@zekjur@mas.to
@zekjur@mas.to avatar

zekjur

@zekjur@mas.to

Mensch mit starkem Datendrang • Artisanal Open Source • latenz-unverträglich • ::) • he/him

This profile is from a federated server and may be incomplete. Browse more on the original instance.

zekjur, to random
@zekjur@mas.to avatar

Wow, apparently Python virtualenvs can break when you update your system:

zsh: /home/michael/src/pretix/env/bin/pip3: bad interpreter: /home/michael/src/pretix/env/bin/python3.11: no such file or directory

The env/bin/python3.11 symlink points to /usr/bin/python3.11, which no longer exists (it’s now python3.12).

Apparently the --copies flag is available to prevent this, but not enabled by default.

zekjur, to random
@zekjur@mas.to avatar

Whenever I see people talking / writing about paperless-ngx, I feel taken aback by all the complexity.

I scan all my documents and just put them into one directory per year.

That’s it. No tags, no title, no subdirectories, nothing. Just one directory per year.

To me, the value of such a system is not in filing every item in a super-detailed way, the value is in filing every item (1/2)

scy, to random
@scy@chaos.social avatar

I'm a Star Trek fan, but voice interfaces for everything ("Computer, raise shields!") are a mistake.

Instead, can we please focus on technology like in The Expanse, where you can flick a file from your phone into the general direction of a wall-mounted screen and it will instantly be displayed there?

zekjur,
@zekjur@mas.to avatar

@Merovius @scy Apple TV is pretty close today. Sure, the flick gesture isn’t there, but I can show content of my iPhone (or Mac) on the TV in seconds.

Your point stands of course: any such feature will be heavily vendor-locked for years until (if ever) all building blocks are boring commodities.

zekjur,
@zekjur@mas.to avatar

@scy @Merovius I’m mostly extrapolating from the situation with music streaming and the lack of interop between AirPlay, Chromecast, etc.

For example, I have a bunch of Sonos Play 1 that I no longer use, but cannot re-purpose because they aren’t Bluetooth speakers, and for my use-case (speaker used by 5 different people) I really need something seamless cross-device.

zekjur,
@zekjur@mas.to avatar

@Merovius Thanks, I wasn’t really sure how to read the message. It came across as “your responses are unjustified”, so I wanted to elaborate a bit to see if that was really what @scy meant…

zekjur, to random
@zekjur@mas.to avatar

If, like me, you’ve been living under a rock regarding Passkeys, I think I finally figured out that:

  1. You can keep using hardware security keys, but you may need a newer version (my Yubikey Nano is too old) and there are model-specific limits regarding how many sites you can store.

  2. Aside from the hardware security key route, it seems like KeepassXC + browser plugin is the most flexible / secure option for folks who want full control over their password store. For iOS, there is Keepassium.

zekjur,
@zekjur@mas.to avatar

You can even put your KeepassXC database on cloud storage to get the benefits of cloud sync without the vendor lock-in.

b0rk, to random
@b0rk@jvns.ca avatar

I have a few very small ideas for usability improvements to git. Been idly thinking about whether Wizard Zines could pay a developer to investigate and see if a couple of them are feasible

in theory I could do this myself, but I have never written real C code in my life and I think I'm very unlikely to actually do it

no idea what the probability of actually doing this is (maybe low? hiring developers is expensive!) but it's something I've been thinking about

zekjur,
@zekjur@mas.to avatar

@jamestwebber @b0rk A form of crowdfunding that might work well for small tasks is putting bug bounties on the individual improvements

scy, to intel
@scy@chaos.social avatar

TIL: #Intel's graphics driver installer tries to entertain you with "did you know" facts.

zekjur,
@zekjur@mas.to avatar

@scy that fun fact was honestly the most fun part about my intel ARC experience :D

b0rk, (edited ) to random
@b0rk@jvns.ca avatar

if you have your current git branch in your shell prompt, what do you use to set it up?

so far I know about

zekjur,
@zekjur@mas.to avatar

@b0rk I display the current branch in my prompt, but for performance I only update the info whenever I switch directory (chdir) or run a git command: https://github.com/stapelberg/configfiles/blob/7e11fb4f8a73aaea7f7f674a58142c1768b24d62/zshrc#L321-L377

zekjur, to random
@zekjur@mas.to avatar

I’m looking for a device to print labels with QR codes and a little bit of text and a logo on them (say, 5x5 cm), ideally in color.

Any recommendations? Must be usable with a Linux computer.

Thanks :)

zekjur,
@zekjur@mas.to avatar

Okay, looks like the color label printer Brother VC-500W is the best option.

It’s less than 150 bucks, and https://gitlab.com/lenchan139/labelprinter-vc500w seems to implement sending JPEG files to the printer. I also found a success report from someone using Ubuntu and IPP to print with it. And, it also supports AirPrint apparently, so plenty of approaches to make it work :)

zekjur,
@zekjur@mas.to avatar

To close the loop on this: the printer indeed works fine with the https://gitlab.com/lenchan139/labelprinter-vc500w Python script — you can probably port this to any other language you want if needed.

