I made an ansible role for this:
https://github.com/CSUN-CCDC/ccdc-2024/tree/main/linux/ansible/roles/docker
It was designed for a cybersecurity competition, and can back up containers and volumes. The volume back up works by creating another container and then mounting the volume to that container, and within that container a simple tar backup is ran.
Docker desktop is proprietary.
FOSS alternatives are rancher desktop or podman desktop.
You're probably going to end up on Jitsi meet, but I'm also going to drop a recommendation for bigbluebutton.
I recently noticed that it was integrated into the open source Learning-Management-System Canvas, which every school I have gone to so far uses.
Although bigbluebutton doesn't seem to explicitly support e2ee (but maybe this counts for something), if you are already using Canvas, BigBlueButton definitely worth looking at.
I really, really wish people at my school would use the integrated bigbluebutton instead of using zoom, especially given I've seen people occasionally have issues with authentication for zoom, but all of that stuff is handled with bigbluebutton because it's fully browser based and integrated into Canvas.
https://github.com/warpdotdev/Warp/blob/main/LICENSE
Not open source (right now, at least).
It could be an old service on that same ip. Zoomeye/shodan don't rescan on the spot, they keep records of old scans.
Similar site as shodan, but different company. I'd recommend checking there as well.
This feature used to be in KDE 5 as well though, but with a size cap. I suspect the removal of the size cap is intentional rather than a bug.
I could totally see someone coding a function that increases the mouse pointer by x% every y mouse shakes, and then neglecting to put in a size cap.
This feature used to be in KDE 5 as well though, but with a size cap. I suspect the removal of the size cap is intentional rather than a bug.
There doesn't appear to be a limit to the maximum size the KDE cursor can get when you shake it.
I find this hilarious. Is this an easter egg? When shaking my mouse cursor, I can get it to take up the whole screens height.
This is KDE Plasma 6.
There doesn't appear to be a limit to the maximum size the KDE cursor can get when you shake it.
I find this hilarious. Is this an easter egg? When shaking my mouse cursor, I can get it to take up the whole screens height.
This is KDE Plasma 6.
There doesn't appear to be a limit to the maximum size the KDE cursor can get when you shake it.
I find this hilarious. Is this an easter egg? When shaking my mouse cursor, I can get it to take up the whole screens height.
This is KDE Plasma 6.
shell-mommy is a program that encourages users while using command line applications.
Mommy is here for you on the command line ~ ❤️. Contribute to sudofox/shell-mommy development by creating an account on GitHub.
shell-mommy is a program that encourages users while using command line applications.
Mommy is here for you on the command line ~ ❤️. Contribute to sudofox/shell-mommy development by creating an account on GitHub.
Copyright is for corporations to protect their assets, not for individuals. The legal system is set up in such a way that it can be weaponised by the wealthy, but is basically unusable by the poor.
https://opensource.google/documentation/reference/using/agpl-policy/
Maybe not some obscure ones, but here are some lesser known ones:
Talos Linux. It's an immutable operating system designed specifically to deploy kubernetes.
OpenSuse Harvester Think Proxmox, but instead of VM's and LXC containers, it's VM's and Kubernetes.
XCP-NG is a RHEL based distro designed for managing Linux virtual machines using the xen hypervisor, as opposed to KVM. Think Proxmox, but RHEL and Xen (also no LXC). However, it does not come with a web ui out of the box, you have to deploy it yourself. Technically, XCP is a Xen distribution, since Xen is a kernel with nothing but a hypervisor that runs under the main distro, but the primary management virtual machine is RHEL based, and uses Linux.
Speaking of Proxmox, Proxmox is technically a Linux distro.
SnowflakeOS is a project that aims to bring a GUI focused experience to NixOS.
TurnkeyLinux (site is loading very, very slowly for me right now) is not a single distribution, but rather a set of debian based distributions that are designed to be turnkey appliance virtual machines that contain and host a specific app. To deploy the app, all you have to do is set up the virtual machine.
Now, here are some not-linux, but interesting distros:
SmartOS. They ported KVM to unix, and also can use Linux syscall translation (similar to wine) to run apps in containers as well. There is also Bhyve. It's a very interesting hypervisor platform.
OmniOS is similar. Bhyve, KVM, and Linux syscall translation in containers.
Bluesky also offers both composable moderation and the ability to choose your own algorithm.
Bluesky claims to offer the ability to choose your own algorithm, but this is not the same as actually doing it. Because Bluesky is not truly decentralized, and they control the backend where the algorithm and content sorting software is actually run, there is no way to verify if Bluesky is actually using the algorithm the user desires for them to use.
Although I don't think Bluesky will be lying so early, I fear in the longer term, enshittification will get to them, and that may manifest as users having the illusion of freedom, but actually having even less choice then what they started with on Twitter.
Introducing Incus 6.7
Incus is a virtual machine platform, similar to Proxmox, but with some big upsides, like being packaged on Debian and Ubuntu as well, and more features.
https://github.com/lxc/incus
Incus was forked from LXD after Canonical implemented a Contributor License Agreement, allowing them to distribute LXD as proprietary software.
This youtuber, Zabbly, is the primary developer of Incus, and they livestream lots of their work on youtube.
Some software is so complex and difficult that Debian does not maintain it on their own, and instead follows the upstream release cycle.
Browsers are one such example, and as you've discovered for me, Thunderbird is probably another.
Also, please do not recommend testing for daily usage. It does not receive critical security updates in a timely manner, including for things that would effect desktop users. Use stable, Sid, or another distro. Testing is for testing Debian ONLY, and by using Debian Testing, you are losing the advantage of immediate security fixes that come from literally any other distro.
On my samsung phone I can... for now.
Edit: oh, by android distributions I meant the varkous variants put on devices by manufacterers.
Custom roms probably wouldn't have these restrictions.
https://www.reddit.com/r/termux/comments/1gks9mf/announcement_termux_broken_on_android_15_for/
https://www.reddit.com/r/oneplus/comments/1go55ow/termux_is_now_officially_dead_for_oneplus_and/
Termux is broken on oneplus devices.
This means winlator, and other similar termux based projects will no longer work.
In addition to that, other Android distributions have also moved "child process limit" to developer options, which may forebode them removing it, and breaking termux entirely. This is pretty scary IMO.
I actually hate this take. Unlike facebook, on lemmy, you actually own your data. Will this ownership of data be enforced against LLM companies? Probably not. Stackoverflow had everything under a license that requires attribution, but LLM's don't attribute and got away scot free.
But... the license that onlinepersona uses is less restrictive, rather than the default of an individual having absolute copyright over content they make. With onlinepersona's comments, I know exactly what I can legally do with their comments.
As for everybody's else comments, like yours, I don't really know. Can I quote you, with or with out attribution? Can I legally remix comments? Do I have to ask permission before I use your comment in my presentation? You didn't sign any kind of license/agreement that explicitly stated what they can do with your comments, did you?
I'm never gonna complain about someone explicitly releasing their work under a more free license. I find it frustrating that the fediverse is the "free culture" place and all that, but we don't have a way to set copyright (or more likely, copyleft), on our comments. Instead, every comment is the equivalent of proprietary, source available software.
People mad about onlinepersona's CC BY-NC-SA 4.0 license, like the other poster who is calling them stupid, are literally mad about receiving free shit. Stay mad, I guess. Personally, I'm happy that I am given content under a more free license than proprietary.
Updates aren’t forced.
No. Apple claims updates aren't forced. With proprietary software, we have no way to verify if they have some way of forcing an update through.
You have the ability to enable automatic updates, but they are turned off by default.
No. Apple claims that only the user can enable automatic updates. With proprietary software, we have no way to verify if Apple can enable them remotely.
Also, are you really going tell users to not update?
They also cannot affect user data. iOS and app software is sandboxed. The kernel keeps application and OS layers independent, just like Linux.
No. Apple claims that updates cannot affect user data. Again, with proprietary software, there is no way to truly verify.
Apple users will experience the same thing that all other computer owners experience when they disable updates entirely; outdated security software and limited compatibility.
Oh...so updates are good now, and we should update, even if it puts us at risk of something malicious?
You are taking Apple's claims as truth and pretending they are good. They probably aren't.
But, as someone else mentioned in the thread: The US government can force companies to spy for them. Even if Apple was as good as they market themselves to be, they cannot outrun the government.
Now, it's not realistic to force everybody to switch away from iPhones. But, we should stop treating proprietary software as truly trustworthy with our data.
Personally, I am loving flux right now. I'm using it to set up my homelab right now, while I learn kubernetes.
I chose flux because it seemed lighter, without a web ui or any extra components I may not want. Using flux feels like getting the declarativity that nixos promised but couldn't really deliver on.
Also, I did note on another post, that Forgejo, who used to use imperative kubernetes for everything, is now switching to fluxcd.
Maybe: https://archivebox.io
I'm pretty sure httrack just saves relevant embedded images along with the site.
Did you use flux 1, or flux 2?
Flux 2 is a complete rewrite, and is basically a different app.
Cuttle
This card game looks really good. There also seems to be a big, open source server: https://github.com/cuttle-cards/cuttle
93% of Paint Splatters are Valid Perl Programs
Source: https://0x2121.com/7/Lost_in_Translation/
Alt Text: (For searchability): 3 part comic, drawn in a simple style. The first, leftmost panel has one character yelling at another: "@+_$^P&%!. The second comic has them continue yelling, with their hands in an exasperated position: "$#*@F% $$#!". In the third comic, the character who was previously yelling has their hands on their head in frustration, to which the previously silent character responds: "Sorry, I don't speak Perl".
Also relevant: 93% of paint splatters are valid perl programs
PSA: You should know that Debian Trixie/Testing does not receive security updates in a timely manner, and is not intended for production use
https://security-tracker.debian.org/tracker/CVE-2024-47176, archive
As of 10/1/24 3:52 UTC time, Trixie/Debian testing does not have a fix for the severe cupsd security vulnerability that was recently announced, despite Debian Stable and Unstable having a fix.
Debian Testing is intended for testing, and not really for production usage.
https://tracker.debian.org/pkg/cups-filters, archive
So the way Debian Unstable/Testing works is that packages go into unstable/ for a bit, and then are migrated into testing/trixie.
> Issues preventing migration: > ∙ ∙ Too young, only 3 of 5 days old
Basically, security vulnerabilities are not really a priority in testing, and everything waits for a bit before it updates.
I recently saw some people recommending Trixie for a "debian but not as unstable as sid and newer packages than stable", which is a pretty bad idea. Trixie/testing is not really intended for production use.
If you want newer, but still stable packages from the same repositories, then I recommend (not an exhaustive list, of course).:
- Opensuse Leap (Tumbleweed works too but secure boot was borked when I used it)
- Fedora
If you are willing to mix and match sources for packages:
- Flatpaks
- distrobox — run other distros in docker/podman containers and use apps through those
- Nix
Can get you newer packages on a more stable distros safely.
AnuraOS — web based OS that uses a wasm emulator to give you a real linux system, running entirely in your browser
A web "OS" and development environment with full linux emulation - MercuryWorkshop/anuraOS
I couldn't get any of the OS images to load on any of the browsers I tested, but they loaded for other people I tested it with. I think I'm just unlucky.
Linux emulation isn't too polished.
Benefit of a subvolume below the top level btrfs subvolume?
According to the archwiki article on a swapfile on btrfs: https://wiki.archlinux.org/title/Btrfs#Swap_file
> Tip: Consider creating the subvolume directly below the top-level subvolume, e.g. @swap. Then, make sure the subvolume is mounted to /swap (or any other accessible location).
But... why? I've been researching for a bit now, and I still don't understand the benefit of a subvolume directly below the top level subvolume, as opposed to a nested subvolume.
At first I thought this might be because nested subvolumes are included in snapshots, but that doesn't seem to be the case, according to a reddit post... but I can't find anything about this on the arch wiki, gentoo wiki, or the btrfs readthedocs page.
Any ideas? I feel like the tip wouldn't just be there just because.
Are certain typos/grammar errors harder to read than others?
cross-posted from: https://programming.dev/post/6822168
I was watching a twitch streamer play the game pogostuck (A game similar in frustration and difficulty to Getting over it with Bennett Foddy — Don't Fall!).
They were also reading chat at the same time (usually out loud, as well). Multitasking.
Lots of sources (here's one) say that true multitasking is impossible. Rather, it's very fast switching, where there is a degradation of performance.
Knowing this, I naturally made it my mission to trip the streamer up with seemingly benign messages.
I was sharing some actual information about another streamer who beat another game, but a made a typo something like:
> I remember a streamer beat the game a game ...
And I noticed how much more the streamer struggled to read this compared to previous, accidental typos (missing spaces, extra spaces, etc.). He spent a good 5 seconds on this message, and during the process, he fell really far. 😈
So I decided to do some testing. Inserting words, swapping them around, and whatnot, to see what tripped him up the most. Most typos didn't affect him.
There was one typo that tripped him again, where I said something like:
> If it wasn't for a for
So it seems to be repetition? But I couldn't always replicate this with other forms of repetition.
Later on, I copied the two guards riddle, with an alteration:
> One of the guards always lies and the other always lies as wekk. You don't know which one is the truth-teller or the liar either. However both guards know each other
Sadly, I didn't cut the part about "don't know which is truth teller or liar" out.
The streamer spent a good 5 minutes interpreting this puzzle, and eventually interpreting it as the original puzzle. Then, he was trying to solve a riddle, game, and read chat all at once.
He was stuck on the bottom until he gave up on the riddle (I revealed that I meant what I said when I said both guards lie). 😈
Anyway, that was a bit off topic but still relevant.
I'm wondering if any studies have been done on this? I know studies have been done on human's ability to read words with the letters partially scrambled, but what about typos?
How can I improve my distraction game (with plausible deniability of course)?
Are certain typos/grammar errors harder to read than others?
I was watching a twitch streamer play the game pogostuck (A game similar in frustration and difficulty to Getting over it with Bennett Foddy — Don't Fall!).
They were also reading chat at the same time (usually out loud, as well). Multitasking.
Lots of sources (here's one) say that true multitasking is impossible. Rather, it's very fast switching, where there is a degradation of performance.
Knowing this, I naturally made it my mission to trip the streamer up with seemingly benign messages.
I was sharing some actual information about another streamer who beat another game, but a made a typo something like:
> I remember a streamer beat the game a game ...
And I noticed how much more the streamer struggled to read this compared to previous, accidental typos (missing spaces, extra spaces, etc.). He spent a good 5 seconds on this message, and during the process, he fell really far. 😈
So I decided to do some testing. Inserting words, swapping them around, and whatnot, to see what tripped him up the most. Most typos didn't affect him.
There was one typo that tripped him again, where I said something like:
> If it wasn't for a for
So it seems to be repetition? But I couldn't always replicate this with other forms of repetition.
Later on, I copied the two guards riddle, with an alteration:
> One of the guards always lies and the other always lies as wekk. You don't know which one is the truth-teller or the liar either. However both guards know each other
Sadly, I didn't cut the part about "don't know which is truth teller or liar" out.
The streamer spent a good 5 minutes interpreting this puzzle, and eventually interpreting it as the original puzzle. Then, he was trying to solve a riddle, game, and read chat all at once.
He was stuck on the bottom until he gave up on the riddle (I revealed that I meant what I said when I said both guards lie). 😈
Anyway, that was a bit off topic but still relevant.
I'm wondering if any studies have been done on this? I know studies have been done on human's ability to read words with the letters partially scrambled, but what about typos?
How can I improve my distraction game (with plausible deniability of course)?
Alternative to docker-tcp-switchboard, but for tcp (lo';) and virtual machines?
Launch a fresh docker container per SSH connection - GitHub - OverTheWireOrg/docker-tcp-switchboard: Launch a fresh docker container per SSH connection
cross-posted from: https://programming.dev/post/5669401
> docker-tcp-switchboard is pretty good, but it has two problems for me: > > * Doesn't support non-ssh connections > * Containers, not virtual machines > > I am setting up a simple CTF for my college's cybersecurity club, and I want each competitor to be isolated to their own virtual machine. Normally I'd use containers, but they don't really work for this, because it's a container escape ctf... > > My idea is to deploy linuxserver/webtop, as the entry point for the CTF, (with the insecure option enabled, if you know what I mean), but but it only supports one user at a time, if multiple users attempt to connect, they all see the same X session. > > I don't have too much time, so I don't want to write a custom solution. If worst comes to worst, then I will just put a virtual machine on each of the desktops in the shared lab. > > Any ideas?
Alternative to docker-tcp-switchboard, but for tcp and virtual machines?
Launch a fresh docker container per SSH connection - GitHub - OverTheWireOrg/docker-tcp-switchboard: Launch a fresh docker container per SSH connection
docker-tcp-switchboard is pretty good, but it has two problems for me:
- Doesn't support non-ssh connections
- Containers, not virtual machines
I am setting up a simple CTF for my college's cybersecurity club, and I want each competitor to be isolated to their own virtual machine. Normally I'd use containers, but they don't really work for this, because it's a container escape ctf...
My idea is to deploy linuxserver/webtop, as the entry point for the CTF, (with the insecure option enabled, if you know what I mean), but but it only supports one user at a time, if multiple users attempt to connect, they all see the same X session.
I don't have too much time, so I don't want to write a custom solution. If worst comes to worst, then I will just put a virtual machine on each of the desktops in the shared lab.
Any ideas?
Trying to get secure boot + full disk encyrption + bootable timeshift backups working. How to make grub verify nothing?
So basically, my setup has everything encrypted except /boot/efi. This means that /boot/grub is encrypted, along with my kernels.
I am now attempting to get secure boot setup, to lock some stuff, down, but I encountered this issue: https://bbs.archlinux.org/viewtopic.php?id=282076
Now I could sign the font files... but I don't want to. Font files and grub config are located under /boot/grub, and therefore encrypted. An attacker doing something like removing my hard drive would not be able to modify them.
I don't want to go through the effort of encrypting font files, does anyone know if there is a version of grub that doesn't do this?
Actually, preferably, I would like a version of grub that doesn't verify ANYTHING. Since everything but grub's efi file is encrypted, it would be so much simpler to only do secure boot for that.
And yes, I do understand there are security benefits to being able to prevent an attacker that has gained some level of running access to do something like replacing your kernel. But I'm less concerned about that vector of attack, I would simply like to make it so that my laptops aren't affected by evil maid attacks, without losing benefits from timeshift or whatnot.
I found the specific commit where grub enforces verification of font files: https://github.com/rhboot/grub2/commit/539662956ad787fffa662720a67c98c217d78128
But I don't really feel interested in creating and maintaining my own fork of grub, and I am wondering if someone has already done that.
Is it possible to have a share a singular interface on a vps for openstack neutron?
I'm having trouble with networking on linux. I am renting a vps with only one NIC, one ipv4 address, and a /64 range of ipv6 ones. I want to deploy openstack neutron to this vps, but openstack neutron is designed to be ran on machines with two NIC's, one for normal network access, and entirely dedicated to virtualized networking, like in my case, giving an openstack virtual machine a public ipv6 address. I want to create a virtual NIC, which can get it's own public ipv6 addresses, for the vm's, without losing functionality of the main NIC, and I also want the vm's to have ipv4 connectivity. I know this setup is possible, as the openstack docs say so, but they didnt' cover how to do so.
Docs: https://docs.openstack.org/kolla-ansible/latest/reference/networking/neutron.html#example-shared-interface
There is an overview of what you need to do here, but I don't understand how to turn this into a usable setup. In addition to that, it seems you would need to give vm's public ipv4 addresses, in order for them to have internet connectivity. I would need to create a NAT type network that routes through the main working interface, and then put the neutron interface partially behind that, in order for ipv4 connectivity to happen.
I've been searching around for a bit, so I know this exact setup is possible: https://jamielinux.com/docs/libvirt-networking-handbook/multiple-networks.html#example-2 (last updated in 2016, outdated)
But I haven't found an updated guide on how to do it.