00:18.03 | *** join/#harmattan denism1 (~denism@nat/nokia/x-fxapglhrbefpbcuu) |
00:19.37 | *** join/#harmattan captaini1loo (~Nico@lan31-4-82-227-130-131.fbx.proxad.net) |
00:19.41 | *** join/#harmattan weggi__ (~vetapani@staff.oamk.fi) |
00:19.42 | *** join/#harmattan thp_ (~thp@sulu.thp.io) |
00:19.55 | *** join/#harmattan ajalkane_ (~arto@a88-115-213-7.elisa-laajakaista.fi) |
00:20.40 | *** join/#harmattan Ronksu_ (~trongas@apostaasi.animavitae.fi) |
00:27.37 | *** join/#harmattan Kypeli (kypeli@kapsi.fi) |
00:33.26 | *** join/#harmattan eman (~lemmings@124-149-101-241.dyn.iinet.net.au) |
00:42.40 | *** join/#harmattan BrettQ (~BrettQ@99-38-191-36.lightspeed.clmasc.sbcglobal.net) |
00:42.59 | *** part/#harmattan eman (~lemmings@124-149-101-241.dyn.iinet.net.au) |
01:01.02 | *** join/#harmattan vladest_ (~Vlad@185-73-132-95.pool.ukrtel.net) |
01:22.01 | *** join/#harmattan lcuk2 (lcuk@cpc2-oldh7-0-0-cust702.10-1.cable.virginmedia.com) |
01:31.31 | *** join/#harmattan eman (~eman@124-149-101-241.dyn.iinet.net.au) |
01:57.28 | *** join/#harmattan djszapi__ (~lpapp@84-231-18-239.elisa-mobile.fi) |
02:14.03 | *** join/#harmattan Arkenoi (~ark@178.177.67.166) |
02:21.40 | *** join/#harmattan MohammadAG (~MohammadA@pool-72-89-152-214.nycmny.fios.verizon.net) |
02:28.44 | *** join/#harmattan MohammadAG (~MohammadA@pool-72-89-152-214.nycmny.fios.verizon.net) |
02:33.11 | *** join/#harmattan Mohammad- (~MohammadA@pool-72-89-152-214.nycmny.fios.verizon.net) |
02:42.49 | *** part/#harmattan meegoexperts (~Adium@unaffiliated/meegoexperts) |
02:56.02 | MohammadAG | oh yay, lost my first guitar string |
03:02.25 | *** join/#harmattan djszapi_ (~lpapp@84-231-18-239.elisa-mobile.fi) |
03:04.49 | *** join/#harmattan rm_code (~adam@2001:470:b:488:21f:3bff:fe18:dd65) |
03:50.09 | *** join/#harmattan crevetor (~antoine@modemcable210.76-70-69.static.videotron.ca) |
04:30.54 | *** join/#harmattan DocScrutinizer (~halley@openmoko/engineers/joerg) |
05:12.07 | *** join/#harmattan smoku1 (~spectrum@xkh0g2.infr.xiaoka.com) |
05:23.51 | *** join/#harmattan GNUtonio (~Gnuclear@85-156-54-80.elisa-mobile.fi) |
05:48.13 | *** join/#harmattan xarcass (~igorsazon@her.rian.ru) |
05:51.22 | *** join/#harmattan spenap (~spena@nat/nokia/x-zknfvgailxxoigos) |
06:06.25 | *** part/#harmattan smoku1 (~spectrum@xkh0g2.infr.xiaoka.com) |
06:06.35 | *** join/#harmattan smoku1 (~spectrum@xkh0g2.infr.xiaoka.com) |
06:29.55 | *** part/#harmattan smoku1 (~spectrum@xkh0g2.infr.xiaoka.com) |
06:53.48 | *** join/#harmattan antman8969 (~anthony@pool-96-239-32-4.nycmny.fios.verizon.net) |
06:56.50 | *** join/#harmattan harbaum (~quassel@2001:8d8:1fe:8:baac:6fff:fe2d:73a3) |
07:05.30 | *** join/#harmattan Arkenoi (~ark@swsoft-msk-nat.sw.ru) |
07:10.19 | *** join/#harmattan veskuh (~vesahart@nat/nokia/x-vatpveqoeipqiigh) |
07:10.28 | *** part/#harmattan veskuh (~vesahart@nat/nokia/x-vatpveqoeipqiigh) |
07:19.34 | *** join/#harmattan mikhas (~michael@85.183.48.167) |
07:22.34 | *** join/#harmattan Stecchino (~bart@amarok/developer/Stecchino) |
07:47.14 | *** join/#harmattan rcg (~rc@g230050251.adsl.alicedsl.de) |
07:58.22 | *** join/#harmattan frinring (~kossebau@85.183.48.167) |
08:03.34 | *** join/#harmattan leinir (~leinir@amarok/usability/leinir) |
08:06.17 | *** join/#harmattan Sicelo (sicelo@unaffiliated/sicelo) |
08:17.56 | *** join/#harmattan lardman (~simon@Maemo/community/contributor/lardman) |
08:18.32 | lardman | morning |
08:20.24 | *** join/#harmattan Sicelo (sicelo@unaffiliated/sicelo) |
08:23.55 | *** join/#harmattan vladest (~Vlad@195.238.92.177) |
08:25.07 | *** join/#harmattan wazd (~wazd@broadband-95-84-185-178.nationalcablenetworks.ru) |
08:27.34 | *** join/#harmattan djszapi (~lpapp@kde/developer/lpapp) |
08:30.54 | *** join/#harmattan seif (~seiflotfy@ip-95-223-13-104.unitymediagroup.de) |
08:31.02 | wazd | hi all |
08:31.34 | *** part/#harmattan Sicelo__ (qhubekela@unaffiliated/sicelo) |
08:32.16 | djszapi | Not sure who, but someone was asking a question related to requesting credentials for an install script. I told that he can request it to <for path="/var/lib/dpkg/info/mypackage.postinst" />, but I realized that it is a better way to do by using the context attribute for the installation/removal phrase. |
08:34.16 | xarcass | djszapi: that was me, probably. but i've solved this problem long ago. and there's better way, it's in the documentation: <request context="INSTALL"> |
08:36.08 | xarcass | djszapi: oops, haven't read your whole sentence.. |
08:36.40 | djszapi | xarcass: yep, actually more people asked it. Do you understand why it is better way ? |
08:36.59 | djszapi | or shall I document it more in the next SDK ? |
08:37.01 | xarcass | btw, i haven't found a way to remove files without gaining root ownership first |
08:37.37 | djszapi | xarcass: remove file in what context ? Do you have a scenario, please ? |
08:38.05 | xarcass | djszapi: it would be helpful if there was full list of capabilities that can be requested on the same page. or a link |
08:38.19 | djszapi | We did already few weeks ago. |
08:38.54 | xarcass | djszapi: i use doc pages from SDK, they are not updated very frequently |
08:39.04 | djszapi | but there are 3 different matters, here. Could you please answer the first two first ? |
08:39.19 | djszapi | xarcass: SDK is updated when there is a new release, not sync'd up daily. |
08:39.25 | djszapi | since till that, it is a moving target. |
08:40.36 | xarcass | djszapi: scenario: i have directory which is created by app. there are directories and files in it, which are created also by an app. i wanted to remove this whole directory upon uninstall. i wasn't be able to do this because of permissions. |
08:41.34 | djszapi | xarcass: right, as for me, I required dac_override, but I know you cannot do that. Will study it and come back to you. |
08:41.51 | djszapi | xarcass: is the context clear for you why that is better ? |
08:43.08 | kimju | I'd still like to see a platform documentation with list of all tokens in use in the system as released, what resources those are protecting and if there is limitations in use of those (ie. can a package not coming from official repository ask for those tokens). |
08:43.13 | xarcass | djszapi: how i've solved this: i requested cap_chown in manifest, then i chown'ed all this directory contents, then i rm'ed this contents. so, now i have all files removed, but there's only empty directory in the home. I suppose, this is acceptable, but not exactly 'clear'. Not perfect, i'd say. |
08:44.02 | djszapi | kimju: that has nothing to do with aegis, that is OVI question. I cannot answer anything about their documentation. We can maximum reference to them |
08:44.35 | djszapi | xarcass: yes, that is rather hackish ;) |
08:44.46 | kimju | djszapi, that is a harmattan platform question, not ovi store or anything. |
08:44.56 | djszapi | kimju: you are wrong, that is OVI question |
08:45.12 | kimju | define ovi? |
08:45.34 | djszapi | ie. can a package not coming from official repository ask for those tokens -> this has nothing to do with aegis. |
08:45.41 | djszapi | the first part, I already answered, see above |
08:46.35 | kimju | where? |
08:46.45 | djszapi | 11:38 < djszapi> We did already few weeks ago. |
08:47.49 | djszapi | We would not really like to confuse people with different stores and their consequences. We can only say that: use OVI. OVI needs to document it the further things since the origin thing happens there anyway. |
08:47.56 | djszapi | stores -> sources. |
08:48.37 | kimju | Sorry, I don't understand what you are saying. |
08:49.08 | djszapi | kimju: well, security provides a platform, right ? |
08:49.34 | djszapi | OVI uses the and decides the original policies and so forth, so it is up to really them how they use our platform, we cannot say what our users do. |
08:52.15 | Arkenoi | took a look at ovi store. almost impossible to find anything useful by browsing because it is full of useless bookmarks disguised as apps |
08:52.56 | kimju | djszapi, so are you saying that I can't install .debs from anywhere else than ovi store? |
08:53.32 | lardman | can I instantiate a QML component which is contained in a string? |
08:53.42 | lardman | s/contained/defined |
08:54.34 | djszapi | kimju: no, I do not say |
08:55.03 | djszapi | xarcass: the solution seems to be very simple for your case: just request UID::user credential for the install context |
08:56.23 | djszapi | kimju: but that is obviously the lowest origin source in the OVI store "hiearchy", so it will be documented there. |
08:56.49 | djszapi | with all the other levels, it is up to them. That is the target way Nokia tries to achieve anyway. |
08:57.26 | kimju | djszapi, ok, so let me rephrase the question: If I package for example bash in obs (or scratchbox) and download the resulting deb into the device. can I install it? what if I ask for CAP::sys_module in manifest, can I still install it and get the capability token granted? |
08:58.09 | djszapi | kimju: as said, read the OVI documentation. |
08:58.26 | djszapi | we will publish a reference to that for sure from the security guide. |
08:59.02 | elpuri | lardman: sure |
08:59.25 | djszapi | kimju: Nokia does not care about c-obs, it cares about OVI store, that is |
08:59.49 | *** join/#harmattan lcuk (lcuk@Maemo/community/contributor/lcuk) |
08:59.53 | lardman | elpuri: I need to change a "widget" at runtime, and am not sure whether to supply a QDeclarativeWidget or some QML code from the C++ side; either way I'm not sure how to plumb it in |
09:00.14 | lardman | lcuk: morning |
09:00.22 | kimju | and I don't care about ovi store, I care what the software platform in the device allows me to do. |
09:00.24 | xarcass | djszapi: i was afraid that UID::user in request might break something. I've tried CAP::fowner - without success, surprisingly |
09:00.36 | djszapi | kimju: and, no you cannot obviosuly grant sys_module, that is against the whole architecture design from the page zero |
09:01.02 | djszapi | xarcass: it does not break anything, that is the idea and design. Feel free to contact me if something breaks. |
09:01.10 | elpuri | lardman: is this what you were looking for? http://doc.qt.nokia.com/4.7-snapshot/qdeclarativedynamicobjects.html#creating-an-object-from-a-string-of-qml |
09:01.21 | djszapi | kimju: *sigh* |
09:01.38 | xarcass | djszapi: thanks, i'll try |
09:01.39 | djszapi | kimju: that is what Nokia pushes, period. Not sure why we still discuss it, if you do not accept what Nokia pushes, do not use it :D |
09:01.40 | lardman | elpuri: looks promising, thanks :) |
09:02.18 | djszapi | kimju: we will obviously not mix up the documentation in 1000 places as a separate snippets, just because of c-obs that is really no goal of nokia. |
09:02.34 | djszapi | actually, it is quite against the Nokia wishes. |
09:03.19 | elpuri | lardman: look at the qml<->c++ models too |
09:03.28 | elpuri | usually models are the best choice |
09:03.44 | kimju | djszapi, ok, what other tokens I can't request then? http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide#Requesting_POSIX_capabilities documents how to request them, but what I've been asking what the device allows you to request. I don't see how that is related to ovi, it's part of the software platform in the device. |
09:04.19 | lcuk | morning lardman \o |
09:04.20 | lcuk | hey simon, there is an event happening at manchester university about content creation and usability/ux :) |
09:04.20 | lcuk | is getting ticket |
09:04.28 | lardman | elpuri: models as in database models? |
09:04.34 | djszapi | kimju: ok, I told it to you more times, I stop it. |
09:04.55 | dm8tbr | djszapi: are you referring to documentation currently available only under NDA? |
09:04.56 | lardman | lcuk: I'm sat twiddling thumbs waiting for a baby still, only a week and a bit overdue now |
09:05.19 | lcuk | lardman, :D fun |
09:05.22 | djszapi | dm8tbr: yes, the documentation of the new release (which is a moving target) is obviously not out. |
09:05.31 | lcuk | tracy was induced in the end |
09:05.38 | lcuk | well waters broke |
09:05.46 | lardman | Holly is booked in, but there's time yet.... |
09:05.55 | lcuk | indeed |
09:06.07 | dm8tbr | djszapi: please keep in mind that this channel has mostly people that did not sign an NDA with nokia and thus all discussion should be kept in mind that this is the baseline level. |
09:06.31 | lcuk | do we need to sign NDA to talk about pregnancy now? |
09:07.03 | hiemanshu | lcuk: yes sir |
09:07.06 | Ronksu | lcuk: not after the first three months :) |
09:07.08 | lcuk | :D |
09:07.16 | hiemanshu | lcuk: its called the Pre-Delivery NDA, or the PDNDA :P |
09:07.25 | djszapi | dm8tbr: not sure what the outcome is of your sentence. Should I explain more what I say because it is hard to understand for people here because it is too depth, or ? |
09:07.27 | lcuk | facepalms |
09:08.09 | *** mode/#harmattan [+o dm8tbr] by ChanServ |
09:08.13 | *** topic/#harmattan by dm8tbr -> A cozy little place for pure harmattan device and development discussions | No discussion that requires NDA please! | Developers check this: http://library.developer.nokia.com/ | http://wiki.meego.com/N950_landing_page | MeeGo N9(|50) CE on its way, MOSLO still missing, discuss in #meego-arm please | logs: http://mg.pov.lt/harmattan-irclog/ |
09:08.17 | hiemanshu | djszapi: its just that most people dont have access to stuff you have, and so writing someone off is not a good idea |
09:08.40 | djszapi | hiemanshu: what do you mean by writing someone off ? |
09:08.56 | lardman | that can be easily solved by uploading the relevant NDA'd docs of course ;) |
09:09.00 | hiemanshu | djszapi: <djszapi> kimju: ok, I told it to you more times, I stop it. |
09:09.11 | djszapi | hiemanshu: what is wrong about that sentence ? |
09:09.22 | hiemanshu | djszapi: sounds very very rude |
09:09.55 | djszapi | I think that is the consequence of not accepting the platform and design. I cannot really say more than I said. Why should I continue ? |
09:10.07 | dm8tbr | djszapi: to make this more clear for you: if you say something here. please make sure that you only asume that people have information that is not under NDA. |
09:10.08 | djszapi | it seems he did not accept the nokia decisions ? I cannot comment more on that. |
09:10.40 | dm8tbr | djszapi: if you need clarification of how to separate such information please contact the relevant Nokia people to arrange a briefing. |
09:10.50 | hiemanshu | djszapi: well this isn't the only thing, you did the same to me yesterday as well |
09:10.51 | Stskeeps | if anyone is obviously breaching an NDA, be sure to report to corporate security |
09:11.33 | kimju | I haven't said that I'm not accepting the platform or Nokia decisions. I'm just trying to understand what that platform allows me to do or not. |
09:11.36 | djszapi | dm8tbr: I am not sure why you are telling it to me, I firmly believe I know better what I can say and not. I am the only one actually warned others about it when they told more (for instance the guy with new image flashing question here) |
09:11.39 | Stskeeps | returns to his perl build |
09:12.04 | lardman | is interested in a Perl build |
09:12.14 | djszapi | kimju: but I told you so many times. It seems you do not accept it since you are still against that decision. |
09:12.15 | kimju | I still think it's a valid question to ask what tokens can be requested by a package not coming from the official repositories. |
09:12.19 | lardman | though now I think about it, the app in question uses a GTK+ ui, which is not ideal |
09:12.21 | dm8tbr | would be interested in bluetooth python bindings |
09:12.33 | djszapi | kimju: and I already answered that how you can do that, numerous times. |
09:12.38 | Stskeeps | would like a pony |
09:12.45 | lardman | lol |
09:12.52 | dm8tbr | Stskeeps: for me one steak sandwich please! |
09:13.01 | Stskeeps | dm8tbr: damn you, now i have to go out for a steak sandwich |
09:13.01 | djszapi | hiemanshu: I provided a feedback to make your software better, you started telling me, it is installed even if it was not. |
09:13.04 | Stskeeps | :P |
09:13.10 | dm8tbr | but actually I should start consuming the sushi I made myself for lunch :D |
09:13.12 | djszapi | hiemanshu: Not sure what I did wrong. |
09:13.14 | lardman | only £25? |
09:13.23 | lardman | or did you mean a real one? |
09:13.45 | djszapi | hiemanshu: I am really happy if a feedback comes into the picture in KDE projects I am involved in. |
