anon12983141
If anyoneās wondering why they donāt see the MFA prompt in user settings after upgrading, log out and log back in, then youāll get the option to enable MFA.
If anyoneās wondering why they donāt see the MFA prompt in user settings after upgrading, log out and log back in, then youāll get the option to enable MFA.
Although itās possible to configure authentication, we strongly recommend to stick with the default authentication configuration. If you had auth providers configured in a previous Home Assistant release, we recommend to remove the configuration and start using the default.
What exactly does this mean if I am coming from 0.76 with the config below? Do I have to remove auth_providers:?
homeassistant:
name: Home
latitude: !secret homeassistant_latitude
longitude: !secret homeassistant_longitude
elevation: !secret homeassistant_elevation
unit_system: metric
time_zone: !secret homeassistant_timezone
customize: !include customize.yaml
auth_providers:
- type: homeassistant
- type: legacy_api_password
Thank you in advance for the clarification.
EDIT: I forgot to say THANKS for your hard work. I love the user system and am eager to see whats about to come!
1 reply
Yes, remove it. You wonāt need it anymore. If you have an API password configured, the legacy_api_password provider will be automatically part of the default config.
Can I combine disabling legacy API password with Trusted Networks?
Anyone have an example of just sending a hangouts message? Iām not sure the help page assists much with that part, it only shows how to read messages.
I get that we first send HA a message and then we get a message ID, but do we need to setup a notify component with this? Or is this not part of notify and in this case do we just use āhangouts.send_messageā?
The github notes seem to suggest using notify in this case but Iām not sure if this is relevant to what was releasedā¦
1 reply
Thanks for the update!
Maybe Iām missing something, but how does this work and where can I find any documentation about it? I still donāt see any persistent notifications in my lovelace interface
edit Forget about my question, cache clear, relogin and now it works, no configuration change necessary. I see a notification-icon in the topright of the title-bar now.
Hold on,ā¦ if I read the docs correctly, ā¦ thereās no way to connect to the websocket without a bearer token, even if you have the legacy bit flipped on?
So I need to go trough the oauth pingpong routine just to talk to my locally hosted hass serving locally hosted apps to get the token?
you need to follow this example:
Get the hangouts ID as described and place it in a list, this is a quick example of the YAML for hangouts.send_message service call
target:
- id: ENTER_ID_HERE
message:
- text: "text in here"
We have features need to know which user belongs to this websocket connection.
Set a password and add your LAN IP range via the trusted_networks option. You should then be able to connect without a password from any device on your LAN. Iāve not tested this with v0.77 yet, but it should work fine.
ok create a user then continue to login using trusted networks?
That doesnāt seem to work. I created a user ( I add to add homeassistant auth_provider to do this), but then when I connect I get a login prompt with the option to switch to trusted networks
Then if I pick trusted_networks I get an error
No errors are showing up in the log:thinking:
1 reply
Iām actually getting the same. The āSomething went wrongā isnāt very helpful, and suggests this is a bug. Iāll get it raised.
Edit: Itās already been raised: https://github.com/home-assistant/home-assistant/issues/16260
1 reply
Thanks, guys, for the amazing work.
I have had some problems installing 0.77 - I think my Pi browned out on restarting Home Assistant and the OS crashed. Anyhoo, I had a backup of the configuration directory and restored that. Trying to log in again, I got myself IP banned during the process of creating the owner. After fixing that, and when I logged in again, I have a new user account that does not appear to be the owner of the system. I can use Hass, but I canāt create or see other users. How can I go about fixing my mess?
As part of the potential answer - where are the user credentials stored? Can I go in and delete or amend them in some way?
A huge thank you in advance.
1 reply
Got it. The api doesnāt take any notice of the auth_providers section (which I had commented out), it just checks the presence of the trusted_networks parameter of http, which I had left in.
I cleared the onboarding and two auth-associated files, but kept the core configuration ones. On restart it worked and I now have an owner.
Thank you very much for the help.
