opensnitch icon indicating copy to clipboard operation
opensnitch copied to clipboard

Published 20 hours ago verified publisher icon evilsocket

package repositories

Open sebastianelsner opened this issue 3 years ago • 13 comments

Currently I have to check on github for new rpm/deb packages and releases. It would be most awesome if opensnitch would be in the official repos for debians and fedoras or have repos at https://copr.fedorainfracloud.org/coprs/ and https://launchpad.net/. for fedora there seems to be one, but it is broken: https://copr.fedorainfracloud.org/coprs/carlis/opensnitch/ Would this be feasable?

sebastianelsner avatar Feb 24 '21 08:02 sebastianelsner

I didn't know about fedorainfracloud, thank you! I'll take a look at it.

Ideally, this should be packaged by the distros, like the AUR packages for Arch/Manjaro/etc, or the Gentoo/Void/pentoo packages.

I've been building latest versions with build.opensuse.org, https://build.opensuse.org/package/binaries/home:gustavo_iniguez_goia:opensnitch/opensnitch/Debian_Unstable

But I've had issues building rpm packages with that service (I've just resolved them a few minutes ago btw). Also I don't know if build.opensuse.org repositories can be used like PPAs, if they have any bandwidth restrictions...

On the other hand, I'm in the process of recovering my launchpad account, which is linked to my GPG key. Once recovered I'll create a PPA.

gustavo-iniguez-goya avatar Feb 24 '21 12:02 gustavo-iniguez-goya

You are absolutely right, I just found getting stuff into upstream repos is quite hard :)

The opensuse build service worked for me as well in the past, was using other repos from there.

sebastianelsner avatar Feb 24 '21 12:02 sebastianelsner

For openSUSE Tumbleweed this should work now. Fixed packages for python-grpcio and python-grpcio-tools have now been transferred to Factory and should be available for Tumbleweed soon. A package for Tumbleweed can be found at https://build.opensuse.org/package/show/home:munix9/opensnitch (https://software.opensuse.org//download.html?project=home:munix9&package=opensnitch). OBS does not allow network access during the build stage, so I created an appropriate vendor package for the required Go modules locally using osc build ... and go mod vendor and this is then used via go build -mod=vendor ... in rpm-spec. This is not an optimal solution, but for now it is not possible to do otherwise. For openSUSE Leap 15.x it looks different, because at least for version 15.2 probably some packages are not up to date enough for building (e.g. python3-protobuf).

munix9 avatar Feb 27 '21 09:02 munix9

Thank you @munix9 ! By the way, python3-protobuf must be at least >=3.4

Some distributions ship an older version (3.0.x) and we're not compatible. An error is displayed to the terminal in this case: TypeError: __new__() got an unexpected keyword argument 'file'

gustavo-iniguez-goya avatar Feb 27 '21 10:02 gustavo-iniguez-goya

Hm, yes, the problem is more with python-grpcio-tools. The build for Leap 15.2 spits out something with ImportError: cannot import name '_protoc_compiler'.

https://build.opensuse.org/package/live_build_log/network/python-grpcio-tools/openSUSE_Leap_15.2/x86_64

munix9 avatar Feb 27 '21 10:02 munix9

And yes, you can use OBS analogous to PPA's, see e.g. the Celestia Development packages at https://build.opensuse.org/package/show/home:munix9:unstable/celestia and https://build.opensuse.org/package/show/home:munix9:unstable/celestia-data.

And the download overview: https://software.opensuse.org//download.html?project=home:munix9:unstable&package=celestia https://software.opensuse.org//download.html?project=home:munix9:unstable&package=celestia-data

munix9 avatar Feb 27 '21 10:02 munix9

This is the error I ran into when I tested OpenSuse's python3-grpcio package:

https://stackoverflow.com/questions/65145129/unable-to-get-grpc-server-working-using-python3-grpcio-shipped-with-several-gnu

gustavo-iniguez-goya avatar Feb 27 '21 10:02 gustavo-iniguez-goya

Yes, there were/are different problems with the python-grpcio packages. With Tumbleweed it was the link-time optimization (LTO) of the compiler - that needs to be turned off. With Leap it will probably be "outdated" (and dependent) packages. It might be possible to provide updated packages for Leap as well, but this has to be considered carefully to avoid breaking the system and/or the dependency of other packages.

munix9 avatar Feb 27 '21 10:02 munix9

Looks like a duplicate of #304.

cheako avatar Mar 10 '21 18:03 cheako

If you actually consider add fedora native packages, it could be nice to use the new pack-it infrastructure that allows direct integration: https://github.com/marketplace/packit-as-a-service

It's a project that tries to help to smooth out the upstream/downstream integration and make it viable for project to create COPR repositories that can be promoted to general packages over time, without a lot of effort from either side.

https://packit.dev/

SISheogorath avatar Jul 25 '22 18:07 SISheogorath

Packaging status

luzpaz avatar Aug 26 '23 12:08 luzpaz

I've bumped Wikidata and freshcode.club

Anyone able to submit opensnitch in to Fedora ?

luzpaz avatar Aug 27 '23 01:08 luzpaz

Can anyone ask the Kali linux package maintainers to bump to 1.6.4 ?

luzpaz avatar Nov 28 '23 12:11 luzpaz