09:13.56 | lardman | stops with the slang and goes back to QML "goodness" |
09:14.28 | hiemanshu | djszapi: like I said, it works for everyone with an N950, and we cannot do anything until we have newer software |
09:14.52 | djszapi | hiemanshu: that is fine, but I did not like that when you wanted to know better what I had installed and what not :) |
09:15.14 | hiemanshu | djszapi: if you file a buy, I will try to solve it :P |
09:15.20 | djszapi | buy lol :D |
09:15.33 | hiemanshu | bug* |
09:16.12 | lardman | Does the email app work for anyone else? I seem to be unable to send mail, though I can receive it. Anyone know if there's any logging anywhere as the "Error occurred" message isn't overly enlightening? |
09:16.27 | *** join/#harmattan artemm (~Adium@d85-194-229-245.cust.wlannet.com) |
09:16.57 | maxw | I see that too, fwiw |
09:17.10 | lardman | ok, glad it's not just me |
09:17.28 | maxw | I've not tried to solve the problem though. |
09:17.42 | djszapi | hiemanshu: actually, you started me asking about this, and I even told you, sorry no because it is NDA :) |
09:17.55 | maxw | I had it in mind to remove and add the account again, to see if it made any difference. |
09:18.27 | djszapi | and, no I do not think I should report someone (for instance the last Qt guys while trying to ask NDA things here) for the first time. I do think we are mature enough to warn people in private. |
09:18.55 | lardman | I've done lots of fiddling with account settings to no avail, I've also tried starting fenix from the command line, but it detached from the term and I've not checked whether it was a shell script or there's some options yet |
09:19.20 | hiemanshu | djszapi: like I said if you say you have a problem, I would want to know what it is, you went on to tell me I shouldn't write software using guess work and such |
09:19.52 | lardman | The other interesting problem I sometimes see if that the clock has missing digits; usually the 10s of the minutes |
09:20.48 | djszapi | hiemanshu: I do not know what problem it is in fact since I do not have time to deal with the software, sorry. I am happy to help with any security issues though. :) |
09:23.04 | xarcass | lardman: i've seen the same thing. but only on the 'lock screen' |
09:23.17 | hiemanshu | djszapi: so whats the use of pointing out an error when you dont want a solution :P |
09:23.29 | hiemanshu | djszapi: which is what pissed me off yesterday |
09:23.39 | djszapi | hiemanshu: to know whether it is a trivial issue and can be fixed easily or not. |
09:23.55 | lardman | xarcass: when I see it on the lock screen and unlock it also appears on the "system tray" clock |
09:24.23 | hiemanshu | djszapi: its a trivial issue, it could be fixed easily if you could tell me just give me the output of the command I asked for, and you said that was under NDA |
09:25.24 | *** join/#harmattan ajalkane_N950 (~ircchatte@ZYYYKMMMCCXXIII.gprs.sl-laajakaista.fi) |
09:26.26 | djszapi | hiemanshu: trivial fix as in easy to fix without having a device. |
09:27.10 | djszapi | 12:23 < hiemanshu> djszapi: so whats the use of pointing out an error when you dont want a solution :P |
09:27.14 | djszapi | 12:23 < hiemanshu> djszapi: which is what pissed me off yesterday |
09:27.26 | SpeedEvil | The app runs just fine on a n950 with the publically available image. |
09:27.28 | djszapi | it is not really, I do really want a solution and that is why I mentioned to you. However NDA has higher priority than a leisure time irc client ;-) |
09:27.44 | hiemanshu | djszapi: NOTFIXING, WORKSFORME, EOF |
09:28.29 | *** join/#harmattan rcg (~rc@fb2-pub-1.dv-nr.fh-frankfurt.de) |
09:33.08 | sebas | hiemanshu: you can't really expect djszapi to break his contractual obligations I think |
09:33.56 | hiemanshu | sebas: I am not expecting him to do that, a simple doesn't work for me, and I cannot help you without a issue because I have an NDA to follow would have been good enough |
09:34.43 | sebas | I understood djszapi as such |
09:35.14 | sebas | maybe you should assume positive |
09:35.49 | w00t_ | sebas: you might have missed the part of the conversation yesterday when he was telling hiemanshu to not write software by guesswork, etc :) |
09:36.22 | sebas | yep, I missed that part |
09:36.40 | djszapi | w00t_: What I meant with that, it possibly expect a hard coded option. Sorry for not being clear and it could be misunderstood |
09:36.54 | djszapi | but the problem seems to be that it expects a "guess" which is not working on this device. |
09:37.50 | djszapi | guess as in hard coded (either dependency missing, or hard coded path somewhere). |
09:40.08 | hiemanshu | djszapi: like I said, it worked perfectly for everyone who tested it on a N950, and I cannot *guess* what the N9 has and doesn't |
09:41.03 | djszapi | yep, exactly that is why it is important to mention every dependencies, not using hard coded paths, set the proper paths (either in the build system or somewhere else). |
09:41.18 | sebas | maybe file a bug about this, then at least someone powerful enough can look at it and decide wether or not to give out this information, or fix it? |
09:42.03 | hiemanshu | djszapi: it is mentioned, and there is no hard coded paths |
09:42.27 | hiemanshu | we have 'import com.meego.extras' which doesn't work for you |
09:42.45 | hiemanshu | its not a hard coded path, and its a part of the qt-components package, atleast on the N950 |
09:42.54 | Sput | hmm. is there a way to execute a binary on the device using Madde, without having to package it as a .deb? I tried using the mad remote send which put the binary in developer's home directory, but I don't seem to be able to execute that neither using mad remote run nor directly on the shell |
09:42.58 | dm8tbr | hiemanshu: to briefly touch on your previous statement: actually most NDAs I've seen are worded that you are not even supposed to mention that you are bound by it. So a simple 'I'm sorry but I can't answer that' or simply not engaging in conversation that might bring up such a question are good strategies. |
09:43.08 | Sput | I guess I have to add permissions somehow, but I have no idea how :) |
09:43.26 | Sput | "the device" being the N950 |
09:43.55 | djszapi | hiemanshu: yep, but it does not hurt to ask whether it is general issue about hard coding and can be fixed without device, I guess. |
09:44.17 | hiemanshu | djszapi: I said no, and you said 'dont write software using guess work' |
09:44.45 | djszapi | reading back the log, it seems you realized it later, it is not hard coded. |
09:45.00 | djszapi | and you told it after I said whether there is any guess work. |
09:45.04 | hiemanshu | I know it is not hard coded, its a part of the qt-components package |
09:45.25 | djszapi | yep, but I did not know who never dealt with that package ;-) |
09:47.41 | radiofree | is it com.meego.extras? |
09:47.46 | radiofree | not com.nokia.extras? |
09:48.08 | hiemanshu | we used com.meego.extras yes |
09:48.39 | radiofree | interesting |
09:49.29 | hiemanshu | <djszapi> hiemanshu: you should really not make a software with guess-works, seriously. <-- from the logs |
09:50.10 | djszapi | I still stick by, there is a guess work there, and I am sorry if it cannot be covered what exactly because of the NDA. |
09:50.35 | ajalkane_N950 | com.meego.extras is wrong maybe, git has com.nokia.extras in examples |
09:50.44 | djszapi | that guess work ^ |
09:50.52 | radiofree | yes, for me qt-components is com.nokia.extras |
09:52.02 | hiemanshu | ajalkane_N950: like I said the one we have on N950 works for us |
09:53.24 | ajalkane_N950 | I know, I'm using it. But seems N9 has newer version with different import |
09:54.23 | hiemanshu | ajalkane_N950: yeah, and my psychic power has gone for a toss to guess that |
09:54.24 | ajalkane_N950 | I use extras too, I think the nokia one |
09:55.55 | ajalkane_N950 | hiemanshu, I'm just guessing, not commenting on the argument between you and djszapi. |
09:56.22 | hiemanshu | ajalkane_N950: no guess-work is welcome here |
09:56.24 | hiemanshu | runs |
09:56.59 | hiemanshu | ---> $dayjob |
09:57.52 | ajalkane_N950 | I like guessing. |
09:58.25 | DocScrutinizer | djszapi: don't you think your way to put things is rather antagonizing? It's commonly perceived as rude and not exactly helpful. Please try to reconsider the way you participate in this channel. I suggest you also have a short glance at http://freenode.net/channel_guidelines.shtml just in case there might be some generic ideas about concepts I personally love to reread every once in a while |
09:58.44 | ajalkane_N950 | Like, I once guessed lottery numbers. Exciting |
09:59.32 | xarcass | uses com.meego.extras all the time and it works on two N950 with different fw versions |
10:01.10 | djszapi | DocScrutinizer: mmm, I have never said such things that I heard here about aegis (mainly when it is just a lack of understanding, it does not make a good atmosphere, to say "fuck", "shit" aegis and others as so many people do from the beginning). |
10:01.37 | DocScrutinizer | djszapi: and (if I didn't get this part wrong in speedreading backscroll) your claim you can't utter simple "com.meego.extras is wrong maybe, git has com.nokia.extras in examples" as you're under an NDA is mere ridiculous |
10:02.22 | djszapi | DocScrutinizer: I had no idea about this issue. I have been asked by providing outputs from the device. |
10:03.46 | djszapi | DocScrutinizer: imagine the situation from my point of view. I am trying to help the community to get into the aegis usage better, and I just read from hours to hours, "fuck aegis(TM)". What do you think I feel after 20-30 situations like that ? |
10:04.15 | DocScrutinizer | I don't want to go into doing actual statistics, but my perception of this channel is it's a lot of bitching about how we _say_ things most of the time, rather than a cooperative solving of problems |
10:04.37 | *** join/#harmattan Kaadlajk (kylanpaj@mustakiuru.cs.tut.fi) |
10:05.04 | djszapi | DocScrutinizer: Yep, I think I answered all the aegis questions heretofore. I do not see any unresolved issue. |
10:05.45 | djszapi | That is why it is a bit frustrating to me to read "fuck aegis(TM)" from the day first, when I try to help about it. |
10:07.03 | hiemanshu | sets a timer, PM djszapi every 30 seconds with 'Aegis - It just *doesn't* work (TM)' |
10:07.14 | DocScrutinizer | sorry about that, but that's the often rude harsh tone in FOSS community, and esp on IRC. Better just ignore it, or get a receive-regex substituting each "fuck aegis" to "I'm frustrated as I don't get this aegis thing right" |
10:07.14 | xarcass | djszapi: btw, requesting UID::user don't work - permission denied. so i'll stick to CAP::chown & chown & rm solution for now |
10:07.15 | djszapi | See ? |
10:07.29 | hiemanshu | djszapi: I being funny :P |
10:07.32 | hiemanshu | I am* |
10:07.44 | flux | maybe the community feels like they are being force-fed something they would rather have the option of opting out. |
10:08.05 | djszapi | DocScrutinizer: sure, it can be avoided 1-2 times, but not after reading it continously 20-30 times :( |
10:08.34 | hiemanshu | djszapi: thats your problem for having a very low threshold |
10:08.48 | djszapi | flux: but that is not the case, so we need to solve the problem, not thinking of that which is not the current situation. |
10:08.54 | hiemanshu | its 30 people now, if there were say 5k devs in here, it would be 300 times |
10:09.06 | DocScrutinizer | djszapi: then I'm sorry to say I don't see any other way for you to keep your mental sanity than just leave this channel alone. A pity but probably the only way, as you won't change the wording here |
10:09.59 | hiemanshu | if you have a problem with 1, you speak to the chanops, if you have a problem with a million, you just leave :) |
10:10.22 | DocScrutinizer | djszapi: nobody likes aegis, and there will always be devels that express this feeling in a XXX way |
10:12.09 | mikhas | I like AEGIS. |
10:12.14 | djszapi | Mmm, leaving or a very strong vest, true. |
10:12.15 | DocScrutinizer | we can tighten general rules about proper speech in IRC, to make everybody use "f*** aegis" instead of using XXX words. In the end it won't change anything, though I'd be willing to go into this tedious duty to enforce worksafe speech in this chan |
10:12.19 | mikhas | Without it, you folks here wouldnt have anything to talk about. |
10:12.39 | hiemanshu | mikhas: do you want to talk about your issues? |
10:12.51 | hiemanshu | mikhas: I would offer a free health checkup |
10:14.21 | djszapi | DocScrutinizer: thing is that you cannot avoid the security nowadays, and that is really a good gesture. We implemented a very similar (almost the same from the third party developer pov) on meego, so you will not like it either. |
10:14.28 | DocScrutinizer | mikhas: the problem as generally percieved is there's way too much talking about aegis, and be assured we had just enough to talk about when aegis would just vanish |
10:14.54 | djszapi | However I agree with you, I should put on a very strong vest or leave. That is really the two options. |
10:16.43 | radiofree | djszapi: you've done the same to meego?! |
10:16.45 | djszapi | xarcass: if the directory is owned by the user, it works. I tested it here. |
10:17.06 | djszapi | radiofree: from third party developer pov, it is almost the same, yes. |
10:17.19 | Arkenoi | mikhas, you love aegis so much that you want to f**k it! |
10:17.27 | *** join/#harmattan razvanpetru (~razvan@188.26.187.156) |
10:17.31 | mikhas | Arkenoi, I'd put a ring on it. |
10:17.33 | DocScrutinizer | djszapi: (thing is that you cannot avoid the security nowadays...) that's your POV, others may feel completely different about it. You won't convince them the way you defend aegis here, as that decision had to get discussed on a way more abstract level of platform concepts and product targets |
10:17.34 | Stskeeps | yes, my statement about fuck aegis is that i want to erm, make sweet love to it |
10:17.43 | Stskeeps | ;) |
10:17.51 | razvanpetru | I like aegis!! |
10:17.52 | xarcass | djszapi: yes it is user:users and it doesn't work. on two devices with different versions of fw. it's right in /home/user directory |
10:17.54 | radiofree | from a user point of view, aegis makes sense |
10:18.06 | razvanpetru | in fact it needs more permissions... |
10:18.09 | Arkenoi | radiofree, how? |
10:18.13 | radiofree | i wish i could completely disable it on my device though, from a developer point of view |
10:18.14 | w00t_ | Stskeeps: i don't think "penetrate it with a 30ft post" is the same as "make sweet love to it" |
10:18.25 | Stskeeps | w00t_: to me it does! |
10:18.27 | w00t_ | though i guess in so.. |
10:18.30 | w00t_ | ok, beat me to it |
10:18.40 | djszapi | xarcass: the only guess is the old image then since it works here. |
10:18.44 | w00t_ | facepalms gently |
10:18.46 | mikhas | The one thing to realize and accept: AEGIS won't go away for MeeGo Harmattan, it'll stay. |
10:18.48 | radiofree | Arkenoi: it does a decent job of preventing applications from doing what they are not supposed to do |
10:19.08 | mikhas | No amount of water running down the Niagara falls, or similarly, the amount of talk here, will change that. |
10:19.25 | Arkenoi | could be useful if platform was just a bit more widespread. as it is not, it is just pure annoyance |
10:19.47 | Arkenoi | also, there is no decent user controlled capability management process to make it useful |
10:19.55 | radiofree | its a pure annoyance to a developer |
10:20.04 | DocScrutinizer | mikhas: I tend to agree on that one |
10:20.10 | mikhas | So is manual memory management. |
10:20.28 | mikhas | Or debugging without debug symbols or sources. |
10:20.45 | mikhas | If you get easily annoyed as a dev, it's time to change careers. |
10:20.50 | mikhas | It won't get better! |
10:22.00 | DocScrutinizer | mikhas: we almost all don't have a career on HARM/meego. And I for one am fine with my options to choose which platform to use for development. It's not an aegis-infested platform |
10:22.27 | mikhas | Yes, please exert that freedom of choice. |
10:22.46 | *** join/#harmattan ajalkane_N950 (~ircchatte@GYYYMMCDXXIII.gprs.sl-laajakaista.fi) |
10:22.46 | DocScrutinizer | I already did and stopped all work on harmattan development |
10:23.10 | djszapi | What I have never understood is that, here is the platform. People got free devices. If they do not like how the platform was designed, they are not obligated to use it. Summary: if you work in a project, why not cooperating nicely after accepting the platform principles instead of continously developing for a platform where you do not accept the principal architecture design ? |
