Hey hello, self-hosting noob here. I just want to know if anyone would know a good way to host my writing. Something akin to those webcomic sites, except for writing. Multiple stories with their own “sections” (?) and a chapter selection for each. Maybe a home page or profile page to just briefly detail myself or whatever, I...
Wordpress or some of its alternatives would probably work well for this. Another alternative would be static site generators, where you pretty much just write the content in Markdown.
It’s also a pretty simple project, it would be a great project to learn basic web development as well.
To be fair you don’t really have to use filters for this. Cameras are much better at capturing the colors of the aurora while in person it looks like a faint white glow in the sky. Possibly some white-balance thing where it way overcompensate.
Cameras also need relatively long exposures to capture those so it’ll also appear much brighter and vivid than we see with our own eyes, possibly because of the low light conditions we use our cones more than the rods.
Leten cannon king lets you experience ultra-long stroking from 0.8 inches to 4.7 inches. Enjoy the perfect depth that suits your desires, ensuring optimal satisfaction and stimulation.
Nothing hotter than a giant electric fleshlight whirring away as you get off.
I saw one in a sex shop, it looks like such a chore to get going and clean up afterwards. It’s fucking huge too. Hands are so much easier to clean, and readily available anywhere anytime.
Does this happen to anyone else? As soon as I open the post (it’s in the !selfhosted community) I briefly see the contents and then Boost crashes. So it could be a comment causing this or the post itself when fully loaded. I’m using a Pixel 6 with Android 14.
I’ve actually ran into some of those problems. If you run sudo su --login someuser, it’s still part of your user’s process group and session. With run0 that would actually give you a shell equivalent to as if you logged in locally, and manage user units, all the PAM modules.
systemd-run can do a lot of stuff, basically anything you can possibly do in a systemd unit, which is basically every property you can set on a process. Processor affinity, memory limits, cgroups, capabilities, NUMA node binding, namespaces, everything.
I’m not sure I would adopt run0 as my goto since if D-Bus is hosed you’re really locked out and stuck. But it’s got its uses, and it’s just a symlink, it’s basically free so its existence is kBs of bloat at most. There’s always good ol su when you’re really stuck.
Basically, the SUID bit makes a program get the permissions of the owner when executed. If you set /bin/bash as SUID, suddenly every bash shell would be a root shell, kind of. Processes on Linux have a real user ID, an effective user ID, and also a saved user ID that can be used to temporarily drop privileges and gain them back again later.
So tools like sudo and doas use this mechanism to temporarily become root, then run checks to make sure you’re allowed to use sudo, then run your command. But that process is still in your user’s session and process group, and you’re still its real user ID. If anything goes wrong between sudo being root and checking permissions, that can lead to a root shell when you weren’t supposed to, and you have a root exploit. Sudo is entirely responsible for cleaning the environment before launching the child process so that it’s safe.
Run0/systemd-run acts more like an API client. The client, running as your user, asks systemd to create a process and give you its inputs and outputs, which then creates it on your behalf on a clean process tree completely separate from your user session’s process tree and group. The client never ever gets permissions, never has to check for the permissions, it’s systemd that does over D-Bus through PolKit which are both isolated and unprivileged services. So there’s no dangerous code running anywhere to exploit to gain privileges. And it makes run0 very non-special and boring in the process, it really does practically nothing. Want to make your own in Python? You can, safely and quite easily. Any app can easily integrate sudo functionnality fairly safely, and it’ll even trigger the DE’s elevated permission prompt, which is a separate process so you can grant sudo access to an app without it being able to know about your password.
Run0 takes care of interpreting what you want to do, D-Bus passes the message around, PolKit adds its stamp of approval to it, systemd takes care of spawning of the process and only the spawning of the process. Every bit does its job in isolation from the others so it’s hard to exploit.
I haven’t had D-Bus problems in quite a while but actually run0 should help with some of those issues. Like, systemctl --user will actually work when used with run0, or at least systemd-run can.
Haven’t used it yet so it’s all theoretical, but it makes sense to me especially at work. I’ve used systemd-run to run processes in very precise contexts, it’s worth using even if just to smush together schedtool, numactl, nice, taskset and sudo in one command and one syntax. Anything a systemd unit can do, systemd-run and run0 can do as well.
I’m definitely going to keep su around just in case because I will break it the same I’ve broken sudo a few times, but I might give it a shot and see if it’s any good just for funsies.
Just trying to explain what it does and what it can do as accurately as possible, because out of context “systemd adds sudo clone” people immediately jump to conclusions. It might not be the best idea in the end but it’s also worth exploring.
Some executables are special. When you run them, they automagically run as root instead! But if sudo isn’t very, very careful, you can trick it into letting you run things as root that you shouldn’t be able to.
Run0 DM’s systemd asking it to go fork a process as root for you, and serves as the middleman between you and the other process.
