… i dont have a USB with Manjaro ???
… i run an update in the tty from kiconthemes and get this errors:
All those file errors indicate a deeper problem with that filesystem. Open a new thread and check it for errors and free space.
i`ve done two, in english & german !!!
I saw that os-prober has been reenabled with manjaro-system-20210321-2 and I was wondering if thats an upstream change, because the vulnerabilities have been fixed or not. I also could not find any detail to the vulnerabilities in os-prober. Is this related to boothole? I saw the commit message on grub stating that
The os-prober is enabled by default what may lead to potentially
dangerous use cases and borderline opening attack vectors.
But no further details on this. Could anyone point me in the right direction here?
No. It is most likely because this change was not welcomed by a part of the community. It looks like many people prefer having os-prober on by default. Also, considering that many other Linux distros did not make the transition yet, Manjaro suffered from the comparison.
In term of security, there is doubts that disabling os-prober or not would actually matter on Manjaro. The reason is that, as far as I know, in general, vulnerabilities in GRUB are used to circumvent secure boot, a feature that is usually disabled when you use Manjaro (since Manjaro does not really support secure boot at the moment AFAIK); therefore, mitigating an issue that allows the attacker to get around something that is not there to begin with would be kind of useless.
If you actually want to keep it off, you can edit the configuration file to change the option back (then do update-grub).
Honestly, on my side, I somehow got used to it, going in the UEFI settings to boot on Windows instead of Manjaro when I needed to go on Windows.
2 Likes
I’m on KDE, and the update made my system lose the login screen. On further research (non X terminal), I cannot launch kdm nor plasma with this error:
$ kstart5 kdm
symbol lookup error: /usr/lib/libK5KIOCore.so.5 : undefined symbol: blah
Is there any way I could save this install? I’d rather not reinstall.
It could be that I screwed up the kde/qt libs by trying to install a .deb with a converter tool to AUR package… and it may have failed in a way that breaks the system.
I don’t care if I have to sacrifice KDE (I use it with openbox). I just don’t want to have to set up everything from scratch.
Thanks!
Hi,
I think this thread may be related to your error
1 Like
I have already tried the PulseEffects solutions proposed in the know issues section
I suggest you start a new topic with a pipewire tag
and post system information
inxi -Fazy
and information about the systemd sockets and services for Pipewire
systemctl --user -l -no-pager status pipewire*
AFAIK there are 3 services - pipewire.service; pipewire-pulse.service and pipewire-media-session.service
1 Like
I single-boot, use secure boot and had the prober “disabled” in grub config long before.
Curiously the disablement seems to have kicked in only now, after the security issue became public.
The reason I presume this, is that os-prober can’t handle lvm snapshots of rootfs (it leads to leaked file descriptor errors and a hung update-grub). With this update this issue is finally gone.
It’s a win-win in my book.
Hmm, interesting so there was something fixed in os-prober that could classify as a vulnerability. The question is if this also is the issue because of which os-prober got disabled in the first place.
@Frog I don’t think all vulnerabilities in grub are solely used to bypass secure boot. There might be other attack vectors here aswell (although I do not know enough about grub to tell you what could be a possible one). Of course a patch to boothole does not make a difference if your system is not using secure boot. That’s one of the reasons I’d like to know what the vulnerability was in the first place.
Maybe someone else can shed more light on this?
There were links to all the information on the grub issues in the 2021-03-08 stable update thread however, here is a link again to a posting from ubuntu on the 8 security issues that are now fixed.
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass2021
Almost all (7 of the 8) have to do with secure boot issues or vulnerabilities that allow the secure boot issue to take place.
1 Like
It can’t. I always ended up killing a grub-mount in those cases.
A post was merged into an existing topic: Update requests for packages imported from Arch Linux
This is exactly what I’ve been looking for, must have overlooked it in the other thread. Thank you very much!
Pretty sure you dont need this anymore. None of my XFCE installations have it and my volume keys are working as expected. My guess is that this package is interfering with the way XFCE now handles things. Remove and reboot, see if that helps.
EDIT:
Multimedia keys are now handled by xfce4-pulseaudio-plugin (which sits in the notification area).