10:24.00 | DocScrutinizer | err I guess this explicitly does not apply to me? |
10:24.07 | Sicelo | 0_o really DocScrutinizer ? |
10:25.29 | DocScrutinizer | Sicelo: yes. I *hate* the platform concept with regard to aegis/security, and I'm not excited about N9 either. So what would me make invest my time into it |
10:26.25 | DocScrutinizer | I just keep this aegis-coffin they sent to me as I hope there's some better platform without aegis available soon, which deserves my attention |
10:26.28 | *** join/#harmattan M4rtinK (~M4rtinK@mail.melf.eu) |
10:26.37 | mikhas | DocScrutinizer, in case you got a N950: I suspect ending all H work means you'll hand it over to another developer? |
10:26.42 | Sicelo | lol, coffin. yay! |
10:26.45 | djszapi | I have mentioned previously Harmattan and MeeGo. From what I can say, Android tries to replicate aegis design principles nowadays, they also go into that direction. It is just heavily needed to provide security for the mobile phone users nowadays. It is not the Windows security way, I know. Nothing comes freely, you need to work a bit with it, but after a good documentation, it should not be hard. |
10:26.58 | SpeedEvil | A device you're expected to develop on without pay is not free. |
10:27.41 | flux | djszapi, I think people are annoyed that developers don't have a loophole for the security system. in other words, they must work at a further level from the core system than the manufacturer. |
10:27.53 | flux | the security system per se seems quite interesting to me |
10:28.14 | hiemanshu | djszapi: have you ever written SELinux policies? |
10:28.56 | DocScrutinizer | flux: indeed |
10:28.59 | hiemanshu | the thumb rule says 'Test your app without SELinux, see if it works on the platform just fine, then enable SELinux and add the security stuff needed' |
10:29.28 | hiemanshu | and aegis doesn't let you do that |
10:29.33 | djszapi | hiemanshu: I am really sorry, but I would not like to discuss SELinux right now because that would be a very deep and long conversation during the work hours. All the feedback can be founded on the linux kernel mailing list I pasted few weeks ago more times. I agree about that what is written over there by Linus Towards and other security experts, if you are interested in our opinion. |
10:29.44 | DocScrutinizer | hiemanshu: which is the SOP I suggested from beginning and thought was what "developer mode" is all about |
10:30.17 | Sput | I'd just like to be able to deploy and run a binary for testing purposes, without having to build a full package first :/ |
10:30.26 | hiemanshu | see ^ |
10:30.37 | hiemanshu | DocScrutinizer: exactly my point about aegis |
10:30.47 | hiemanshu | its not the security platform that I am sick of, its the implementation |
10:30.58 | Sput | especially since building a package takes much longer than remaking the binary |
10:31.06 | hiemanshu | users dont blame implementations, they blame platforms |
10:31.12 | DocScrutinizer | djszapi: the problem is "you security experts" (I honestly doubt Linus would attribute himself as such) seem to be pretty ignorant about "us developers" |
10:31.53 | hiemanshu | djszapi: and I have been studying security since I was 15, so I know my stuff |
10:32.32 | hiemanshu | dev mode != production mode, which is why dev mode has a lot of rules relaxed for you |
10:32.44 | DocScrutinizer | and now I'm out again, as - stated correctly before - NOTHING will change for aegis neither on N950 nor on N9 or HARM in general |
10:33.55 | SpeedEvil | djszapi: Can aegis be used for user security? Is it possible to for example require (in principle) a passphrase from the user before decrypting the aegisfs? |
10:34.35 | djszapi | aegis and smack are used for user security. |
10:35.49 | SpeedEvil | Are there docs on this side of the implementation - I haven't found any. |
10:35.58 | djszapi | also the coming android security which replicates aegis more and more. |
10:36.01 | DocScrutinizer | and djszapi won't talk aegis beautiful for the majority of devels that are just annoyed by it, esp by the fact they have to cope with it even in developer mode on a DEVELOPER DEVICE (as is printed in all capitals on back of N950) |
10:36.04 | *** join/#harmattan baraujo (~Bruno@189.2.128.130) |
10:37.12 | djszapi | DocScrutinizer: I am seriously not getting what you are talking about...It is like saying to git, solve my merge conflict automatically since it is an issue for me. |
10:37.50 | djszapi | simple cases can be "autogenerated" (ie.: aegis-manifest-dev), but custom cases obviously cannot. |
10:38.07 | *** join/#harmattan willer_ (~Willer@189.2.128.130) |
10:38.59 | djszapi | to be quiet honest: I ported Gluon with all its games to Harmattan without any security issue. It is a complete game development and distribution platform, and I had zero security issue. |
10:39.03 | djszapi | quite* |
10:39.34 | DocScrutinizer | djszapi: if the above sentence was maybe too screwed to not get lost in translation, here's a second try: You ( djszapi ) like aegis, some of us don't. And there's nothing that will change this discrepancy |
10:39.39 | djszapi | if there is a custom case (ie.: like merging conflicts in case git, which cannot be automated by a tool), it obviously needs custom developer configuration. |
10:40.05 | DocScrutinizer | and I'm out now for good (again) |
10:40.28 | djszapi | "You ( djszapi ) like aegis, some of us don't. And there's nothing that will change this discrepancy" -> I do not like meego as a project, but I do not say every day like I got for aegis. |
10:40.36 | djszapi | so it is a very sad conclusion. |
10:41.54 | Sput | djszapi: so far I fail to simply execute a binary on the device using Madde, which is supposed to be the official deployment env. is it possible to change that somehow? |
10:42.24 | djszapi | Sput: I can help later today, I need to get back to work. :) |
10:42.39 | *** part/#harmattan djszapi (~lpapp@kde/developer/lpapp) |
10:42.42 | hiemanshu | Sput: wait let me find you a link |
10:44.24 | hiemanshu | Sput: http://forum.meego.com/showthread.php?t=4000 |
10:45.30 | Sput | thanks, but I don't think that's the issue... I can't use Qt Creator because the project is cmake-based, I tried using mad remote run though, but I get permission denied |
10:45.41 | Sput | (+x is set on the binary, so it's probably some security policy) |
10:46.04 | hiemanshu | Sput: devel-su; develsh; /usr/sbin/aegis-developer-mode --relaxed-exec <binary> |
10:46.26 | hiemanshu | and you can still use Qt Creator even with cmake |
10:46.28 | Sput | ah ok, will try that later when I'm in front of the SDK again |
10:46.38 | Sput | hiemanshu: yes I can, but Creator misses all the device and deployment options |
10:47.02 | Sput | (which is somewhat stupid, as that stuff shouldn't be buildsys specific) |
10:47.23 | Sput | so I use Creator for editing the project, but I have to resort to mad in order to deploy and run on the device |
10:47.46 | hiemanshu | ah yeah, makes sense |
10:49.01 | Sput | I really really hope they add the deployment and on-device debugging stuff for cmake-based projects at some point :/ |
10:57.22 | Arkenoi | I *am* security experts with about 20 years of field experience, and i say: aegis sucks! |
10:57.52 | Arkenoi | expert, even |
11:02.37 | dm8tbr | it's sure a pain in the neck |
11:03.36 | dm8tbr | it sucks enough to make people want to remove it. so in the end hopefully things will be good |
11:04.24 | Arkenoi | it is yet unknown if we really lose any functionality in the open mode. apparently not. |
11:04.40 | Arkenoi | (any vital functionality) |
11:05.04 | Arkenoi | i do not care about DRM-protected video and other useless stuff |
11:05.56 | dm8tbr | there is no drm afaict :) |
11:05.58 | *** join/#harmattan jykae (jyrkkav@hopeatilhi.cs.tut.fi) |
11:07.31 | jykae | is there fixed version of landscape enabler for n950 around somewhere? |
11:09.00 | Arkenoi | as for capabilities based security is it exactly as good as capabilities management system you have. selinux is slightly better than nothing. the one we have at symbian is way worse than nothing. at the moment aegis behaves worse than selinux but better than symbian (at least we can control it), but is unpredictable, changes from version to version and all that NDA stuff is pure nonsense, so now it is worse than nothing as well |
11:11.48 | Arkenoi | also think "qui prodest" |
11:12.01 | Arkenoi | selinux was made for users |
11:12.18 | Arkenoi | symbian capabilities system was made for symbian foundation |
11:12.45 | Arkenoi | aegis was made for "IP owners" and network operators |
11:13.01 | Arkenoi | anything that was not made for users is worse than nothing for users |
11:13.48 | Arkenoi | jykae: all existing ones basically patch the same config files |
11:13.59 | Arkenoi | so if it is that ugly, it still is |
11:14.48 | *** join/#harmattan eman (~eman@124-149-101-241.dyn.iinet.net.au) |
11:15.18 | dm8tbr | Arkenoi: I agree I guess |
11:17.52 | DocScrutinizer | too |
11:21.29 | ajalkane_ | But Aegis can be disabled by installing custom kernel if I've understood correctly? |
11:23.06 | Arkenoi | at the moment we do not have fully functional replacement kernel, right? |
11:24.30 | *** join/#harmattan cpscotti (~cpscotti@212.36.161.100) |
11:25.24 | ajalkane_ | I haven't heard about one, but I expect it won't take long once the devices come on sale |
11:30.45 | SpeedEvil | Aegis can be disabled - however it seems likely that maps and drive stop working. |
11:30.54 | SpeedEvil | Which is unfortunate, as those are two quite nice apps. |
11:31.20 | SpeedEvil | I'm basing this on the fact that there seems to be some aegis oddness going on with my device that means it can't login to nokia accounts. |
11:31.49 | SpeedEvil | Maps sort-of-works in this state, as it has a bug. |
11:31.54 | Arkenoi | SpeedEvil, does it interact with nokia any different way than other nokia devices? |
11:31.59 | DocScrutinizer | reasonable assumption, as maps and drive need a nokia account |
11:32.13 | SpeedEvil | Arkenoi: It requires a nokia account to run drive and maps. |
11:32.21 | SpeedEvil | If you don't have one, it simply does not work. |
11:32.28 | *** join/#harmattan Reffy (542daceb@gateway/web/freenode/ip.84.45.172.235) |
11:32.41 | SpeedEvil | (well, maps works, as it has a bug where if you switch back to the maps witndow, and tap it randomly a few doxen times, it unlocks) |
11:32.58 | DocScrutinizer | LOL |
11:33.12 | Arkenoi | SpeedEvil, well, i have my login and password, why cannot it work without aegis? |
11:33.25 | SpeedEvil | Another interesting question is if you have a working nokia account on the phone, have the maps downloaded to the phone (you can do this), then does if you need to reboot the phone, it stay logged in> |
11:33.41 | SpeedEvil | Because if it doesn't, and if you're in an area without net service, you're screwed. |
11:34.03 | rzr | talking about nokia account ? |
11:34.05 | SpeedEvil | yes |
11:34.16 | rzr | mine used to work , but not last time i tried |
11:34.22 | SpeedEvil | Unless maps only requires the account on frst startup, which is not implausible. |
11:34.24 | rzr | i can check again hold on |
11:35.23 | SpeedEvil | So the possibilities I guess are that a kernel with aegis disabled means maps never works. Or it could mean that maps only works if you start it at least once with the aegis kernel. |
11:36.07 | rzr | semms my nok account is working again |
11:36.17 | SpeedEvil | Or aegis could download some sort of security credential which in normal operation it would store meaning it does not need to access the net ever agai, but with aegis-kernelspace out of the picture it won't do that. |
11:37.24 | ajalkane_ | umm, sounds annoying. Losing maps would suck. |
11:37.27 | SpeedEvil | Or aegis being involved with the maps and accounts could be a bug to be resolved in the release images. |
11:37.46 | SpeedEvil | I guess only one way to find out. |
11:49.56 | *** join/#harmattan Reffy (519d013b@gateway/web/freenode/ip.81.157.1.59) |
11:49.59 | *** join/#harmattan jykae_n950 (~ircchatte@130.230.147.124) |
11:54.05 | *** join/#harmattan lardman (~simon@Maemo/community/contributor/lardman) |
11:54.56 | *** join/#harmattan trx (~ns-team@93.87.57.88) |
11:56.00 | *** join/#harmattan jkt (~jkt@gentoo/developer/jkt) |
11:56.53 | *** join/#harmattan Khertan (c16a270a@gateway/web/freenode/ip.193.106.39.10) |
11:56.55 | Khertan | Morning |
11:57.31 | rzr | evening Kaadlajk |
11:57.33 | rzr | Khertan: |
11:57.48 | Khertan | failed |
11:57.48 | Khertan | :) |
11:57.53 | Khertan | 'lu rzr |
11:58.07 | rzr | is trying to dl some maps |
11:58.12 | rzr | using the CLI way |
11:58.33 | Khertan | gnié ? maps from maps ? why not downloading them using the gui ? |
11:58.41 | Khertan | works well :) |
12:04.30 | *** mode/#harmattan [-o dm8tbr] by ChanServ |
12:17.45 | Termana | morning |
12:20.42 | razvanpetru | MouseAreas work even if they're obscured by a Sheet? |
12:22.44 | xarcass | razvanpetru: yes. they don't react only if they're obscured by another MouseAreas |
12:24.10 | razvanpetru | that's rather unfortunate... :) |
12:24.22 | razvanpetru | any workaround? |
12:25.04 | Khertan | opacity:0 ? |
12:25.43 | Khertan | forgot ... a MouseArea didn't have opacity |
12:25.43 | Khertan | :) |
12:26.11 | w00t_ | razvanpetru: put a MouseArea on your sheet obscuring the other MouseArea |
12:26.27 | elpuri | it does |
12:26.31 | razvanpetru | but then... my sheet buttons can't be clicked I guess? |
12:26.33 | Khertan | huhu :) |
12:26.39 | elpuri | MouseArea i mean |
12:26.40 | w00t_ | *on* the sheet |
12:26.41 | razvanpetru | Khertan: enabled should also work |
12:26.43 | elpuri | it inherits Item |
12:26.49 | Khertan | yep would be better |
12:26.49 | Khertan | :) |
12:26.50 | elpuri | setting opactiy to 0 disables it |
12:26.55 | w00t_ | as in, behind your buttons |
12:27.07 | w00t_ | the button MouseArea will be in front of it, so they will still work |
12:27.17 | razvanpetru | behind as in declared earlier in qml, with lower z, or other? :) |
12:27.19 | Khertan | elpuri: true |
12:28.33 | razvanpetru | w00t: by sheet buttons I don't mean the two at the top, I have some buttons inside the sheet. I will try a few things and see how this works if I add another MouseArea |
12:29.04 | xarcass | razvanpetru: sheet button are not in the 'content' item |
12:29.18 | razvanpetru | xarcass - true |
12:30.06 | Khertan | pffff i m tired to change password everywhere due to using only 5 or 6 differents password |
12:30.12 | xarcass | razvanpetru: so, i've declared MouseArea which does nothing with anchors.fill: parent at the top of content item: that solves the issue |
12:30.17 | Khertan | and one site have security breaks |
12:30.33 | Khertan | and can't retain all different password by site |
12:30.35 | Khertan | hum ... |
12:31.21 | Khertan | what did you think of using the first 12 char of the result of a md5 of a concatenation of a master password and the domain name of a site |
12:31.33 | Khertan | so one pass for all ... but different for all |
12:31.35 | Khertan | ? |
12:31.46 | DocScrutinizer | sounds good |
12:32.01 | razvanpetru | this is a prolbem in qml... because let's say that I design a component that contains a MouseArea |
12:32.13 | Khertan | md5 representation can be something else than an hex representation :) |
12:32.19 | razvanpetru | now I'm forcing everyone using that component to use MouseAreas when displaying things on top of it |
12:33.23 | razvanpetru | and I just wanted a clickable TextField :) |
12:34.11 | DocScrutinizer | razvanpetru: indeed |
12:34.39 | razvanpetru | can I tell if an Item is obscured by another? I could bind MouseArea.enabled to something like that... |
12:35.08 | DocScrutinizer | that's a genuine duty of your widget set |
12:35.16 | razvanpetru | :D |
12:35.26 | *** join/#harmattan zarlino (~zarlino@109.54.45.169) |
12:36.39 | DocScrutinizer | razvanpetru: otoh think about me planning toplce textures ob the mouseAreas of your widget - I'd *want* them to still work |
12:36.58 | DocScrutinizer | to place* |
12:37.04 | *** join/#harmattan seif (~seiflotfy@ip-95-223-13-104.unitymediagroup.de) |
12:37.23 | *** join/#harmattan artemm (~Adium@d85-194-229-245.cust.wlannet.com) |
12:37.25 | razvanpetru | well they would still be visible... or do you want them to be clickable? |
12:37.43 | razvanpetru | I'm working on date picker |