If you dig deeper into systemd, it’s not all that far off the Unix philosophy either. Some people seem to think the entirety of systemd runs as PID1, but it really only spawns and tracks processes. Most systemd components are separate processes that focus on their own thing, like journald and log management. It’s kinda nice that they all work very similarly, it makes for a nice clean integrated experience.
Because it all lives in one repo doesn’t mean it makes one big fat binary that runs as PID1 and does everything.
The same is on the way in the US with how hard conservatives are fighting to keep graduates dumb and educated. Educated people don’t lean towards wars.
Yeah, even Asahi has better OpenGL support than real macOS. They make damn sure you have to use Metal to get the most out of it, just like eventually you get caught up in DirectX on Windows whether you want it or not. You can use Vulkan and OpenGL, but the OS really wants to work with Metal/DirectX buffers in the end.
I appreciate that the devs care enough to make it really good from the start, because that sets the benchmark. Now the Linux version has to have a similar enough polish to it.
In comparison, Atom and VSCode both worked fine on Linux just about day one thanks to Electron, but it was also widely disliked for the poor performance. It’s a part of what Zed competes on, performance compared to VSCode.
Back in 2007-ish I told my Mum all about how you could jailbreak iphones and unlock them to make the phone with other carriers. I helped alleviate any concerns by convincing her and myself that if there are any problems after the procedure, nothing physically has been changed on the phone and as long as I made a backup first, we...
Pixel phones are basically the gold standard of Android phones for flashing custom ROMs. Google doesn’t lock anything down and provide everything necessary to not only build your own, but it even fully supports relocking the bootloader with your own keys and all the secure boot security features.
In most cases I think Google has an online tool you can run right from the browser to fully reflash the stock OS on it.
The only thing that won’t work is apps using Play Integrity which some bank apps and streaming apps use for DRM, including Google Pay/Wallet. There’s not much you can do about it especially in the longer term, as this is hardware-backed so unless some major exploit gets dropped, you can’t really fake the phone being stock to apps. Reverting to stock should bring back full functionality.
You really have to go out of your way to brick a Pixel and mess with overclocking to do permanent hardware damage.
As for the iPhone 3G, I think it was just software and an aging device. My iPod definitely got pretty laggy with multiple apps open on a device with 128MB of RAM in an OS that doesn’t even support running apps in the background. The more mods and plugins loaded the laggier naturally.
But even with a jailbreak, they didn’t mod drivers or anything that would make it different from a hardware perspective. They just sideload a store that can then install any apps. You can install bad apps but nothing that would survive a restore in iTunes.
What could have happened is she got an iOS update after the restore that also was a bit laggier and energy intensive. Or maybe the faster discharge and higher energy consumption is what finished an already aging battery. It’s very unlikely the jailbreak caused it, more likely triggered it or expedited an existing problem. Like formatting your mom’s PC whose hard drive is on death’s bed and the IO of reinstalling an OS makes it kick the bucket. Is it the OS’s fault? No. But did installing the OS cause the fault? Yes. People will still blame the OS, especially if it’s a different OS in case of a jailbreak or putting Linux on your mom’s laptop that’s still on XP or 7. The new thing, it broke the thing!
I just replied to that in a dedicated comment. But for your Pixel it’s even better because it’s something that Google even officially endorses, it doesn’t even void your warranty.
I’ve been modding phones since the Android 2.2 days, and I’ve never had any major issues or anything that would make me want to go back to stock, and never had issues going back to stock. Even my S7 with a modded bootloader splash screen, it was gone when I flashed stock back on it.
Yeah if it was brand new, it might also have been defective, I’ve seen that happen. It’s just between jailbreak and manufacturing defect, which do we default to? Depends on the whole timeline really.
It’s not impossible it broke it, but anyway the Pixel is made for that so it’s a lot less sketchy to begin with. It’s the same risk as installing an OS on a PC really.
Google releases betas and developer previews for the Pixel, it’s made to survive buggy code.
I haven’t really used any kind of messenger service since probably MSN Messenger and IRC back in the day so I’m a bit behind on a lot of the basics. Part of what’s quite different now than the experience then is what modern messenger protocols seem to be used for, as in they have public channels dedicated to topics that...
When it goes well you get live, interactive support and get your question answered fairly quickly. Nice and convenient. But as you’ve said already, it has drawbacks and it’s where forums and things like Lemmy come in, where sometimes you can get replies days later.
They’re different systems that reach different audiences. You use whichever based on the needs and complexity. What sucks is when the chat rooms develop some knowledge that doesn’t get known outside and it’s also not indexed anywhere on the web. Some things are better discussed in forum format (or mailing lists if you’re very oldschool), while others are just better interactively and the back and forth on a public forum would just be painful.
Usually there’s a bit of an overlap at least, where users are usually in Discord/Matrix/IRC and some forum or reddit or fediverse community at the same time.
I setup a new server a couple of days ago using the Ansible playbook, and some communities are federating successfully even though they’re labeled as “subscribe pending”, and others that are not populating even though they’re labeled as “joined”. See attached image....
