25 Feb 2025

Previous: 17 Feb 2025 Next: 3 Mar 2025
  1. Babel: opam repository with pubgrub-opam

    1. A Debian/Alpine encoding in PubGrub, which I think should be much simpler than Opam

      1. X Got the basics in pubgrub-debian

        Here’s a solve of openssh-server:

        (openssh-server, 1:7.9p1-10+deb10u2) -> (libssl1.1, >=1.1.1), (openssh-client, 1:7.9p1-10+deb10u2), (libc6, >=2.26), (libcom-err2, >=1.43.9), (procps, *), (lsb-base, >=4.1+Debian3), (libaudit1, >=1:2.2.1), (dpkg, >=1.9.0), (ucf, >=0.28), (libselinux1, >=1.32), (libgssapi-krb5-2, >=1.17), (libsystemd0, *), (debconf: >=0.5 | debconf-2.0: *, *), (libpam0g, >=0.99.7.1), (openssh-sftp-server, *), (libpam-runtime, >=0.76-14), (libpam-modules, >=0.72-9), (zlib1g, >=1:1.1.4), (adduser, >=3.9), (libkrb5-3, >=1.13~alpha1+dfsg), (libwrap0, >=7.6-4~)
        (libssl1.1, 1.1.1n-0+deb10u3) -> (libc6, >=2.25), (debconf: >=0.5 | debconf-2.0: *, *)
        (openssh-client, 1:7.9p1-10+deb10u2) -> (dpkg, >=1.7.0), (libselinux1, >=1.32), (libssl1.1, >=1.1.1), (libgssapi-krb5-2, >=1.17), (libc6, >=2.26), (libedit2, >=2.11-20080614-0), (passwd, *), (adduser, >=3.10), (zlib1g, >=1:1.1.4)
        (libc6, 2.28-10+deb10u1) -> (libgcc1, *)
        (libcom-err2, 1.44.5-1+deb10u3) -> (libc6, >=2.17)
        (procps, 2:3.3.15-2) -> (libtinfo6, >=6), (lsb-base, >=3.0-10), (libprocps7, >=2:3.3.15-1), (init-system-helpers, >=1.29~), (libc6, >=2.27), (libncurses6, >=6), (libncursesw6, >=6)
        (lsb-base, 10.2019051400)
        (libaudit1, 1:2.8.4-3) -> (libcap-ng0, >=0.7.9), (libaudit-common, >=1:2.8.4-3), (libc6, >=2.14)
        (dpkg, 1.19.8) -> (tar, >=1.28-1)
        (ucf, 3.0038+nmu1) -> (sensible-utils, *), (coreutils, >=5.91), (debconf, >=1.5.19)
        (libselinux1, 2.8-1+b1) -> (libpcre3, *), (libc6, >=2.14)
        (libgssapi-krb5-2, 1.17-3+deb10u4) -> (libkeyutils1, >=1.4), (libkrb5support0, >=1.15~beta1), (libkrb5-3, 1.17-3+deb10u4), (libc6, >=2.27), (libk5crypto3, >=1.16), (libcom-err2, >=1.43.9)
        (libsystemd0, 241-7~deb10u8)
        (debconf: >=0.5 | debconf-2.0: *, debconf) -> (debconf, >=0.5)
        (libpam0g, 1.3.1-5) -> (libc6, >=2.14), (debconf: >=0.5 | debconf-2.0: *, *), (libaudit1, >=1:2.2.1)
        (openssh-sftp-server, 1:7.9p1-10+deb10u2) -> (libc6, >=2.26), (openssh-client, 1:7.9p1-10+deb10u2)
        (libpam-runtime, 1.3.1-5) -> (debconf: >=0.5 | debconf-2.0: *, *), (debconf: >=1.5.19 | cdebconf: *, *), (libpam-modules, >=1.0.1-6)
        (libpam-modules, 1.3.1-5)
        (zlib1g, 1:1.2.11.dfsg-1+deb10u1) -> (libc6, >=2.14)
        (adduser, 3.118) -> (debconf: >=0.5 | debconf-2.0: *, *), (passwd, *)
        (libkrb5-3, 1.17-3+deb10u4) -> (libkeyutils1, >=1.5.9), (libssl1.1, >=1.1.0), (libkrb5support0, 1.17-3+deb10u4), (libc6, >=2.16), (libk5crypto3, >=1.15~beta1), (libcom-err2, >=1.43.9)
        (libwrap0, 7.6.q-28) -> (libc6, >=2.14)
        (libedit2, 3.1-20181209-1) -> (libtinfo6, >=6), (libc6, >=2.14), (libbsd0, >=0.0)
        (passwd, 1:4.5-1.1) -> (libselinux1, >=1.32), (libpam-modules, *), (libsemanage1, >=2.0.3), (libc6, >=2.14), (libpam0g, >=0.99.7.1), (libaudit1, >=1:2.2.1)
        (libgcc1, 1:8.3.0-6) -> (libc6, >=2.14), (gcc-8-base, 8.3.0-6)
        (libtinfo6, 6.1+20181013-2+deb10u2) -> (libc6, >=2.16)
        (libprocps7, 2:3.3.15-2) -> (libsystemd0, >=209), (libc6, >=2.14)
        (init-system-helpers, 1.56+nmu1) -> (perl-base, >=5.20.1-3)
        (libncurses6, 6.1+20181013-2+deb10u2) -> (libtinfo6, 6.1+20181013-2+deb10u2), (libc6, >=2.14)
        (libncursesw6, 6.1+20181013-2+deb10u2) -> (libtinfo6, 6.1+20181013-2+deb10u2), (libc6, >=2.14)
        (libcap-ng0, 0.7.9-2) -> (libc6, >=2.8)
        (libaudit-common, 1:2.8.4-3)
        (tar, 1.30+dfsg-6)
        (sensible-utils, 0.0.12)
        (coreutils, 8.30-3)
        (debconf, 1.5.71+deb10u1)
        (libpcre3, 2:8.39-12) -> (libc6, >=2.14)
        (libkeyutils1, 1.6-6) -> (libc6, >=2.14)
        (libkrb5support0, 1.17-3+deb10u4) -> (libc6, >=2.14), (libkeyutils1, >=1.4)
        (libk5crypto3, 1.17-3+deb10u4) -> (libc6, >=2.14), (libkrb5support0, >=1.16), (libkeyutils1, >=1.4)
        (debconf: >=1.5.19 | cdebconf: *, debconf) -> (debconf, >=1.5.19)
        (libbsd0, 0.9.1-2+deb10u1) -> (libc6, >=2.25)
        (libsemanage1, 2.8-2) -> (libselinux1, >=2.8), (libsepol1, >=2.8), (libsemanage-common, 2.8-2), (libc6, >=2.14), (libbz2-1.0, *), (libaudit1, >=1:2.2.1)
        (gcc-8-base, 8.3.0-6)
        (perl-base, 5.28.1-6+deb10u1)
        (libsepol1, 2.8-1) -> (libc6, >=2.14)
        (libsemanage-common, 2.8-2)
        (libbz2-1.0, 1.0.6-9.2~deb10u1) -> (libc6, >=2.4)
        