12:37.52 | DocScrutinizer | ?o/ |
12:37.55 | razvanpetru | it's just a textedit that shows a date picker dialog |
12:37.58 | DocScrutinizer | meh |
12:38.01 | DocScrutinizer | \o/ |
12:38.18 | razvanpetru | don't know why this was not included by default |
12:38.23 | razvanpetru | same with combo boxes |
12:40.05 | DocScrutinizer | I think qml has got that unbearable slotmachine datepicker |
12:40.31 | razvanpetru | it does... |
12:40.37 | DocScrutinizer | there's a bug ticket of me lingering around at nokia's tracker about that |
12:40.41 | xarcass | razvanpetru: what about so called 'Tumblers'? they are included |
12:41.08 | razvanpetru | xarcass - yes, but those are only part of the date picker |
12:41.17 | razvanpetru | the part that shows the date on screen is missing |
12:41.38 | razvanpetru | for instance in ios you have a date edit and when you click that you get the tumbler |
12:41.43 | razvanpetru | which makes sense actually... |
12:41.50 | DocScrutinizer | what are tumblers? (except they are used to dry my clothes) |
12:41.57 | Khertan | razvanpetru: and a fileselector .... hum ? |
12:42.07 | Khertan | everyone is writing is own fileselector |
12:42.24 | Khertan | so it ll be different on all apps and will be disapointing for users |
12:42.33 | DocScrutinizer | indeed |
12:42.33 | razvanpetru | oh yeah :D |
12:42.36 | xarcass | razvanpetru: we are using, apparently, different kinds of tumblers. i can see date clearly |
12:42.37 | DocScrutinizer | highly annoying |
12:42.51 | razvanpetru | xarcass... but can you add those tumblers to a form |
12:43.01 | razvanpetru | e.g name, last name, *date* |
12:43.40 | Khertan | https://bugreports.qt.nokia.com//browse/QTBUG-13007?focusedCommentId=137123#comment-137123 |
12:43.44 | DocScrutinizer | well, the gods of meego HARM UX (aka GUI designers) have decided you don't need to expose any file system to HARM endusers |
12:44.11 | Khertan | hihi ... haha ... |
12:44.13 | Khertan | mouarf ... |
12:44.18 | xarcass | razvanpetru: have a look at "QMLComp..." app - it's done there (i don't know how this app is called properly - that's what is shown) |
12:44.27 | DocScrutinizer | probably they thought if apple is failing on that concept, it's a challenge Nokia gets it right |
12:44.57 | Khertan | DocScrutinizer: yeah but if users want a iphone they bought a iphone |
12:45.15 | Khertan | if they want something else ... they "could" buy nokia |
12:45.20 | DocScrutinizer | exactly :-D |
12:45.44 | DocScrutinizer | only if N9 wasn't just another me-too-iPhone-lookalike |
12:45.52 | razvanpetru | what's the point in exposing the file system? 99% of users dont care about filesystem |
12:45.59 | Khertan | at least they could by a iphone clone if it was selled 50$ |
12:46.06 | razvanpetru | n9 is definitely borrowing elements from iphone |
12:46.15 | Khertan | razvanpetru: oh really ? |
12:46.17 | razvanpetru | but the cool thing is that you CAN write a filesystem browser |
12:46.26 | razvanpetru | this is the big difference |
12:46.43 | razvanpetru | yeah really :) |
12:46.44 | Khertan | razvanpetru: yep ... but you loose the plateforms look and style |
12:46.49 | razvanpetru | the text magnifiying glass |
12:46.52 | Khertan | as every apps will look different |
12:47.00 | razvanpetru | I'm sorry they didn't borrow the text copy/paste |
12:47.07 | razvanpetru | go all in, so to say :> |
12:47.21 | Khertan | copy/paste ? there is that in harmattan ? |
12:47.30 | Khertan | did see it working |
12:47.32 | DocScrutinizer | no, the big difference is fremantle already *had* a fileselector widget, and even MTF had nice usefull date- and time-pickers |
12:47.34 | Khertan | didn't see it working |
12:47.40 | Hq` | there is |
12:48.10 | Khertan | yep the concept is here ... but currently missing |
12:48.23 | Khertan | try webbrowser or terminal .... or ... contacts :) |
12:48.40 | Khertan | (on contacts it can works sometimes) |
12:49.01 | razvanpetru | yeah, it's worse than ios, that's for sure |
12:49.05 | Hq` | maybe it's broken on the public image then... |
12:50.08 | jkt | hi there; I'm struggling to get my N950 nnect to the Eduroam network. Any idea about how to convert these settings http://paste2.org/p/1604448 from wpa_supplicant into that connection UI? |
12:51.10 | jkt | and maybe a related question, in the settings dialog with certificates, when I click on "add certificate", the GUI says "no certificate", so what do I have to do in order to actually import one? Where to store it? |
12:52.14 | *** join/#harmattan ajalkane_N950 (~ircchatte@YGKMMCDXXXVII.gprs.sl-laajakaista.fi) |
12:52.37 | *** join/#harmattan fiferboy (~fiferboy@Maemo/community/contributor/fiferboy) |
12:53.58 | razvanpetru | the sheet MouseArea blocks the buttons from working also... |
12:54.59 | razvanpetru | Sheet > ListView > Delegate > Button. MouseArea fills the ListView and buttons stopped working |
12:55.21 | razvanpetru | but at least I can't click through the sheet now \o/ |
12:56.44 | razvanpetru | maybe I need to add more MouseAreas... |
12:56.52 | razvanpetru | MouseAreas are like violence |
12:59.01 | xarcass | MouseArea should be *behind* the listview |
13:02.22 | razvanpetru | Thanks xarcass, it worked now |
13:02.47 | razvanpetru | but... isn't the list delegate "in front" of the list view? |
13:06.42 | jykae | anyone knows how I get my mpoker app to my-meego.com? |
13:08.27 | jykae | to gain visibility for it |
13:11.13 | *** join/#harmattan crevetor (~antoine@bureau.ubity.com) |
13:12.56 | jykae | hmm, ok, sent contact mail. |
13:13.28 | jykae | who is running that site btw? |
13:14.06 | *** join/#harmattan NIN101 (~NIN101@p5DD294A5.dip0.t-ipconnect.de) |
13:15.24 | *** join/#harmattan fiferboy (~fiferboy@Maemo/community/contributor/fiferboy) |
13:15.29 | DocScrutinizer | jkt: good question |
13:16.38 | jkt | DocScrutinizer: yeah :). any ideas? |
13:16.58 | DocScrutinizer | jkt: WLAN login failed for me on a rather standard WPA2 infrastrucure AP yesterday. I pulled out my N900 and connected with no problems... :-S |
13:18.01 | DocScrutinizer | so no, alas no idea at all, just saying it's a really good set of questions |
13:18.21 | jkt | DocScrutinizer: frankly, I don't know what the difference between PEAP, MSCHAP, TKIP and what not is; just saying that it is weird |
13:18.36 | jkt | https://bugs.maemo.org/show_bug.cgi?id=417 is a bit scary, though |
13:18.37 | povbot | Bug 417: Support WEP with 802.1x EAP PEAP |
13:18.40 | MeeGoBot | Bug https://bugs.meego.com/show_bug.cgi?id=417 nor, Medium, ---, yong.y.wang, VERI INVALID, please enable the CONFIG_RT2860 option in the kernel |
13:18.42 | Arkenoi | PEAP/MSCHAP did not work for me |
13:18.52 | Arkenoi | neither with WEP nor with WPA |
13:18.58 | Arkenoi | n900 worked ok with WPA |
13:18.58 | DocScrutinizer | jkt: I had to look it up in wikipedia as well ;-D |
13:19.20 | jkt | Arkenoi: do you happen to know how to find out what methods the AP/radius infrastructure supports? |
13:19.30 | jkt | the staffers here are not really helpful, saying "it's AES" |
13:19.48 | jkt | I do have a linux notebook where I can use various standard tools, though |
13:20.43 | Arkenoi | jkt: dunno :-( just try to guess |
13:20.48 | DocScrutinizer | VERI INVALID? X-D |
13:21.48 | *** join/#harmattan thp (~thp@Maemo/community/contributor/thp) |
13:29.46 | DocScrutinizer | jkt: http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access has a few explanations, at least of equivalent terms |
13:30.14 | DocScrutinizer | e.g. >>CCMP: An AES-based encryption mechanism that is stronger than TKIP. Sometimes referred to as AES instead of CCMP. Used by WPA2.<< |
13:30.18 | *** join/#harmattan fiferboy (~fiferboy@Maemo/community/contributor/fiferboy) |
13:32.28 | DocScrutinizer | jkt: maybe also http://en.wikipedia.org/wiki/Eduroam helps |
13:34.14 | DocScrutinizer | My spidersenses tell me the "@realm" part will often give users headache due to the @ character |
13:36.29 | *** join/#harmattan javispedro (~javier@Maemo/community/contributor/javispedro) |
13:39.06 | *** join/#harmattan lizardo (~lizardo@201008185251.user.veloxzone.com.br) |
13:39.20 | DocScrutinizer | javispedro: moo |
13:39.29 | javispedro | moo. |
13:42.19 | seif | anything new abut new images |
13:42.20 | seif | :) |
13:45.28 | *** join/#harmattan wazd (~wazd@broadband-95-84-185-178.nationalcablenetworks.ru) |
13:50.51 | DocScrutinizer | was musing about the aegis dispute as of earlier this day, and had a weird scary imagination of next "developer device" coming with a 12key 1..9*0# kbd and no way to ssh in to device, as developers are supposed to develop their apps on the target platform. "Use T9! This is not a unix workstation, this is an end-user device" |
13:55.04 | *** join/#harmattan CepiPerez (~matias@190.221.197.126) |
13:55.07 | DocScrutinizer | seif: sure, the new images. They come with true N9 feeling: hw-kbd optimized out completely, and you get a huge aegis warning on bootup about the broken NFC hardware ;-P |
13:55.15 | DocScrutinizer | seif: just kidding |
13:58.19 | jkt | speaking of aegis -- where do I found some documentation about how to "deal with it"? I'm trying to have a look at http://www.developer.nokia.com/bugs/show_bug.cgi?id=234 , but I'm unable to even strace the number of existing /usr/bin/signonpluginprocess processes |
13:58.58 | jkt | slides from http://conference2010.meego.com/session/mobile-simplified-security-framework-overview were not that much helpful |
14:02.37 | *** join/#harmattan fiferboy (~fiferboy@Maemo/community/contributor/fiferboy) |
14:28.36 | mariob | How are the rounded corners made on several places in the built-in apps? Are shaders used for this? |
14:28.52 | mariob | For example in the contacts app |
14:34.51 | ajalkane_ | images, as far as I know |
14:35.57 | javispedro | mariob: what's your toolkit? they should be added auto in most supported toolkits |
14:36.34 | mariob | I mean, for each contact you can have an image... And that image will have rounded corners. |
14:36.46 | javispedro | ah |
14:36.55 | mariob | Is that down on the C++ side? |
14:37.36 | mariob | *done* |
14:38.57 | mariob | whishes that Nokia releases some of the code for built-in apps |
14:42.48 | ajalkane_ | oh... contacts app uses MTF, Haven't checked it much |
14:44.50 | mariob | ajalkane_: was afraid of that... |
14:57.07 | DocScrutinizer | jkt: that's the neuralgic point here with the missing docu about aegis |
14:57.16 | Tronic | mariob: CSS border-radius would be my guess. |
14:57.28 | Tronic | mariob: Apparently CSS is used for style in some parts of the UI. |
14:57.34 | Tronic | (if not all) |
14:58.38 | DocScrutinizer | jkt: there's sth about MSSF on dev.nokia wiki, but for all I know it just covers the very standard usecase and even that not exactly in a comprehensive way |
14:59.15 | DocScrutinizer | there are not even manpages for the aegis related cli commands |
14:59.45 | DocScrutinizer | neither for any file formats |
15:01.55 | DocScrutinizer | not even to dream about documentation to details on when aegis self destruction is meant to get triggered, why, and how, and how you'd check if you're already close to stepping on the trigger |
15:03.38 | DocScrutinizer | allegedly my #92 aegis suicide was a bug and not meant to happen, but evidently there's some self destruction mechanism that got implemented on purpose, and it's nowhere documented |
15:04.24 | Tronic | I guess we have 92 ways of suicide documented now? |
15:04.55 | DocScrutinizer | so if you're happy with the Romulanian's 4-dimensional version of minesweeper.... |
15:07.09 | DocScrutinizer | I love linux as I always can get my info somehow, I hate windows as you're basically busted if sth doesn't behave or you plan to do sth in a non-standard way. Now guess my feelings towards HARM&aegis |
15:09.40 | DocScrutinizer | while on fremantle the locked (due to non-foss blob) bits were mainly some core applications, on HARM basically the complete system is (potentially) locked, and worse: you have no means to find out what's locked and what'S not, until you run into a roadblock |
15:10.47 | DocScrutinizer | extremely risky platform to develop, just from a commercial project risk management POV. If I were to do sth commercially I'd never dare to pick HARM for our target platform |
15:15.01 | DocScrutinizer | jkt: anyway infobot has some links for you: |
15:15.04 | DocScrutinizer | ~aegis |
15:15.04 | infobot | aegis is, like, http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide , or "The purpose of this framework is: ... to make sure that the platform meets the requirements set by third party software that requires a safe execution environment.", or http://en.wikipedia.org/wiki/Trusted_Computing#Criticism, or http://en.qi-hardware.com/w/images/1/10/ME_382_LockedUpTechnology2.gif |
15:16.41 | *** join/#harmattan NIN102 (~NIN101@p5DD28C1A.dip0.t-ipconnect.de) |
15:17.07 | Tronic | I wonder whether there would be a way to do backup flashing without upsetting aegis. |
15:17.29 | Tronic | So that if you end up triggering it, you could at least recover easily. |
15:23.44 | *** part/#harmattan razvanpetru (~razvan@188.26.187.156) |
15:29.53 | jkt | DocScrutinizer: thanks for pointers and sharing the frustration :) |
15:30.06 | DocScrutinizer | yw :-D |
15:31.16 | jkt | I have no idea how things stand at other companies, but I start to feel frustrated a bit. The platform looks like an open one from distance, provides a nice and shiny UI when you start working with it, but when you hit a bug and decide to try to fix it, you find out that a critical component is closed and/or should not be touched |
15:31.45 | jkt | like http://www.developer.nokia.com/bugs/show_bug.cgi?id=234 or http://www.developer.nokia.com/bugs/show_bug.cgi?id=360 |
15:32.11 | jkt | I mean, it's a developer preview, and it's cool that Nokia went out of their way to provide it to the developers, and I really appreciate it |
15:32.38 | jkt | it's just that the tiny last steps are missing |
15:34.06 | DocScrutinizer | jkt: hey I confirmed on that first ticket :-D |
15:34.28 | javispedro | it's funny that the browser-ui is one of those ocomponents that has since nearly forever been promised it'll eventually be released |
15:34.38 | javispedro | and here we are, at the end of time, and it has not been released. |
15:36.48 | javispedro | btw |
15:36.54 | javispedro | come to think of it |
15:36.57 | javispedro | webkit is GPL |
15:37.05 | javispedro | and NOT LGPL afaik. |
15:37.13 | w00t_ | say what? |
15:37.17 | w00t_ | webkit isn't *GPL at all |
15:37.38 | javispedro | KHTML surely was |
15:37.42 | w00t_ | how do you think safari exists? :) |
15:38.15 | javispedro | oh, it's LGPL. |
15:38.21 | Termana | The JavaScriptCore and WebCore components of WebKit are GPL |
15:38.29 | javispedro | nah, it's LGPL. |
15:38.36 | javispedro | just checked on the source itself ;) |
15:39.48 | javispedro | either way, Nokia is violating, where is libgrob-qtwebkit source? |
15:41.00 | javispedro | also, note that the reason they're using WebKit2 is not because they can split out plugins in separate processes (we have no plugins!) but because they can split the WebKit process into another process, therefore avoiding any pesky GPL complications. |
15:41.01 | javispedro | sighs |
15:41.22 | javispedro | and possibly some added stability and more blablablabla. |
15:41.29 | w00t_ | I think you'll find it's actually performance/stability related |
15:41.35 | w00t_ | #qtwebkit might be of help |
15:44.48 | *** join/#harmattan berndhs (~berndhs@2604:8800:11b:1:21e:90ff:fe8f:8bee) |
15:46.34 | DocScrutinizer | pardon my doubt, but since bme in userland I don't believe in a sane rationale when finding this class of design decision taken |
15:47.05 | w00t_ | javispedro: from asking one of the right people involved, git@gitorious.org:+qtwebkit-webkit2-dev/webkit/qtwebkit-webkit2-dev.git should be what you want |
15:47.18 | javispedro | agrees with DocScrutinizer here |
15:47.29 | javispedro | albeit qtwebkit2 does crash quite a bit. |
15:47.56 | javispedro | w00t_: thanks! |
16:08.27 | *** join/#harmattan ajalkane_N950 (~ircchatte@a88-115-217-31.elisa-laajakaista.fi) |
16:27.30 | *** join/#harmattan rcg1 (~rc@g230054171.adsl.alicedsl.de) |
16:28.01 | *** join/#harmattan NIN102 (~NIN101@p5DD28ACD.dip0.t-ipconnect.de) |
16:30.26 | rzr | hi |
16:30.47 | rzr | dont you have the phone screen all black sometime ? |
16:42.21 | *** join/#harmattan leinir_ (~leinir@amarok/usability/leinir) |
