Linus didn’t only call out people posting flame replies, but also folks interested in a serious discussion on that topic, who also contributed to the kernel before (see PeterCxy’s blog: https://typeblog.net/55833/getting-called-paid-actor-by-linus-torvalds).

Here’s what he actually said:

I’m also not going to start discussing legal issues with random internet people who I seriously suspect are paid actors and/or have been riled up by them.

That’s ambiguous at best.

I find it more likely that it’s targetted at the greater crowd replying to that thread rather than this person specifically due to it’s general tone. If Linus things you are full of shit, you can be that he will call you out specifically rather than wording it like this.

AFAIK we still don’t know the exact reasons for the removal, which is just intransparent.

We do: https://www.phoronix.com/news/Linux-Compliance-Requirements.

where he called several kernel developers paid actors

He didn’t. He (rightly) called out people who have never contributed to the kernel and posted flame replies to the initial announcement on the mailing list.

This isn’t some wild conspiracy theory either, this is a thing Russia actually does: cause disarray and split “western” communities; divide and conquer. It’s an their explicit goal of the Kremlin to do this; there’s credible accounts of that.

If you want a community that’s resistant to such influences, you ought to call this sort of thing out whenever you see it.

The best part of it is that it’s not just graphical: It’s a headless daemon that you can configure via config file, CLI or GUI.

That’s in stark contrast to i.e. CoreCtl which only operates while its window is open in a graphical desktop session.

AND have backups.

NixOS because it’s the only usable stab at sustainable system configuration.

I recommend borgbackup.

It has since taken away Gentoo’s raison d’être a bit in my head.

I wouldn’t say so. We currently don’t hold a candle to USE-flags. Many packages are already configurable but there’s no standard on anything w.r.t. that.

There’s no technical reason we couldn’t have such a standard but it hasn’t happened yet.

That’s Nix, not NixOS.

I also wouldn’t be too sure on that “explicit” part for Docker. It’s somewhat isolated, sure, but everything but explicit: you can download arbitrary data from wherever you like.

That isn’t going to help them one bit if they have a SteamVR HMD.

It recommends AMDVLK… meh

Is there a bridge like they have for IMAP btw?

It’s a LineageOS thing AFAIK. I’d be a bit surprised if GrapheneOS had it since they’re quite close to stock AOSP when it comes to customisations that don’t relate to security or privacy.

Great way to show off you haven’t actually read any of the article except its title.

You’re comparing apples to oranges. One is a declarative Linux system environment creation solution and the other a daemon that starts sub-system environments using Linux namespaces.

You could in theory use NixOS to define a system environment that you’d run inside of a docker container. It’s a bit harder to get systemd running inside of Docker which NixOS heavily relies on but that’s beside the point. Easier integrations exist for LXD and systemd-nspawn which actually fulfil an equivalent purpose to Docker. The single component that is most comparable to Docker in a typical NixOS deployment would arguably be its init process (systemd), though its use extends far beyond setting up the namespace (the root namespace in this case).

Having a record which defines exactly what to fetch is the necessary condition, not the sufficient condition.

The actual artifacts fetched to disk must be stable, not just the record.

That’d hit the source fetcher just as much. That’s an issue on a different layer.

You should scrub your data regularly with btrfs. That’s just a mean to verify the data is in-tact though; to detect corruption.

You cannot really do anything actively to keep the data in-tact. Failure can and will happen. To keep your data safe, you must plan for failure to happen:

Expect a power surge to fry all your disks at the same time.
Expect your house to burn down or flood.
Expect to run the wrong command and istantly hose your entire array.
Expect your backup server to get ransomware’d.
…

Only if you effectively mitigate these dangers will your data stay safe.

Stable distros can and will backport security fixes. Good ones that is.

Pretty cool!

Have you thought about whether this could also be used for limited write access? A common use-case for abusive image gallery services that you cannot ordinarily fulfil with Immich is shared albums where multiple people that e.g. attended the same event can collect pictures in without complex authentication (just a single shared secret or even just the link to the album).

Ahhhhh whyyyyy, you’ve got all of these standard response codes made for you, why would you blatantly ignore them like that?!