You can try unsubscribing and resubscribing. The switch to “subscribed” from “subscription pending” depends on the remote server sending you an activity acknowledging the subscription. New instances sometimes struggle initially, because the remote instance has to discover you first and I think there’s a race condition where it won’t send the activity because it doesn’t know if your instance is up yet. (There’s an instance sync job that runs periodically to ping all linked instances, and it pauses sending activity to instances that are not considered active. If your subscription is the first interaction, you’re not “active” yet as it just learned about your instance)
That’s why half decent VPN apps also add firewall rules to prevent leakage. Although nothing can beat Linux and shoving the real interface in a namespace so it’s plainly not available to anything except the VPN process.
Most VPN providers don’t use DHCP. OpenVPN emulates and hooks DHCP requests client-side to hand the OS the IP it got over the OpenVPN protocol in a more standard way (unless you use Layer 2 tunnels which VPN providers don’t because it’s useless for that use case). WireGuard doesn’t support DHCP at all and it always comes from configuration.
The attack vector here seems to be public WiFi like coffee shops, airports, hotels and whatnot. The places you kinda do want to use a VPN.
On those, if they’re not configured well such as coffee shops using consumer grade WiFi routers, an attacker on the same WiFi can respond to the DHCP request faster than the router or do an ARP spoof attack. The attacker can proxy the DHCP request to make sure you get a valid IP but add extra routes on top.
Adding routes for other thing on the network the clients can reach directly and remove some load from the router. For example, reaching another office location through a tunnel, you can add a route to 10.2.0.0/16 via 10.1.0.4 and the clients will direct the traffic directly at the appropriate gateway.
Arguably one should design the network such that this is not necessary but it’s useful.
The guy that manages Kbin has been having personal issues and stepped away from the fediverse so yeah Kbin is kind of in limbo at the moment and indeed not well moderated. There’s mods but there’s just so much they can do. The software doesn’t federate the deletions so even if they’re gone on Kbin, they remain everywhere else.
#Is it bad practice to run umount -a instead of specifying the directory to unmount? I’ve always run umount -a to unmount my drive but i notice it unmounts a lot of other things. Is this bad?
Fair enough, TIL. I’ve used mount -a a fair bit, but unmounting the world is not something that crossed my mind to even attempt. It would still unmount a good dozen ZFS datasets for me.
Self-hosted website for posting web novel/fiction
Hey hello, self-hosting noob here. I just want to know if anyone would know a good way to host my writing. Something akin to those webcomic sites, except for writing. Multiple stories with their own “sections” (?) and a chapter selection for each. Maybe a home page or profile page to just briefly detail myself or whatever, I...
Truth (lemmy.nowsci.com)
Edit...
Strong solar storm could disrupt communications and produce northern lights in US (apnews.com)
An unusually strong solar storm headed toward Earth could produce northern lights in the U.S. and potentially disrupt communications this weekend....
mymasturbators (www.mymasturbators.com)
Leten cannon king lets you experience ultra-long stroking from 0.8 inches to 4.7 inches. Enjoy the perfect depth that suits your desires, ensuring optimal satisfaction and stimulation.
This post keeps crashing my Boost (slrpnk.net)
Does this happen to anyone else? As soon as I open the post (it’s in the !selfhosted community) I briefly see the contents and then Boost crashes. So it could be a comment causing this or the post itself when fully loaded. I’m using a Pixel 6 with Android 14.
Systemd Looks to Replace sudo with run0 (news.itsfoss.com)
To please Putin, universities purge liberals and embrace patriots (www.washingtonpost.com)
Zed Decoded: Linux when? - Zed Blog (zed.dev)
Is there any permanent risk to the phone itself if you install graphene OS?
Back in 2007-ish I told my Mum all about how you could jailbreak iphones and unlock them to make the phone with other carriers. I helped alleviate any concerns by convincing her and myself that if there are any problems after the procedure, nothing physically has been changed on the phone and as long as I made a backup first, we...
Does Matrix have anything akin to 'posts' as in Lemmy and Reddit?
I haven’t really used any kind of messenger service since probably MSN Messenger and IRC back in the day so I’m a bit behind on a lot of the basics. Part of what’s quite different now than the experience then is what modern messenger protocols seem to be used for, as in they have public channels dedicated to topics that...
Federation questions on a new server (leftopia.org)
I setup a new server a couple of days ago using the Ansible playbook, and some communities are federating successfully even though they’re labeled as “subscribe pending”, and others that are not populating even though they’re labeled as “joined”. See attached image....
Novel attack against virtually all VPN apps neuters their entire purpose (arstechnica.com)
Kbin /m/fediverse is over 90% spam
Looking at the front page of this forum and many others, leads me to conclude that kbin has a ridiculous spam problem....
I can't upload photos!
I get this error message whenever I try to...
Is it bad practice to run umount -a instead of specifying the directory to unmount?
#Is it bad practice to run umount -a instead of specifying the directory to unmount? I’ve always run umount -a to unmount my drive but i notice it unmounts a lot of other things. Is this bad?