024-02-04T14:07:34ZSören TempelAdd GitLab bot to automate package upgradesI noticed the other day that [Wolfi](https://wolfi.dev/) has a [GitHub Bot](https://wolfi.dev/) for automating packages upgrade (CC: @ariadne). The bot uses [release-monitoring.org](https://release-monitoring.org) to determine if a new r...I noticed the other day that [Wolfi](https://wolfi.dev/) has a [GitHub Bot](https://wolfi.dev/) for automating packages upgrade (CC: @ariadne). The bot uses [release-monitoring.org](https://release-monitoring.org) to determine if a new release is available and then [creates a pull request](https://github.com/wolfi-dev/wolfictl/blob/main/docs/update.md) for bumping the affected packages to that release. Naturally, this only works unless the package requires changes (e.g. new patches). If the build fails, the bot therefore [creates an issue](https://github.com/wolfi-dev/wolfictl), such an issue can then be assigned to the package maintainer. I think something like this could be extremely beneficial for Alpine as well as it automated the boring package upgrades and reduces the amount of manual labor required to deal with those, thereby freeing capacities for other stuff.
See also:
* https://github.com/wolfi-dev/wolfictl/blob/main/docs/update.md
* https://github.com/wolfi-dev/wolfictl/blob/main/docs/cmd/wolfictl_update.md
* https://github.com/wolfi-dev/wolfictl/blob/main/docs/cmd/wolfictl_update_package.mdhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15741aports/community/amfora: please add ncurses dependency to APKBUILD2024-02-04T17:41:58ZCarlo Monteaports/community/amfora: please add ncurses dependency to APKBUILDinfocmp is part of the ncurses package.
Installing ncurses solves the following problem (as suggested by the author in a separate thread):
```
panic: exec: "infocmp": executable file not found in $PATH
goroutine 1 [running]:
main.main(...infocmp is part of the ncurses package.
Installing ncurses solves the following problem (as suggested by the author in a separate thread):
```
panic: exec: "infocmp": executable file not found in $PATH
goroutine 1 [running]:
main.main()
github.com/makeworld-the-better-one/amfora/amfora.go:72 +0x788
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/15739community/loki: Package does not create "loki" user2024-02-04T16:54:20Zchimo omichcommunity/loki: Package does not create "loki" userOn a fresh Alpine 3.19:
`# apk add loki && service loki start`
```
fetch https://dl-cdn.alpinelinux.org/alpine/v3.19/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.19/community/x86_64/APKINDEX.tar.gz
(1/2) I...On a fresh Alpine 3.19:
`# apk add loki && service loki start`
```
fetch https://dl-cdn.alpinelinux.org/alpine/v3.19/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.19/community/x86_64/APKINDEX.tar.gz
(1/2) Installing loki (2.9.2-r0)
(2/2) Installing loki-openrc (2.9.2-r0)
Executing busybox-1.36.1-r15.trigger
OK: 80 MiB in 32 packages
* Caching service dependencies ... [ ok ]
* Starting loki ...
* start-stop-daemon: user `loki' not found
* Failed to start loki [ !! ]
* ERROR: loki failed to start`
```
The `grafana' group might need to be created too.Michael PirogovMichael Pirogovhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15736let abuild manage GOCACHE, GOMODCACHE, GOTMPDIR, CARGO_HOME2024-03-21T17:52:00ZSertonixlet abuild manage GOCACHE, GOMODCACHE, GOTMPDIR, CARGO_HOMEWhen the `MOVE_CACHES` environmental variable is set abuild will export `GOCACHE`, `GOMODCACHE`, `GOTMPDIR`, `CARGO_HOME`.
A lot of `APKBUILD` files export these variables too though. I suggest removing the exports from the `APKBUILD` f...When the `MOVE_CACHES` environmental variable is set abuild will export `GOCACHE`, `GOMODCACHE`, `GOTMPDIR`, `CARGO_HOME`.
A lot of `APKBUILD` files export these variables too though. I suggest removing the exports from the `APKBUILD` files.