        Solution Set:
                (libssl1.1, 1.1.1n-0+deb10u3)
                (libaudit-common, 1:2.8.4-3)
                (libprocps7, 2:3.3.15-2)
                (init-system-helpers, 1.56+nmu1)
                (libc6, 2.28-10+deb10u1)
                (libedit2, 3.1-20181209-1)
                (libcom-err2, 1.44.5-1+deb10u3)
                (libgcc1, 1:8.3.0-6)
                (libkeyutils1, 1.6-6)
                (libsemanage-common, 2.8-2)
                (libncursesw6, 6.1+20181013-2+deb10u2)
                (openssh-server, 1:7.9p1-10+deb10u2)
                (libaudit1, 1:2.8.4-3)
                (dpkg, 1.19.8)
                (ucf, 3.0038+nmu1)
                (libgssapi-krb5-2, 1.17-3+deb10u4)
                (libsystemd0, 241-7~deb10u8)
                (libpam0g, 1.3.1-5)
                (libpam-modules, 1.3.1-5)
                (passwd, 1:4.5-1.1)
                (libbz2-1.0, 1.0.6-9.2~deb10u1)
                (sensible-utils, 0.0.12)
                (libkrb5support0, 1.17-3+deb10u4)
                (adduser, 3.118)
                (libkrb5-3, 1.17-3+deb10u4)
                (libwrap0, 7.6.q-28)
                (libncurses6, 6.1+20181013-2+deb10u2)
                (libpcre3, 2:8.39-12)
                (openssh-client, 1:7.9p1-10+deb10u2)
                (libbsd0, 0.9.1-2+deb10u1)
                (libsemanage1, 2.8-2)
                (perl-base, 5.28.1-6+deb10u1)
                (tar, 1.30+dfsg-6)
                (procps, 2:3.3.15-2)
                (coreutils, 8.30-3)
                (debconf, 1.5.71+deb10u1)
                (libcap-ng0, 0.7.9-2)
                (libk5crypto3, 1.17-3+deb10u4)
                (lsb-base, 10.2019051400)
                (zlib1g, 1:1.2.11.dfsg-1+deb10u1)
                (libselinux1, 2.8-1+b1)
                (gcc-8-base, 8.3.0-6)
                (libsepol1, 2.8-1)
                (openssh-sftp-server, 1:7.9p1-10+deb10u2)
                (libpam-runtime, 1.3.1-5)
                (libtinfo6, 6.1+20181013-2+deb10u2)
        
