Discussion:
[blfs-support] Announcing Basic BLFS (beta)
Bruce Dubbs via blfs-support
2018-09-24 18:57:36 UTC
Permalink
The LFS team would like to announce a new book, Basic Packages for Linux
From Scratch

This book is under development and is designed for new BLFS users and is
an excerpt of the full BLFS book. It provides guidance for getting
started with BLFS and suggests command line tools suitable for all types
of systems. This short book provides merged instructions for users of
both the System V and systemd versions of LFS.

The book is available on-line only at

http://www.linuxfromscratch.org/blfs/view/basic/

As always, feedback is appreciated.

Please direct any comments about this beta release to the LFS
development team at lfs-***@linuxfromscratch.org or
blfs-***@linuxfromscratch.org. Registration for the mailing lists is
required to avoid junk email.

-- Bruce Dubbs
linuxfromscratch.org
--
http://lists.linuxfromscratch.org/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
Ken Moffat via blfs-support
2018-09-29 18:36:21 UTC
Permalink
(Taking this to blfs-support, and changing the title, since it has
little to do with the original thread)
I should mention that on my 8.3 build on this machine I lost access
to sourceforge and related sites for similar certificate errors
after one firefox update, although other machines were fine.
Updating firefox to 62.0.2 (and reinstalling the certs as part of my
update) solved that. But overall, like the builds of rust and
firefox, cert handling in firefox seems to go out to lunch from time to time.
My current machine rebooted a little while ago and when I restored
firefox it decided that slashdot.org was misconfigured and would not
let me connect. Usually that also means that sourceforge (same
owners) will be inaccessible. Before the crash, everything was
fine.

I have now apparently solved this by, in about::config, changing
security.pki.distrust_ca_policy to 0.

ĸen
--
Well grubbed , old mole!
--
http://lists.linuxfromscratch.org/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscrib
DJ Lucas via blfs-support
2018-09-29 21:14:07 UTC
Permalink
Post by Ken Moffat via blfs-support
(Taking this to blfs-support, and changing the title, since it has
little to do with the original thread)
I should mention that on my 8.3 build on this machine I lost access
to sourceforge and related sites for similar certificate errors
after one firefox update, although other machines were fine.
Updating firefox to 62.0.2 (and reinstalling the certs as part of my
update) solved that. But overall, like the builds of rust and
firefox, cert handling in firefox seems to go out to lunch from time to time.
My current machine rebooted a little while ago and when I restored
firefox it decided that slashdot.org was misconfigured and would not
let me connect. Usually that also means that sourceforge (same
owners) will be inaccessible. Before the crash, everything was
fine.
I have now apparently solved this by, in about::config, changing
security.pki.distrust_ca_policy to 0.
ĸen
Off-list reply intentional not to broadcast my own domain. I'd be
interested to see what they thought was misconfigured. I don't see an EV
cert, and it's not any of the government certs, so it must be OneCRL --
IIUC, this is the digital equivalent of a slap on the wrist for abusing
users. I'm wondering if they are shunning slashdot or LetsEncrypt. For
reference, see here:

https://wiki.mozilla.org/CA/Additional_Trust_Changes

Ken, can you set it back and test my site at:
https://www.lucasit.com/passwords.php
I use the same intermediate certificate, that should answer the above
question.

--DJ
--
http://lists.linuxfromscratch.org/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information
DJ Lucas via blfs-support
2018-09-29 21:52:13 UTC
Permalink
Post by DJ Lucas via blfs-support
Post by Ken Moffat via blfs-support
(Taking this to blfs-support, and changing the title, since it has
little to do with the original thread)
I should mention that on my 8.3 build on this machine I lost access
to sourceforge and related sites for similar certificate errors
after one firefox update, although other machines were fine.
Updating firefox to 62.0.2 (and reinstalling the certs as part of my
update) solved that.  But overall, like the builds of rust and
firefox, cert handling in firefox seems to go out to lunch from time to time.
My current machine rebooted a little while ago and when I restored
firefox it decided that slashdot.org was misconfigured and would not
let me connect.  Usually that also means that sourceforge (same
owners) will be inaccessible.  Before the crash, everything was
fine.
I have now apparently solved this by, in about::config, changing
security.pki.distrust_ca_policy to 0.
ĸen
Off-list reply intentional
Whoops....oh well...don't anybody abuse my mail server. :-)
--
http://lists.linuxfromscratch.org/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsu
Ken Moffat via blfs-support
2018-09-29 22:37:02 UTC
Permalink
Off-list reply intentional not to broadcast my own domain. I'd be interested
to see what they thought was misconfigured. I don't see an EV cert, and it's
not any of the government certs, so it must be OneCRL -- IIUC, this is the
digital equivalent of a slap on the wrist for abusing users. I'm wondering
https://wiki.mozilla.org/CA/Additional_Trust_Changes
https://www.lucasit.com/passwords.php
I use the same intermediate certificate, that should answer the above
question.
Well, I changed it back but everything including slashdot.org is
still working - and so was your link. Baffled.

ĸen
--
Well grubbed , old mole!
--
http://lists.linuxfromscratch.org/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
Ken Moffat via blfs-support
2018-10-03 21:04:15 UTC
Permalink
Post by Ken Moffat via blfs-support
Off-list reply intentional not to broadcast my own domain. I'd be interested
to see what they thought was misconfigured. I don't see an EV cert, and it's
not any of the government certs, so it must be OneCRL -- IIUC, this is the
digital equivalent of a slap on the wrist for abusing users. I'm wondering
https://wiki.mozilla.org/CA/Additional_Trust_Changes
https://www.lucasit.com/passwords.php
I use the same intermediate certificate, that should answer the above
question.
Well, I changed it back but everything including slashdot.org is
still working - and so was your link. Baffled.
ĸen
I'm on the other machine where slashdot was broken (one that used to
be one of my main test machines, where I had tried using a new
profile, and after that often seen this problem).

With 62.0.2 I tried setting security.pki.distrust_ca_policy to 0 and
it worked. But the reason I came to this machine was to upgrade to
62.0.3, and after that, with the setting still 0, it was again telling
me the site was misconfigured, but again without any details.

This time, toggling it to 1 got it working.

ĸen
--
Well grubbed , old mole!
--
http://lists.linuxfromscratch.org/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/
Loading...