Since this would be a larger effort I want to know some opinions on that before starting.https://gitlab.alpinelinux.org/alpine/aports/-/issues/15735DHCP fails on netboot in system with dual port NIC since 3.19.12024-02-04T01:11:37ZScott YeagerDHCP fails on netboot in system with dual port NIC since 3.19.1I've been testing network booting Alpine 3.19 on bare metal. At version 3.19.0, the system was able to boot up. In version 3.19.1, something has changed and `udhcpc` no longer obtains a lease, so the system doesn't finish booting.
My bo...I've been testing network booting Alpine 3.19 on bare metal. At version 3.19.0, the system was able to boot up. In version 3.19.1, something has changed and `udhcpc` no longer obtains a lease, so the system doesn't finish booting.
My boot method is via iPXE with no special kernel args. Two routes produce the same result:
1. [3.19.1 archive](https://dl-cdn.alpinelinux.org/alpine/v3.19/releases/x86_64/alpine-netboot-3.19.1-x86_64.tar.gz) extracted to my local web server and an iPXE script based on the [wiki example](https://wiki.alpinelinux.org/wiki/Netboot_Alpine_Linux_using_iPXE)
2. Booting the latest 3.19 artifacts directly from Alpine CDN using netboot.xyz
The system in question has a dual port NIC, `eth0` and `eth1`, with only `eth1` plugged in. Perhaps the issue is that lease solicitation is only happening on `eth0`, but I haven't tested swapping the ethernet cable to `eth0`. If I boot from a 3.19.1 standard ISO, I can bring up `eth1` and obtain a lease with `udhcpc` manually by targeting the interface specifically.
Hardware is Intel Xeon D-1518 SOC using integrated NIC.https://gitlab.alpinelinux.org/alpine/aports/-/issues/15733If pam-rundir and elogind are both installed, gnome desktop won't launch from...2024-02-01T17:30:46ZAhmad RaniriIf pam-rundir and elogind are both installed, gnome desktop won't launch from tty.Recently I can't launch gnome desktop from tty, using display manager is just fine. After I searched for solution I found this [post](https://www.reddit.com/r/voidlinux/comments/vpjvbr/how_to_change_elogind_to_seatd_on_void_msul_with/). ...Recently I can't launch gnome desktop from tty, using display manager is just fine. After I searched for solution I found this [post](https://www.reddit.com/r/voidlinux/comments/vpjvbr/how_to_change_elogind_to_seatd_on_void_msul_with/). It's said that pam-rundir and elogind are not supposed to be installed at the same time or we should not have them in the same system. After I removed pam-rundir, I can launch gnome desktop from tty.
Before I removed pam-rundir, I got this in /var/log/messages
```
auth.warn elogind[2376]: Directory "/run/user" already exists, but has mode 0775 that is too permissive (0755 was requested), refusing.
```
After removed pam-rundir, that message disappear.https://gitlab.alpinelinux.org/alpine/aports/-/issues/15731[Package request]: bkt - subprocess caching utility2024-01-30T22:12:21ZYonas Yanfa[Package request]: bkt - subprocess caching utility**Name:** bkt
**License:** MIT
**Repository:** https://github.com/dimo414/bkt
**Releases:** https://github.com/dimo414/bkt/releases
**Dependencies:** Requires Rust to compile**Name:** bkt
**License:** MIT
**Repository:** https://github.com/dimo414/bkt
**Releases:** https://github.com/dimo414/bkt/releases
**Dependencies:** Requires Rust to compilehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15729community/lagrange: please also compile the TUI client "clagrange"2024-01-29T09:58:04ZCarlo Montecommunity/lagrange: please also compile the TUI client "clagrange"Since version 1.13, Lagrange also contains a TUI client called "clagrange".
Would it please be possible to include this one in the package as well?
Thank you.Since version 1.13, Lagrange also contains a TUI client called "clagrange".
Would it please be possible to include this one in the package as well?