If you right click on the notification area icon and select “properties”, you will find an option to toggle this behavior.
1 Like
After this updated I’m facing random issue related to the OS. Suddenly the system lock the mouse, make log off, to black screen and reload the screen in a kind of pixeled image e starts to blink the screen not completing the load bar so it requires me to to push reset bottom.
It was needed to use the my cellphone camera to get an image.
Is there any log I should get information to post here in order to better understand what is happening?
I made the update at 25/mar and this issue happen only two times, been surfing in the internet and playing games with any issue, it’s really happen random and more when like the system is not in issue maybe maybe some issue related to energy management, don’t know.
Regards,
System:
Kernel: 5.10.23-1-MANJARO x86_64 bits: 64 compiler: gcc v: 10.2.0
parameters: BOOT_IMAGE=/boot/vmlinuz-5.10-x86_64
root=UUID=dfa33105-8d9e-4555-9174-609a71216485 ro quiet apparmor=1
security=apparmor resume=UUID=493ccde5-7f80-4bf5-b22c-98ce796aade6
udev.log_priority=3
Desktop: KDE Plasma 5.21.3 tk: Qt 5.15.2 wm: kwin_x11 vt: 1 dm: SDDM
Distro: Manjaro Linux base: Arch Linux
Machine:
Type: Desktop Mobo: Gigabyte model: GA-870A-UD3 v: x.x serial: <filter>
BIOS: Award v: F5 date: 08/01/2011
Memory:
RAM: total: 7.77 GiB used: 2.93 GiB (37.7%)
RAM Report: permissions: Unable to run dmidecode. Root privileges required.
CPU:
Info: Quad Core model: AMD Phenom II X4 965 bits: 64 type: MCP arch: K10
family: 10 (16) model-id: 4 stepping: 3 microcode: 10000C8 cache: L2: 2 MiB
bogomips: 27334
Speed: 800 MHz min/max: 800/3400 MHz Core speeds (MHz): 1: 800 2: 800 3: 800
4: 2200
Flags: 3dnow 3dnowext 3dnowprefetch abm apic clflush cmov cmp_legacy
constant_tsc cpuid cr8_legacy cx16 cx8 de extapic extd_apicid fpu fxsr
fxsr_opt ht hw_pstate ibs lahf_lm lbrv lm mca mce misalignsse mmx mmxext
monitor msr mtrr nonstop_tsc nopl npt nrip_save nx osvw pae pat pdpe1gb pge
pni popcnt pse pse36 rdtscp rep_good sep skinit sse sse2 sse4a svm svm_lock
syscall tsc vme vmmcall wdt
Vulnerabilities: Type: itlb_multihit status: Not affected
Type: l1tf status: Not affected
Type: mds status: Not affected
Type: meltdown status: Not affected
Type: spec_store_bypass status: Not affected
Type: spectre_v1
mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2
mitigation: Full AMD retpoline, STIBP: disabled, RSB filling
Type: srbds status: Not affected
Type: tsx_async_abort status: Not affected
Graphics:
Device-1: AMD Ellesmere [Radeon RX 470/480/570/570X/580/580X/590]
vendor: Micro-Star MSI driver: amdgpu v: kernel bus-ID: 01:00.0
chip-ID: 1002:67df class-ID: 0300
Display: x11 server: X.Org 1.20.10 compositor: kwin_x11 driver:
loaded: amdgpu,ati unloaded: modesetting,radeon alternate: fbdev,vesa
display-ID: :0 screens: 1
Screen-1: 0 s-res: 1920x1080 s-dpi: 96 s-size: 508x285mm (20.0x11.2")
s-diag: 582mm (22.9")
Monitor-1: DVI-D-0 res: 1920x1080 hz: 60 dpi: 96