āItās no longer possible to use a trusted network to connect to the websocket API.ā
I will stick with current version of Home Assistant 0.74. Thereās nothing new for me that prompts me to upgrade to the latest version and I see absolutely no need to create a new user for Home Assistant. Any communication to Home Assistant from the outside world goes through VPN and simple password.
I simply do not want to be forced to create a new user as Iām the only user of Home Assistant. Iām the only one with access to my private home network. As long as I use VPN, the new authentication system makes zero sense to me.
I insist in using trusted networks and thatās the most important feature to me.
And besides, I currently use NodeJS file for Plex Webhook.
2 replies
I upgraded and got all sorts of interesting error messages. I was following the āpre-installed Pythonā upgrade instructions as I am running this on my Armbian based OMV device (Helios4 NAS)ā¦ The solution was to install libffi-dev in the OS which I had not required up until this point. You probably should make some mention of that in the documentation as I didnāt see it anywhere and upgrading from 0.75.3 (I think) shouldnāt have been that big a jump.
I agree with this and find the push to force users to use a password on the websocket silly. This is not a piece of software used by the technically inclined; people using this innately posses a sense of security. I too have hass completely separated from the internet by hardware and additional vpn. Itās even shielded from other internal networks and actively monitored.
The parameter to get it to work has ālegacyā in itās name; that doesnāt seem to bolster a lot of confidence that the option will be supported going forward.
I can see the scenarios with multiple users helping with new development and features but to drop this without offering to āopt outā is annoying. Perhaps,.If you really want to track what called who how and when then have it come in as attributes or metadata or otherwise log whatās known.
Iād keep the hurdles towards adopting and integrating hass as low as possible, the rest and ws was ideally positioned for that.
2 replies
Yes and Iāve been able to get the expiring token from the browser to work connecting to the ws on my test hass setup. However, asking for a new token using the refresh token
grant_type=refresh_token&
refresh_token=IJKLMNOPQRST
like http://testhass:8123/auth/authorize?grant_type=refresh_token&refresh_token=BLABLA
redirects me to the frontend http://testhass:8123/frontend_latest/authorize.html?grant_type=refresh_token&refresh_token=BLABLA instead of serving the json with the new token.
When you remove password in http section, Legacy API password dissapear.
In my opinion Home assistant local logging with trusted networks is something that should be implemented. When I try to connect to HA from my private network I should have option to add my network as trusted and don`t have to login with multifactor authentication . TOTP is great but in this option will be more usefull in private networks.
Iām kind of frightened by how people percieve the added security as a bad thing only because it introduces minor inconveniences. Especially with regard to the numerous topics we had about people being hacked by unknowingly expose their HASS to the web unsecured. 
For the POWER user want to have long-lived access token, you can run this gist https://gist.github.com/awarecan/99df002485596a08fd42edc72f3a36b9
100% NO SUPPORT FOR THIS SCRIPT, THIS IS DRAGON KILLING SWORD
A double-edged sword. Breaking functionality while still getting improved security is not my idea, especially since I segregated Home Assistant from my home network where Home Assistant is denied connectivity to the Internet.
No one will ever feel frightened once someone can help me migrate my code to Home Assistantās new auth system:
However, perceiving the added security as a bad thing is unfounded. If anyone exposes HASS to the Internet whether itās secured via HTTPS or not, I do not sympathize them.
I donāt want to continue my debate about Home Assistant security. And I do apologize for sidetracking this thread. It is not my intention, but I need to bring up about trusted networks which is what I use.
And yes, I also use Tasker to activate a script when my phone rings.
I upgraded to 0.77, set up user and password, removed the legacy one from config, activated the totp authentication and I had time to switched to Lovelace. itās cool, fast and secure, but I use very often HTTP POST to send commands to HA from Tasker and now I canāt understand how to authenticate those requests.
1 reply
Great, so now I can login from my laptop, but iPhone wont accept legacy API which I use when travelling!!! Nice job NOT!