Thank you.Michał PolańskiMichał Polańskihttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15726[Package request]: nom - A RSS reader for the terminal2024-03-16T11:32:44ZMarek Ľach[Package request]: nom - A RSS reader for the terminal**Name:** nom
**License:** GPLv3
**Repository:** https://github.com/guyfedwards/nom
**Releases:** https://github.com/guyfedwards/nom/releases
**Dependencies:** [go](https://pkgs.alpinelinux.org/packages?name=go&branch=edge&repo=&arch...**Name:** nom
**License:** GPLv3
**Repository:** https://github.com/guyfedwards/nom
**Releases:** https://github.com/guyfedwards/nom/releases
**Dependencies:** [go](https://pkgs.alpinelinux.org/packages?name=go&branch=edge&repo=&arch=&maintainer=), [glow](https://pkgs.alpinelinux.org/packages?name=glow&branch=edge&repo=&arch=&maintainer=)...https://gitlab.alpinelinux.org/alpine/aports/-/issues/15725Multiple pid-1 / service managers2024-03-03T14:08:08ZSertonixMultiple pid-1 / service managersThis issue is to coordinate the addition of dinit and s6 support in alpine linux (and maybe more).
Note the important distinction between pid-1 and service manager! They can be both the same binary though (eg. `dinit`).
- [pid-1](https:...This issue is to coordinate the addition of dinit and s6 support in alpine linux (and maybe more).
Note the important distinction between pid-1 and service manager! They can be both the same binary though (eg. `dinit`).
- [pid-1](https://wiki.alpinelinux.org/wiki/User:Sertonix/Freedom_of_choice#PID_1): busybox `init`, `openrc-init`, `s6-linux-init`, `runit-init`, `dinit-init`
- [service manager](https://wiki.alpinelinux.org/wiki/User:Sertonix/Freedom_of_choice#Service_Manager): `openrc`, `s6-rc`, `runit`, `dinit`, busybox `runit`
This is what I came up with as important steps (order irrelevant):
* [ ] Remove busybox init bias (Draft !59848)
* [ ] Add `busybox-init` subpackage depending on `/etc/inittab`
* [ ] Split `/etc/inittab` from `alpine-baselayout` into `openrc-inittab` subpackage providing `/etc/inittab`
* [ ] Create meta packages that are used in the `install_if` of service packages. (eg. `install_if=dinit-system-services`)
* [ ] `openrc-system-services`
* [ ] `dinit-system-services`
* [ ] pid-1 provide `/sbin/init`
* [ ] Create a service format that can generate OpenRC, dinit and s6 service files (for reducing effort) (Testing [cross-services](https://gitlab.alpinelinux.org/sertonix/cross-services))https://gitlab.alpinelinux.org/alpine/aports/-/issues/15722Icons in some kde apps (kasts, kweather, more?) don't show up (not using a kd...2024-03-17T12:15:35ZZach DeCookIcons in some kde apps (kasts, kweather, more?) don't show up (not using a kde desktop)In both Alpine 3.19.0 and in postmarketOS edge, which installing some kde applications to use in a non-kde desktop environment, the icons don't show up.
kasts:
![2024-01-27T08_04_47_402535121-05_00](/uploads/a19f86912b24b3cf178de438a3d4...In both Alpine 3.19.0 and in postmarketOS edge, which installing some kde applications to use in a non-kde desktop environment, the icons don't show up.