        Resolved Dependency Graph:
                (adduser, 3.118) -> (debconf, 1.5.71+deb10u1), (passwd, 1:4.5-1.1)
                (coreutils, 8.30-3)
                (debconf, 1.5.71+deb10u1)
                (dpkg, 1.19.8) -> (tar, 1.30+dfsg-6)
                (gcc-8-base, 8.3.0-6)
                (init-system-helpers, 1.56+nmu1) -> (perl-base, 5.28.1-6+deb10u1)
                (libaudit-common, 1:2.8.4-3)
                (libaudit1, 1:2.8.4-3) -> (libaudit-common, 1:2.8.4-3), (libc6, 2.28-10+deb10u1), (libcap-ng0, 0.7.9-2)
                (libbsd0, 0.9.1-2+deb10u1) -> (libc6, 2.28-10+deb10u1)
                (libbz2-1.0, 1.0.6-9.2~deb10u1) -> (libc6, 2.28-10+deb10u1)
                (libc6, 2.28-10+deb10u1) -> (libgcc1, 1:8.3.0-6)
                (libcap-ng0, 0.7.9-2) -> (libc6, 2.28-10+deb10u1)
                (libcom-err2, 1.44.5-1+deb10u3) -> (libc6, 2.28-10+deb10u1)
                (libedit2, 3.1-20181209-1) -> (libbsd0, 0.9.1-2+deb10u1), (libc6, 2.28-10+deb10u1), (libtinfo6, 6.1+20181013-2+deb10u2)
                (libgcc1, 1:8.3.0-6) -> (gcc-8-base, 8.3.0-6), (libc6, 2.28-10+deb10u1)
                (libgssapi-krb5-2, 1.17-3+deb10u4) -> (libc6, 2.28-10+deb10u1), (libcom-err2, 1.44.5-1+deb10u3), (libk5crypto3, 1.17-3+deb10u4), (libkeyutils1, 1.6-6), (libkrb5-3, 1.17-3+deb10u4), (libkrb5support0, 1.17-3+deb10u4)
                (libk5crypto3, 1.17-3+deb10u4) -> (libc6, 2.28-10+deb10u1), (libkeyutils1, 1.6-6), (libkrb5support0, 1.17-3+deb10u4)
                (libkeyutils1, 1.6-6) -> (libc6, 2.28-10+deb10u1)
                (libkrb5-3, 1.17-3+deb10u4) -> (libc6, 2.28-10+deb10u1), (libcom-err2, 1.44.5-1+deb10u3), (libk5crypto3, 1.17-3+deb10u4), (libkeyutils1, 1.6-6), (libkrb5support0, 1.17-3+deb10u4), (libssl1.1, 1.1.1n-0+deb10u3)
                (libkrb5support0, 1.17-3+deb10u4) -> (libc6, 2.28-10+deb10u1), (libkeyutils1, 1.6-6)
                (libncurses6, 6.1+20181013-2+deb10u2) -> (libc6, 2.28-10+deb10u1), (libtinfo6, 6.1+20181013-2+deb10u2)
                (libncursesw6, 6.1+20181013-2+deb10u2) -> (libc6, 2.28-10+deb10u1), (libtinfo6, 6.1+20181013-2+deb10u2)
                (libpam-modules, 1.3.1-5)
                (libpam-runtime, 1.3.1-5) -> (debconf, 1.5.71+deb10u1), (libpam-modules, 1.3.1-5)
                (libpam0g, 1.3.1-5) -> (debconf, 1.5.71+deb10u1), (libaudit1, 1:2.8.4-3), (libc6, 2.28-10+deb10u1)
                (libpcre3, 2:8.39-12) -> (libc6, 2.28-10+deb10u1)
                (libprocps7, 2:3.3.15-2) -> (libc6, 2.28-10+deb10u1), (libsystemd0, 241-7~deb10u8)
                (libselinux1, 2.8-1+b1) -> (libc6, 2.28-10+deb10u1), (libpcre3, 2:8.39-12)
                (libsemanage-common, 2.8-2)
                (libsemanage1, 2.8-2) -> (libaudit1, 1:2.8.4-3), (libbz2-1.0, 1.0.6-9.2~deb10u1), (libc6, 2.28-10+deb10u1), (libselinux1, 2.8-1+b1), (libsemanage-common, 2.8-2), (libsepol1, 2.8-1)
                (libsepol1, 2.8-1) -> (libc6, 2.28-10+deb10u1)
                (libssl1.1, 1.1.1n-0+deb10u3) -> (debconf, 1.5.71+deb10u1), (libc6, 2.28-10+deb10u1)
                (libsystemd0, 241-7~deb10u8)
                (libtinfo6, 6.1+20181013-2+deb10u2) -> (libc6, 2.28-10+deb10u1)
                (libwrap0, 7.6.q-28) -> (libc6, 2.28-10+deb10u1)
                (lsb-base, 10.2019051400)
                (openssh-client, 1:7.9p1-10+deb10u2) -> (adduser, 3.118), (dpkg, 1.19.8), (libc6, 2.28-10+deb10u1), (libedit2, 3.1-20181209-1), (libgssapi-krb5-2, 1.17-3+deb10u4), (libselinux1, 2.8-1+b1), (libssl1.1, 1.1.1n-0+deb10u3), (passwd, 1:4.5-1.1), (zlib1g, 1:1.2.11.dfsg-1+deb10u1)
                (openssh-server, 1:7.9p1-10+deb10u2) -> (adduser, 3.118), (debconf, 1.5.71+deb10u1), (dpkg, 1.19.8), (libaudit1, 1:2.8.4-3), (libc6, 2.28-10+deb10u1), (libcom-err2, 1.44.5-1+deb10u3), (libgssapi-krb5-2, 1.17-3+deb10u4), (libkrb5-3, 1.17-3+deb10u4), (libpam-modules, 1.3.1-5), (libpam-runtime, 1.3.1-5), (libpam0g, 1.3.1-5), (libselinux1, 2.8-1+b1), (libssl1.1, 1.1.1n-0+deb10u3), (libsystemd0, 241-7~deb10u8), (libwrap0, 7.6.q-28), (lsb-base, 10.2019051400), (openssh-client, 1:7.9p1-10+deb10u2), (openssh-sftp-server, 1:7.9p1-10+deb10u2), (procps, 2:3.3.15-2), (ucf, 3.0038+nmu1), (zlib1g, 1:1.2.11.dfsg-1+deb10u1)
                (openssh-sftp-server, 1:7.9p1-10+deb10u2) -> (libc6, 2.28-10+deb10u1), (openssh-client, 1:7.9p1-10+deb10u2)
                (passwd, 1:4.5-1.1) -> (libaudit1, 1:2.8.4-3), (libc6, 2.28-10+deb10u1), (libpam-modules, 1.3.1-5), (libpam0g, 1.3.1-5), (libselinux1, 2.8-1+b1), (libsemanage1, 2.8-2)
                (perl-base, 5.28.1-6+deb10u1)
                (procps, 2:3.3.15-2) -> (init-system-helpers, 1.56+nmu1), (libc6, 2.28-10+deb10u1), (libncurses6, 6.1+20181013-2+deb10u2), (libncursesw6, 6.1+20181013-2+deb10u2), (libprocps7, 2:3.3.15-2), (libtinfo6, 6.1+20181013-2+deb10u2), (lsb-base, 10.2019051400)
                (sensible-utils, 0.0.12)
                (tar, 1.30+dfsg-6)
                (ucf, 3.0038+nmu1) -> (coreutils, 8.30-3), (debconf, 1.5.71+deb10u1), (sensible-utils, 0.0.12)
                (zlib1g, 1:1.2.11.dfsg-1+deb10u1) -> (libc6, 2.28-10+deb10u1)
        
