Posts by sky42

pasnox found and hopefully fixed it

LibreELEC (sky42): 10.0.4-#230120a (RPi4.arm)

nutsy:~ # ldd /usr/lib/systemd/system-generators/systemd-cryptsetup-generator

/usr/lib/libarmmem-v7l.so (0xf7857000)

libsystemd-shared-247.so => /usr/lib/libsystemd-shared-247.so (0xf762b000)

libc.so.6 => /usr/lib/libc.so.6 (0xf74ec000)

/lib/ld-linux-armhf.so.3 => /usr/lib/ld-linux-armhf.so.3 (0xf786c000)

libblkid.so.1 => /usr/lib/libblkid.so.1 (0xf74ac000)

libcrypt.so.1 => /usr/lib/libcrypt.so.1 (0xf746d000)

libkmod.so.2 => /usr/lib/libkmod.so.2 (0xf744b000)

libmount.so.1 => /usr/lib/libmount.so.1 (0xf7400000)

librt.so.1 => /usr/lib/librt.so.1 (0xf73e9000)

libm.so.6 => /usr/lib/libm.so.6 (0xf7380000)

libdl.so.2 => /usr/lib/libdl.so.2 (0xf736d000)

libpthread.so.0 => /usr/lib/libpthread.so.0 (0xf7344000)

nutsy:~ #

LibreELEC (sky42): 10.0.4-#230120a (Generic.x86_64)

twang:~ # ldd /usr/lib/systemd/system-generators/systemd-cryptsetup-generator

linux-vdso.so.1 (0x00007ffee2f3f000)

libsystemd-shared-247.so => /usr/lib/libsystemd-shared-247.so (0x00007fb17662e000)

libc.so.6 => /usr/lib/libc.so.6 (0x00007fb176474000)

libblkid.so.1 => /usr/lib/libblkid.so.1 (0x00007fb176426000)

libcrypt.so.1 => /usr/lib/libcrypt.so.1 (0x00007fb1763ec000)

libkmod.so.2 => /usr/lib/libkmod.so.2 (0x00007fb1763d2000)

libmount.so.1 => /usr/lib/libmount.so.1 (0x00007fb176378000)

librt.so.1 => /usr/lib/librt.so.1 (0x00007fb17636e000)

libdl.so.2 => /usr/lib/libdl.so.2 (0x00007fb176369000)

libpthread.so.0 => /usr/lib/libpthread.so.0 (0x00007fb176348000)

/lib64/ld-linux-x86-64.so.2 => /usr/lib64/ld-linux-x86-64.so.2 (0x00007fb1768a4000)

twang:~ #

new version 230120a is now uploading to the download server

pasnox i can confirm seeing the /usr/lib/systemd/system-generators/systemd-cryptsetup-generator problem and will have a look if i can solve that.

I taped together a download server with hotglue (so to speak). At the moment only 10.0.4. More later.

RPI4 and Generic 10.0.4 are boot tested.

Release version 10.0.4-230120

download link sky42 LibreELEC community builds

based on https://libreelec.tv/2023/01/15/libreelec-matrix-10-0-4/

- update to latest upstream commit in branch libreelec-10.0

diff of my source
https://github.com/LibreELEC/L…ibreELEC.tv:10.0.4-230120

I am so sorry.
In the past 6 month i was very busy at work and with other privat things. On top of that i still have some storage trouble hosting the images.
Just finished builing 10.0.4. Now i need to sort out the storage trouble to give you all access to the images.

sky42

Release version 10.0.2-#220810

download link sky42 LibreELEC community builds

based on https://libreelec.tv/2022/03/09/libreelec-matrix-10-0-2/

- update to latest upstream commit in branch libreelec-10.0

diff of my source

Comparing LibreELEC:8ee20d0...sky42src:10.0.2-220810 · LibreELEC/LibreELEC.tv

Just enough OS for KODI. Contribute to LibreELEC/LibreELEC.tv development by creating an account on GitHub.

github.com

Sorry I have no idea how to help you. Never really used bitlocker on Linux except for a short test.

Can you compare debug output from raspbian and LE. Also probably version numbers of lvm2, cryptsetup and openssl. But that is just poking in the dark.