1 reply
The number of open configurations that can be found with a few mouse clicks, and the number of āIāve been hackedā threads would suggest that you are incorrect in your presuppositions.
Why shouldnāt you be able to use your iPhone?
Well then put a sticky up informing people that security is no luxury. I donāt leave my car unlocked on a public parking lot, thatās common sense.
But when itās in the garage at home I leave it unlocked, for easy access.
And when I want to leave it unlocked I donāt have to bust out the passenger window, weld shut the bonnet and stick the key in the exhaust pipe.
Relevant.
1 reply
Youād be pretty annoyed if your car didnāt come with locks to begin with though.
2 replies
Iām not annoyed that Home Assistant did not include security out of the box. Itās up to us to secure our Home Assistant installation. And if Iām running Hass.io, Iād make sure to be diligent and look over the SMB configuration, but since I use Linux, I simply use SSH to get into the Home Assistant configuration. The only thing that I expose is my VPN and thatās it. I have a certificate for my smartphone and I already have created a certificate authority in my server.
2 replies
There is a way to do this but it is not well documented and only developers are familiar with it, I think in the next release or 2 it will be addressed in a easier way. For now I am keeping the api_passowrd for IFTTT , Tasker and other components that depend on it.
1 reply
Yeh, because thatās one of the deciding factors on buying a car.
At the risk of giving this car analogy even more stage time,ā¦ imaging taking it in for service and when you get it back the only way to start the car is having to call the dealer for a pincode with no way of turning that off. Iād have questions.
But what is your problem then?
So to use @drbytes car analogy, youād rather buy a car with no locks on the doors and no need for a key for the ignition and sort those things out yourself later?
Obviously if you choose to secure your car differently then you can use āaftermarketā stuff, or you can just stick with what it comes with.
Same with homeassistant. If you donāt want to use the Auth system, take it off. If you want to use something different, code it up.
Donāt make it harder for everyone else just because you know best.
1 reply
I really donāt see where that would be the case with 0.77. Would you care to explain without a car analogy?
Please examine the code in my thread:
I want to get my code to work with the new authentication system going forward, even if trusted_networks no longer work.
Iām not making it harder for anyone in here and I do not know best.
1 reply
If that new security feature was in response to lots of that model being stolen due to a previous security flaw that was becoming well known amongst the local car theives and was provided for free by the dealer, Iād be frivkinā ecstatic.
Remind me of your address again? My new car isnāt arriving until the end of October so Iāll just borrow yours in the meantime. 
Iād love to, but Iām one of the thick people round here who uses homeassistant without being able to understand python, and therefore actually quite likes being offered free security upgrades without having to learn to code it myself 
For the Proxy users out there. If you are using Traefik, then you will want to add the following to the frontend configuration which is referencing you HomeAssistant backend
[frontends.homeassistant.headers.customrequestheaders]
x-ha-access = "YourP@ssw0rd!"Yeh but the previous security flaw lies mainly in not having common sense and leaving something as hass open and exposed to the internet. Thatās not a security flaw, thatās ignorance.
Listen, I know itās well intention by the developers but itās a bit of a record scratcher when an api suddenly changes and breaks stuff that has been chugging along nicely for ages without a way to easly turn it off.
That said, Iāve jumped the hoops and adapted my code but I couldāve been doing something more fun.
Iād like to leave a little note here. If you have a Wemo switch unplugged and explicitly set each Wemo switch in your config, none of your wemo plugs will work. It throws an error about not being able to find the one and then none work. I have 3 wemo switches and sometimes I unplug one. Previous HA versions never had a problem, now they do.
Nothing to add really, but I wanted to say thank you to the entire team for another great release. I started playing with HomeAssistant over two years ago and I never could have imagined what an integral part of my familyās life it would become. I know we could live without it, but we sure wouldnāt want to!
So, THANK YOU HASS TEAM!! Youāve really enhanced our lives.
