|
peepsalot posted:
Well there's your answer. Apparently out of the box, it doesn't require auth for root access for some reason. I'll need to see if I still have my BBB to play with, but that's hilarious.
|
#
?
Dec 22, 2016 00:12
|
|
|
|
| # ? Apr 27, 2024 04:40 |
|
|
Storysmith posted:Well there's your answer. Apparently out of the box, it doesn't require auth for root access for some reason. I'll need to see if I still have my BBB to play with, but that's hilarious. First I found that root password is blank ( /etc/shadow shows root:: ) Is this typical for debian based systems that use sudo to escalate privileges anyways? But when you combine that empty password with these settings in /etc/ssh/sshd_config PermitRootLogin yes and PermitEmptyPasswords yes Then it just lets you ssh with no password. I found that changing just the PermitEmptyPasswords option to no is enough to stop this behavior. I guess I'm just curious if this sort of blank root password setup could cause other security issues outside of ssh/scp. And just still generally confused about how this whole sudo situation with no actual root password is *supposed* to work in a secure manner. peepsalot fucked around with this message at 02:31 on Dec 22, 2016 |
|
#
?
Dec 22, 2016 02:28
|
|
|
peepsalot posted:First I found that root password is blank ( /etc/shadow shows root:: ) peepsalot posted:But when you combine that empty password with these settings in /etc/ssh/sshd_config Well, how it's supposed to work in a secure manner is, you create a user with a complicated password, don't announce that password in the SSH banner, and that user is in the wheel group and can sudo as necessary. Stock Debian (x64 / 8, at least) ships with PermitRootLogin without-password and PermitEmptyPasswords no. But the BBB is targeted at getting folks up and running super fast regardless of experience level with Linux, so things like "access control" are apparently elided. Christ, there's nothing in adafruit's material or that elinux.org page telling folks to set a root password. So I guess it's perfect fodder for this thread.
|
|
#
?
Dec 22, 2016 04:15
|
|
|
So fun things are happening right now with my project: The camera works perfectly now that the beads are replaced, however rtp streaming the camera stream glitches and misses frames repeatedly unless MTU is set to 256 AND bitrate is set to 5Mbp/s or lower. This is unacceptable for many many reasons. Right now my friend/former boss/hardware layout guy is removing beads from the ethernet clock lines to see if that clears up the issue, then I get to TeamViewer in and run gstreamer to see if the issue is cleared up. Fun fact: With the wandboard connected to the same camera, I can stream 1080p30@20Mb/s no problem. Also another fun issue: ping -s 65507 to the wandboard works fine, on our board it times out above 39kbp/s. Timing is hard.  Edit* This is the last hardware verification I have to do to fully verify a board with 25 connectors, and 6 other IC's that all needed to integrate and work properly with Linux. FlapYoJacks fucked around with this message at 18:50 on Dec 28, 2016 |
|
#
?
Dec 28, 2016 18:45
|
|
|
I am vindicated. I just had this wonderful conversation with my friend:quote:Friend: Now; why is this hilarious and amazing? Becuase I debated with him for almost 2 - 12 hour days over whether or not the TXC line on the RGMII interface was the culprit to my problem. He was absolutely 100% insistent that it couldn't possibly be the issue. He almost had me convinced as well, I was about to start debugging the kernel network stack. I am happy now. 
|
|
#
?
Dec 30, 2016 23:57
|
|
|
Do you have any tips on reducing boot time? I'm working with a Wandboard since our final product is going to be using the i.MX6. So far I've just done the basic stuff like disabling unneeded things in the config for u-boot and the kernel and disabling unneeded services at startup within the filesystem. This can get the boot time down to like 8-9 seconds off a micro SD but I have no idea what kind of crazy shenanigans they're pulling to get results like this. https://www.youtube.com/watch?v=piQEYyPpO2g
|
|
#
?
Jan 6, 2017 00:12
|
|
|
http://elinux.org/Boot_Time http://www.denx.de/en/pub/Documents/Presentations/EWC2012_Roeder_Zundel_Fastboot.pdf http://free-electrons.com/doc/training/boot-time/boot-time-slides.pdf http://free-electrons.com/pub/conferences/2014/elc/opdenacker-boot-time/opdenacker-boot-time.pdf I've only really looked into it on a much slower processor, so some of the things I found may not apply as much. Also the device I was working on isn't a general linux system (no-one should ever be actually at a command prompt, no requirements for partial upgrades, very minimal services etc) so there was a lot of room for removing complexity from the boot process. Making the root filesystem squashfs read was the biggest improvement. Keeping the size of the writeable partition down also helped. Replacing uboot with barebox saved about half a second too (I think this might be because it loaded the kernel in the correct place rather than loading it and then copying it, which should be possible in uboot). Kernel modules for anything not required immediately (usb drivers, camera drivers) Because I was on a slow processor a lot of time was spent removing shell based startup (both script processing and avoiding creating too many new processes) as that was a significant overhead (writing init scripts in c, loading kernel modules directly via syscalls instead of calling modprobe/insmod, c based initramfs to setup encrypted partitions).
|
|
#
?
Jan 6, 2017 11:32
|
|
|
I was dumb and forgot to configure my buildroot build for hard floating points. Now I can use opengl to render overlays on gstreamer! Hooray!
|
|
#
?
