Ancestors

Written by Robert Mader on 2025-01-16 at 12:12

I'm very happy with the initial results I get from #postmarketos switching to #systemd and think it will help a lot improving the platform going forward. My current favorites after playing around a bit over the last days:

1. Much better logging. Running journalctl -e is so much more informative and powerful than what we previously had.

2. Stacktraces of crashes via coredumpctl by default.

3. More reliable and less racy user services (hello Gnome camera indicator).

=> More informations about this toot | More toots from rmader@mastodon.social

Written by tomasoqvist@librem.one on 2025-01-16 at 16:20

@rmader I have been on #postmarketos Edge on my #oneplus6 and upgraded it regularly, most recently today. Does that mean it is now on #systemd or how can I check?

=> More informations about this toot | More toots from tomasoqvist@librem.one

Written by Clayton on 2025-01-16 at 16:36

@tomasoqvist @rmader it doesn't come automatically, and manually switching can be a little dice-y.

It's best to either do a new install with an image that includes systemd in it[1] or wait. Also expect some bugs if you switch as we continue to work out individual device support (help appreciated if that's something fun for you 🥳)

https://fosstodon.org/@postmarketOS/113816300011964552

=> More informations about this toot | More toots from craftyguy@freeradical.zone

Written by tomasoqvist@librem.one on 2025-01-16 at 16:39

@craftyguy @rmader I think I should be able to find some time in the near future to do a reinstall and test it on oneplus-enchilada.

=> More informations about this toot | More toots from tomasoqvist@librem.one

Written by caleb -> #FOSDEM on 2025-01-17 at 08:02

@tomasoqvist @craftyguy @rmader@mastodon.social if you're happy to reinstall anyway it would be useful if you could test https://gitlab.postmarketos.org/postmarketOS/postmarketos-release-upgrade/-/merge_requests/19 (manually copy the script from that MR and run it) and report any issues you run into. It may just work fine.

=> More informations about this toot | More toots from cas@treehouse.systems

Written by tomasoqvist@librem.one on 2025-01-18 at 13:53

@cas @craftyguy

OK, I jumped and the script worked fine once I understood that I should write "systemd" as channel and nothing else. Now trying to figure out why ssh is not working.

=> View attached media

=> More informations about this toot | More toots from tomasoqvist@librem.one

Written by caleb -> #FOSDEM on 2025-01-18 at 17:50

@tomasoqvist @craftyguy ah that's a missing piece for sure. systemctl enable sshd should be all you need

=> More informations about this toot | More toots from cas@treehouse.systems

Written by tomasoqvist@librem.one on 2025-01-19 at 10:47

@cas @craftyguy

I ran the command systemctl enable sshd and then confirmed it is running with systemctl status sshd, but still can't connect. No error message on ssh client, just waiting for connection that never establishes. Same thing with sftp from Nautilus.

=> More informations about this toot | More toots from tomasoqvist@librem.one

Written by Clayton on 2025-01-19 at 16:01

@tomasoqvist @cas can you run the client with verbose output?

=> More informations about this toot | More toots from craftyguy@freeradical.zone

Written by tomasoqvist@librem.one on 2025-01-19 at 19:16

@craftyguy @cas

ssh -v tomas@192.168.1.214  255 ✘

OpenSSH_9.9p1, OpenSSL 3.4.0 22 Oct 2024

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Reading configuration data /etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf

debug1: Reading configuration data /etc/ssh/ssh_config.d/30-libvirt-ssh-proxy.conf

debug1: Connecting to 192.168.1.214 [192.168.1.214] port 22.

It stops at the last line, and nothing happens (for at least minutes)

=> More informations about this toot | More toots from tomasoqvist@librem.one

Toot

Written by tomasoqvist@librem.one on 2025-01-19 at 19:17

@craftyguy @cas

Sorry, it just quit with:

ssh: connect to host 192.168.1.214 port 22: Connection timed out

=> More informations about this toot | More toots from tomasoqvist@librem.one

Descendants

Written by Clayton on 2025-01-19 at 19:34

@tomasoqvist @cas IIRC we ship a firewall rule to allow port 22, but might want to confirm it's applied with "nft list ruleset". You could also check that sshd is actually listening on port 22 with something like "ss -tlnp".

=> More informations about this toot | More toots from craftyguy@freeradical.zone

Written by tomasoqvist@librem.one on 2025-01-20 at 16:18

@craftyguy @cas

OK, after systemctl stop nftables, I am now able to ssh into my pmos edge with systemd. This nft ruleset must be new since systemd, because port 22 has been open prior to this.

op6:~$ sudo nft list ruleset | grep dport

	tcp dport 113 reject comment "Reject AUTH to make it fail fast"

	ip6 saddr fe80::/10 udp sport 547 udp dport 546 accept comment "Accept DHCPv6 replies from IPv6 link-local addresses"

=> More informations about this toot | More toots from tomasoqvist@librem.one

Written by Clayton on 2025-01-20 at 16:31

@tomasoqvist @cas no we didn't make any intentional fw changes w/ systemd stuff, so maybe the ssh nft rule wasn't installed or was removed somehow during the migration? TBH I'm not sure, it needs to be debugged. Would you mind filing a bug about this in our gitlab repo[1] so we don't forget about it?

1. https://gitlab.postmarketos.org/postmarketOS/pmaports/-/issues

=> More informations about this toot | More toots from craftyguy@freeradical.zone

Written by tomasoqvist@librem.one on 2025-01-21 at 10:44

@craftyguy @cas

https://gitlab.postmarketos.org/postmarketOS/pmaports/-/issues/3478

=> More informations about this toot | More toots from tomasoqvist@librem.one