Updated to 77.1. No issues thanks for the hard work devs, bootup times are faster aswell.
After the 0.77 upgrade, āCustom UIā icon_color There is a problem with the functionality.
Thank you team for amazing progress! I have all the users setup and logged, now waiting for the new iOS app and the functionalities to make different UI layouts based on the user, also very much liked the idea for attribution, so to know what was triggered by who, etc. would be also great to know who is currently using the UI / app, etc 
keep on the good work, thank you!
Disagree. My microwave works just fine for someone who breaks into my house. I donāt give a crap if someone breaks into my wifi and can then turn on my stereo.
This mandatory change is completely anti user choice.
Having a web product that doesnāt force āsecurityā down my throat was one of the reasons I picked HA. This is a really annoying change in my opinion.
The constant breaking changes and half the time upgrades kill my whole system until I intervene has really soured me on HA over the last few months.
Iām going to be in 0.76 indefinitely at this point.
4 replies
Well that didnāt work, and now Iām seemingly locked out of my system. I followed the prompt to create a user, then Iām presented with āYouāre about to give :8123/ access to your Home Assistant instanceā and it doesnāt accept the user/password I just set - āInvalid username or passwordā. It wonāt let me go back or forward. Absolutely no other changes were made. Any tips on how I can get back in?
1 reply
Try renaming your config/.storage folder to .storage.bak and restart HA.
Software that is basically free, and people always complain.
HA has security issues or iāve been hacked = HA devs responsibility to fix.
Devs implement better security = oh i dont like this, i never asked for it,
You have to wonder why the devs bother some days
Umm. Thanks for trying to help, I really appreciate it. But it just wouldnāt restart the process for me at all (I cleared the cache each time). Iāve downgraded to 0.76.2 for now until I have more time to chase down the cause.
I would like to ask you to take a look at the documentation. It sounds to me that you might want to use Trusted Networks to āget rid of that forced securityā and just allow your whole subnet.
Thank you @balloob and team for trying to better everyoneās lives. Iām really sorry that the attitudes of an outspoken minority might make the community feel less than grateful.
All of your hard work is appreciated and Iām working hard to bring my programming skills up so I can help.
Thanks! X
The problem is that this project was originally conceived as local home automation tool. It now seems to have been usurped by the web remote control community, who are now forcing the original users to have to enact security procedures that are completely unnecessary for its original purpose. Naturally, that is leading to some resentment.
Personally, I am hoping to be able to work around the problems that this has introduced, but forking is definitely a possibility at this point.
3 replies
Sorry have to disagree, being a local home automation tool did not mean it wasnāt accessible to the user from outside the local LAN.
If problems have been introduced, they should be should be reported and discussed in a constructive manner rather than just proposing to for a project because it introduced a feature that a minority perceives as being āin the wayā. Setups where people donāt want to use passwords or even more secure methods of authentication should in my opinion take a look at Trusted Networks to circumvent the necessity to enter a password or TOTP.
1 reply
Every product goes through some stages. By chosing a product which is community driven and has an exarating development you can expect that things will change. Thatās a risk youāve taken yourself with chosing for Home Assistant. So please donāt blame the developers for willing to move forward, because a minority of early adopters has to change their setup. If the end result is that more people are able to create a secure setup, the whole community will grow and therefor everyone could benefit for a stronger position of Home Assistant.
1 reply
Yes, and I am working through the bugs in it to try and get it to work. 0.77.1 fixes a problem introduced in 0.77, but I still have to clear the cache when I restart the browser, and select my one user again.
Selecting a single user seems an unnecessary step when I only have one. Does anyone know if its possible to specify the user in the URL?
API access using trusted networks seems to work fine, which was my main concern anyway, since most of my interaction with HA is through that.
2 replies
You also might want to take a look at how theyāve made it super simple for scripts to integrate with the new auth. You can see a demo here: https://hass-auth-demo.glitch.me/
I am perfectly happy to accept change, and I donāt think I have āblamed developersā for anything.
