Chromebook V2?
Chromebook V2?
You can use (self hosted) gitlab as a registry storage. We do that locally so we have both code, pipeline and containers in the same place.
Funny :)
Hard to be sane with so many broken hardware implementations… 😅
Cudos for the Linux developers!
In the last I had very little success rate of those uninstall tools to actually do their job in full. A lot of time they delete some data but almost always they leave some trash behind.
And in the first place, I stopped trusting those external uninstall binaries, they could be designed to remove not only app data but remove your personal data, steal data from your PC or infect it (even if just to investigate why you are uninstalling).
One of the reason is that apps can place their files in any place they want so the app manager is not aware of those locations.
Even if it would know then the user still would need a way to remove the app without deleting data, imagine installing Developer IDE or chat app and uninstall process would remove your chats or projects. Imagine app dev accidentally set the “directory that store app data” to /home, it would be bad.
I not once uninstalled app to install different (for example older) version due to bugs in new one.
Having the logic allowing to optionally delete data would introduce additional complexity so most old package managers never introduced that feature.
But I agree that we should slowly introduce a way to to that. Some app managers that manage flatpaks now allow to delete user data after uninstalling app, this now could be done universally because apps installed using flatpak store their data in their own separated/dedicated directory that flatpak engine know about so (unless you give permissions to access other location) thw manager know where the app store data so can offer easy way to remove it.
Container is just a term for a set of isolation solutions bundled together.
Like file system isolation (chroot), network isolation, process isolation, device isolation…
One of them is ofc chroot, yes container use exactly the same chroot functionality.
So to answer your question, no, you don’t need full isolated container. You can use only chroot.
You just need to pass all required devices ( and match the driver version running in kernel with your files in container and (avoid) more than one app having full unrestricted access to GPU as that would result in issues (but dont know the details so can’t help you with that)).
You can use wayland in container but the easy way probably would require to give whole GPU to the container (but my knowlwdge is limited)
What I do know that this project is doing that: https://games-on-whales.github.io/
That also came up in search results that could help: https://unix.stackexchange.com/a/359244
The only reason ssh client would “hang” without any output is when it’s waiting for external key storage to allow access. It’s designed that way to give user some time to approve access to key storage.
It sometimes happen that the installed key storage is broken in a way that it fails to show user modal, for any reason (showing on wrong screen, wrong desktop, wrong activity, wrong framebuffer, …)
One solution (that you already did) is to change the SSH agent env variable to point to different key storage.
Another would be (if possible) to uninstall the broken key storage if you don’t use it. But it is sometimes needed/used by other apps.
It’s overall good to notify/open bug on your distro issue tracker to notify that some packages are missconfigured (maybe have missing dependencies) or conflicts with other ones.
Does it support intro skip?
10-50 people normal use case?
For KeePass no, for VaultWarden yes.
Just got triggered for the comment above suggesting a solution that doesn’t work for quite a lot of deployments/users, but yes, my comment was a little bit out of place as for single user deployments KeePass is probably way simpler/better.
Totally agreed, but there are pros and cons.
File - harder to steal but once stolen hacker can bruteforce it as much as it wants. Web service - with proper rate limits (and additional IP whitelist so you can only sync on VPN/local network) - its harder to bruteforce. (But yes, you (sometimes) have also full copy locally in the local client, but …)
If it was only for me I probably would also go with KeePass as you will not update the same db at the same time, but with with multiple users it’s getting unmanageable.
I just got triggered as those CVEs are not that bad due to the nature that the app encrypts stuff on the client side so web server is more like shared file storage, while your answer suggested to switch to a solution that doesn’t work for a lot of people (as we already tried that).
Explain how can you use KeePass+Syncthing with 10-50 people (possibly different groups for different passwords) having different sets of access level while maintaining sane ease of use?
The passwords are encrypted in the first place so the security for them is only on the client side.
grep bat /proc/driver/rtc
❤️
Always learning something new, thanks :)
Yes, user should (at least try to) provide their own message, if not and it just post links to (their own?) pages then account should be marked as Bot IMHO.
CVEs found at: https://www.bleepingcomputer.com/news/security/linux-kernel-impacted-by-new-slubstick-cross-cache-attack/
Details of vulnerability: https://github.com/IAIK/SLUBStick
Immich
Wanting to spin-up but constantly delaying…
Because Nginx Proxy Manager exists.
And also because for me it started from web hosting where Apache and Nginx dominate and later because of many easy to understand example configs from the net including many “docker letsencrypt” examples.
You can go to /var/log/apt/
and read the history.log
as it will contain every single package that you did install/remove.
Based on that you can just restore it to working state by manually undoing the changes (removing installed, installing removed)
Looks like the installer and grub is confused about the hard drive order different in instaler and different while booting, both those drives could also have the same partition/drive ID making it confused, that could happen if you cloned/copied the drive in the past
I would say as a easy and safe solution
No thanks, sounds like security and privacy nightmare.
The part about “no user interaction required” doesnt feel right secure.
Especially as it is stored at google servers, it says it is encrypted but it is encrypred using keys that google has access to as they are unlocked with you logging in into google account.