Wednesday, July 18, 2018

Updates broken? Fixes here.

If your system works, you have no need to read this.  You won't hit this issue, it's already fixed.  If your system is unable to update, or you have schadenfreude, read on.

Sorry.  My bad.  Very recently some changes were pushed to Pentoo which moved the Pentoo Overlay from /var/lib/layman to /var/db/repos, for a few reasons, none of which are hugely relevant (although one of them was to make gpg verification work).  When this was done, it passed a test case on my system, and was pushed without extensive testing.  As such, a few issues popped up, all relating to stupid mistakes made my me personally.

I may have caused the following depending on how unlucky you were:

If your system is refusing to sync with an ugly backtrace about missing pentoo.asc
If your system says the profile is invalid.
If /usr/sbin/pentoo-updater is a dangling symlink to nowhere (command not found)

All of this is properly handled and fixed with the latest pentoo-updater, which you should be able to easily enough get by following these directions:

If you have /var/db/repos/pentoo:
1. cd /var/db/repos/pentoo
2. git pull
3. ./scripts/pentoo-updater.sh
4. everything should work now

If you have /var/lib/layman/pentoo:
1. cd /var/lib/layman/pentoo
2. git pull
3. ./scripts/pentoo-updater.sh
4. everything should work now

If this isn't enough to get you out of the hole i dug, please open a bug on the issue tracker and you will receive help.
https://github.com/pentoo/pentoo-overlay/issues

Respectfully,
Zero_Chaos

Tuesday, July 10, 2018

It's hard to believe none of us are web developers

We know that watching the Pentoo website over the years hasn't exactly filled people with confidence about our development process.  Truth is, none of us really likes updating the webpage, or dealing with updating the theme or graphics, or really anything not directly relating to improving the quality of our Linux distribution.  Our heavy focus on improvement has had some unintended consequences, specifically, people who visit the website (and some dim wikipedia editors) all think we are dead.  So here we are, with a shiny new release, some new posts on the website, and a new post on the blog.  Anyone who watches the github logs know we haven't ever so much as taken a one week vacation in the past few years, but the website has been telling a different story.

Now that we have cleared up that our death was greatly exaggerated, we would like to take a sec to update you all on some sexy new improvements.  In addition to the typical updates which are obvious and expected, we finally have UEFI support.  That said, we don't half do things, so Secureboot already works, both for the livecd and installs, and we plan to add signed kernels and kernel modules to the livecd soon.

Please enjoy our latest release, and as always, we appreciate bug reports https://github.com/pentoo/pentoo-overlay/issues

Thanks,
Zero_Chaos on behalf of the Pentoo Linux Team

Tuesday, August 02, 2016

Another DEF CON, another Pentoo Release :-) This time with a surprise

You know how every security livecd for all history has run as root by default?  Well, as we like to practice what we preach, we here at Pentoo have switched to logging in as a user by default.  So now, when you boot up, you will find yourself logged in as "pentoo" (with sudo access of course).  Even the menu has been completely designed to run sudo automatically *(not actually a new feature) for anything in /sbin or /usr/sbin so you don't get permission errors using the menu for hacking tools.

With a host of new and updated packages we hope you love this Pentoo release more than any previous release.  We take security seriously, not just in keeping our packages up to date, but with system and kernel hardening, and now our latest update to run as a user by default.

Get the new release here:
http://www.pentoo.ch/download/

Please note, for this DEF CON special release we are only making an amd64 release.

thanks,
Zero_Chaos on behalf of the Pentoo Linux Team

Wednesday, December 02, 2015

Surprise! A working iso just in time for nothing at all!

Hi all.  As you are likely aware, the team rushes out isos for every major conference (or dies trying), and often that leaves things in a somewhat imperfect state.  It's almost become a joke in recent years about if the installer will work, or binary drivers, or whatever else.

Well this time, we wanted to do something really special.  We have still been working on isos and publicly posting them, but we skipped that cute little step where we announced things without testing thoroughly.  The DEF CON 23 release was RC 3.8, and today we are announcing RC 4.6.  That is 7 (publicly uploaded) builds (and a few more that were never uploaded and tested only by me) that got tested, and we found bugs worth fixing.  What you can download today, is hopefully the most impressive iso to date.  I won't harp on how it's awesome, or why it's awesome, other than to say we tested things, made some usability improvements, and things just plain work.  Isn't that what you have always wanted out of your livecd?