Just a small thought about being able to restart the onboarding by deleting that mentioned folder: am I correct, that this results in the ability to remotely reset the auth-system when SMB is exposed, and therefore allows the attacker to set his own password easily and locking out the owner of the system?
2 replies
Well. if SMB ist exposed, you have other problems too. The attacker could easily delete your whole systemā¦
The emphasis I hoped to communicate was, that a legitimate user can get locked out. Of course there are bigger problems when SMB is exposed. And this doesnāt have to be tied to SMB. Lets say people backup and restore their configurations. Depending on if they include the new folder or not, a restored system wonāt work as expected. So there is a chance that people lock themselves out when migrating to another system.
Iām not saying this is a bug or anything like that. Iām just thinking about which problems may result from the new auth system. And just to be clear: I welcome the new auth system and think itās a great improvement. But the first thing I do when stumbeling upon something like this is thinking about the downsides so they can be addressed and improved. And locking yourself out (even though it would be easy to fix) in case of a desaster recovery seems to be a valid concern for me.
And since I havenāt even upgraded yet I donāt know if what Iām saying here is a problem. I just wanted to raise awareness to a possible issue.
I donāt know other developers, for me, I am using my free time to contribute without any compensation. For my own sake, I donāt want to maintenance two login flow. So if I poke a hole for Trusted Networks auth provider, this hole will open for other auth providers as well.
If you do not want to use any authentication system, that is fine. You can either stay at old version, folk your own project, or make a one line patch to turn off the whole auth system in your local installation. It looks like you are a wisdom people, I am sure you can fairly easy to figure out how to do that.
2 replies
That sounds like an interesting option. Which line is it?
Let me handle securityā¦ I donāt need to be babysat. Thanks.
Way to go guysā¦ this was a brilliant decision.
Great thanks!
Ok, so what am I missing, given I have a refreshtoken I copied out of my browser, the docs you linked to tell me :
Once you have retrieved a refresh token via the grant type authorization_code , you can use it to fetch new access tokens. The request body is:
grant_type=refresh_token&
refresh_token=IJKLMNOPQRST
The return response will be an access token:
{
"access_token": "ABCDEFGH",
"expires_in": 1800,
"token_type": "Bearer"
}
So unless Iām missing something obvious a call to http://testhass:8123/auth/authorize?grant_type=refresh_token&refresh_token=BLABLA should return a new token, not?
1 reply
18 hours ago you wrote the same comment and my answer is still the same. Youāre not using the endpoint that is written in the docs 0.77: Authentication system š®āāļø + Hangouts bot š¤
1 reply
Which bit do you disagree with exactly? You think the Devs purposely went out of their way to make your life difficult, or there wasnāt a genuine security issue?
If all you use Home Assistant for is to turn on your stereo then Iām sure youāll be fine to remain on v0.76. I also presume that since you compared HA to a microwave, that it must be a smart microwave, open source, free and updates with new features (after consulting with you of course) on a bi-weekly basis? Iāll have to get me one of those!
I am very happy and grateful for the HA dev teamās hard work. Saying āif you donāt like it, lump itā is not constructive. I am pointing out that introducing breaking changes that kill the entire system is not very user friendly. There has been a consistent trend to not test these breaking changes and to fix problems after the fact. I never know just how much work it will be to accept an upgrade. It has gotten to the point where I have to have have a second system to prototype upgrades because I donāt want to be dead in the water for an unknown period of time. Iām also not the only person using this set-up. My wife is not happy if nothing works. Of course the application is 0.x, not 1.x so stability is not entirely expected. BUT in the 0.5x timeframe it was defintely āProduction Stableā for my home automation. Recently it has been super flaky and the devs are clearly focused on new features than stability. Community feedback to focus on stability is not being ungrateful.
1 reply
Focusing on security should be applauded, its a pity other software developers donāt do it. For those that donāt like the new āfeatureā stay on 76 and youāll be fine, For the rest of us who do expose our system to the outside and security is a concern, weāll keep moving on.