Release version 10.0.2-#220520

download link sky42 LibreELEC community builds

based on https://libreelec.tv/2022/03/09/libreelec-matrix-10-0-2/

- update to latest upstream commit in branch libreelec-10.0
- kernel update to 5.10.117 for Generic, RockChip and Allwinner

- kernel update 5.10.110 (latest RPi 5.10.y source)

diff of my source

Comparing LibreELEC:542aae4...sky42src:14c125d · LibreELEC/LibreELEC.tv

Just enough OS for KODI. Contribute to LibreELEC/LibreELEC.tv development by creating an account on GitHub.

github.com

Release version 10.0.2-#220310

download link sky42 LibreELEC community builds

based on https://libreelec.tv/2022/03/09/libreelec-matrix-10-0-2/

2 more merged PRs from upstream
- kernel 5.10.104 for Generic, Allwinner, Rockchip (including dirty pipe fix)

- RPi2/4 kernel dirty pipe fix

diff of my source
https://github.com/LibreELEC/L…...sky42src:10.0.2-220310

Release version 10.0.2-#220304

download link sky42 LibreELEC community builds

based on https://libreelec.tv/2022/03/09/libreelec-matrix-10-0-2/

RPi2 is new, but not all is like in LE 9.2. As far as i know at least GPU accelerated HEVC playback is no longer available on RPi2/3

diff of my source
https://github.com/LibreELEC/L…...sky42src:10.0.2-220304

PMA1 for the screensave part please try official LE and check if the problem is also there. If not i can not really help, because i just patched in the encryption.

Next on my list is to include clevis, so that i can use NDBE. But i dont thing this year.

Release version 10.0.1-#211219 not for Rockchip

download link sky42 LibreELEC community builds

based on https://libreelec.tv/2021/11/03/libreelec-matrix-10-0-1/

- upstream update from libreelec-10.0 branch up to mid day 2021-12-19

- kernel update to 5.10.87 (could not fix patches for Rockchip)

- RPi4 fix now with all the crypttools and kernel options (i really did patch the wrong kernel config, thanks Lenoxi )

diff of my source
https://github.com/LibreELEC/L…...sky42src:10.0.1-211219

fourbian now RPi4 is fixed

Release version 10.0.1-#211029

download link sky42 LibreELEC community builds

based on https://libreelec.tv/2021/11/03/libreelec-matrix-10-0-1/

RPi4 has a bug and is at least cryptsetup missing.

The Allwinner and Rockchip build are absolutly not tested, just build.

 Edit

Oh and i was neglecting my LE images. I did build a 10.01 but never did release it. Will fix that too. Sorry.

fourbian you did not miss anythimg. There is a bug in my RPi4 image and Lenoxi find it and wrote me. I missed the change of kernel config file as RPi4 kernel changed to 64 bit and my autodetect is looking in the wrong kernel config to see if encryption is enabled.

I will fix that.

matthuo I am sorry the use of ext4 filesystem encryption is very bad documented and the most helpfull would be reading how to use fscryptctl. There is no script to automtic mount these ext4 encryption. I build some rather complicated ones for my self, but they are in no shape to give them away.

The most promising to automate is full disk or partion encrytion with luks and there is plenty of instructions out there how to do it.

With NBDE one can do full disk encryption bound to the nework where servers are to get the decrytion key from (that is over simplyfied), but for that i need at least to put clevis in LE, what i have not yet done. You need at least one tang backend server in the network to automatic decrypt at boot if the OS supports that.

RHEL 7 and 8 (and Clones like CentOS, AlmaLinux and Rocky Linux) do support NBDE and we use it at work.

Some links about the rather heavy topic of Network Bound Disk Encryption
Network-Bound Disk Encryption in Red Hat Linux 7 - Cybersecurity Insiders

Network-Bound Disk Encryption | Heinlein Support GmbH

Chapter 12. Configuring automated unlocking of encrypted volumes using policy-based decryption Red Hat Enterprise Linux 8 | Red Hat Customer Portal

Network-Bound Disk Encryption improvements in RHEL 8

Release version 10.0.0-#210812 Generic, RPi4, Allwinner and #210830 for Rockchip

download link sky42 LibreELEC community builds

based on LibreELEC (Matrix) 10.0.0 - LibreELEC

I finally made the config for Rockchip, so now all official LE 10 supported architetures are build.

The Allwinner and Rockchip build are absolutly not tested, just build.

pasnox Sorry. Something in 10.0 did break my releases.json creation. I excluded now 10.0 and recreated them for 9.0 and 9.2.