size: 510x290mm (20.1x11.4") diag: 587mm (23.1")
OpenGL: renderer: Radeon RX 570 Series (POLARIS10 DRM 3.40.0
5.10.23-1-MANJARO LLVM 11.1.0)
v: 4.6 Mesa 20.3.4 direct render: Yes
Audio:
Device-1: AMD SBx00 Azalia vendor: Gigabyte GA-880GMA-USB3
driver: snd_hda_intel v: kernel bus-ID: 00:14.2 chip-ID: 1002:4383
class-ID: 0403
Device-2: AMD Ellesmere HDMI Audio [Radeon RX 470/480 / 570/580/590]
vendor: Micro-Star MSI driver: snd_hda_intel v: kernel bus-ID: 01:00.1
chip-ID: 1002:aaf0 class-ID: 0403
Sound Server-1: ALSA v: k5.10.23-1-MANJARO running: yes
Sound Server-2: JACK v: 0.125.0 running: no
Sound Server-3: PulseAudio v: 14.2 running: yes
Sound Server-4: PipeWire v: 0.3.23 running: yes
Network:
Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet
vendor: Gigabyte driver: r8169 v: kernel port: 9e00 bus-ID: 06:00.0
chip-ID: 10ec:8168 class-ID: 0200
IF: enp6s0 state: up speed: 100 Mbps duplex: full mac: <filter>
IP v4: <filter> type: dynamic noprefixroute scope: global
broadcast: <filter>
IP v6: <filter> type: noprefixroute scope: link
WAN IP: <filter>
Bluetooth:
Message: No Bluetooth data was found.
Logical:
Message: No LVM data was found.
RAID:
Message: No RAID data was found.
Drives:
Local Storage: total: 2.48 TiB used: 1.83 TiB (73.8%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/sda maj-min: 8:0 vendor: SanDisk model: SSD PLUS 240GB
size: 223.58 GiB block-size: physical: 512 B logical: 512 B speed: 6.0 Gb/s
rotation: SSD serial: <filter> rev: 00RL scheme: MBR
ID-2: /dev/sdb maj-min: 8:16 vendor: Corsair model: Corsair Force GS
size: 119.24 GiB block-size: physical: 512 B logical: 512 B speed: 6.0 Gb/s
rotation: SSD serial: <filter> rev: 5.07 scheme: MBR
ID-3: /dev/sdc maj-min: 8:32 vendor: Patriot model: Burst size: 223.57 GiB
block-size: physical: 512 B logical: 512 B speed: 6.0 Gb/s rotation: SSD
serial: <filter> rev: KB.3 scheme: MBR
ID-4: /dev/sdd maj-min: 8:48 vendor: Crucial model: CT120BX100SSD1
size: 111.79 GiB block-size: physical: 512 B logical: 512 B speed: 6.0 Gb/s
rotation: SSD serial: <filter> rev: MU01 scheme: GPT
ID-5: /dev/sde maj-min: 8:64 vendor: Western Digital model: WD20PURZ-85GU6Y0
size: 1.82 TiB block-size: physical: 4096 B logical: 512 B speed: 6.0 Gb/s
rotation: 5400 rpm serial: <filter> rev: 0A80 scheme: MBR
Optical-1: /dev/sr0 vendor: HL-DT-ST model: DVDRAM GH22NS50 rev: TN02
dev-links: cdrom
Features: speed: 48 multisession: yes audio: yes dvd: yes
rw: cd-r,cd-rw,dvd-r,dvd-ram state: running
Partition:
ID-1: / raw-size: 214.77 GiB size: 210.4 GiB (97.96%)
used: 45.82 GiB (21.8%) fs: ext4 dev: /dev/sdc1 maj-min: 8:33
label: LINUX-SSD uuid: dfa33105-8d9e-4555-9174-609a71216485
ID-2: /home/<filter>/Games raw-size: 111.79 GiB size: 109.47 GiB (97.93%)
used: 58.34 GiB (53.3%) fs: ext4 dev: /dev/sdd1 maj-min: 8:49
label: LINUX-GAMES uuid: ef7d7ba9-f8da-4419-b9a3-ca9e2232da86
ID-3: /home/<filter>/HDD-DATA-2T raw-size: 1.82 TiB size: 1.82 TiB (100.00%)
used: 1.73 TiB (95.0%) fs: ntfs dev: /dev/sde1 maj-min: 8:65 label: DATA_2T
uuid: 28A6726FA6723CFE