kasts:
![2024-01-27T08_04_47_402535121-05_00](/uploads/a19f86912b24b3cf178de438a3d42926/2024-01-27T08_04_47_402535121-05_00.png)
kweather:
![2024-01-27T08_20_32_000000000-05_00](/uploads/35e98e048e50510e8f24754c3d1d1382/2024-01-27T08_20_32_000000000-05_00.png)
@PureTryOutBart RibbersBart Ribbershttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15721release checklist 3.18.6, 3.17.7, 3.16.92024-01-26T23:03:26ZNatanael Coparelease checklist 3.18.6, 3.17.7, 3.16.9* [x] set version in main/alpine-base. see git log for commit message format
* [x] `git tag -a <version>`
* [x] before git push, verify that builders are idle. don’t push until they are
* [x] `git push && git push --tags`
* [x] write rel...* [x] set version in main/alpine-base. see git log for commit message format
* [x] `git tag -a <version>`
* [x] before git push, verify that builders are idle. don’t push until they are
* [x] `git push && git push --tags`
* [x] write release notes and publish on alpinelinux.org
* [x] update alpine-mksite/alpine-releases.conf.yaml
* [x] verify that builders complete the release build successfully (check if release is uploaded to dl-master)
* [x] sign releases
* [x] make docker image release PR
* [ ] publish cloud images
* [x] send release announcement to ~alpine/announce@lists.alpinelinux.org
* [x] post a tweet (https://tweetdeck.twitter.com)
* [ ] post a toot (https://fosstodon.org/)
* [ ] Celebratehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15720Separate the library files for each QT package2024-03-04T16:07:46ZFxzx micSeparate the library files for each QT packageI'm not sure if it's feasible, so it's just a proposal. After all, no one wants to install the entire package and its accompanying dependencies just because a software relies on a single library file.I'm not sure if it's feasible, so it's just a proposal. After all, no one wants to install the entire package and its accompanying dependencies just because a software relies on a single library file.https://gitlab.alpinelinux.org/alpine/aports/-/issues/15719community/mate-applets: stickynotes-applet not provided and not usable2024-01-29T10:02:48ZFafa Kittencommunity/mate-applets: stickynotes-applet not provided and not usableOn most distros, MATE can have sticky notes, but on Alpine Linux and Gentoo the sticky notes icon can't spawn sticky notes and it crashes if you try to spawn a sticky note and then double click on the icon, and on Alpine Linux you have t...On most distros, MATE can have sticky notes, but on Alpine Linux and Gentoo the sticky notes icon can't spawn sticky notes and it crashes if you try to spawn a sticky note and then double click on the icon, and on Alpine Linux you have to install `gtksourceview-dev`, then remove `--disable-stickynotes` from the `ABUILD` and recompile it in order to see the icon to begin with.
How to reproduce the crash:
- if necessary, recompile `mate-applets` without using `--disable-stickynotes`
- right click on a MATE panel->Add to Panel->Sticky Notes->Add->Right click Sticky Notes Icon->New Note->Double click Sticky Notes Icon
How to reproduce the backtrace:
- if necessary, recompile `mate-applets` without using `--disable-stickynotes`
- compile `mate-applets` and `libx11` with debug symbols and unstripped
- open a shell and type this:
```
gdb /usr/libexec/stickynotes-applet
run
```
right click on a MATE panel->Add to Panel->Sticky Notes->Add->Right click Sticky Notes Icon->New Note->Double click Sticky Notes Icon
Type this in the shell:
```
bt
```
Gentoo issue - https://bugs.gentoo.org/922937
MATE issue - https://github.com/mate-desktop/mate-applets/issues/664Francesco ColistaFrancesco Colistahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15718release checklist 3.19.12024-01-26T21:26:20ZNatanael Coparelease checklist 3.19.1* [x] check that kernel version are in sync (eg linux-lts and linux-rpi)
* [x] check that raspberrypi-bootloader is up-to-date
* [x] create new milestone https://gitlab.alpinelinux.org/groups/alpine/-/milestones
* [x] change milestone to...* [x] check that kernel version are in sync (eg linux-lts and linux-rpi)
* [x] check that raspberrypi-bootloader is up-to-date
* [x] create new milestone https://gitlab.alpinelinux.org/groups/alpine/-/milestones
* [x] change milestone to version-next on all unresolved issues
* [x] set version in main/alpine-base. see git log for commit message format
* [x] `git tag -a <version>`
* [x] before git push, verify that builders are idle. don’t push until they are
* [x] `git push && git push --tags`
* [x] write release notes and publish on alpinelinux.org
* [x] update alpine-mksite/alpine-releases.conf.yaml
* [x] verify that builders complete the release build successfully (check if release is uploaded to dl-master)
* [x] sign releases
* [x] make docker image release PR
* [ ] publish cloud images
* [x] update topic in IRC channels
* [x] update https://wiki.alpinelinux.org/wiki/Template:AlpineLatest
* [x] send release announcement to ~alpine/announce@lists.alpinelinux.org
* [x] post a tweet (https://tweetdeck.twitter.com)
* [x] post a toot (https://fosstodon.org/)
* [ ] Celebratehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15715Alpine 3.19 container image delete iptables rule error (iptables: Bad rule (d...2024-02-04T10:11:34ZpexcnAlpine 3.19 container image delete iptables rule error (iptables: Bad rule (does a matching rule exist in that chain?).)Alpine 3.19 container image reports an error when deleting iptables rules, but deleting it on the host is normal.