Just now installed 0.77 on my hass.io. All quiet on the Western Front.
I really donāt get the hangouts message sending
- alias: hangout_checker
trigger:
- platform: state
entity_id: input_boolean.send_message
to: 'on'
action:
- service: hangouts.send_message
target:
- id: !secret hangout_id
message:
- text: "automated message"
this returns an configuration error. I also canāt work out how to format the call service from appdaemon, if you could explain that as well.
1 reply
I just upgraded from 76.2 to 77.1 and created the new userā¦ all well except I had to take out static assignements for my wemo gear to be recognized on startup.
I am running the config checker addon for Hass.io going from .74.0- .77.1 and man its throwing a butt ton of errors. I dont even know where to go from here except start from scratch.
The log:
running build_py
creating build
creating build/lib.linux-armv7l-3.6
creating build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/http_writer.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/payload_streamer.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/client_ws.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_exceptions.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_request.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_routedef.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/pytest_plugin.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/http_exceptions.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_ws.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_runner.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/cookiejar.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/client_proto.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/signals.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_urldispatcher.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/client_reqrep.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/hdrs.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/multipart.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_response.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_protocol.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_app.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/frozenlist.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/typedefs.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/streams.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/log.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/client_exceptions.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/base_protocol.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_middlewares.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/http_parser.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/http_websocket.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/tcp_helpers.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_server.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/__init__.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/client.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/abc.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/connector.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/locks.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/formdata.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/resolver.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/http.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/worker.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/helpers.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/payload.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/tracing.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/test_utils.py -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/web_fileresponse.py -> build/lib.linux-armv7l-3.6/aiohttp
running egg_info
writing aiohttp.egg-info/PKG-INFO
writing dependency_links to aiohttp.egg-info/dependency_links.txt
writing requirements to aiohttp.egg-info/requires.txt
writing top-level names to aiohttp.egg-info/top_level.txt
reading manifest file 'aiohttp.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
warning: no files found matching 'aiohttp' anywhere in distribution
warning: no previously-included files matching '*.pyc' found anywhere in distribution
warning: no previously-included files matching '*.pyd' found anywhere in distribution
warning: no previously-included files matching '*.so' found anywhere in distribution
warning: no previously-included files matching '*.lib' found anywhere in distribution
warning: no previously-included files matching '*.dll' found anywhere in distribution
warning: no previously-included files matching '*.a' found anywhere in distribution
warning: no previously-included files matching '*.obj' found anywhere in distribution
warning: no previously-included files found matching 'aiohttp/*.html'
no previously-included directories found matching 'docs/_build'
writing manifest file 'aiohttp.egg-info/SOURCES.txt'
copying aiohttp/_cparser.pxd -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_find_header.c -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_find_header.h -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_find_header.pxd -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_frozenlist.c -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_frozenlist.pyx -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_headers.pxi -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_helpers.c -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_helpers.pyi -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_helpers.pyx -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_http_parser.c -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_http_parser.pyx -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_http_writer.c -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_http_writer.pyx -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_websocket.c -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/_websocket.pyx -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/frozenlist.pyi -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/py.typed -> build/lib.linux-armv7l-3.6/aiohttp
copying aiohttp/signals.pyi -> build/lib.linux-armv7l-3.6/aiohttp
running build_ext
building 'aiohttp._websocket' extension
creating build/temp.linux-armv7l-3.6
creating build/temp.linux-armv7l-3.6/aiohttp
gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -DTHREAD_STACK_SIZE=0x100000 -fPIC -I/usr/local/include/python3.6m -c aiohttp/_websocket.c -o build/temp.linux-armv7l-3.6/aiohttp/_websocket.o
In file included from aiohttp/_websocket.c:17:0:
/usr/local/include/python3.6m/Python.h:11:20: fatal error: limits.h: No such file or directory
#include <limits.h>
^
compilation terminated.
error: command 'gcc' failed with exit status 1