16:43.21 | *** join/#harmattan captainigloo (~Nico@lan31-4-82-227-130-131.fbx.proxad.net) |
16:44.16 | *** join/#harmattan alterego (~t.swindel@212.110.185.209) |
16:48.29 | rzr | http://www.developer.nokia.com/bugs/show_bug.cgi?id=347 |
16:48.59 | javispedro | rzr: yeah, happened to me, but so far seems random |
16:49.23 | javispedro | Texrat says it is a bunch of 3rdparty apps that cause it, but I've seen it even without installing anything |
16:53.01 | *** join/#harmattan arnaud1 (~arnaud@chouchoune.fr) |
17:08.43 | npm | i bet those third party apps aren't respecting resource policy for resources (e.g. audio or video device) and interfering w/ apps that work correctly (the stock harmattan apps): http://forum.meego.com/showthread.php?t=4125 |
17:09.10 | javispedro | this policy stuff was already partially in harmattan |
17:09.11 | *** join/#harmattan lcuk (lcuk@cpc2-oldh7-0-0-cust702.10-1.cable.virginmedia.com) |
17:09.11 | *** join/#harmattan lcuk (lcuk@Maemo/community/contributor/lcuk) |
17:09.12 | javispedro | er |
17:09.14 | javispedro | I mean, fremantle |
17:09.22 | Stskeeps | we even have it in CE |
17:09.34 | npm | and meego tablet ux |
17:09.43 | javispedro | most of the time doing nothing does the right thing, e.g. corking your streams if you get a phone call |
17:10.34 | npm | i too have seen the black phone screen thing. perhaps i'm seeing it less now that the app that was hogging the resources (qmltube) is now compliant |
17:10.48 | npm | also, i believe harmattan has a bug there that meego doesn't |
17:10.55 | npm | it doesn't "cork the stream" correctly |
17:11.08 | javispedro | hm?? |
17:11.12 | javispedro | it does very well here |
17:11.28 | javispedro | so well, it triggers exactly the same deadlock in PAsimple it triggered on Fremantle ;) |
17:12.18 | npm | well if you run qmltube on harmattan, and then startup video-suite and start a video playing qmltube doesn't get the pause signal that the resource went away, rather it gets paused at a lower level inside qt mobility video element |
17:12.48 | javispedro | that's mostly what it also does for audio |
17:12.49 | npm | do the same tihing on meego 1.2 tablet ux and it sends the "callback" correctly that the resource went away. |
17:12.56 | javispedro | ah |
17:13.01 | npm | and so i can pause the stream in advance of getting the underlying error |
17:13.09 | javispedro | you mean it is not sending resource revoked msgs correctly? |
17:13.12 | npm | yes |
17:13.16 | javispedro | ok. |
17:13.19 | javispedro | weird |
17:14.14 | npm | please try out http://nielsmayer.com/meego/qml/qmltube_1_11_1_armel.deb versus http://nielsmayer.com/meego/qml/qmltube-1_11_1-1_i586.rpm |
17:14.58 | npm | and i'll be fixing the screen-space wasting headers on video playback soon in tablet ux version |
17:15.47 | npm | but you'll see that behavior -- start qmltube from commandline or qtcreator remote and watch the debug output |
17:24.17 | *** join/#harmattan spenap (~spena@cs27063224.pp.htv.fi) |
17:31.29 | *** join/#harmattan n950evil (~dodo@mauve.plus.com) |
17:34.20 | DocScrutinizer | so where's any howto or concept paper or manpage about "(un)corking streams"? |
17:34.44 | Stskeeps | DocScrutinizer: the one you refer to occasionally and shout they're bloody idiots, i think |
17:34.50 | Stskeeps | (pulseaudio) |
17:35.28 | DocScrutinizer | Stskeeps: I don't think I called anybody a bloody idiot any time in my whole life, so please don't spread lies |
17:35.46 | Stskeeps | right, maybe not those exact words, but anyway, that's one place i would look myself |
17:35.55 | javispedro | nah |
17:36.04 | javispedro | don't uncork it using PA or you'll cause havoc in the resource manager |
17:36.08 | npm | linus torvalds calls people masturbating monkeys :-) |
17:36.46 | javispedro | either way, this time the resource manager seems to have a saner policy |
17:36.53 | javispedro | like prioritizing games over music |
17:37.06 | javispedro | still needs to ensure that is true, but first test showed that might be the case |
17:37.37 | *** join/#harmattan GAN950 (~ryan@32.132.147.53) |
17:37.46 | *** join/#harmattan GAN950 (~ryan@Maemo/community/contributor/GeneralAntilles) |
17:38.02 | javispedro | also, I quite loved that acquiring the music resource means the -/+ buttons are automatically remapped to main volume instead of ringing volume |
17:38.59 | GAN950 | Automagically? |
17:39.08 | npm | i added a clip of the conversation to http://www.developer.nokia.com/bugs/show_bug.cgi?id=347 |
17:39.22 | javispedro | GAN950: yep, so I can put that to games |
17:40.15 | javispedro | npm: I'm still not sure it has anything to do with resources though. |
17:40.37 | *** join/#harmattan aslani (~aslan@ruutana.net) |
17:40.43 | javispedro | if you believe so you should explain why on that bug, cause from the log it's not clear. |
17:42.09 | javispedro | enjoys his vsynced SDL some more |
17:42.16 | javispedro | ooh, vsynced mario kart. |
17:44.29 | javispedro | hm, just noticing the random noise generation is a bit off |
17:44.49 | GAN950 | You can't set up repeating events yet can you? |
17:45.40 | javispedro | uh, a bit, it's totally broken |
17:45.47 | javispedro | GAN950: hm? what do you mean? |
17:45.53 | Stskeeps | GAN950: i can, if i go and edit afterwards |
17:45.54 | *** join/#harmattan wazd (~wazd@broadband-95-84-185-178.nationalcablenetworks.ru) |
17:46.12 | javispedro | ah, in calendar |
17:48.35 | *** join/#harmattan harbaum (~quassel@krlh-4d0362d1.pool.mediaWays.net) |
17:48.43 | rzr | plz vote for it http://www.developer.nokia.com/bugs/show_bug.cgi?id=347 |
17:49.20 | npm | javispedro: i clarified my "paste" |
17:49.46 | npm | and gave it 100 votes :-) |
17:50.02 | Stskeeps | " which is why the Korean government has stepped in to create its own OS. Kim Jae-hong, deputy minister from Seoul's Ministry of Knowledge Economy, thinks that American dominance in mobile software is generally a bad thing. The minister said that the country would "foster a habitat" for the open-source OS, which might mean incentivized pricing on these device" |
17:50.08 | Stskeeps | http://www.engadget.com/2011/08/23/south-korea-brings-the-big-guns-to-the-mobile-os-knife-fight/ |
17:50.18 | Stskeeps | time for KRMeeGo, or something |
17:50.24 | npm | which i'll reduce as soon as i find some other bug that competes with it in terms of making the phone somewhat painful to use in an emergency |
17:50.57 | npm | it also gets into a state where you can't hang it up without power-cycling. |
17:51.02 | npm | which is sort of old school |
17:51.04 | npm | :-) |
17:51.57 | npm | as if all those billions of transistors were just a bunch of wires and magnets |
17:52.12 | javispedro | welcome to the world of tomorrow! |
17:52.44 | npm | someone should write an app to simulate a rotary phone in qt :-)... complete with clicking |
17:53.05 | alterego | npm: there's a demo doing that. |
17:53.20 | rzr | Stskeeps: you're talking about the republic of samsung |
17:53.40 | npm | i wonder if that could be used in certain emergency conditions when the regular tone networks aren't working, perhaps due to an EMP |
17:55.07 | *** join/#harmattan smoku1 (~spectrum@xkh0g2.infr.xiaoka.com) |
17:59.06 | *** join/#harmattan SpeedEvil (~user@tor/regular/SpeedEvil) |
18:01.41 | rzr | I think I screwed someone comments |
18:02.09 | rzr | who is NielsMayer ? |
18:02.53 | rzr | npm: that screen does not even show once rebooted my side |
18:07.04 | npm | is NielsMayer |
18:09.40 | *** join/#harmattan SpeedEvil (~user@tor/regular/SpeedEvil) |
18:11.40 | DocScrutinizer | (aegis, developer-mode) it all boils down to the true meaning and implications of <quote URL=http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide> If your application needs any POSIX capabilities, the following example shows how to request POSIX capabilities for your application: Note that POSIX capabilities are sensitive credentials. Even if you use the |
18:11.41 | DocScrutinizer | request, whether you get the capabilities or not depends on the software source.</quote> How would we add a policy that defines an arbitrary or specified local source as an entitled source for requesting all posix resources? -- In fact I thought THAT was what developer mode would do, but as I got told in CAPITALS several times developer mode is something completely different (alas I still didn't manage to wrap my head around what it |
18:11.43 | DocScrutinizer | actually is then) |
18:12.19 | rzr | npm: ok your post seems to be still there |
18:12.28 | rzr | votes his points on http://www.developer.nokia.com/bugs/votes.cgi?action=show_user&user_id=691# |
18:13.18 | DocScrutinizer | s/posix resources/posix capabilities/ |
18:13.24 | *** join/#harmattan SpeedEvil (~user@tor/regular/SpeedEvil) |
18:16.11 | *** join/#harmattan deimos (~deimos@host168-51-dynamic.21-79-r.retail.telecomitalia.it) |
18:26.01 | DocScrutinizer | also to me it seems rather unclear *when* aegis is going to force new credentials/tokens to a process. The >>When your application is launched, the credential information defined in the file is passed on to the system kernel.<< is pretty fuzzy and unclear. What does this mean exactly? is this on execve() and friends? On loading a harmattan app from applications launcher via *.desktop et al? On fork()? On loading an executable to RAM (i. |
18:26.03 | DocScrutinizer | e. also for *.so etc)? |
18:27.51 | dm8tbr | DocScrutinizer: I thought that developer mode allowed you to install your own binaries with (almost) all possible base capabilities. |
18:28.10 | dm8tbr | but some apparently not like loading modules, etc bla |
18:28.23 | dm8tbr | so, close but not close enough for an open feeling |
18:28.32 | DocScrutinizer | I.E. will e.g. a (true, non busybox) shell command inherit the shell's capabilities, or are the freshly defined? |
18:29.09 | dm8tbr | I'd expect inheritance, but then I know nothing about this |
18:29.37 | Stskeeps | that's a funny question actually.. |
18:29.51 | Stskeeps | what aegis permissions a console shell has |
18:29.57 | Stskeeps | like, serial line |
18:30.28 | dm8tbr | I think that's also in this repsok file or what it's called |
18:30.40 | DocScrutinizer | one thing's for sure: aegis "documentation" as of http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide is a joke, an evil pun, or just an introduction that's missing the true proper documentation plus links to that |
18:30.47 | dm8tbr | I've seen serial lines caps being defined there |
18:30.50 | Stskeeps | dm8tbr: ah, ok |
18:31.32 | dm8tbr | DocScrutinizer: I truly hope it's just the latter. the very important question is if we get to see the rest |
18:31.55 | DocScrutinizer | my hopes are small for that to ever happen |
18:35.37 | javispedro | how ineriting works in aegis I've not fully understood yet |
18:35.45 | rzr | npm: do u see something suspect in my logs at http://www.developer.nokia.com/bugs/show_bug.cgi?id=347? |
18:35.59 | DocScrutinizer | as small actually as my hopes for a proper cert/policy that entitles packages from my local repository to request arbitrary credentials/posix capabilities |
18:36.03 | javispedro | in fact, I think the supposed bug that caused Doc's self-destruction was caused by something related to inheriting tokens. |
18:39.58 | *** join/#harmattan rm_code (~adam@2001:470:b:488:21f:3bff:fe18:dd65) |
18:40.57 | RST38h | rm_code: Could you quickly add Nokia's own harmattan repos to the packrat? |
18:41.24 | RST38h | rm_code: as a static list whose contents are loaded before wiki is mined for the rest of repo addresses? |
18:41.25 | DocScrutinizer | javispedro: nah, according to djszapi I was just making up all that |
18:42.13 | rm_code | RST38h, i had problems doing that because they require auth |
18:42.35 | DocScrutinizer | there is no such thing like a dedicate suicide function in aegis!!1!1!!11 |
18:42.39 | Sput | can the device recover from self-destruction somehow, or is it permanently bricked then? |
18:42.55 | RST38h | rm_code: Oh, true |
18:43.03 | RST38h | rm_code: But not all of them, I think |
18:43.06 | rzr | i also noticed the device wont ring too |
18:43.17 | rm_code | RST38h, this is how i add custom repos: |
18:43.33 | rm_code | <PROTECTED> |
18:43.33 | rm_code | <PROTECTED> |
18:43.33 | rm_code | <PROTECTED> |
18:43.41 | DocScrutinizer | Sput: reflash |
18:43.51 | Sput | DocScrutinizer: ok. so data loss, but not beyond salvation |
18:43.58 | DocScrutinizer | yup |
18:44.10 | Sput | that's... reassuring |
18:44.18 | Sput | I keep backups in Ovi Suite anyway :) |
18:44.29 | npm | rzr -- yes |
18:44.49 | DocScrutinizer | Sput: though I was willing to believe this suicide-bomber has several different assault modes |
18:44.52 | javispedro | DocScrutinizer: for next time -- it's official name is "MALF" |
18:45.00 | javispedro | (the self destruct feature I mean) |
18:45.05 | npm | rzr : Aug 23 20:01:57 (none) nped[1370]: i2c_write: Remote I/O error |
18:45.08 | npm | ?? |
18:45.13 | DocScrutinizer | sbin/malf --final |
18:45.15 | rm_code | npm, is there a newer qmltube? it stopped working recently |
18:45.35 | DocScrutinizer | sbin/malf --just-a-little |
18:45.50 | RST38h | rm_you: yea, that is one way to do it :) |
18:45.53 | npm | http://nielsmayer.com/meego/qml/qmltube_1_11_1_armel.deb <-- rm_code |
18:45.55 | DocScrutinizer | sbin/malf --solid-fsckup |
18:46.04 | *** join/#harmattan mikhas (~michael@p4FC23A7F.dip.t-dialin.net) |
18:46.10 | rm_code | npm, k thx :) is that a valid repo? |
18:46.14 | npm | no |
18:46.15 | rm_code | npm, if so i can add it to packrat |
18:46.18 | rm_code | ah k |
18:46.25 | rm_code | if you want me to add your package to my repo i can |
18:46.31 | rm_code | it will be packrat indexed |
18:46.41 | DocScrutinizer | it fails to hit me how such a suicide-function is "to protect the user" |
18:46.56 | npm | let me know if that version works for you and if so, then please add to repo |
18:47.30 | npm | there's also a more in progress meego ux version http://nielsmayer.com/meego/qml/qmltube-1_11_1-1_i586.rpm |
18:47.39 | npm | work in progress that is |
18:48.36 | rm_code | how usable? |
18:52.46 | rm_code | npm, looks working |
18:52.57 | rm_code | downloads are actually moving instead of failing :P |
18:52.59 | rm_code | adding to my repo |
18:54.34 | DocScrutinizer | javispedro: less /etc/init/check_malf.conf; thanks for pointer mate |
18:55.05 | DocScrutinizer | <PROTECTED> |
18:55.06 | DocScrutinizer | <PROTECTED> |
18:55.08 | DocScrutinizer | <PROTECTED> |
18:55.21 | DocScrutinizer | I bet this will look like my photo |
18:55.22 | rm_code | wtf is malf |
18:55.29 | DocScrutinizer | malfunction |
18:55.36 | Stskeeps | that it 'malfunctions' |
18:55.36 | rm_code | ah |
18:55.36 | DocScrutinizer | aegis suicide-bomber |
18:55.42 | Stskeeps | nah, it's older than that |
18:55.50 | *** join/#harmattan lcuk (lcuk@cpc2-oldh7-0-0-cust702.10-1.cable.virginmedia.com) |
18:55.50 | *** join/#harmattan lcuk (lcuk@Maemo/community/contributor/lcuk) |
18:55.52 | Stskeeps | but aegis can indicate malf, yeah |
18:56.00 | rzr | npm: i can reboot to double check |
18:56.29 | rm_code | so can you just bind something over that file that always indicates no malfunction? :P |
18:56.38 | DocScrutinizer | I bet editing /etc/init/check_malf.conf will trigger MALF ;-P |
18:56.38 | npm | rm_code: thanks... what's your email incase i have an update? |
18:56.47 | rm_code | npm, check for my notice |
18:56.59 | npm | ok |
18:58.46 | DocScrutinizer | hehe /etc/init/check_malf.conf, I feel venturous today |
18:58.53 | SpeedEvil | In principle the 'flash now' screen is good - if it detects stuff right - rather than just silently and confusingly failing. |
18:59.02 | DocScrutinizer | actually /usr/sbin/check_malf |
18:59.43 | DocScrutinizer | say goodbye to my N950 :-D |
19:00.39 | rm_code | DocScrutinizer, find "good" output of /var/malf, then put that into a file "good_return" and bind it over /var/malf :) |
19:01.33 | rzr | npm: no i2c err this time |
19:02.03 | DocScrutinizer | rm_code: I gather no output is a good output, actually: |
19:02.06 | DocScrutinizer | elif [ -G /var/malf ]; then |
19:02.08 | DocScrutinizer | <PROTECTED> |
19:02.09 | DocScrutinizer | <PROTECTED> |
19:02.12 | rm_code | ah |
19:02.15 | rzr | +Aug 23 21:04:54 (none) applifed[847]: Application 'Com.Nokia.Telephony.CallUi' released from prestarted state, count=1 |
19:02.28 | rzr | +Aug 23 21:04:56 (none) cellular: csd[587]: com.nokia.csd.GPRS: service suspended, status=8 |
19:02.35 | rzr | +Aug 23 21:05:02 (none) kernel: [ 248.555328] cmt_speech cmt_speech: Write pending on data channel. |