The process to reproduce the problem is as follows:
1. Start the Alpine 3.19 container image and install components.
```...Alpine 3.19 container image reports an error when deleting iptables rules, but deleting it on the host is normal.
The process to reproduce the problem is as follows:
1. Start the Alpine 3.19 container image and install components.
```sh
docker run -itd --name=alpine-319 --network=host --privileged=true alpine:3.19
docker exec -it alpine-319 sh
/ # apk add --no-cache iptables iptables-legacy ip6tables tzdata wireguard-tools=1.0.20210914-r3 wireguard-tools-doc=1.0.20210914-r3
fetch https://dl-cdn.alpinelinux.org/alpine/v3.19/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.19/community/x86_64/APKINDEX.tar.gz
(1/24) Installing libmnl (1.0.5-r2)
(2/24) Installing libnftnl (1.2.6-r0)
(3/24) Installing libxtables (1.8.10-r3)
(4/24) Installing iptables (1.8.10-r3)
(5/24) Installing libip4tc (1.8.10-r3)
(6/24) Installing libip6tc (1.8.10-r3)
(7/24) Installing iptables-legacy (1.8.10-r3)
(8/24) Installing tzdata (2023d-r0)
(9/24) Installing wireguard-tools-wg (1.0.20210914-r3)
(10/24) Installing libcap2 (2.69-r1)
(11/24) Installing zstd-libs (1.5.5-r8)
(12/24) Installing libelf (0.190-r1)
(13/24) Installing iproute2-minimal (6.6.0-r0)
(14/24) Installing iproute2-tc (6.6.0-r0)
(15/24) Installing iproute2-ss (6.6.0-r0)
(16/24) Installing iproute2 (6.6.0-r0)
Executing iproute2-6.6.0-r0.post-install
(17/24) Installing ncurses-terminfo-base (6.4_p20231125-r0)
(18/24) Installing libncursesw (6.4_p20231125-r0)
(19/24) Installing readline (8.2.1-r2)
(20/24) Installing bash (5.2.21-r0)
Executing bash-5.2.21-r0.post-install
(21/24) Installing openresolv (3.13.2-r0)
(22/24) Installing wireguard-tools-wg-quick (1.0.20210914-r3)
(23/24) Installing wireguard-tools (1.0.20210914-r3)
(24/24) Installing wireguard-tools-doc (1.0.20210914-r3)
Executing busybox-1.36.1-r15.trigger
OK: 18 MiB in 39 packages
/ # iptables -V
iptables v1.8.10 (nf_tables)
