Read the statement by Michael Teeuw here.
CALL FOR TESTERS: New install script
-
@BKeyport @KristjanESPERANTO Turns out I owe you some thanks, if only because you got me thinking and questioning my assumptions.
I had previously assumed the anchor process of an X server needed to be an X application, but that turned out to be not the case, so the whole blackpixel executable could be removed entirely, eliminating a major contributor to the script size and a maintenance headache for me.
It does make the script even more obscure and alien though. That’s easily the strangest X config I’ve ever created.
Code is updated.
-
@drdeath I think what the guys were saying or are trying to say, is that for the standard MM user, looking at the script and seeing “coded” code they may be hesitant to test the script. Although it can easily be decoded with
echo 'base64 string' | base64 -d
which would reveal the coded strings, the normal user does not know this.It does make the script so much smaller but for a newb looking at that would scare them away.
Just my 2pence.
-
@mumblebaj AND there is no practical need for encoding anything
-
@sdetweil said in CALL FOR TESTERS: New install script:
@mumblebaj AND there is no practical need for encoding anything
there was a need for the binary which was removed meanwhile, but not for the text files …
so e.g. this
base64 -d > /tmp/mm-install/xinitrc <<< 'IyEvYmluL3NoCgp4c2V0IHMgb2ZmICAgICAgICAgIyBkb24ndCBhY3RpdmF0ZSBzY3JlZW5zYXZl cgp4c2V0IC1kcG1zICAgICAgICAgIyBkaXNhYmxlIERQTVMgKEVuZXJneSBTdGFyKSBmZWF0dXJl cy4KeHNldCBzIG5vYmxhbmsgICAgICMgZG9uJ3QgYmxhbmsgdGhlIHZpZGVvIGRldmljZQoKaWYg WyAtciAiL2V0Yy9tYWdpY21pcnJvci94cmFuZHJfb3B0cyIgXTsgdGhlbgogICAgICAgZWNobyAi cnVubmluZyB4cmFuZHIgd2l0aCBhcmd1bWVudHMgXCIkKGNhdCAvZXRjL21hZ2ljbWlycm9yL3hy YW5kcl9vcHRzKVwiIgogICAgICAgRElTUExBWT06MCB4cmFuZHIgJChjYXQgL2V0Yy9tYWdpY21p cnJvci94cmFuZHJfb3B0cykKZWxzZQoJZWNobyAibm90IHJ1bm5pbmcgeHJhbmRyIgpmaQoKeHNl dHJvb3QgLXNvbGlkIGJsYWNrCgppZiBbIC1yICIvZXRjL21hZ2ljbWlycm9yL3hfYmFja2dyb3Vu ZF9pbWFnZSIgXSAmJiBbIC1yICIkKGNhdCAvZXRjL21hZ2ljbWlycm9yL3hfYmFja2dyb3VuZF9p bWFnZSkiIF07IHRoZW4KCXhsaSAtb25yb290ICQoY2F0IC9ldGMvbWFnaWNtaXJyb3IveF9iYWNr Z3JvdW5kX2ltYWdlKQpmaQoKd2hpbGUgOjsgZG8gc2xlZXAgMTAwMDA7IGRvbmUKCg=='
could be replaced by
cat > /tmp/mm-install/xinitrc <<"EOF" #!/bin/sh xset s off # don't activate screensaver xset -dpms # disable DPMS (Energy Star) features. xset s noblank # don't blank the video device if [ -r "/etc/magicmirror/xrandr_opts" ]; then echo "running xrandr with arguments \"$(cat /etc/magicmirror/xrandr_opts)\"" DISPLAY=:0 xrandr $(cat /etc/magicmirror/xrandr_opts) else echo "not running xrandr" fi xsetroot -solid black if [ -r "/etc/magicmirror/x_background_image" ] && [ -r "$(cat /etc/magicmirror/x_background_image)" ]; then xli -onroot $(cat /etc/magicmirror/x_background_image) fi while :; do sleep 10000; done EOF
-
@karsten13 I tried here-docs initially, and it caused all kinds of problems, from missing newlines to empty files, although at least some of that probably was due to me writing the string to variables instead of directly to files and causing problems with the shell’s variable space.
Using base64 may not strictly necessary, but it’s robust and portable, and not in the least harmful. It’s also relatively easy to fact-check if you have a basic working knowledge of Linux. If you don’t, well then any software is a total black box to you and you just have to trust the person providing it. See the recent kerfuffle around obscured malicious code in ssh. I wouldn’t have been able to find it.
The way it works is, people who have the knowing fact-check and give the thumbs-up for those who don’t.
I’d also like to point out that
a) the contents of the files are listed as comments
b) if you were looking at a binary instead of a script, you’d be no wiser if you had it in binary rather than base64,
c) if I had made the pivot to makeself instead of encoding the files in b64, you’d see even less of the script before you executed it
d) most of the software you have on your system right now was provided in binary form, and
e) unless you are a closet uber-geek, you probably wouldn’t understand half of it if you had the source code, and
f) even if you are, a single human lifetime wouldn’t be nearly enough to fact-check the software on even a basic Linux install.I feel you are blowing the fact that I’m using base64 to encode those files WAY out of proportion. As it is, it’s working as intended, and I’m not going running that gauntlet of trying to get here-docs to work again without better reason than people getting queasy over seeing base64 strings in a file.
If you want to modify it, you’re welcome to do so and provide a well-tested pull request. If on the other hand you wish to reject my work on a technicality like that, that’s a shame, but it hurts the community WAY more than it hurts me.
-
@drdeath sure couldn’t tell from this chain. Feels like a solution in search of a problem.
-
Actually, there’s two more things I’d like to point out, now that I think about it.
First, I specifically put in the readme that the script is written for people with a basic understanding of Linux and X. That’s not saying it can’t be used by people who don’t have that, but everything we’ve been discussing so far boils down to “It’s obscure to people who lack a basic understanding of Linux and X”. Well, yes it is, and I won’t apologize for that.
Second, what sparked the whole controversy was originally the presence of the blackpixel executable in the script. Funny thing is, nobody even asked me about the purpose or the source code of the blackpixel executable when it was still in there. I would have gladly shown it off and explained it, but instead of asking, all anyone ever did was basically criticize me for it being there because they didn’t understand it just by looking at it.
Everybody should remember that IT isn’t easy. If it is easy, that’s because people who have the skills and knowledge put in the work to make it easy for those who don’t. I’m very grateful to all the great people who put in the hard work so I can have Linux, X, MagicMirror or a ridiculously cheap versatile computer like the Raspberry Pi. I just wish the world would reciprocate just this once.
-
I just presented a way to get by without the base64 that others have criticized.
To address me here now as if I was the critic is far-fetched.
If you call for testing here, you also have to be able to deal with criticism - regardless of whether it is justified or not.
-
@karsten13 Sorry, that didn’t come out right. I meant the first paragraph for you and the rest for everyone. Should have made that clearer, my apologies.
-
@drdeath I applaud you for the effort and time you put into this. I was just explaining what the encoding meant and how the others could go about decoding it. I have a fully setup system and my own dev environment and probably would not be able to test your script. My apologies for that. But again, good work and nice effort.
P/s - do not take offence to the community. We are all dev’s around the table and we try and assist to make things better where we can.
-