Swap:
Kernel: swappiness: 60 (default) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 8.8 GiB used: 0 KiB (0.0%) priority: -2
dev: /dev/sdc2 maj-min: 8:34 label: N/A
uuid: 493ccde5-7f80-4bf5-b22c-98ce796aade6
Unmounted:
ID-1: /dev/sda1 maj-min: 8:1 size: 100 MiB fs: ntfs label: System Reserved
uuid: E680DA2C5F90FD24
ID-2: /dev/sda2 maj-min: 8:2 size: 223.48 GiB fs: ntfs label: WIN-SSD
uuid: 07492E03A516286B
ID-3: /dev/sdb1 maj-min: 8:17 size: 119.24 GiB fs: ntfs label: WIN-GAMES
uuid: EAE6EE7DE6EE4A01
USB:
Hub-1: 1-0:1 info: Full speed (or root) Hub ports: 5 rev: 2.0
speed: 480 Mb/s chip-ID: 1d6b:0002 class-ID: 0900
Hub-2: 2-0:1 info: Full speed (or root) Hub ports: 5 rev: 2.0
speed: 480 Mb/s chip-ID: 1d6b:0002 class-ID: 0900
Hub-3: 3-0:1 info: Full speed (or root) Hub ports: 4 rev: 2.0
speed: 480 Mb/s chip-ID: 1d6b:0002 class-ID: 0900
Hub-4: 4-0:1 info: Full speed (or root) Hub ports: 5 rev: 1.1 speed: 12 Mb/s
chip-ID: 1d6b:0001 class-ID: 0900
Hub-5: 5-0:1 info: Full speed (or root) Hub ports: 5 rev: 1.1 speed: 12 Mb/s
chip-ID: 1d6b:0001 class-ID: 0900
Hub-6: 6-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s
chip-ID: 1d6b:0001 class-ID: 0900
Hub-7: 7-0:1 info: Full speed (or root) Hub ports: 4 rev: 1.1 speed: 12 Mb/s
chip-ID: 1d6b:0001 class-ID: 0900
Device-1: 7-3:2 info: SINO WEALTH USB KEYBOARD type: Keyboard,HID
driver: hid-generic,usbhid interfaces: 2 rev: 1.1 speed: 1.5 Mb/s
power: 100mA chip-ID: 258a:0001 class-ID: 0300
Device-2: 7-4:3 info: Pixart Imaging Optical Mouse type: Mouse
driver: hid-generic,usbhid interfaces: 1 rev: 1.1 speed: 1.5 Mb/s
power: 100mA chip-ID: 093a:2521 class-ID: 0301
Hub-8: 8-0:1 info: Full speed (or root) Hub ports: 2 rev: 2.0
speed: 480 Mb/s chip-ID: 1d6b:0002 class-ID: 0900
Hub-9: 9-0:1 info: Full speed (or root) Hub ports: 2 rev: 3.0 speed: 5 Gb/s
chip-ID: 1d6b:0003 class-ID: 0900
Sensors:
System Temperatures: cpu: 39.5 C mobo: N/A gpu: amdgpu temp: 45.0 C
Fan Speeds (RPM): N/A gpu: amdgpu fan: 922
Info:
Processes: 257 Uptime: 45m wakeups: 0 Init: systemd v: 247 tool: systemctl
Compilers: gcc: 10.2.0 Packages: pacman: 1364 lib: 431 flatpak: 0
Shell: Bash v: 5.1.0 running-in: yakuake inxi: 3.3.03
If it’s happening when the system is idle it could be trying to suspend and running into a problem.
Check the settings in ‘System Settings’ > ‘Power Management’ > ‘Energy Saving’
Thanks for this nice update.
After the update of the 8th March and once again after this update, the shortcut Alt + Shift for switching from one keyboard layout to another, does not work any more. To make it working again, I have found a workaround: I have to put the laptop to sleep, and make it wake up from the sleep: after that, it works again from one keyboard to a second one but not to the third and fourth one configured. So I have to put it to sleep two more times, in order to be able to switch between my four different keyboard layouts. Would it be possible to change this small problem, if it would appear after a next update?
Thanks!