19:02.48 | DocScrutinizer | RM680-22-6_PR_RM680:~# /usr/sbin/check_malf --help |
19:02.50 | DocScrutinizer | RM680-22-6_PR_RM680:~# |
19:02.52 | DocScrutinizer | :-S |
19:03.19 | rm_code | :P |
19:03.21 | DocScrutinizer | man check_malf *ENTER* |
19:03.53 | DocScrutinizer | $#!!\¿¿!##@@! |
19:03.55 | rzr | ls -l /var/malf |
19:03.56 | rzr | ls: /var/malf: No such file or directory |
19:04.12 | javispedro | there's a set of startup files that should be both a) existing b ) validated by aegis, otherwise -> MALF. |
19:04.34 | javispedro | iirc that included, obviously, malf itself. |
19:04.40 | DocScrutinizer | (sorry djszapi) FSCK aegis! |
19:04.54 | javispedro | DocScrutinizer: did it self destruct again? |
19:04.55 | rm_code | yeah but if it uses check_malf to do the check |
19:05.01 | DocScrutinizer | not yet |
19:05.14 | DocScrutinizer | but doesn't reveal any bit of info either |
19:05.24 | rm_code | you should be able to make a new version of check_malf that only returns clean status? |
19:06.23 | DocScrutinizer | I'd maybe test to edit /etc/init/check_malf.conf but it seems to me I already know what's going to follow |
19:06.33 | DocScrutinizer | either FSCK!!!! or MUHAHAHAHA |
19:06.57 | rm_code | brb |
19:08.54 | DocScrutinizer | though:::: >>-G FILE True if the file is effectively owned by your group.<< |
19:09.53 | DocScrutinizer | create /var/malf with another group, with another owner, set 444 |
19:10.18 | DocScrutinizer | so nobody can overwrite it |
19:11.05 | DocScrutinizer | neither anybody changes effective group of that file |
19:13.57 | DocScrutinizer | probably aegis' cerberus will make damn sure this file gets created with proper effective group no matter what's been there before |
19:14.02 | rzr | i think i got more info to share |
19:14.06 | rzr | MAssembly: Stylesheet missing "/usr/share/themes/base/meegotouch/libminputcontext/style/libminputcontext.css" |
19:17.18 | DocScrutinizer | >>couldn't open page \n Request to open non-local file file://usr/share/images/malfNOK_en_GB.bmp<< |
19:17.32 | rzr | MAssembly: Stylesheet missing "/usr/share/themes/base/meegotouch/libSignOnUI/style/libSignOnUI.css" |
19:17.36 | DocScrutinizer | somehow microB was way nicer |
19:18.25 | DocScrutinizer | WTF /usr/sbin/enter_malf |
19:19.09 | DocScrutinizer | ln -s /usr/sbin/enter_malf /usr/sbin/suicide-bomber |
19:20.42 | DocScrutinizer | Sput: if you're curious I suggest you ask /usr/sbin/enter_malf --help to find out if it has a parameter to determine severity of self-destruction ;-P |
19:21.25 | DocScrutinizer | it will either tell you about possible options, or demonstrate it doesn't take any options |
19:21.42 | *** join/#harmattan leinir (~leinir@amarok/usability/leinir) |
19:22.26 | DocScrutinizer | also reassuring: /lib/dsme/malf.so |
19:23.45 | DocScrutinizer | "we had to restart browserd 10 times! MALFUNCTION DETECTED! please try to reflash, if that fails please visit your local Nokia service-center" heh just kidding? |
19:24.20 | Stskeeps | that usually shows a deeper problem |
19:24.29 | DocScrutinizer | I'd say /etc/init/check_malf.conf has to die |
19:28.10 | DocScrutinizer | Stskeeps: if there is a "deeper problem" then I'd prefer to try and investigate for myself, rather than check_malf suggesting I should reflash (thus nuking all forensic evidence about the actual problem) and to make sure I do it locks the device |
19:28.56 | Stskeeps | DocScrutinizer: no arguments there |
19:30.59 | javispedro | triggers a harmattan gcc bug |
19:31.25 | javispedro | and sadly removing the snippet from its context makes it disappear |
19:32.07 | javispedro | int type = (byte & mask) ? 1 : 0; printf("%d\n", type) --> "16" :D |
19:32.57 | javispedro | if I replace the ternary with an if...else, still fails. If I add two printfs to check with if branch it decides to take, it works. |
19:33.00 | DocScrutinizer | UGH |
19:33.05 | javispedro | s/with/which/ |
19:33.06 | Stskeeps | ancient toolchain there, too |
19:33.29 | javispedro | infobot: shut up! |
19:33.29 | infobot | get lost, jerkoff |
19:35.05 | DocScrutinizer | int type; int check = (byte & mask); type = check ? 1 : 0; |
19:35.57 | DocScrutinizer | s/int check/char check/. |
19:36.08 | *** part/#harmattan CepiPerez (~matias@190.221.197.126) |
19:36.13 | javispedro | DocScrutinizer: seems to work |
19:36.27 | DocScrutinizer | parsing sequence error? |
19:36.50 | javispedro | thinks it is optimizing something |
19:37.03 | DocScrutinizer | int {type = (byte & mask)} ? 1 : 0 |
19:37.12 | javispedro | nah, byte & mask is 0 btw. |
19:37.13 | rzr | npm: I got it back |
19:37.19 | javispedro | for each value of mask in the loop. |
19:37.21 | rzr | npm: I had to kill it |
19:37.25 | javispedro | (checked with printf too) |
19:37.36 | rzr | npm: killall -9 call-ui && killall -9 call-ui && killall -9 call-ui ; even once rebooted |
19:37.39 | DocScrutinizer | hmm, hoped it's 16 |
19:38.10 | DocScrutinizer | let's call it a bug, and get some club mate aka hackerbrause |
19:38.13 | javispedro | DocScrutinizer: it's in a loop, mask is 0x1, 0x2, ..., 0x16, .. , 0x128 |
19:38.32 | javispedro | erm |
19:38.36 | javispedro | s/0x16/0x10 ;) |
19:38.51 | javispedro | s/0x128/128 ;) ;) |
19:39.22 | DocScrutinizer | 0x7F |
19:39.28 | DocScrutinizer | err |
19:39.38 | DocScrutinizer | 0x80 |
19:39.48 | *** join/#harmattan djszapi_ (~lpapp@84-231-18-239.elisa-mobile.fi) |
19:39.50 | DocScrutinizer | needs a shower, URGENTLY |
19:40.00 | DocScrutinizer | ~weather EDDN |
19:41.30 | javispedro | applies DocScrutinizer's change and calls it a day |
19:42.10 | DocScrutinizer | don't forget to claim your free towel for reporting the bug against gcc |
19:44.00 | *** part/#harmattan smoku1 (~spectrum@xkh0g2.infr.xiaoka.com) |
19:45.13 | DocScrutinizer | grr he's gone - just when it hits me I once heard something was odd about ternary |
19:49.56 | lardman | evening all |
19:50.16 | *** join/#harmattan antman8969 (~anthony@pool-96-239-32-4.nycmny.fios.verizon.net) |
19:50.39 | lardman | so I'd like to at runtime generate/use a random QML component that will be provided by a plugin; how do I get this component to display in my main QML view? |
19:51.21 | lardman | main code is C++ with QDeclarativeEngine etc, and the plugin will also be C++ and generate a QML component |
19:51.59 | lardman | the question is whether I need to use some javascript code to create the component from the C++ plugin, or whether I can do this all in C++? |
19:52.27 | DocScrutinizer | hi lardman |
19:52.38 | lardman | hey Doc |
19:53.40 | DocScrutinizer | have fun with your demanding concept of dynamic QML ;-D |
19:54.03 | lardman | is not particularly pleased |
19:54.14 | DocScrutinizer | probably you'll have to learn how the guts of QML work to get an answer for this question |
19:54.24 | lardman | porting from dynamic QWidgets is not all that much fun |
19:54.37 | antman8969 | let me make sure I understand what you're asking.... you just want to know what you need to make a qml plugin? |
19:54.52 | lardman | no not really |
19:55.03 | DocScrutinizer | *dynamically* make a plugin |
19:55.16 | DocScrutinizer | aiui |
19:55.17 | lardman | I've got the main mBarcode code, which is a C++ class to wrap the functionality plus QML code to provide the ui |
19:55.38 | lardman | then I have lots of plugins, each of which needs to display a QWidget that it populates with whatever it wants |
19:55.57 | lardman | e.g. buttons to do some action, some labels to describe the contents of the barcode, etc. etc |
19:56.06 | lardman | the question is how to get that QWidget into the main QML code |
19:56.42 | lardman | and whether that should be done by using a QDeclarativeView, whether an app can have more than one QDeclarativeView, etc. |
19:56.51 | antman8969 | is this link useful? http://doc.qt.nokia.com/4.7-snapshot/qml-integration.html |
19:56.58 | DocScrutinizer | on Qt plain it'd be pretty easy |
19:57.01 | lardman | or whether to load the plugin's QML file dynamically using Javascript |
19:57.20 | lardman | DocScrutinizer: yeah in C++ code it all worked fine |
19:57.31 | lardman | antman8969: looking now |
19:57.41 | antman8969 | i THINK thats what you want... |
19:58.18 | antman8969 | I know it warns you that it's "slower" to use QDeclarative view (for starting up) but I think you should test it and see how much slower it actually is |
19:58.24 | antman8969 | especially on the n950 hardware |
19:58.31 | lardman | hmm, I think that's a way of wrapping your entire application |
19:59.04 | lardman | oh I see, I can do QGraphicsObject *object = qobject_cast<QGraphicsObject *>(component.create()); |
19:59.16 | antman8969 | the last section |
19:59.16 | antman8969 | yea |
19:59.29 | DocScrutinizer | well it's half the rent |
19:59.41 | DocScrutinizer | you can call QML from Qt |
20:00.00 | DocScrutinizer | now you need to integrate this Qt/C++ code to QML |
20:00.31 | lardman | yeah I know you can manipulate from both sides, but that then means they are pretty intertwined, which is the whole thing QML is supposed to get away from I thought |
20:00.34 | DocScrutinizer | but actually better ignore me, I have NFC about QML and not much revent experience with Qt either |
20:00.42 | lardman | lol |
20:00.52 | antman8969 | lol |
20:01.02 | antman8969 | I agree lardman, I would want to stay away from controlling QML from Qt |
20:01.08 | antman8969 | from C++ rather |
20:01.10 | lardman | I'm still a bit fuzzy about how I should place the component I create too |
20:01.29 | lardman | with C++ I could generate a QWidget in my plugin, pass it back and have the main code put it somewhere |
20:01.38 | lardman | I guess I could achieve that with Javascript |
20:02.00 | antman8969 | The entire point of using QWidget in your application is... you already have a working version and don't want to rewrite? |
20:02.31 | lardman | not quite, I've altered the app quite a bit, but basically the plugin needs to pass back some component that will be self contained and displayed |
20:02.32 | Sput | lardman: also relying on QGraphics* is a bad idea, as that's going away in Qt5 |
20:02.45 | Sput | (not the actual QGV stuff, but QML no longer will be based on it) |
20:02.51 | lardman | so it's not currently a QWidget, I'm just using that as I'm familiary with the C++ terminology |
20:03.06 | lardman | Sput: ok, all the more reason to not go that route then |
20:03.10 | antman8969 | if thats the case, then I'd obviously recommend QML lol |
20:03.23 | lardman | antman8969: yeah but the plugin is C++ |
20:03.32 | Sput | you can always use QDeclarativeItem |
20:03.41 | antman8969 | you can make plugins available too, and just have the QML talk to the C++ for the data you need |
20:03.45 | Sput | just don't assume that that's based on QGV in the future |
20:04.12 | lardman | Sput: so the plugin can return a QDeclarativeItem in C++, and then somehow have that created from the main code? |
20:04.36 | Sput | you can use a QDeclarativeItem implemented in C++ as a normal Item element in QML |
20:04.48 | antman8969 | is this mbarcode reader lardman? |
20:04.54 | lardman | antman8969: yeah |
20:05.19 | lardman | Sput: ok, but when I write the main code I don't know what the component will be called, that only happens at runtime |
20:05.52 | antman8969 | thats why I would rather just use the plugin to deliver a model or data. You can dynamically create QML delegates as you need to much easier |
20:06.35 | lardman | antman8969: the plugin needs to decode the barcode contents e.g. for a vCard work out what the fields mean, and present that to the user |
20:07.12 | antman8969 | well, does it HAVE to do all of that? or can it just decode, pass a model to QML and then have a ListView (or something similar) display the data to the user |
20:07.16 | lardman | seems a bit clunky to generate a QString filled with QML code to create the component to be displayed, is that what you're suggesting? |
20:07.38 | antman8969 | not rly |
20:07.50 | antman8969 | you can make a QAbstractListModel type class if you wanted |
20:07.58 | lardman | antman8969: well there are lots of options of course, that was what the old version did, but it would be nicer for the user to be presented with a decoded view of the payload imo |
20:07.59 | antman8969 | and then use it in one of the builtin ListViews of qml |
20:08.30 | antman8969 | I guess I don't see why that isn't possible with my suggestion, just a different type of data being passed to QML |
20:08.50 | lardman | also things like vCards can contain email addresses and urls, it would be useful for the user to be able to open these or to import the whole thing, etc. the choice should be left up to the plugin writer |
20:09.20 | lardman | so what about a geo: payload, showing a map location? |
20:09.47 | lardman | it would be good to show a map with a pin, rather than just a couple of lines of description of lat/lon |
20:10.03 | antman8969 | right |
20:10.33 | lardman | certainly when I was sketching out the code I was planning a multiline label, but that's not very nice to look at or use |
20:10.34 | hardaker | marble is supposedly embeddeblae fairly easily. |
20:10.42 | hardaker | but I haven't tried it. |
20:10.45 | antman8969 | i've not used QtMobility form QML yet, but thats where the maps stuff is I think. As long as QML at some point gets the lat/lon, you can bring up a map to display it. |
20:11.14 | antman8969 | you can also separate the plugins functionality. You can use c++ code without making it a plugin too |
20:11.31 | lardman | antman8969: I don't want the main code to have to handle every possibility for what to display though, I'd like the plugin to generate its own QML component to display and handle any interaction |
20:11.32 | antman8969 | you can have your map function called from QML after the QML receives the data from the decoded barcodes (from your plugin) |
20:12.19 | antman8969 | so it's more of a "mbarcode" plugin than a series of "docoder" plugin, "map" plugin etc... |
20:12.30 | antman8969 | well, you know that theres really on right way |
20:12.38 | antman8969 | I just like to keep everything separate as much as possible |
20:12.43 | lardman | ah slight misunderstanding here, the main code accepts the decoded barcode data as a string, then it passes it to the plugins which decide which can handle the payload best |
20:13.09 | antman8969 | now, when you say "main" code, you mean qt c++ code? or code in main() |
20:13.25 | lardman | main code is the Qt C++ code with a QML ui |
20:13.40 | antman8969 | mm |
20:13.47 | lardman | so main as opposed to plugin codes |
20:14.39 | lardman | the reason for plugins is that some payloads can contain a number of different content types. E.g. a vCard could contain both the cVard and as fields an URL an email telephone numbers, etc. |
20:14.53 | djszapi_ | Sput: Did you find a solution for your issue after all ? |
20:15.10 | Sput | djszapi_: haven't had the time today to play with the SDK :/ |
20:15.16 | lardman | so each plugin will look for something it can handle in the string it is passed, and then they are ranked such that if a vCard is detected that will be displayed, rather than just the URL, etc |
20:15.19 | Sput | I took note of the hint and will try soon |
20:15.23 | DocScrutinizer | lardman: ( don't want the main code to have to handle every possibility...) fair enough, as the plugin even might want to use a custom made widget |
20:15.28 | antman8969 | right lardman. I've never worked with barcodes to I could be missing something btw. But |
20:16.03 | antman8969 | thats where MY plugin's job would end, decode and then thats all. Making it responsible for so much as to include generating the UI is daunting |
20:16.37 | lardman | antman8969: the barcode decoding is now handled by a daemon called PhotoAnalyser which sits and scans new photographs |
20:17.00 | lardman | that then sends a DBus message if it sees a barcode; mBarcode then wakes up (or is started) and handles the payload of the barcode |
20:17.28 | lardman | so mBarcode now really is only focussed on doing something with what was in the barcode, rather than with the scanning and decoding parts |
20:18.09 | antman8969 | ok, just let's say I scan a barcode with a vcard in it. can you tell me what happens to that data after it's decoded |
20:18.12 | antman8969 | in your model |
20:18.14 | lardman | this also means that PhotoAnalyser can perform more than just barcode extraction, e.g. text extraction and translation would be quite doable |