Jan 16, 2017 18:02
|
|
|
Let me tell you guys about a common thing that happens to engineers. It's called: Magic goes here. It's a phenomenon that happens when you gloss over something on a spec sheet because another thing on the spec sheet is working. Case in point: We have a Micrel switch on the board I am working on. I got the Switch working and all is good correct? Wrong! The engineering specification calls for VLAN support on the other two ports, and the only way to do that is through SPI (because this chip sucks and apparently doesn't want to give access to all the registers through i2c????). I glossed over the VLAN part because I was just happy to finally get all the timing issues fixed initially. Don't be like me, make sure that everything works. 
|
|
#
?
Mar 3, 2017 16:48
|
|
|
I posted this in the other thread but seems it would go here too I just got a Pynq-Z1 and seems pretty cool, its sort of like a raspberry pi + arduino but then also not really. Its got a Zynq chip on it, so has two arm cores and an FPGA. It runs some form of Ubuntu. You can program the FPGA directly with Overlays and then use it in your Python code. I have no idea how to Verilog, so I can't really use it to its full potential, but other than that it seems pretty great, they are also pretty active in responding to questions at their google group. I am attempting to make a sort of magic mirror like thing with it for shits n giggles. Anyone else have one? R3DW0LF fucked around with this message at 17:55 on Mar 6, 2017 |
|
#
?
Mar 6, 2017 17:36
|
|
|
I had to learn auto tools today. Porting packages with hard coded variables is never a good thing. On the plus side, I will soon have a patch set up for the TI Davinci DM36X line or DSP's for Buildroot that will include gstreamer1.0 codecs!
|
|
#
?
Apr 18, 2017 22:20
|
|
|
As an FYI: Buildroot 2017.05 was released a few days ago. I was on vacation, but there are some nice improvements. The next release in will have gcc7 as well.
|
|
#
?
Jun 7, 2017 16:05
|
|
|
Just as a heads up, I was able to get libressl committed to mainline Buildroot a few days ago.
|
|
#
?
Jul 13, 2017 11:48
|
|
|
ratbert90 posted:I had to learn auto tools today My deepest sympathies
|
|
#
?
Jul 13, 2017 13:05
|
|
|
Why should I use a buildroot over a Yocto? Or vice versa?
|
|
#
?
Jul 16, 2017 07:46
|
|
|
Poopernickel posted:Why should I use a buildroot over a Yocto? Or vice versa? https://www.youtube.com/watch?v=13LZ0szWSVg&t=2200s I prefer buildroot because it's more simple. Layers loving suck (explained in the video.) I can use yocto just as well as Buildroot, but I vastly prefer Buildroot.
|
|
#
?
Jul 16, 2017 15:52
|
|
|
Use Yocto if you enjoy layers and layers of confusion and complexity.
|
|
#
?
Jul 16, 2017 18:11
|
|
|
BuildRoot 2017.08 is officially out, with GCC7 support!
|
|
#
?
Sep 5, 2017 14:11
|
|
|
BuildRoot 2017.11 is out! The big prominent new feature I contributed is: LibreSSL is now not complete poo poo! The real OpenSSL was moved to libopenssl. A new openssl virtual package was created. LibreSSL and OpenSSL now both provide OpenSSL and a user can choose to select one or the other. There are a few applications that don't fully support LibreSSL, these are: hostapd OpenLDAP libevent opusfile FFmpeg mosquitto wpa_supplicant softether (don't use this lol) libpjsip NTP (although you can use OpenNTPD instead) I really really suggest people stop using OpenSSL if they can get away with it. It's a pile of poo poo. Other things I contributed: - SELinux packages are now updated to 2.7 - SETools is now updated to 4.0 - GStreamer packages have been updated to 1.12.3 - libpjsip: bump to 2.7.1 - snmp++: bump to v3.3.10 - Janus-gateway: bump to v0.2.5 - boost: bump to 1.65.1 - qemu: bump to 2.10.1 - glibmm: bump to 2.54.1 - libglib2: bump to 2.54.1 - sngrep: bump to v1.4.4 - Audit: bump to 2.7.8 - busybox: bump to 1.27.2 Things that are in master that didn't make it into this release: - PostgreSQL is now at 10.1 - Refpolicy is now at 2.20170805. The main advantage is that the new refpolicy doesn't require python2. - LibreSSL is at 2.6.3 in master and 2.5.5 in this release. There are a ton of other small improvements as well. I would seriously suggest updating to 2017.11 if you are a BuildRoot user!
|
|
#
?
Dec 4, 2017 16:43
|
|
|
|
| # ? Apr 27, 2024 04:40 |
|
|
As an anti-archive bump: BuildRoot 2018.02-LTS is out. Support for this release is a full year with guarantees of security updates. I only had 53 patches mainlined. Noteworthy updates: - Support for Meson - Systemd is now at version 237 thanks to the above - Gcc 7.3.0 support - Support for Rust - Getting ever so closer to a binary compatible build option. Other changes can be seen here: https://git.buildroot.net/buildroot/plain/CHANGES?id=2018.02 Edit* Next release will have gobject-introspection support. I have been working on it on and off for the last 6~ months.
|
|
#
?
Mar 14, 2018 12:49
|
|