John Richard

Please let me know if you figure it out. I opted the detached header approach a few years ago because it had most of the same benefits without the headache and poor support. I’m wondering if it might be possible to replicate what Grub is doing as it us relatively trivial but that doesn’t mean easy. Basically you’d have a Secure Boot signed bootloader that is able to boot a protected file system (secondary /boot) where your kernel & initramfs, or combined image exists. This secondary boot partition can be a lot more flexible though so it could even read a sparse-baded file that has a file system stored in it, and then from there you’d unlock the second layer of encryption. My guess is it can be done using something besides Grub and you’d have full access to all the algorithms available under cryptsetup.

Nintendo should hire him to beta test its games. Problem solved.

Sometime a streamer, he show his pre-release to corporation Nintendo and say “You will never get this you will never get it la la la la la la.” Nintendo behind its lawyer. Nintendo cries, Nintendo cries and everybody laughs. Streamer goes “You never get this.” But one time Nintendo send lawsuit and Nintendo “get this” and then we all laugh. High five!

Well, first they are lying to you. You don’t have to hand out certificates manually and that isn’t how Intune does it either. They are provisioned using SCEP generally, which has its own security drawbacks. You can get these certificates from a SCEP server using a tool like Certmonger.

Most companies that say they don’t officially support Linux already have you sign an acceptable-use agreement to only use company-provided hardware and approved software. And while they may act like they’ll make a special exception for you, you better make sure you got it in writing and in a way that would comply with your other employment agreements. One thing most IT employees don’t have the privilege of is negotiating the legal terms of their employment. There are already multiple US cases of employees being criminalized for breaking their employer’s AUP.

I wish you the best of luck, but feel like you’re prob in for a harsh reality.

You can use Wi-Fi certificates on Linux without needing Intune. Is the real issue here that your workplace doesn’t want to give you the info you need to use Linux?

What would having Intune offer you personally? Are you a smart Linux user or barely know enough to be dangerous?

Go to your IT department or management and tell them you want to use Linux for work if that is what you want, and if they say no then make up your mind if you’re willing to become a braindead zombie for the company, or if you’d rather be doing something actually useful and meaningful with your time.

Won’t be long before politicians give them permission to start killing Americans on America soil for being against genocide

Seriously? Matrix and signal already exists… So you can use them today instead of RCS to your heart’s desire.

Such a security risk though, but still better than curling scripts into sudo

I’m sorry you feel that way. Maybe you should spend less time attacking people and more time learning how to build a website.

What will it achieve to reveal them? Other users will notice too, it’s not like I’m the only one whose said this. Who cares if I convince you. Nix isn’t a power tool. It is a highly opinionated language that gimps the most basic package management tasks… It is basically a senseless markup language that requires package authors to resort to running unvetted shell scripts on users computers.

Lol… pet package? You act like these packages I’m referring to are ones that no one is using. These are highly popular packages where winget is getting updates way before Nix. Flathub is doing a better job at keeping packages updated in some instances. Something must be broken with the tool you mention if you think it is keeping packages updated.

Well there is this thing called DevOps where you scan repos and have packages get built and pushed automatically… not sure if you’ve ever heard of it. I think it is called CI/CD. /s

I can give you a list of software that is not being kept up to date on Nix Stable that is pretty popular. At first glance it does look impressive but does not translate into my real world experience.

Arch Linux does a better job mostly… although Nix does have more packages. Alpine Linux actually seems to do better than most in keeping packages updated.

Debian died a long time ago. It has its loyal users no doubt, but is a low bar to set.

Seems like Nix is going the way of the dinosaur. Most packages are now multiple versions behind. No one seems to be maintaining the packages anymore.

Now Drew Devault can finally work on PizzaHut.

Sysv didn’t have to have a lot of documentation. It was simple to understand what it did, and the underlying system was mostly shell scripting. It didn’t try to be and do everything.

I don’t hate systemd. I prefer it now for the most part. I really do think Lennart Poettering is incredibly skilled and intelligent. I am just frustrated that so much gets pushed without adequate resources and support to weigh what is production-ready, and what is bleeding edge. I’ve already had systemd bite me in the ass at least once where they made a significant unannounced change to systemd-cryptsetup. I had to go find answers by reading through pull request and GitHub issue comments, and it wasn’t easy to find either. The community acted like it wasn’t a big deal that it caused systems to no longer boot. Move fast & break things isn’t the message that will win over larger companies.

Lennart Poettering is no doubt smart, but learning all the ins and outs of systemd with terrible documentation and half-baked solutions, and just “trusting” it to do everything from UEFI booting, immutable partitions, system imaging, networking, home directory and resource management, init and daemon processes, sockets, etc. using “INI-like” files… hmm, I’d almost prefer another global outage.