20:18.33 | lardman | antman8969: it's decoded and the string is sent over DBus to mBarcode |
20:18.57 | antman8969 | and from there |
20:19.02 | DocScrutinizer | lardman: do you need to place the plugin's GUI inside the main window? It could open its own window? |
20:19.12 | lardman | mBarcode then sends that data to each of its plugins, waits for them to all reply whether they can handle the barcode type and payload or not and then asks the highest priority one to return a widget for display |
20:19.43 | lardman | DocScrutinizer: better inside the main UI, as thay houses the history list and a centralised settings page, etc |
20:19.53 | lardman | also fewer open windows is better imo |
20:20.05 | antman8969 | oooh, the plugins main job IS to make the widget, I thought it was doing much more... |
20:20.06 | DocScrutinizer | yeah, sure |
20:20.42 | lardman | antman8969: it makes the widget, then waits for the widget to ask it to do something - e.g. add the vCard, open a URL/email/etc |
20:20.54 | lardman | button presses, etc |
20:21.05 | antman8969 | mm |
20:21.08 | *** join/#harmattan cpscotti (~cpscotti@170.72.125.91.rb4.adsl.brightview.com) |
20:22.42 | antman8969 | I would still end up using QML and Javascript for most things... If you were going to use your plugins then you need to figure out how to make them available... but you know that already lol |
20:22.58 | lardman | ok I reckon I can do the following - return a QDeclarativeItem from the plugin, plus its name; send that by way of a signal to the QML code that is attached to my main mBarcode object (which is exposed to QML), then have some javascript code create the plugin-created item in the main QML "view" |
20:23.17 | djszapi_ | SpeedEvil: What was your issue about aegis and maps ? |
20:23.54 | antman8969 | lardman that sounds good. And from that it sounds like you already know that you can send signals from Qt and catch them in QML |
20:24.16 | lardman | antman8969: yeah I've read that stuff, seems quite straight forward... hopefully ;) |
20:24.23 | lardman | bbiab |
20:25.14 | antman8969 | wouldn't be bad at all. You wouldn't need much javascript either, just something like |
20:25.33 | antman8969 | onSignal: loader.sourceComponent = myPluginItem |
20:25.40 | antman8969 | and have a loader as the main comp for that screen |
20:28.49 | DocScrutinizer | lardman|afk: what about doing *all* QML wrapped into this QDeclarative wrapper and control it from C++ main() |
20:29.19 | DocScrutinizer | lardman|afk: not only plugins but also your main code's GUI |
20:30.18 | djszapi_ | jkt: use develsh for strace. |
20:32.12 | DocScrutinizer | djszapi_: can you tell me _when_ a process gets assigned its credentials/tokens/capabilities? As in "the posix capabilities are derived from aegis and set to kernel on (2) execve() |
20:32.15 | DocScrutinizer | " |
20:32.51 | DocScrutinizer | or is it just the harmattan launcher that does this? |
20:33.38 | SpeedEvil | djszapi_: I cannot for some reason on my device create a new nokia account. This may be an unrelated bug - however, when I attempt to do so, I get no network traffic - just 'unavailable' - I forget the exact error. Someone elses comment lead me to believe it was possible that all account verification is done through aegis. |
20:33.49 | DocScrutinizer | or maybe even (2) fork() ? |
20:35.25 | SpeedEvil | djszapi_: I hypothesised that somehow the chain of trust is broken on my device, leading to aegis reporting a failure creating/obtaining a key or something, which manifests in 'can't open account'. |
20:36.16 | SpeedEvil | djszapi_: It could of course be something else - but if this is true, it indicates what might happen with an unapproved kernel. I haven't been screwing with the kernel however. Can't create account = can't access maps or drive. |
20:36.38 | djszapi_ | SpeedEvil: You are using tha Harmattan image ? |
20:36.38 | antman8969 | speedevil, have you tested the theory with other account creations? |
20:36.45 | SpeedEvil | djszapi_: I'm using the most recent publically available image. |
20:37.15 | djszapi_ | SpeedEvil: if it is not custom kernel, could you please send me the scenario how it is supposed to be reproducible ? |
20:37.33 | SpeedEvil | djszapi_: No, as it's apparantly not for anyone else. |
20:38.14 | SpeedEvil | Flash device - connect to 3g internet - attempt to add nokia account -> service unavailable |
20:38.49 | *** join/#harmattan trollet (~trollet@p4FFC9951.dip.t-dialin.net) |
20:38.56 | DocScrutinizer | http://www.developer.nokia.com/bugs/show_bug.cgi?id=234 |
20:39.01 | djszapi_ | SpeedEvil: no idea about the account verification and how they implemented it. You might need to ask the developers of the application. |
20:39.01 | npm | rzr -- perhaps i did the same as your " killall -9 call-ui && killall -9 call-ui && killall -9 call-ui " when i did a "close all" in app manager |
20:39.14 | *** join/#harmattan Stecchino_ (~bart@d54C095CD.access.telenet.be) |
20:39.58 | DocScrutinizer | SpeedEvil: djszapi_: ^^^ this ticket is about that issue |
20:41.09 | SpeedEvil | Adding a facebook account works |
20:41.24 | SpeedEvil | I forgot about my facebook account, as it's in a fake name, and I don't use it. |
20:42.02 | *** join/#harmattan npm (~npm@cpe-76-90-30-220.socal.res.rr.com) |
20:42.40 | djszapi_ | SpeedEvil: but at any rate, if it is any security "related", it is related to the application and their misusage of the security framework. It is not us how wrote the application. :) Feel free to prove me wrong with logs, outputs. |
20:42.46 | SpeedEvil | After adding FB account, try to add nokia account in the same way. |
20:42.56 | SpeedEvil | 'service currently unavailable' |
20:42.57 | djszapi_ | SpeedEvil: It seems to work here. |
20:43.04 | SpeedEvil | For most it works. |
20:43.33 | SpeedEvil | There are no docs as to the seciruty framework, and how it interacts with apps (that I've seen), so I'm guessing. |
20:43.40 | DocScrutinizer | SpeedEvil: try deleting all cookies |
20:43.56 | djszapi_ | SpeedEvil: try to grep for aegis in syslog. |
20:44.04 | SpeedEvil | DocScrutinizer: I reflashed |
20:44.08 | antman8969 | does harmattan use the same flasher utility has the n900? flasher-3.5 or w/e |
20:44.10 | SpeedEvil | A couple of times - with no results. |
20:44.15 | DocScrutinizer | and it still fails :-/ |
20:44.18 | DocScrutinizer | hmm |
20:44.47 | rzr | does it worth to be reflashed ? |
20:45.05 | DocScrutinizer | antman8969: no |
20:45.08 | djszapi_ | antman8969: imo nope |
20:45.09 | DocScrutinizer | new flasher |
20:45.17 | antman8969 | just saw from the site.. thanks |
20:45.31 | antman8969 | 556 mb download... |
20:45.42 | DocScrutinizer | yup, sounds correct |
20:45.52 | DocScrutinizer | one_click_flasher |
20:45.56 | djszapi_ | so small ? |
20:46.44 | DocScrutinizer | well, these 556MB is all we get for N950 ;-D |
20:47.06 | DocScrutinizer | no angry birds in there ;-) |
20:47.26 | antman8969 | lol |
20:48.03 | SpeedEvil | doesn't see any clearly obviously smoking guns in syslog. |
20:48.07 | SpeedEvil | tries rebooting. |
20:48.13 | djszapi_ | SpeedEvil: issues relevant to missing credentials and capabilities are normally reported in syslog (not 1:1, but yep). |
20:48.49 | DocScrutinizer | I hnestly doubt that nokia account issue is related to security at all |
20:48.54 | djszapi_ | if there is nothing in syslog, it is probably not aegis issue |
20:49.01 | SpeedEvil | Ok - thanks - that's useful. |
20:49.06 | djszapi_ | DocScrutinizer: everything is related ;-) |
20:49.07 | SpeedEvil | I question what the hell it can be though. |
20:50.13 | *** join/#harmattan vgrade (~martinbro@cpc2-nrte22-2-0-cust128.8-4.cable.virginmedia.com) |
20:50.15 | DocScrutinizer | creating a nokia account seems a web service (more or less), and it also seems that account management is kinda messed up even when you try to access it via firefox from your PC |
20:50.44 | SpeedEvil | Disentangling between poorly understood security infrastructure, old bugs that are possibly fixed by now, and PEBKAC is fun. |
20:51.05 | DocScrutinizer | indeed |
20:51.12 | djszapi_ | mmm, javispedro did not know how the inheritance works for the capabilities, that is simple to clarify, there is an add policy, that is |
20:51.45 | DocScrutinizer | thinking about it I never *created* an account on N950, I just used an already existing account's credentials |
20:52.18 | SpeedEvil | I've tried both, neither worked. |
20:52.25 | DocScrutinizer | and that worked after reflash or maybe unrelated to that, and since then maps and drive are ok |
20:52.33 | djszapi_ | SpeedEvil: Yes, it can be frustrating, and that is why I am trying to help with where I can ;-) |
20:53.02 | DocScrutinizer | I think trying to create an account drops a cookie that taints your system soo nothing will work from then on |
20:53.24 | SpeedEvil | But drops a cookie somewhere that survives flashing??? |
20:53.31 | DocScrutinizer | no |
20:53.48 | SpeedEvil | That's part of the reason I was wondering if it was some secure storage area that the user can never touch. |
20:53.57 | DocScrutinizer | as mentioned above it worked for me after flashing. Also for somebody else on that ticket |
20:54.09 | SpeedEvil | Yeah - that's what confused. |
20:55.41 | SpeedEvil | Aug 23 21:51:50 (none) mission-control-5[794]: GLIB CRITICAL ** default - ag_account_get_selected_service: assertion `AG_IS_ACCOUNT (account)' failed |
20:55.43 | SpeedEvil | hmm |
20:55.55 | DocScrutinizer | maybe you also need to log out from your account and related sites on all your other devices prior to this thing working on N950, who knows. Similar advice regularly given by quim et al for developer.nokia.com and the launchpad |
20:56.13 | SpeedEvil | I'm not logged in on any devices on that account. |
20:56.54 | djszapi_ | DocScrutinizer: system kernel is not execve, nope. |
20:57.09 | djszapi_ | not even fork and friends. |
20:57.28 | rzr | djszapi_: still on kde ? |
20:57.28 | DocScrutinizer | no idea honestly. You'd think somebody who has better access to the source and to debugging tools should answer on http://www.developer.nokia.com/bugs/show_bug.cgi?id=234 eventually |
20:57.47 | djszapi_ | I.E. will e.g. a (true, non busybox) shell command inherit the shell's capabilities, or are the freshly defined? -> it depends, it is not that simple. |
20:58.07 | DocScrutinizer | yeah, that's why I ask |
20:58.08 | lardman | antman8969: exactly |
20:58.10 | djszapi_ | it is not a comprehensive yes/no answer. |
20:58.38 | djszapi_ | javispedro was basically asking the same. The key point is the add policy here. |
20:58.52 | lardman | DocScrutinizer: the problem with controlling the QML from the C++ is that it goes against the idea of separating the C++ and QML code, afaiu |
20:59.01 | djszapi_ | rzr: sorry ? |
20:59.07 | DocScrutinizer | unless I at least understand WHEN aegis kicks in, I never can wrap my head around how it works at large |
20:59.49 | mikhas | lardman, huh? |
21:00.06 | lardman | mikhas: sorry, reply from a little earlier |
21:00.08 | antman8969 | convo from 20 mins ago mikhas lol |
21:00.13 | DocScrutinizer | I'd guess there should be a list of (kernel) functions that are actually aegified |
21:00.25 | mikhas | how is exposing a C++ property to QML or a show request for certain views from the C++ side a violation of the separation? |
21:00.50 | mikhas | in both cases, C++ side would exert control over UI |
21:00.51 | SpeedEvil | Well - that was a bust - nothing in syslog for attempting to login to account. |
21:01.09 | lardman | mikhas: That's not, though the latter is more so unless you use a signal afaiu |
21:01.14 | djszapi_ | DocScrutinizer: sorry ? |
21:02.34 | DocScrutinizer | djszapi_: I know how posix capabilities and geneal permisions are handled on a "normal" system. Where does a aegified system differ, regarding inheritance of these permisions from one process to another? |
21:03.47 | djszapi_ | DocScrutinizer: add policy is the key here. |
21:03.54 | DocScrutinizer | on a "normal" system a child always inherits the permissions of parent process. Seems for aegis this doesn't apply anymore |
21:04.13 | SpeedEvil | http://www.slideshare.net/reshetov/maemo-platform-security-fosdem |
21:04.13 | djszapi_ | of course not. |
21:04.23 | SpeedEvil | djszapi_: Is that somewhat acccurate and useful now/ |
21:04.32 | djszapi_ | SpeedEvil: quite old. |
21:05.45 | SpeedEvil | Sure. Is it representative, though old, or essentially useless. |
21:05.54 | DocScrutinizer | as I understand it aegis tokes are bount to fully qualified pathnames of executables? |
21:05.54 | SpeedEvil | In the absence of any other docs |
21:06.04 | DocScrutinizer | bound* |
21:06.48 | djszapi_ | DocScrutinizer: I cannot answer with yes/no, it is not that simple |
21:06.52 | djszapi_ | sometimes, yes, sometimes not. |
21:07.29 | DocScrutinizer | I didn't ask for a yes/no answer |
21:07.30 | djszapi_ | SpeedEvil: I guess it is useful since it does not require too much time to go through :) |
21:08.23 | DocScrutinizer | actually I guess it'd be pretty hard to find out about how aegis works by just asking questions that can get answered by yes/no |
21:08.41 | djszapi_ | DocScrutinizer: the context is typically a use case when you do not specify a path which is a bit sad in my opinion and I wanna work on it to fix that up. |
21:08.50 | DocScrutinizer | it will need a bit more of an explanation answer |
21:09.27 | djszapi_ | it does not cause any issue (at least I cannot mention any scenario), but in theory, it is not nice that way in my opinion. |
21:12.35 | DocScrutinizer | djszapi_: I have a hard time understanding your info bits. Could you go thru an example, let's say "user shell invokes `nano /etc/init/check_malf.conf` ", and you step by step explain when aegis kicks in and in which way? |
21:12.39 | djszapi_ | ajalkane_: "But Aegis can be disabled by installing custom kernel if I've understood correctly?" -> It is not yes/no question either. :) If you turn out the user space part of aegis, the application using the user space aegis libraries will stop working of course. |
21:13.03 | djszapi_ | ajalkone_: but yeah, you can do anything with a custom kernel for sure ;) |
21:14.55 | djszapi_ | DocScrutinizer: you wanna understand the point, not the background aegis implementation in order to get rid of this as soon as possible. |
21:15.05 | DocScrutinizer | I'd gather first thing that happens is shell tells kernel to load and execute the nano binary (simplified picture), and I wonder if aegis already kick in there and what exactly it does |
21:16.08 | DocScrutinizer | djszapi_: I don't want to get rid of anything asap |
21:16.30 | DocScrutinizer | I want to understand how I can make things work under aegis |
21:17.05 | SpeedEvil | djszapi_: Is there a way to make aegis dump lots of informatio to syslog, when for example apps use the secure storage. |
21:17.06 | djszapi_ | It is a big improvement to let us just disable aegis ;-) |
21:17.46 | DocScrutinizer | I'm not here to discuss improvements |
21:18.45 | djszapi_ | SpeedEvil: you will have relevant messages, if it is an aegis issue. It is not about that aegis does not talk more about the issue category. There seems to be no aegis issue at all. |
21:18.50 | *** part/#harmattan crevetor (~antoine@bureau.ubity.com) |
21:19.13 | SpeedEvil | I'm not disagreeing with that - I mean for other things. |
21:19.16 | DocScrutinizer | I want to learn if it's theoretically possible to gather enough info about how aegis works to allow a developer to actually get work done despite aegis. If this includes disabling aegis for developer mode, for convenience purposes - fine. |
21:19.45 | djszapi_ | DocScrutinizer: wait for the next SDK Documentation then I guess. |
21:20.06 | lcuk | waves @ djszapi_ |
21:20.15 | DocScrutinizer | if it means there's proper info on getting stuff done with aegis enabled - also fine |
21:20.25 | djszapi_ | SpeedEvil: Could you tell me a use case what you are interested in ? |
21:20.41 | djszapi_ | DocScrutinizer: *nods* |
21:21.39 | SpeedEvil | I want to see what apps are storing stuff in secure mode, and what are just using normal files. Ideally. |
21:23.12 | djszapi_ | not getting the question |
21:24.28 | djszapi_ | what do you mean by "secure mode" ? (if hash calculation, then everything, if integrity protected as well, that is a different matter) |
