#
# /etc/pacman.conf
#
# See the pacman.conf(5) manpage for option and repository directives
#
# GENERAL OPTIONS
#
[options]
# The following paths are commented out with their default values listed.
# If you wish to use different paths, uncomment and update the paths.
#RootDir = /
DBPath = /usr/lib/holo/pacmandb/
#CacheDir = /var/cache/pacman/pkg/
#LogFile = /var/log/pacman.log
#GPGDir = /etc/pacman.d/gnupg/
#HookDir = /etc/pacman.d/hooks/
HoldPkg = pacman glibc
#XferCommand = /usr/bin/curl -L -C - -f -o %o %u
#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
#CleanMethod = KeepInstalled
Architecture = auto
# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
#IgnorePkg =
#IgnoreGroup =
#NoUpgrade =
#NoExtract =
# Misc options
#UseSyslog
Color
#TotalDownload
# We cannot check disk space from within a chroot environment
CheckSpace
#VerbosePkgLists
ParallelDownloads = 10
# By default, pacman accepts packages signed by keys that its local keyring
# trusts (see pacman-key and its man page), as well as unsigned packages.
SigLevel = Required DatabaseOptional
LocalFileSigLevel = Optional
#RemoteFileSigLevel = Required
# NOTE: You must run `pacman-key --init` before first using pacman; the local
# keyring can then be populated with the keys of all official Arch Linux
# packagers with `pacman-key --populate archlinux`.
#
# REPOSITORIES
# - can be defined here or included from another file
# - pacman will search repositories in the order defined here
# - local/custom mirrors can be added here or in separate files
# - repositories listed first will take precedence when packages
# have identical names, regardless of version number
# - URLs will have $repo replaced by the name of the current repo
# - URLs will have $arch replaced by the name of the architecture
#
# Repository entries are of the format:
# [repo-name]
# Server = ServerName
# Include = IncludePath
#
# The header [repo-name] is crucial - it must be present and
# uncommented to enable the repo.
#
# The testing repositories are disabled by default. To enable, uncomment the
# repo name header and Include lines. You can add preferred servers immediately
# after the header, and they will be used before the default mirrors.
#[testing]
#Include = /etc/pacman.d/mirrorlist
[jupiter-3.5]
Include = /etc/pacman.d/mirrorlist
SigLevel = Never
[holo-3.5]
Include = /etc/pacman.d/mirrorlist
SigLevel = Never
[core-3.5]
Include = /etc/pacman.d/mirrorlist
SigLevel = Never
[extra-3.5]
Include = /etc/pacman.d/mirrorlist
#[community-testing]
#Include = /etc/pacman.d/mirrorlist
[community-3.5]
Include = /etc/pacman.d/mirrorlist
[multilib-3.5]
Include = /etc/pacman.d/mirrorlist
[archlinuxcn]
Server = https://mirrors.tuna.tsinghua.edu.cn/archlinuxcn/$arch
# An example of a custom package repository. See the pacman manpage for
# tips on creating your own repositories.
#[custom]
#SigLevel = Optional TrustAll
#Server = file:///home/custompkgs
# Server = https://mirrors.tuna.tsinghua.edu.cn/archlinux/community/os/$arch
# cannot use tsinghua mirror here!!!!!!!
# steam modify a lot
Server = https://steamdeck-packages.steamos.cloud/archlinux-mirror/$repo/os/$arch
(deck@steamdeck ~)$ openssl version
OpenSSL 3.1.1 30 May 2023 (Library: OpenSSL 3.1.1 30 May 2023)
(deck@steamdeck ~)$ sudo pacman -S openssl-1.1
[sudo] password for deck:
warning: openssl-1.1-1.1.1.u-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...
Packages (1) openssl-1.1-1.1.1.u-1
Total Installed Size: 5.50 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n] n
(1)(deck@steamdeck ~)$ sshd -h
option requires an argument -- h
OpenSSH_9.3p1, OpenSSL 3.1.1 30 May 2023
usage: sshd [-46DdeGiqTtV] [-C connection_spec] [-c host_cert_file]
[-E log_file] [-f config_file] [-g login_grace_time]
[-h host_key_file] [-o option] [-p port] [-u len]
(1)(deck@steamdeck ~)$ lsb_release -a
LSB Version: n/a
Distributor ID: SteamOS
Description: SteamOS Holo
Release: rolling
Codename: Holo
# 实际版本是3.5.7
(deck@steamdeck ~)$ pacman -V
.--. Pacman v6.0.2 - libalpm v13.0.2
/ _.-' .-. .-. .-. Copyright (C) 2006-2021 Pacman Development Team
\ '-. '-' '-' '-' Copyright (C) 2002-2006 Judd Vinet
'--'
This program may be freely redistributed under
the terms of the GNU General Public License.
总结
up说让在/etc/pacman.conf中加上-rel
我二话不说直接把/etc/pacman.conf中的-3.5改成了-rel,把自己坑的死死的
报错:sshd error while loading shared libraries libcrypt.so.1.1
事情起因是找到了一个B站教程
steamdeck安装archlinuxcn源+scp传文件
简介信息
评论回复及截图
在线查看,发现steam做了修改,所以不能用清华源了
配置文件记录
总结
/etc/pacman.conf
中加上-rel
/etc/pacman.conf
中的-3.5
改成了-rel
,把自己坑的死死的sshd error while loading shared libraries libcrypt.so.1.1
ldd /usr/lib/sshd
确实这个库找不到-rel
改回到-3.5
)-3.5
)和老版9.1(-rel
),新版9.3(-3.5
)的不直接依赖libcrypt.so.1.1
/usr/lib/systemd/system/sshd.service
中看,它的前置动作/脚本依赖ssh-keygen -A
还是会依赖libcrypt.so.1.1
sudo sshd
的反馈知道的,实际上之前通过这种方式发现了缺少libcrypt.so.1.1
,并且通过搜索发现libcrypt.so.1.1
包含于openssl包中,即只能通过安装openssl来提供这个支持SigLevel = Never
去跳过检查了sudo pacman -Ss openssl-1.1
来看该包是属于哪个$arch里的,这样可以针对性地放开ssl检查,稍微安全点。。。TODO
ssl检查的处理
现在的做法(添加
SigLevel = Never
去跳过检查了)太不安全了; 有没有类似archlinuxcn-keyring
的包装一下就能正常检查了。。貌似这样就解决了?