The printer is a bit slow with about a minute per 5x5 cm label, but that’s okay for my use-case!

The labels come out in great quality, with QR codes being easily scannable even at small sizes, as well as text and images being quite sharp :)

Would recommend 👍

zekjur, to random
@zekjur@mas.to avatar

New blog post 🎉

Minimal Linux Bootloader debugging story 🐞

I maintain two builds of the Linux kernel and the update process for both of these builds is entirely automated, but recently the continuous integration testing failed to automatically merge Linux 6․7 — this article is about tracking down the root cause of that failure to an issue with the MBR bootloader!

https://michael.stapelberg.ch/posts/2024-02-11-minimal-linux-bootloader-debugging-story/

zekjur, to golang
@zekjur@mas.to avatar

Tell the Go team what’s important to you: fill in the annual Go Developer Survey

https://go.dev/blog/survey2024-h1

zekjur, to linux
@zekjur@mas.to avatar

New blog post 📢

systemd: enable indefinite service restarts

https://michael.stapelberg.ch/posts/2024-01-17-systemd-indefinite-service-restarts/

zekjur, to random
@zekjur@mas.to avatar

Interesting: The Glove80 is a new ergonomic keyboard, similar to the Kinesis Advantage:

https://www.moergo.com/

Has any of my followers had a chance to try one yet?

zekjur, to golang
@zekjur@mas.to avatar

Has anyone successfully used seccomp for Go servers? Specifically, I’m curious how you manage the list of allowed/denied system calls, as it might change between Go versions?

https://github.com/seccomp/libseccomp-golang/issues/31 acknowledges this problem but doesn’t have a solution.

zekjur,
@zekjur@mas.to avatar

Thanks everyone for the tips!

Answering my own question: https://pkg.go.dev/github.com/elastic/go-seccomp-bpf is a seccomp package written natively in Go (without a cgo dependency). Installing a seccomp filter with this package is only a few lines: https://pastebin.com/FXbqn9db

Using strace -c (on your integration test, for example) is a pretty good start for the system call allowlist.

CGO_ENABLED=0 helps reduce the number of syscalls as libc is then out of the picture.

zekjur,
@zekjur@mas.to avatar

Thinking about this some more, Go‘s memory safety makes it rather unlikely to run into issues preventable by seccomp. Or am I missing something? Does anyone have examples of Go code (without cgo, but with unsafe) that can be/was exploited resulting in remote code execution?

zekjur, to golang
@zekjur@mas.to avatar

It’s so pleasantly simple to try out Go 1.22 features in a specific project (provided you’re on Go 1.21 already). Just change the go.mod file to contain:

toolchain go1.22rc1

go 1.22

(The toolchain directive won’t be necessary once Go 1.22 is released.)

Learn more about the Go command’s toolchain management: https://go.dev/doc/toolchain

PS: The feature I wanted to try out is https://antonz.org/go-1-22/#enhanced-routing-patterns, and it works beautifully 👌

scy, to ArtificialIntelligence
@scy@chaos.social avatar

I'm looking for a or something.

I have a process that generates a JSON document (> 1 MB, < 1 GB) once per week. These documents will be pretty similar. Some data will be modified, some will be added.

I'd like to keep all of these documents, in a compressed way, benefiting from the similarities between them, as if I'd compressed a concatenation of all of them, but without having to recompress everything each week.

Ideas? If possible, only using 's standard lib.

zekjur,
@zekjur@mas.to avatar

@scy sounds like you need an algorithm with a custom dictionary?

zekjur, to golang
@zekjur@mas.to avatar

Just had a chance to try out a debugging technique I wanted to try for quite a while: coverage diff.

When you can manually reproduce a bug and want to quickly figure out which code is responsible for the different behavior (compared to regular usage of the program), you can use Go’s coverage instrumentation to display the lines of code only executed by that reproduction run: https://pastebin.com/Hq5emthj

Give it a try sometime? :)

zekjur, to golang
@zekjur@mas.to avatar

Fourteen Years of Go

https://go.dev/blog/14years

zekjur, (edited ) to golang
@zekjur@mas.to avatar

For some reason, Fedora disables the Go module proxy by default in its Go package: https://src.fedoraproject.org/rpms/golang/blob/f39/f/0001-Modify-go.env.patch

This makes module fetching unnecessarily slow, in particular when large repositories are involved, which need to be cloned via git when using GOPROXY=direct :-/

To fix:

go env -w GOPROXY=https://proxy.golang.org,direct
go env -w GOSUMDB=sum.golang.org

zekjur,
@zekjur@mas.to avatar

@filippo @alexsaezm @dr2chase Thanks for pointing that out, I updated my post to include the GOSUMDB fix.

Yeah, my suggestion would be to just remove this patch so that the default proxy and sumdb are used until you have a server that you prefer.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • InstantRegret
  • mdbf
  • ngwrru68w68
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • cubers
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • JUstTest
  • GTA5RPClips
  • ethstaker
  • modclub
  • cisconetworking
  • tester
  • osvaldo12
  • tacticalgear
  • everett
  • Leos
  • provamag3
  • normalnudes
  • anitta
  • lostlight
  • All magazines
    •