```
2. Create iptables rules in the container.
```sh
/ # iptables -A FORWARD -i wg-vps -j ACCEPT; iptables -A FORWARD -o wg-vps -j ACCEPT
/ # iptables -t mangle -A POSTROUTING -o wg-vps -p tcp -j TCPMSS --clamp-mss-to-pmtu
/ # iptables-save | grep wg
-A POSTROUTING -o wg-vps -p tcp -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i wg-vps -j ACCEPT
-A FORWARD -o wg-vps -j ACCEPT
/ # iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1433K 443M GFW_DEFENSE 0 -- * * 0.0.0.0/0 0.0.0.0/0
3 193 udp2rawDwrW_6c17f961_C0 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1800
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER-USER 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-1 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER 0 -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- wg-vps * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- * wg-vps 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (1 references)
pkts bytes target prot opt in out source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 0 -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP 0 -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain GFW_DEFENSE (1 references)
pkts bytes target prot opt in out source destination
1406K 440M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
9462 1062K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 match-set gfw_defense_whitelist src
387 20129 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 match-set gfw_defense_blacklist src
17849 2741K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain udp2rawDwrW_6c17f961_C0 (1 references)
pkts bytes target prot opt in out source destination
3 193 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
```
3. Delete the iptables rule in the container. When deleting `iptables -D FORWARD -o wg-vps -j ACCEPT`, an error is reported `does a matching rule exist in that chain?`.
```sh
/ # iptables -D FORWARD -i wg-vps -j ACCEPT
/ # iptables -D FORWARD -o wg-vps -j ACCEPT
iptables: Bad rule (does a matching rule exist in that chain?).
/ # iptables -t mangle -D POSTROUTING -o wg-vps -p tcp -j TCPMSS --clamp-mss-to-pmtu
/ # iptables-save | grep wg
-A FORWARD -o wg-vps -j ACCEPT
/ # iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1436K 444M GFW_DEFENSE 0 -- * * 0.0.0.0/0 0.0.0.0/0
3 193 udp2rawDwrW_6c17f961_C0 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1800
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER-USER 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-1 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER 0 -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- * wg-vps 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (1 references)
pkts bytes target prot opt in out source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 0 -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP 0 -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain GFW_DEFENSE (1 references)
pkts bytes target prot opt in out source destination
1408K 440M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
9483 1064K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 match-set gfw_defense_whitelist src
388 20189 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 match-set gfw_defense_blacklist src
17929 2752K RETURN 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain udp2rawDwrW_6c17f961_C0 (1 references)
pkts bytes target prot opt in out source destination
3 193 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
```
4. The host environment information is as follows.
```sh
root@LAXB ~ # cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
root@LAXB ~ # uname -mrs
Linux 6.0.0-0.deb11.6-amd64 x86_64
root@LAXB ~ # docker info
Client:
Context: default
Debug Mode: false
Plugins:
compose: Docker Compose (Docker Inc.)
Version: v2.16.0
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 6
Running: 6
Paused: 0
Stopped: 0
Images: 7
Server Version: 23.0.1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2
Default Runtime: runc
Init Binary: docker-init
containerd version: 2456e983eb9e37e47538f59ea18f2043c9a73640
runc version: v1.1.4-0-g5fd4c4d
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.0.0-0.deb11.6-amd64
Operating System: Debian GNU/Linux 11 (bullseye)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 471.9MiB
Name: LAXB
ID: 3f740c04-20c9-4621-9db2-8e33c2be088a
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
root@LAXB ~ # docker-compose version
Docker Compose version v2.16.0
```
5. It is normal to delete the corresponding iptables rules on the host
```sh
root@LAXB ~ # iptables-save | grep wg
-A FORWARD -o wg-vps -j ACCEPT
