search

kuba2k2 / alpine-home-assistant

Home Assistant Supervised on Alpine Linux
https://kuba2k2.github.io/alpine-home-assistant/
20 stars 3 forks source link

use doas #1

Closed selfisekai closed 6 months ago

selfisekai commented 1 year ago

alpine since 3.16 packages sudo as a community package, instead of main, meaning security patches are only released for it until a new version is released, as opposed to main's 2 years since release. they suggest using doas instead, which is available in main.

https://alpinelinux.org/posts/Alpine-3.16.0-released.html

kuba2k2 commented 1 year ago

Yeah, I guess you certainly can use doas. This is meant to be a noob-compatible guide, mostly for me to fix the installation if I break something later. Even though I tested all the steps on a clean install of Alpine x86_64, I don't guarantee that it will work in all scenarios.

Alpine by default ships a kernel without AppArmor, so it won't run at all without a custom kernel.

Also, I'm not entirely sure if any of the other dependencies (Python packages for instance) needs the community repo.

selfisekai commented 1 year ago

you can always check https://pkgs.alpinelinux.org when in doubt. python3 itself is in main, but at least docker requires the community repo.

also, alpine wiki says you just need to install the apparmor package and add some parameters to boot settings for it to work, though I haven't checked that myself: https://wiki.alpinelinux.org/wiki/AppArmor

kuba2k2 commented 1 year ago

I'll try to check if AppArmor works like that. On my home assistant device I have a custom kernel so that wasn't an issue.

kuba2k2 commented 1 year ago

Tested, apparently HA works even without AppArmor - there was a bug in the Python dbus script which prevented HA from starting. I've updated the readme accordingly.