Template talk:Installation/RVM: Difference between revisions

From diaspora* project wiki
No edit summary
 
Line 147: Line 147:


Do you maybe have some curlrc setting that enables https if no protocol is specified? --[[User:Jhass|Jhass]] ([[User talk:Jhass|talk]]) 14:19, 16 October 2014 (UTC)
Do you maybe have some curlrc setting that enables https if no protocol is specified? --[[User:Jhass|Jhass]] ([[User talk:Jhass|talk]]) 14:19, 16 October 2014 (UTC)
I did create a new user on the same machine an tried again and did not had the same problem ....so I think we can remove the note from the wiki.--[[User:jlebleu|jlebleu]] ([[User talk:jlebleu|talk]]) 10:10, 17 October 2014

Latest revision as of 08:11, 17 October 2014

cURL note

Hey User:Jlebleu, mind explaining how I can reproduce the issue that lead you to add that note? --Jhass (talk) 13:21, 16 October 2014 (UTC)

What I Did

  • A wheezy basic install in a new VM (virtualbox)
  • created a user diaspora with no rights and no access to sudo
  • followed all installation instruction in page till curl -L dspr.tk/1t | bash
  • Had the problem
diaspora@debian-wheezy:~$ curl --insecure -L dspr.tk/1t | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0   649    0     0    478      0 --:--:--  0:00:01 --:--:--  5276
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
  • That's it

I can't reproduce that issue:

sudo systemd-nspawn -D debian/wheezy
Spawning container wheezy on /home/jhass/chroots/debian/wheezy.
Press ^] three times within 1s to kill container.
root@wheezy:~# curl
-bash: curl: command not found
root@wheezy:~# apt-get install curl
Reading package lists... Done
Building dependency tree... Done
The following extra packages will be installed:
  libcurl3
The following NEW packages will be installed:
  curl libcurl3
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 600 kB of archives.
After this operation, 988 kB of additional disk space will be used.
Do you want to continue [Y/n]? 
WARNING: The following packages cannot be authenticated!
  libcurl3 curl
Install these packages without verification [y/N]? y
Get:1 http://ftp.us.debian.org/debian/ wheezy/main libcurl3 amd64 7.26.0-1+wheezy9 [331 kB]
Get:2 http://ftp.us.debian.org/debian/ wheezy/main curl amd64 7.26.0-1+wheezy9 [270 kB]
Fetched 600 kB in 3s (196 kB/s)
Selecting previously unselected package libcurl3:amd64.
(Reading database ... 9664 files and directories currently installed.)
Unpacking libcurl3:amd64 (from .../libcurl3_7.26.0-1+wheezy9_amd64.deb) ...
Selecting previously unselected package curl.
Unpacking curl (from .../curl_7.26.0-1+wheezy9_amd64.deb) ...
Processing triggers for man-db ...
Setting up libcurl3:amd64 (7.26.0-1+wheezy9) ...
Setting up curl (7.26.0-1+wheezy9) ...
root@wheezy:~# adduser diaspora
Adding user `diaspora' ...
Adding new group `diaspora' (1000) ...
Adding new user `diaspora' (1000) with group `diaspora' ...
Creating home directory `/home/diaspora' ...
Copying files from `/etc/skel' ...
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
Changing the user information for diaspora
Enter the new value, or press ENTER for the default
        Full Name []: 
        Room Number []: 
        Work Phone []: 
        Home Phone []: 
        Other []: 
Is the information correct? [Y/n] 
root@wheezy:~# su diaspora
diaspora@wheezy:/root$ cd
diaspora@wheezy:~$ curl -L dspr.tk/1t
#!/usr/bin/env sh
# this script installs rvm with the most recent stable version of ruby
# and makes sure it is not run as root,
# based on my earlier attempt for a general purpose root avoidance
# https://gist.github.com/3930399
# the command we'll be running
export RVM_CMD="curl -L https://get.rvm.io | bash -s stable"
# put some colors in there
case "$TERM" in
  xterm*|rxvt*)
    read -r red RED cyan CYAN NC <<'EOT'
\033[0;31m \033[1;31m \033[0;36m \033[1;36m \033[0m
EOT
    ;;
esac

# don't run as root!
if [ `id -u` -eq 0 ] ; then
  printf "${red}don't run this script as ${RED}root${red}!${NC}\n"
  exit 1
fi

# execute
eval "$RVM_CMD"
diaspora@wheezy:~$ curl --insecure -L dspr.tk/1t
#!/usr/bin/env sh

# this script installs rvm with the most recent stable version of ruby
# and makes sure it is not run as root,
# based on my earlier attempt for a general purpose root avoidance
# https://gist.github.com/3930399

# the command we'll be running
export RVM_CMD="curl -L https://get.rvm.io | bash -s stable"

# put some colors in there
case "$TERM" in
  xterm*|rxvt*)
    read -r red RED cyan CYAN NC <<'EOT'
\033[0;31m \033[1;31m \033[0;36m \033[1;36m \033[0m
EOT
    ;;
esac

# don't run as root!
if [ `id -u` -eq 0 ] ; then
  printf "${red}don't run this script as ${RED}root${red}!${NC}\n"
  exit 1
fi

# execute
eval "$RVM_CMD"
diaspora@wheezy:~$ exit
root@wheezy:~# logout

Do you maybe have some curlrc setting that enables https if no protocol is specified? --Jhass (talk) 14:19, 16 October 2014 (UTC)

I did create a new user on the same machine an tried again and did not had the same problem ....so I think we can remove the note from the wiki.--jlebleu (talk) 10:10, 17 October 2014