Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: pac man compromised?

  1. #1

    Default pac man compromised?

    Looks like pacman may have been compromised.
    A system wipe maybe required.

    I was getting odd request to add new trusted source, so i tried to do an update only to the file I wanted

    https://forums.opensuse.org/showthre...trusted-source

    http://imgur.com/x9vH95O

  2. #2
    Join Date
    Nov 2009
    Location
    West Virginia Sector 13
    Posts
    15,769

    Default Re: pac man compromised?

    Certs expire and must be renewed. Does not mean the site is compromised

  3. #3
    Join Date
    Jun 2008
    Location
    Podunk
    Posts
    27,235
    Blog Entries
    15

    Default Re: pac man compromised?

    Hi
    Also best to ask at the source, via Mailing List or their IRC channel?
    http://packman.links2linux.org/help
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    SUSE SLE, openSUSE Leap/Tumbleweed (x86_64) | GNOME DE
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!

  4. #4

    Default Re: pac man compromised?

    This does not say cert expired, says the checksums of the files do not match. What am I missing that tells me certs expired?
    thanks

  5. #5
    Join Date
    Nov 2009
    Location
    West Virginia Sector 13
    Posts
    15,769

    Default Re: pac man compromised?

    Hard to read the image

    may have caught things changing try again if still a problem report to packman. Also may be a problem with the mirror you use try another.

  6. #6

    Default Re: pac man compromised?

    Definitely an issue been 3 days now. tried irc, no response.
    will try again tomorrow after the holiday. have a great holiday, thanks

  7. #7
    Join Date
    Oct 2008
    Location
    Glasgow, Scotland
    Posts
    1,153

    Default Re: pac man compromised?

    Quote Originally Posted by kilbert View Post
    Looks like pacman may have been compromised.
    You do not say where you are or which Packman mirror you are using.

    I have often found the Austrian mirror <packman.inode.at/suse/openSUSE_Tumbleweed/> troublesome and prefer
    <http://ftp.gwdg.de/pub/linux/misc/packman/suse/openSUSE_Tumbleweed/>
    ~Thank you for sharing an interesting problem.
    --
    slàinte mhath,
    rayH

  8. #8

    Default Re: pac man compromised?

    Quote Originally Posted by eng-int View Post
    You do not say where you are or which Packman mirror you are using.

    I have often found the Austrian mirror <packman.inode.at/suse/openSUSE_Tumbleweed/> troublesome and prefer
    <http://ftp.gwdg.de/pub/linux/misc/packman/suse/openSUSE_Tumbleweed/>
    yes I am using
    http://packman.inode.at/suse/openSUSE_Tumbleweed/

    when i switch, do I need to do anything other than switch the url of the repository (once I had to do a switch to this repository or something similar) sorry, I am not a pro over here.

  9. #9
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,889
    Blog Entries
    3

    Default Re: pac man compromised?

    Quote Originally Posted by kilbert View Post
    when i switch, do I need to do anything other than switch the url of the repository (once I had to do a switch to this repository or something similar) sorry, I am not a pro over here.
    Switch the url (i.e. edit it). Then run "zypper refresh". That should be sufficient.

    If you use Yast --> Software Repositories to edit the url, then you can refresh from there.
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

  10. #10
    Join Date
    Oct 2008
    Location
    Glasgow, Scotland
    Posts
    1,153

    Default Re: pac man compromised?

    Quote Originally Posted by kilbert View Post
    when i switch, do I need to do anything other than switch the url of the repository (once I had to do a switch to this repository or something similar) sorry, I am not a pro over here.
    This is the quickest easiest way to effect the switch -- from “Terminal -- Super User Mode”
    Copy and paste the bold text.
    Code:
     # zypper rr "http://packman.inode.at/suse/openSUSE_Tumbleweed/"
    Removing repository 'Packman-Tumbleweed' ..........................................................[done]
    Repository 'Packman-Tumbleweed' has been removed.
    
     # zypper ar -f "http://ftp.gwdg.de/pub/linux/misc/packman/suse/openSUSE_Tumbleweed/" "Packman-Tumbleweed"
    Adding repository 'Packman-Tumbleweed' ............................................................[done]
    Repository 'Packman-Tumbleweed' successfully added
    ~Thank you for sharing an interesting problem.
    --
    slàinte mhath,
    rayH

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •