I‘m not sure if I like this. I use Matrix for a couple of years now and to be honest the more I use it the more I hate it.
Everything just feels slow, clunky and some basic things are quite complicated to archive and some functionality just does not work.
All that was okay for me in the beginning but it never got better.
IRC and XMPP also had their problems but I often wish them back nowadays.
Everything just feels slow, clunky and some basic things are quite complecated to archive
It's been that way for much longer than a few years unfortunately. I don't understand how people can tolerate it. Some projects switched to it because it seemed more beginner friendly than IRC, but to me it's not focussed on making things easy.
My problem with matrix is that you need email address to use it. Compared to the irc, where you could just use whatever name and ask questions straight away. Most distros I used came with an irc client preinstalled and preconfigured to connect to the support channel when launched. In my opinion that is more beginner friendly.
You don't need an email address. It depends on the server/instance, just like Lemmy. Not all Lemmy instances require an email, you're just out of luck for password resets.
Looks like you’re saying federation is the future, but Matrix is a bad federation implementation. And that sounds good.
I still think forums are the best way to handle support. Even phpBB is better than any chat. Have a bot alert a chat channel that the project team hangs out for every new topic or something, if that’s a concern.
I still think forums are the best way to handle support. Even phpBB is better than any chat. Have a bot alert a chat channel that the project team hangs out for every new topic or something, if that’s a concern.
Giving the users the choice to have IRC and a forum sounds nice to me.
Forums for the longer conversations and be able to look up things with a search engine, and IRC for quick questions and informal chat.
the issue isn’t so much with IRC, XMPP, Matrix, or Discord per se (aside from Discord having its own issues) – it’s that every dev/org/group is trying to use a chatroom as a replacement for support channels, wikis, knowledgebases, FAQs, forums, announcements, mailing lists, etc.
[as the meme states: “I don’t want to join your fucking Discord server just to get basic information that should be on a proper website instead of hidden away in the archives of a fucking chatroom”]
We dont really use/experience matrix. Same as we dont really use/experience debian, fedora, etc.
We are experiencing the clients (same as we experience the DE in the second example).
It does not make sense to hate on the protocol for clunky clients, same as it does not make sense to change distros because gnome isnt your thing, except if your OS doesnt handle anything else.
I had this discussion a billion times already. Element is not matrix and every other client is produced by actual people with very little money.
Be the change you want to see and make a client or donate to someone who makes the most promising ones instead of moaning about the good ol days please. Have a good one.
SUID stands for Set User ID. An SUID binary is a file that is always run with the UID of the owner user (almost always root). Note that this does not require that the user running them has root permissions, the UID is always changed. For instance, the ping command needs to set up network sockets, which requires root permissions, but is also often used by non-root users to check their network connections. Instead of having to sudo ping, any normal user is able to just run ping, as it uses SUID to run as the root user. sudo and doas also require functions that necessitate them running as root, and so if you can find out how to exploit these commands to run some arbitrary code without having to authenticate (since authentication happens after the binary has started running), there is a potential for vulnerabilities. Specifically, there is the privilege escalation, which is one of the most severe types of vulnerabilities.
run0 starts using systemd-run, which does not use SUID. Instead, it runs with the permissions of the current user, and then authenticates to the root user after the binary has already started to run. systemd-run contacts polkit for authentication, and if it succeeds, it creates a root PTY (pseudo-terminal/virtual terminal), and sends information between your session and the root PTY. So this means that in order to achieve privilege escalation with run0 as root, you have to actually authenticate first, removing the "before authentication" attack surface of sudo and doas.
TL;DR SUID binaries will always run as the owner (usually root), even before any form of authentication. run0 will start with the permissions of the current user, and then authenticate before running anything with root permissions.
Suid is a bit set on executables that results in them being run as the user that owns the file without needing a password, for example, passwd as root.
But also completely useless. Run0 ignores the suid bit for the same reason as 99% of command line apps do: it ignores because it isn't relevant to its functionality.
Basically, the SUID bit makes a program get the permissions of the owner when executed. If you set /bin/bash as SUID, suddenly every bash shell would be a root shell, kind of. Processes on Linux have a real user ID, an effective user ID, and also a saved user ID that can be used to temporarily drop privileges and gain them back again later.
So tools like sudo and doas use this mechanism to temporarily become root, then run checks to make sure you're allowed to use sudo, then run your command. But that process is still in your user's session and process group, and you're still its real user ID. If anything goes wrong between sudo being root and checking permissions, that can lead to a root shell when you weren't supposed to, and you have a root exploit. Sudo is entirely responsible for cleaning the environment before launching the child process so that it's safe.
Run0/systemd-run acts more like an API client. The client, running as your user, asks systemd to create a process and give you its inputs and outputs, which then creates it on your behalf on a clean process tree completely separate from your user session's process tree and group. The client never ever gets permissions, never has to check for the permissions, it's systemd that does over D-Bus through PolKit which are both isolated and unprivileged services. So there's no dangerous code running anywhere to exploit to gain privileges. And it makes run0 very non-special and boring in the process, it really does practically nothing. Want to make your own in Python? You can, safely and quite easily. Any app can easily integrate sudo functionnality fairly safely, and it'll even trigger the DE's elevated permission prompt, which is a separate process so you can grant sudo access to an app without it being able to know about your password.
Run0 takes care of interpreting what you want to do, D-Bus passes the message around, PolKit adds its stamp of approval to it, systemd takes care of spawning of the process and only the spawning of the process. Every bit does its job in isolation from the others so it's hard to exploit.
But I've had so many issues with D-Bus fucking shit up on my systems that I'd be very reluctant to hinge my only way of recovering from failures upon something so brittle.
Granted, D-Bus hasn't given me any trouble since moving to NixOS. The hell of trying to recover my arch systems from a perpetually failing D-Bus would make me very apprehensive to adopt this. I could see myself using run0 by default, but keeping sudo-rs or doas around with a much stricter configuration as a failsafe until the run0 + D-Bus + PolKit is absolutely stable and bulletproof.
I haven't had D-Bus problems in quite a while but actually run0 should help with some of those issues. Like, systemctl --user will actually work when used with run0, or at least systemd-run can.
Haven't used it yet so it's all theoretical, but it makes sense to me especially at work. I've used systemd-run to run processes in very precise contexts, it's worth using even if just to smush together schedtool, numactl, nice, taskset and sudo in one command and one syntax. Anything a systemd unit can do, systemd-run and run0 can do as well.
I'm definitely going to keep su around just in case because I will break it the same I've broken sudo a few times, but I might give it a shot and see if it's any good just for funsies.
Just trying to explain what it does and what it can do as accurately as possible, because out of context "systemd adds sudo clone" people immediately jump to conclusions. It might not be the best idea in the end but it's also worth exploring.
Some people are opposed to sudo being a fairly complex program with an awkward to understand configuration language and a couple of methods that can fetch config from elsewhere. Fixing upstream sudo can't happen because those features exist and are presumably used by some subset of people, so straight up removing them is not good, but luckily doas and sudo-rs exist as alternatives with a somewhat stripped featureset and less footguns.
Others are opposed to the concept of SUID. Underneath all the SUID stuff lies far more complexity than is obvious at first sight. There's a pretty decent chunk of code in glibc's libdl that will treat all kinds of environment variables differently based on whether an executable is SUID, and when that goes wrong, it's reported as a glibc bug (last year's glibc CVE-2023-4911 was this). And that gets all the more weird when fancy Linux features like namespaces get involved.
Removing SUID requires an entirely different implementation and the service manager is the logical place for that. That's not just Lennart's idea; s6, as minimal and straight to the point as it tends to be, also implements s6-sudo{,d,c}. It's a bit more awkward to use but is a perfectly "Unix philosophy" style implementation of this very same idea.
I tried it. Lot of fun and fustration. If You hava spare machine and few weeks to play around, do it. It boosted my knowledge and my skills a lot.
I would not use it for daily driver, and never for work.
Documentation is super! If You have to do something by hand, it is one of the best source of info!
By the time I finished, half the system was extremely outdated and probably vulnerable to dozens of RCEs. Somehow I managed to compile KDE, but not Firefox. It always crashed the whole Laptop - 2 GB RAM wasn't enough.
All this true and I relate. Firefox is a beast. Compiling browser is a pain. Don't even tought to do KDE. I put together the ui with some suckless tools and had fun with them.
Security, stability are a constant question with a system like this. Not a daily driver, used to gain a deeper knowladge.
It is like bivaking behind the grandarents house in the foresst: uncomfortable, adveture, goodway to test Yourself and the gear, still have cookies. Not preparation for the alien zombies in the Amazonas.
Yeah, for me it just showed me how nice a customly installed distro is, and how fast it can be even on an old machine, so it was the first to get Arch installed on. Another Laptop followed, then my main PC, Server and finally the PI.
KDE, Gnome, the kernel, you can compile them without any problems. They're large and complex but they're well organized.
X is weird but it can also be compiled fairly easily.
Mozilla stuff is horrendous. There's no rhyme or reason, it's hard to find build instructions, half the time they don't work, when they do the build fails with obscure errors...
Games need to live closer to the bleeding edge than a lot of other software.
Also, for wine/proton, and the other customisations built into the deck, it makes sense to pick a starting point that is more built for customisation. By that I mean there was probably less things they needed to add or remove at the start.
As mentioned, it's also likely there was personal bias internally. But even that can be a valid reason as they need to be familiar/comfortable with the starting distro.
Not saying that Debian cannot do it, but doing it this way probably made valve's employees lives easier.
I suspect the reason why the full story isn't being told here is because the creators of Lix don't want the project to be seen as purely some "left wing" fork. I don't blame them, especially considering Lix has far more merit than merely "Nix's leadership sucks." Regardless, I'll see if I can give you an overview:
Basically, NixOS's leadership has been seen for a long while as bureaucratic and sloooow even when it comes to core things like UX changes in Nix itself. When it comes to social issues, they have been dragging their heels even more. A lot of discontent has been brewing for years but the most notable conflicts have been when NixOS's leadership accepted funding from Anduril to fund NixCon 2023. Anduril was then dropped as a sponsor, but NixCon North America 2024 again got sponsored by Anduril. Anduril, in case you didn't know, is part of the military industrial complex, and is run by Palmer Luckey, a noted Israel supporter in the ongoing genocide against Palestine.
NixCon getting Anduril sponsorship againticked off a lot of people. This petition was then opposed by a particularly loud and irritating chunk of the community, including Jon Ringer, a (now former) release manager for NixOS, and most notably, an Anduril employee. Jon maintains that his Anduril employment was irrelevant to his work on Nix, which may very well have been true; up until the point where he started going on rants about Nix becoming "political" in discussions about the sponsorship. He stifled a ton of discussion around this issue, and NixCon went ahead with the Anduril sponsorship. Now that he has been "doxxed" (his employment details were public on LinkedIn, he uses this term to drum up more support for himself dishonestly) he has gone full mask off, and now spends time on the grifter's shithole paradise r/NixOS to complain about how the "woke left" is supposedly trying to infiltrate Nix's leadership and "take over the project" (partly because of the Anduril sponsorship response, partly because of this one RFC where someone dared to advocate for minority representation).
People have been advocating for leadership change to at least try and get NixOS's leadership to do more, but apart from Eelco (the BDFL) stepping down there hasn't been a whole lot that's changed. After reading a lot of these discussions and seeing just how inactive some of this moderating has been (and the fact that when a mod does try to clean up the forums, the grifters cry that the mods are being "political" or whatever the fuck), I'm personally throwing my whole weight behind Lix, because I appreciate project leadership that aims to have a safe community. That, and I also like a project that isn't scared of breaking experimental features.
We can connect two computers over USB and we do it all the time. E.g. your phone and your PC. One or both of the computers needs to be able to act as a device. Most Android computers can switch between host and device depending on what's plugged in. It all comes down to implementation.
I really love GNOME but the developers keep doing shit like this and I don't get why. Their reasoning for why they won't allow custom accent colors and only predefined ones was also stupid and then they just said that if people keep asking for custom colors, they won't implement it at all.
That's wild, flat out telling the community they're going to refuse to implement something if they want it enough to ask for it
I won't presume how easy or hard implementing that would be, but I have a hard time believing it would be so significant that this stance makes any sense at all
Okay? Did I say anything about that being owed? They're also not owed a community using their community project, so acting like that just makes no sense and seems counter to a goal of building or maintaining an active community of users
I didn't say they aren't allowed to do that so maybe go have that argument with someone who did.
The reasoning for only allowing predefined colors was that, apparently, developers need to be able to test against every color and that Android's Material You is a total mess. I disagree with both of that, Material You seems to be working quite fine (I've also made apps myself) and I don't get what developers would need to test with accent colors. I couldn't voice my opinion tho cause then the whole thing would've been canned.
Android's Material You is absolutely disgusting though with it's bizarre theming choices and piss-like pastels and fucked notification shade and the dark mode circle jerk and it frankly seems to be an attempt to assassinate material design and everything that made it a defining tech aesthetic of the late 2010s
I never really gave gnome a chance until I came across bluefin recently. I was pleasantly surprised but the lack of customizability always drives me away in the long run.
Im not against opinionated design, their opinion on how things should be just seems to differ from my own.
well yeah, that's true, but it auto grabs clipboard, so you can just Right click > copy link address. Yeah yeah 1 extra click and messes your old workflow ik, but at least it checks all the other requirements
Don’t you even fucking get me started, I am so serious, lol
Edit: gentoo was why I said, “fuck this, I’m buying a Mac,” and refused to even think about Linux again for 5-6 years. And I have the OS X/macOS’s being UNIX to thank for that, btw.
The “shield” Apple puts over its OS can be pierced by powerusers who know how to use the terminal, and there are package managers like Homebrew that allow users to install ports of Linux/UNIX/BSD userland apps. In reality, macOS is an extremely-customized build of BSD that’s locked down in many ways, and runs a proprietary filesystem and on property hardware. (That’s a lot of suck, yes). But, otherwise, it’s still POSIX, and so similar to Linux as to easily facilitate a transition. And, because of it, I drifted back to Linux.
Not necessarily because of macOS’s shortcomings, but because I like to tinker and fiddle, and Linux scratches that itch.
Hopefully my partitioning was decent though, so distro-hopping shouldn't be too hard if I feel like switching (or even running different distros side-by-side?)
I was personally drawn to it because: it's not Ubuntu; ButterFS seems like a nice safety net; KDE Plasma is sexy AF; noone seems to have anything particularly horrible to say about it.
Why is your chosen distro (obviously) the superior choice?
Mint for gaming, because it's nice to have a rock-solid OS that doesn't need much beyond updates in terms of maintenance. Arch for hobby tinkering, because voiding warranties is fun.
Yeah, those are the same reasons I chose tumbleweed. Plus the rolling release.
I hope you made your system partition large enough. I had about 20G for / (excluding /home), which used to be enough for kubuntu, but quickly ran out of space on tumbleweed. I assume because of the Btrfs snapshots.
I reinstalled tumbleweed on a larger partition. Then couldn't install the proprietary codecs, because of an error I couldn't resolve.
Installed it a third time recently, now it runs smoothly.
The USB protocol was simple by design, so it could be implemented in small dumb devices like pen drives. More specifically, it used two couples of cables, one couple was for power and the other for data (four wires in total). Having a single half-duplex data line means you need some way of arbitrating who can send data at any time. The easiest way to do it is having a single machine that decides who gets to send data (master), and the easiest way to decide the master is to not do it and have the computer always do the master. This means you couldn't connect two computers together because they would both try to be the master.
I used the past tense because you may have noticed that micro USB have 5 pins and not 4, that's because phones are computers and they use the 5th pin to decide how to behave. If it's grounded they act as a slave (the male micro to male A cable grounds it). If it has a resistor (the otg cable has it) it act as master. And if the devices are connected with a wire on that pin (on some special micro to micro) they negotiate the connection.
When they made usb 3.0 and they realized that not having the 5th wire on the usb-A was stupid, so they put it (along side some extra data lines) that's why they have an odd number of wires. So with usb 3 you can connect computers together, but you need a special cable that uses the negotiation wire. Also I don't know what software you need for it to work.
Usb-c is basically two USB 3.0 in the same cable, so you can probably connect computers with that. But often the port on the devices only uses one, so it might not be faster. Originally they put the pins for two connections so you could flip the connector, but later they realized they could use them to get double speed.
And it was a good design - it's universal (aha) adoption proves that.
Those of us old enough to remember the pain of using 9 and 25 pin serial leads and having to manually set baud rate and protocols, along with LPT and external SCSI and manufacturer specific sockets probably agree this was a problem that needed solving, and USB did do that.
honestly 8 space indents always felt a bit ridiculous to me. i usually use 4 since it’s more conventional in most languages but could also be happy with 2.
weird hill to die on. use default setting unless you have a good reason not to. the argument itself is a waste of time on projects that want to get things done.
Also to advocate for a specific tab size while also advocating for hard tabs is nonsense. The one flimsy claim to usefulness tabs have is that different people can use different tab sizes and all at the low, low cost of everyone having five times more work to use tabs for indentations and spaces for alignment and thus having to use visual whitespace of some kind.
What they're referring to is that when you use tabs, you end up having some things at the end of lines have to be spaced over for alignment. Thus, you then have to turn on some way of seeing what stuff is tabs and what stuff is spaces and it turns into a big mess.
Hence why normal people indent with spaces instead of hard tabs
Linux
Top
This magazine is not receiving updates (last activity 51 day(s) ago).