21:24.30 | DocScrutinizer | for now what we got on aegis documentation is a draft of an introduction, with statements like >>When your application is launched, the credential information defined in the file is passed on to the system kernel.<< being all that's there to explain when and how aegis kicks in precisely. This isn't enough to understand if a fork()&execve() child process will nherit my parent process' credentials and permissions or get arbitrary new |
21:24.32 | DocScrutinizer | credentials applied |
21:27.05 | DocScrutinizer | and if functions as of man 2 * don't work as I'm used to, I feel rather uncomfortable with developing on such a platform |
21:28.52 | djszapi_ | man 2 gives you an upstream linux kernel based man page meanwhile harmattan is not upstream. Not sure how this came out from that. Different kernel can have different operations. |
21:29.24 | *** join/#harmattan seif (~seiflotfy@ip-95-223-13-104.unitymediagroup.de) |
21:29.34 | DocScrutinizer | the bare minimum I'd expect is a list with (kernel/system) functions that have changed semantics on aegis, and an explanation what's the new function |
21:30.56 | djszapi_ | for your implementation, code-wise interest, I recommend the libcreds2 library. |
21:31.03 | DocScrutinizer | that's when I start to ask "how is aegis working?" |
21:31.13 | DocScrutinizer | thanks |
21:31.48 | djszapi_ | not sure I understand your post. If you know how ioctl works, you know it is easy to extend with specific ioctl calls. |
21:31.58 | DocScrutinizer | yesyes |
21:32.29 | djszapi_ | it is just an argument on userspace side, and some small snippet on the kernel side. |
21:32.33 | DocScrutinizer | if I know aegis intercepts/redefines/re-implements ioctl, then I've got one answer already |
21:33.22 | DocScrutinizer | I'll need to learn about new aegis related functionality of ioctl and then I'm a bit wiser |
21:34.23 | djszapi_ | learn libcreds2 as said |
21:34.41 | djszapi_ | http://meego.gitorious.org/meego-platform-security/libcreds2 |
21:34.42 | DocScrutinizer | if one day I can say "look this is a comprehensive list of functions that are modified by aegis, it starts with ioctl as that's been the first one I learnt about" then my questions are completely answered I guess |
21:35.20 | DocScrutinizer | many thanks :-) |
21:35.25 | djszapi_ | first tweak can be to look for ioctl in the project, for instance. |
21:37.28 | djszapi_ | DocScrutinizer: no, aegis does not reimplement ioctl. Aegis uses the flexible ioctl which has been working for ages ;-) |
21:39.01 | djszapi_ | actually, we wanted to push libcreds as an upstream project since it is a good idea for credential purposes. The idea is not tied to Nokia specific project, it is generic enough. |
21:39.53 | DocScrutinizer | seems it's hard to explan what it actually does though ;-) |
21:40.03 | DocScrutinizer | explain* |
21:41.05 | djszapi_ | why explain if it is well documented ? That is why we documented it.. |
21:41.32 | DocScrutinizer | well, then explaining is as simple as dropping an URL, no? |
21:41.50 | djszapi_ | http://meego.gitorious.org/meego-platform-security/libcreds2/blobs/master/sys/creds.h -> It is actually a very well documented library. |
21:43.42 | djszapi_ | Altought, we might remove the audit, that is a bit historical thing over there. |
21:44.51 | djszapi_ | I think I was even working on a libcreds2-qt interface to make it higher level |
21:45.20 | djszapi_ | but basically you might need the librestok, refhashutil and all jazz from there to your "complete" picture. |
21:45.56 | djszapi_ | aegis basically starts operating from the installation over the dpkg wrapper anyways, so you might wanna take a look at the dpkg wrapper code as well (5-6000 perl LOC). |
21:47.34 | djszapi_ | before saying perl is not secure enough: true :) That is why we have our own perl version. |
21:47.44 | *** join/#harmattan eman (~eman@124-149-161-113.dyn.iinet.net.au) |
21:48.43 | DocScrutinizer | indeed, the comments in creds.h are maybe quite good for somebody that already got an idea what all this is supposed to do and how it's supposed to work. It's not exactly a press info paper explaining what this all is about, how it works by a rough sketch of things, and what are the advantages why anybody should "buy" it |
21:49.10 | djszapi_ | that is the matter of the SDK documentation. |
21:49.32 | djszapi_ | for the developers, for users: brochures I guess :) |
21:50.11 | DocScrutinizer | yup, and it's good on that. Nevertheless there's a gap between where that SDK stuff ends and where the creds.h starts |
21:50.14 | *** join/#harmattan smoku (~spectrum@xkh0g2.infr.xiaoka.com) |
21:51.17 | djszapi_ | yeah, the public. |
21:53.46 | DocScrutinizer | I think I can imagine what the dpkg wrapper does, roughly. What I don't know is how aegis interacts when run >> RM680-22-6_PR_RM680:~# nano /etc/init/check_malf.conf << |
21:55.29 | DocScrutinizer | and you'd think it should be possible to comprehensively explain what's happening on this example, in as little as maybe 300 lines of text |
21:56.57 | DocScrutinizer | on a level of "...then aegis-xy_daemon looks into /etc/aegis/restok to find a line relating to the basename, and returns the set of credentials to aegis-masterFoo..." |
21:57.47 | djszapi_ | it does not work that way, nope. |
21:57.59 | DocScrutinizer | " (see http://aegis/<some path> for details about restok file |
21:58.02 | DocScrutinizer | )" |
21:58.04 | djszapi_ | I am sleepy for now :) I can explain it with a bit sober mind tomorrow though |
21:58.29 | DocScrutinizer | I know it doesn't work with aegis-masterFoo |
21:58.38 | DocScrutinizer | even without such a paper telling me |
21:58.57 | djszapi_ | it is not about that, there is no "daemon". |
21:59.04 | DocScrutinizer | but I think there should be such a paper that gives a 15min sketch of how things work |
21:59.34 | DocScrutinizer | I also believe there's no daemon |
21:59.38 | djszapi_ | I do not think so. |
21:59.42 | DocScrutinizer | as probably a lot is inside kernel |
22:00.01 | djszapi_ | What the introduction should show is how to use aegis, without kernel implement level as you request. |
22:00.17 | djszapi_ | that is pointless a person who would just like to port a simple or "normal" application. |
22:01.01 | djszapi_ | the advanced guide should talk more about the advanced usage, and controversial whether to discuss this implementation-wise, probably not, just a reference to the generated doxygen implementation documentation. |
22:01.13 | djszapi_ | * for a person |
22:01.26 | DocScrutinizer | that's exactly where I start to use works in same sentence as "aegis" that you don't like to hear |
22:01.42 | DocScrutinizer | words* |
22:03.13 | DocScrutinizer | I'm obviously not a normal person as my apps are not normal either, so you say I'm not worth the effort of aegis developers giving me a decent documantation. I'm not amused about that notion |
22:04.58 | DocScrutinizer | I'm learning by understanding *how* things work, not by observing and memorizing *what* things act like |
22:06.00 | DocScrutinizer | I got no list of commands I have to prepend sudo. I know from the intended action when I need to get root to achieve something |
22:07.01 | djszapi_ | sorry ? |
22:07.42 | DocScrutinizer | as long as there's not even a clear word about if a child process has same permissions as parent process, and if not then why and which new permissions it got, I don't think the documentation is sufficient even for 'normal' developers |
22:08.41 | DocScrutinizer | neither to write 'normal' apps. Maybe QML-only apps, yeah |
22:08.42 | djszapi_ | well, I said more times the add policy |
22:08.51 | djszapi_ | that is the key for inheriting. |
22:10.01 | DocScrutinizer | googles "add policy" |
22:10.10 | DocScrutinizer | gives up |
22:13.01 | djszapi_ | :D |
22:14.07 | djszapi_ | valgrind is actually a very good example for that what I am talking about. |
22:15.16 | djszapi_ | a d gdb |
22:15.36 | djszapi_ | * and gdb is a very good example for instance for non-inheriting. There you go. |
22:18.50 | djszapi_ | good night |
22:18.51 | *** part/#harmattan djszapi_ (~lpapp@84-231-18-239.elisa-mobile.fi) |
22:19.44 | DocScrutinizer | I'm completely aware of http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide#Requesting_POSIX_capabilities, but I'm not able to find WHEN those capabilities are applied to a process, as of "this is the event (whatever kind of event) when aegis looks into internal database, retrieves applicaple policy, and tells kernel about it" |
22:21.21 | *** join/#harmattan javispedro (~javier@Maemo/community/contributor/javispedro) |
22:21.44 | DocScrutinizer | I gather this has to be execve() and/or fork() or whatever, or maybe it's a special call to aegis you have to patch into your bash and into harmattan app launcher, or it's plumbed to scheduler task switching, examining each task that gets a timeslice executed. Who knows? |
22:23.43 | DocScrutinizer | and then it's not entirely clear how the credentials definition in database is linked to a particular process, as you told me it's not via the pathname in <for path="/usr/bin/myapp" /> |
22:25.06 | DocScrutinizer | so if it's not the pathname of the binary, what else is it that makes aegis pick a particular token or credentials or whatever the name from its database and apply it to a process? |
22:27.11 | *** join/#harmattan willer_ (~Willer@201-75-87-230-ma.cpe.vivax.com.br) |
22:27.45 | DocScrutinizer | (btw the term "policy" appears exactly 3 times in http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide , "policies" another 2 times) |
22:28.26 | *** join/#harmattan rm_you|wa (~rm_you@c-24-16-141-5.hsd1.wa.comcast.net) |
22:28.28 | rm_you|wa | hrmrm.... |
22:28.51 | rm_you|wa | looks like /usr/bin/smartsearch and /usr/bin/messageserver are using a shit-ton of my CPU and draining my battery <_< |
22:29.29 | *** part/#harmattan smoku (~spectrum@xkh0g2.infr.xiaoka.com) |
22:45.09 | *** join/#harmattan rm_you| (~rm_you@c-76-104-225-147.hsd1.wa.comcast.net) |
22:47.31 | javispedro | so |
22:47.45 | javispedro | assuming I am trying to make up my mind and start doing something with Qml, what should I do? |
22:48.28 | javispedro | last time I tried Qt Creator my love for Gtk+ increased, are there any nice samples for Qml development inside sbox? |
22:50.31 | javispedro | or, where can I get the latest version of the qml viewer stub that QtC generates? |
22:53.54 | *** join/#harmattan BrettQ (~wircer@99-38-191-36.lightspeed.clmasc.sbcglobal.net) |
22:54.56 | javispedro | thinks I should make a qml-stub-generate cmdlet that quickly creates it |
23:01.07 | *** join/#harmattan captainigloo (~Nico@lan31-4-82-227-130-131.fbx.proxad.net) |
23:05.48 | mikhas | javispedro, forget about qmlviewe |
23:05.49 | mikhas | r |
23:06.02 | javispedro | I mean the one that qtC generates |
23:06.05 | mikhas | doesnt really work if you want to use Qt Quick Components |
23:06.11 | mikhas | this 10-liner? |
23:06.16 | mikhas | I can paste something |
23:06.19 | javispedro | 10-liner only? |
23:06.26 | javispedro | oh. |
23:06.42 | javispedro | but there's like thousands of files when I click new Qml app in QtC. |
23:06.45 | javispedro | er.. |
23:06.47 | javispedro | tens of files ;) |
23:06.50 | mikhas | javispedro, https://gitorious.org/testdef/testdef/blobs/master/testdef/main.cpp |
23:07.03 | mikhas | that's all the wrapping you need |
23:08.41 | rm_you| | any new developments on the n950 + video front? :P |
23:17.11 | hardaker | gotta love it: leave a ssh connection open to the phone, wander very far away from the phone so it looses the 802.11 link (twice), come back 2 hours later to find the session still works :-) |
23:26.13 | DocScrutinizer | known from N900, happens to me regularly, each time I leave for a coffee or a beer next pub |
23:26.38 | hardaker | Didn't work for me on the N900... the session would drop |
23:26.49 | DocScrutinizer | hmm |
23:26.51 | hardaker | i think. |
23:27.07 | antman8969 | worked for me |
23:27.15 | hardaker | maybe I'm confusing myself with a ssh session over the cell network, which drops ify ou don't use it in something like 30 seconds. |
23:27.28 | antman8969 | so well infact that I would have to kill the terminal to get out of it... |
23:28.12 | hardaker | so what are people using as cases? I really need to get one. I used my palm case for my n900, but the n950 is too big and I really need to get something. |
23:28.19 | DocScrutinizer | it keeps connection here for several hours, drops if I stay away for a whole day |
23:29.29 | SpeedEvil | hardaker: I'm using an old sock. (washed) |
23:30.19 | hardaker | SpeedEvil: Excellent. Where do you stuff it? |
23:30.49 | hardaker | I suspect an iphone case (gasp) is probably about the right size |
23:30.50 | Sput | just puts the N950 in his pants pockets |
23:30.56 | Sput | seems to be really scratch-resistant |
23:30.59 | hardaker | Sput: moves around too much.. |
23:31.10 | hardaker | that's what I'm doing now, but am not really happy with it. |
23:31.20 | Sput | I didn't manage to scratch my C7's screen yet, so I trust the N950 will be similarly resilient :) |
23:31.21 | hardaker | (err... "I'm concerned" is probably a better way to put it) |
23:32.32 | SpeedEvil | I've managed to scratch the 950 camera lens |
23:32.37 | SpeedEvil | Which is annoying. |
23:32.48 | SpeedEvil | Fortunately not quite on the actual camera |
23:32.58 | SpeedEvil | I'm currently wondering about a screen protector. |
23:33.22 | hardaker | SpeedEvil: Yeah, that's going to be the downside of swipe I think. |
23:33.39 | Tronic | No scratches on mine either but I think that matt black paint will get damaged eventually, when kept in pocket. |
23:33.39 | hardaker | I haven't tried one either. |
23:33.41 | SpeedEvil | The upside of a glass screen is it's scratch resistant. |
23:33.52 | Tronic | SpeedEvil: Is the camera lens plastic? |
23:33.54 | SpeedEvil | The downside of a glass screen is I'm really, really good at scratching stuff. |
23:34.02 | hardaker | heh. |
23:34.05 | SpeedEvil | Tronic: I suspect it's glass of some form. |
23:34.27 | hardaker | best watch face I ever owned was a good quality swatch. I can not *believe* that thing never scratched considering what I did to it. |
23:34.39 | SpeedEvil | I have previously accidentally put my seccateurs in the wrong pocket, and bent up and down a couple of hundred times. |
23:34.44 | Tronic | I'm having major trouble with grease, though. Looks very ugly and the glass surface is difficult to clean. |
23:34.55 | Tronic | Plastic seems better in that respect. |
23:34.58 | SpeedEvil | The screen protector of the n900 looked like I'd taken sandpaper to it. |
23:35.17 | SpeedEvil | Vigourous rubbing on t-shirt is the key |
23:36.01 | Tronic | SpeedEvil: Doesn't work well and will very easily scratch the surface if you have any sand/dirt on your shirt. |
23:36.06 | SpeedEvil | That too |
23:36.31 | Tronic | Licking the screen works but yuck! |
23:36.48 | Tronic | Spitting on a piece of tissue paper and then rubbing works rather well, too. |
23:36.53 | *** join/#harmattan seif (~seiflotfy@ip-95-223-13-104.unitymediagroup.de) |
23:37.04 | hardaker | You know folks, they make this stuff called "glass cleaner" that contains no spit |
23:37.09 | Tronic | Water + tissue paper not so well. |
23:37.35 | DocScrutinizer | meh, that double-tapping to wakeup is kinda annoying |
23:37.36 | Tronic | hardaker: Glass cleaners might damage the paint, plus I don't carry any with me. |
23:37.57 | SpeedEvil | DocScrutinizer: waking up unintentionally? |
23:37.59 | hardaker | DocScrutinizer: it's much better than finding a button in your sleep to check the time |
23:38.02 | SpeedEvil | You can always turn it off |
23:38.04 | Tronic | DocScrutinizer: Double screenlock (having to open and then slide) in general is quite annoying. |
23:38.26 | special | I ended up turning it off |
23:38.39 | SpeedEvil | yeah - I'd like double tap, then tap again to unlock |
23:39.07 | SpeedEvil | Or go straight past lock screen if you hit the butto |
23:39.09 | SpeedEvil | n |
23:39.15 | special | too easy to do accidentally, i'd think |
23:39.19 | SpeedEvil | But I suspect all the UI at this level is liable to change |
23:39.37 | SpeedEvil | Supporting multitouch would be awesome. |
23:39.52 | SpeedEvil | For example, it will only turn on if you drag two fingers across from one edge to the other |
23:40.07 | SpeedEvil | Or double tap with two fingers |
23:53.42 | DocScrutinizer | haha long click on a song it "recently played" which seems actually the current playlist gives "add to queue" but no way to delete a song from playlist |
23:54.55 | DocScrutinizer | hmm maybe it's not the playlist |