      2. O provides with virtual packages

      3. O other fields including recommends, suggests, conflicts

      4. O support solving architecture

        currently we just ignore this field

        1. O index repositories for each architecture

    2. O cross ecosystem resolutions between opam and debian

    3. O read up on answer set programming

      https://pubgrub-rs-guide.pages.dev/internals/intro is a good starting point

  2. Teaching

    1. Supervision 3 of Robinson Computer Networking

      1. Went over cyclic redundancy checks implemented in shift registers.

      2. Showed a HTTPS request in wireshark

        An unnamed student was perturbed that IP addresses and ports were publicly visible for all their traffic. While IPsec / VPNs can encrypt IP traffic, it isn’t necessarily a requirement (despite advertising claims).

        Below I include selection of Cloudflare blog posts to explain why a VPN isn’t necessarily necessary to browse the Web privately and securely.

        1. DNS over HTTPS/TLS allows for encrypted DNS queries https://blog.cloudflare.com/dns-encryption-explained/
        2. unbinding IP address from host names https://blog.cloudflare.com/addressing-agility/ (can you see any downsides to this centralisation in big reverse proxies like Cloudflare?)
        3. encrypting the server name indicator (domain name) in the TLS handshake https://blog.cloudflare.com/encrypted-client-hello/

        also of interest:

        • how to cryptographically authenticate DNS query answers

        https://blog.cloudflare.com/dnssec-done-right/