I'll keep this announcement brief, but baring a major bug this will be your iso for a little while.  There are plans brewing for a fairly major improvement in the next release that is totally hush hush (unless you hang out in irc where I talk about it all the time).  I will give a hint, it is something I have wanted to do for a long time, and now I finally get to.

Enjoy the iso, and as always, please report bugs:

http://pentoo.ch/download/

https://github.com/pentoo/pentoo-overlay/issues

Thanks,
Zero_Chaos on behalf of the Pentoo Linux Team

Thursday, August 06, 2015

Is it DEF CON 23 already?

Welcome, and congratulations on your interest in Pentoo Linux!  DEF CON 23 starts thursday, and the Wireless Village and Wireless Capture the Flag starts on friday.  I would have more to say, but honestly there is a lot to do still to prepare.  To keep it brief, we have all the usual updates, and this release should be pretty excellent for the WCTF competition.

http://www.wirelessvillage.ninja/wctf.html

See you all at DEF CON!

-Zero_Chaos on behalf of the Pentoo Linux team

Monday, January 05, 2015

Xmas, New Year, Pentoo Release, Shmoocon 11

Well, it's that fabulous time of year again.  The time where we all have a few days in a row off work so we can concentrate on the things we really care about, like spending time with family.  But after about an hour we all get pretty tired of that and get to work on Pentoo :-)

This year, the holiday has been pretty good to us over here at Pentoo and we have a late New Years gift to all our fans, Pentoo 2015 RC3.7.  You can get it at the usual place: http://www.pentoo.ch/download

This RC is the followup to the fixes and improvements in RC3.6 from BsidesDE, plus some other exciting stuff.  First of all, the boot menu has a new "verify" option which will confirm that the iso files have not been corrupted by unetbootin or a bad thumb drive.  I know checking md5sums yourself is annoying, plus it's impossible to verify after you install to a thumb drive, so now you can do it quickly on boot, automatically!  The side effect to this is that we find that things like unetbootin sometimes make unexpected changes, and you may need to use the second (no verify) boot option to actually run Pentoo.  Please report issues to the issue tracker so we can find out what is changing files, and why, I'd really like to find out why sometimes unetbootin works flawlessly, and sometimes it doesn't.

Additionally, the initramfs has been enhanced with the ability to use unetbootin's "Space used to preserve files across reboots" feature which is labeled "ubuntu only".  Well, I guess that should say "Ubuntu and Pentoo" only.  Not like changes saving is a new feature, but now you can use the changes saving from unetbootin as well.

Last update to the boot code was an update to syslinux 5 from syslinux 4.  It seems most linux distros have updated to syslinux 5 now, so this keeps unetbootin working on those distros (because unetbootin reinstalls its version of the bootloader).  Unfortunately, this means if you have a unetbootin version which still uses syslinux4 (windows seems to have this issue) you can't make a Pentoo usb stick with unetbootin.  Fortunately, you can actually boot Pentoo in a vm and make a usb stick with unetbootin from there, proof that Pentoo is the solution to all of your problems ;-)

In addition to all the boot loader changes and the standard updates, we have switched metasploit live to using ruby 2.1.  This change was not only important because ruby 1.9 support is ending soon, but because it was a near 600% increase in speed.  Remember waiting 30+ seconds for msfconsole to load?  Well, those days are gone.

We hope you enjoy using Pentoo as much as we do.  Happy Holidays, and good luck in the Wireless CTF at Shmoocon!

-Zero_Chaos on behalf of the Pentoo Team and their supportive families who let them hack for the holidays

Issue Tracker: https://code.google.com/p/pentoo/issues/list

WCTF: http://wctf.us/

Saturday, January 18, 2014

Shmoocon 10 and other things which occupy our time.

So a lot of things have been taking our time.  On September 10th my wife and I had our first child, but not to be out done in December Anton welcomed twins.  Despite the significant distractions, we have still been hard at work.

Although the 32 bit builds are broken, again, since it's Shmoocon 10 I'm making a quick little update release anyway.  If you are here competing in the Wireless CTF you already have access, but if you aren't, go on over to our download page and fetch the latest goodness and enjoy the hardened and default builds for 64 bit.

http://www.pentoo.ch/download/

Now I need to get back to fixing the wifi for all these damn attendees.  Have fun all ;-)

-Zero_Chaos and the Pentoo Linux team