Installing postmarketos-base currently changes the file permissions
of /etc/sudoers:
# apk add sudo
# stat /etc/sudoers
Access: (0440/-r--r-----) Uid: ( 0/ root) Gid: ( 0/ root)
# apk add postmarketos-base
# stat /etc/sudoers
Access: (0044/----r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
The file mode 0044 decodes to:
- User *cannot* read
- Group can read
- Other can read
which does not make any sense. The "sudoers" man page makes it very
clear that this file should have a file mode of 0440 [1]
("readable by owner and group, writable by none").
This looks like a bad typo. However, given that only read permissions
were given out this shouldn't have major security implications
(except allowing all users to see who can use sudo).
Install the file with 0440 instead of 0044 to fix this:
# apk add postmarketos-base
# stat /etc/sudoers
Access: (0440/-r--r-----) Uid: ( 0/ root) Gid: ( 0/ root)
[1]: https://www.sudo.ws/man/1.9.8/sudoers.man.html#Error_log_entries
This used to be in Alpine but they don't want what is basically a giant
unknown blob, and for good reasons. However we do want to provide these
images for ease of install and quality-control, so let's ship it in pmOS
instead
When building from tarball git tag is not available.
We need to pass version number manually.
This chnage is cosmetic, but will allow users to easily
identify version and source of their bootloader.
Package secondary LK bootloader for some Qualcomm devices
(for now: msm8916, msm8974, msm8226).
Bootloader binary is built from source in x86_64 chroot.
Two targets are built in a sequence. Then package is split
into 2 subpackages, each of them installs `/boot/lk2nd.img`.
So the end result is - lk2nd-msm8916 and lk2nd-msm8974 can't
be installed at the same time.
Device- packages then can depend on specific subpackage of this
package and have proxy-bootloader image ready to use in /boot.
This can improve user experience with installing postmarketOS on
several devices using only pmbootstrap tool.
At the very least, pmbootstrap can suggest user to flash lk2nd
immediately after `pmbootstrap install` or even offer some kind
of `pmbootstrap flasher` integration.
This will also open possibilities to automatically update and flash
lk2nd using package manager, it we ever want this.
Improvements from xfce4-phone source:
- Add screenshot to README.md
- Enable screen locking
- Disable Desktop icons "Home", "File System", "Trash"
- Enable single-click on Desktop
- Enable single-click in Thunar
- Change clock format
- Set postmarketos wallpaper
Additional changes in postmarketos-ui-xfce4:
- Installing greybird-themes (which is already set as default theme in
/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xsettings.xml).
- Changing /etc/skel/.config/autostart/onboard-autostart.desktop to
slightly speed up keysboard startup (overriding startup-delay of
/etc/xdg/autostart/onboard-autostart.desktop).
- Enabling scrollbars by /etc/profile.d/enable-scrollbars.sh, this is
helpful where touch-scrolling doesn't work like e.g. in whiskermenu.
(And re-ordered network-manager-applet in APKBUILD _pmb_recommends
section.)
Also removing xfce4 subpackages of device-qemu-amd64,
device-qemu-aarch64 and device-nokia-n900. The device specific monitor
to set the wallpaper will now be automatically derived from "monitor0"
in file xfce4-desktop.xml.
Additionally taking maintainership as discussed in merge request
(!2506).
Many devices need proprietary firmware blobs. So far those blobs were
packaged and installed from the repository but this approach has many
drawbacks:
- The rootfs can only be used on a single device model.
- If a model has multiple variants that have diferent secire-boot key,
each must have it's own firmware blobs.
This makes maintaining packaged firmware very hard and outweights the
benefits of having a repeatable installation in most cases.
Instead we can load blobs dynamically from preexisting firmware
partitions that usually have same structure and contain the blobs we are
interested in.
The proposed scripts place symlinks to the blobs in a special dir that
then given to the kernel. Blobs from firmware/postmarketos (or another
dir that was set as extra path prior the script execution) will take
priority which allows to override some blobs (e.g. for deviecs with no
secure-boot)
Also add patches from the Replicant project to fix so that charging
works, and patches from the linux-pm list to fix the SOC INTR message
that has been spamming our dmesg (issue
https://gitlab.com/postmarketOS/pmaports/-/issues/1214).
Add kernel flags needed for Anbox and Waydroid to work
[ci:skip-build] Already built successfully on CI
Signed-off-by: Raffaele Tranquillini <raffaele.tranquillini@gmail.com>
Also add patches that should fix backlight control, add reboot modes,
and work around a nasty eMMC corruption issue.
[ci:skip-build]: already built successfully in CI
- Update to Linux 5.14
- Enable new RPMSG WWAN CTRL driver that is now used to communicate
with the modem through the new WWAN subsystem in Linux
- Minor fixes for ARM32
- Enable some additional options in kernel config (F2FS, UHID, LED triggers)
- Add TravMurav as second maintainer
The text color in mate-terminal is currently dark brown on black
background. Therefore hardly readable.
Changing text color to light gray on black background.
* Idol3 panel have been renamed, so update the defconfig to
reflect that.
* add finduitls to makedepends (MR 2519)
Gets rid of "find: unrecognized: -printf" in build log.
Fixes 80a70aab92
[ci:skip-build] Already built on CI in MR
This is needed for devices such as Xiaomi Mi 5 (gemini), having backlight embedded in the panel controller
Signed-off-by: Raffaele Tranquillini <raffaele.tranquillini@gmail.com>
Fixes an issue where /dev/video2 can't be used by Megapixels (and thus
Megapixels crashing) when having PipeWire installed. The problem was
that the node could only be used by a single application, which was
PipeWire in that case.
[ci:skip-build]: just built successfully in CI