root@LAXB ~ # iptables -D FORWARD -o wg-vps -j ACCEPT
root@LAXB ~ # iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1451K 448M GFW_DEFENSE all -- * * 0.0.0.0/0 0.0.0.0/0
3 193 udp2rawDwrW_6c17f961_C0 tcp -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (1 references)
pkts bytes target prot opt in out source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain GFW_DEFENSE (1 references)
pkts bytes target prot opt in out source destination
1423K 444M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
9536 1067K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 match-set gfw_defense_whitelist src
393 20453 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set gfw_defense_blacklist src
18024 2766K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain udp2rawDwrW_6c17f961_C0 (1 references)
pkts bytes target prot opt in out source destination
3 193 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
```
Alpine 3.19 container image information
```sh
root@LAXB ~ # docker image inspect alpine:3.19
[
{
"Id": "sha256:f8c20f8bbcb684055b4fea470fdd169c86e87786940b3262335b12ec3adef418",
"RepoTags": [
"alpine:3.19"
],
"RepoDigests": [
"alpine@sha256:51b67269f354137895d43f3b3d810bfacd3945438e94dc5ac55fdac340352f48"
],
"Parent": "",
"Comment": "",
"Created": "2023-12-08T01:20:49.650406179Z",
"Container": "f2f93a8109b6034cb27137e7cb0a77417b4d7529cde89524d455964455c0d23a",
"ContainerConfig": {
"Hostname": "f2f93a8109b6",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"/bin/sh\"]"
],
"Image": "sha256:c068232ea3eea78e6800063b9b599c95911729d5c8dd2a2b737684998eefb10a",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {}
},
"DockerVersion": "20.10.23",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/sh"
],
"Image": "sha256:c068232ea3eea78e6800063b9b599c95911729d5c8dd2a2b737684998eefb10a",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},
"Architecture": "amd64",
"Os": "linux",
"Size": 7377066,
"VirtualSize": 7377066,
"GraphDriver": {
"Data": {
"MergedDir": "/var/lib/docker/overlay2/258a55d4871c650b528ab0d60d6418f7031cbb138cf3354555aaaad04add7b41/merged",
"UpperDir": "/var/lib/docker/overlay2/258a55d4871c650b528ab0d60d6418f7031cbb138cf3354555aaaad04add7b41/diff",
"WorkDir": "/var/lib/docker/overlay2/258a55d4871c650b528ab0d60d6418f7031cbb138cf3354555aaaad04add7b41/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:5af4f8f59b764c64c6def53f52ada809fe38d528441d08d01c206dfb3fc3b691"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/15713Question on debug symbols for openssl2024-01-24T12:52:11ZCarl ChaveQuestion on debug symbols for opensslWhen trying to get a backtrace for an issue with althttpd, I've built althttpd with `!strip` locally and then installed the following -dbg packages:
```
musl-dbg-1.2.4_git20230717-r4 x86_64 {musl} (MIT) [installed]
openssl-dbg-3.1.4-r4 ...When trying to get a backtrace for an issue with althttpd, I've built althttpd with `!strip` locally and then installed the following -dbg packages:
```
musl-dbg-1.2.4_git20230717-r4 x86_64 {musl} (MIT) [installed]
openssl-dbg-3.1.4-r4 x86_64 {openssl} (Apache-2.0) [installed]
```
But I'm still seeing the following when starting gdb:
```
Attaching to process 3012
Reading symbols from /usr/bin/althttpd...
Reading symbols from /lib/libssl.so.3...
(No debugging symbols found in /lib/libssl.so.3)
Reading symbols from /lib/libcrypto.so.3...
(No debugging symbols found in /lib/libcrypto.so.3)
Reading symbols from /lib/ld-musl-x86_64.so.1...
Reading symbols from /usr/lib/debug//lib/ld-musl-x86_64.so.1.debug...
```
Do I need to rebuild openssl locally with `!strip`?https://gitlab.alpinelinux.org/alpine/aports/-/issues/15711Patch for custom completions for Nushell2024-01-23T17:00:35ZAndrej KolchinPatch for custom completions for NushellNushell is in process of deciding on a mechanism for supporting completions. The relevant issue is this: https://github.com/nushell/nushell/issues/11337.
The summary as of the time of writing is that he maintainer of Void Linux Nushell...Nushell is in process of deciding on a mechanism for supporting completions. The relevant issue is this: https://github.com/nushell/nushell/issues/11337.
The summary as of the time of writing is that he maintainer of Void Linux Nushell package suggested to package a [temporary patch](https://github.com/nushell/nushell/pull/11395), while the upstream figures out the nuances of Windows support. So I wanted to ask if @nibon7 and the team would be open to including it in Alpine Linux' Nushell package too.
If it's approved I'll be ready to patch it into Nushell and start adding Nushell completions to other packages.nibon7nibon7