Language:

en_US

switch to room list switch to menu My folders
Go to page: First ... 89 90 91 92 [93] 94 95 96 97 ... Last
[#] Sun Mar 17 2024 21:44:45 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

That was the feeling i was getting too.  A shame too. 



[#] Sun Mar 17 2024 22:53:37 UTC from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

Sun Mar 10 2024 05:19:19 PM EDT from zelgomer
What you guys described, how do namespaces make any of that easier to implement than chroot?

"Easier" is actually the answer.  Yes, you can do the same thing with chroot + network namespace + cgroups + whatever, and then manually set up the OS image and hook things together etc.

LXC sets it all up for you, including the OS install, with one command.  If you want to do it the hard way, no one is stopping you.

Let me give you an example.  Over in the Citadel Support room someone is saying that an install fails on a particular Linux distribution on an ARM board.  I don't have that one.  But I can spin up an LXC of that distribution on my NanoPi and run the exact test, replicate the results, write a fix or a workaround, and blow it away.  Just like a virtual machine but in a fraction of the time.  If I tried that with chroot I almost certainly would not replicate the correct environment.



[#] Sun Mar 17 2024 22:55:10 UTC from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

 

Sat Mar 16 2024 02:20:08 PM EDT from Nurb432

so, is minix development dead at this point?

I will take it one step further: is Andy Tannenbaum dead at this point or is he still kicking around telling us that microkernels are the only way to go?

He wanted Minix to be a teaching platform rather than a "real" OS.  He got his wish.  And he discovered that no one wanted a teaching platform OS any more than they wanted to write real software in LOGO.



[#] Sun Mar 17 2024 23:00:42 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

Yes hes still around. Not sure if he is doing anything tho. Would be in his 80s. 

And it should not surprise you i support micro kernel concepts. 

Sun Mar 17 2024 18:55:10 EDT from IGnatius T Foobar

 

Sat Mar 16 2024 02:20:08 PM EDT from Nurb432

so, is minix development dead at this point?

I will take it one step further: is Andy Tannenbaum dead at this point or is he still kicking around telling us that microkernels are the only way to go?

He wanted Minix to be a teaching platform rather than a "real" OS.  He got his wish.  And he discovered that no one wanted a teaching platform OS any more than they wanted to write real software in LOGO.



 



[#] Mon Apr 01 2024 15:59:06 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

ouch, that xz issue even snuck into NetBSD pkgsrc   -> https://mail-index.netbsd.org/netbsd-announce/2024/03/30/msg000368.html

 

~~~~~~~~~~~~~~~~~~~~~

"Recently, a backdoor was discovered in the xz compression library.

xz/liblzma are included as a part of NetBSD and used by the project

for distribution of new releases and packages.

 

The version of xz shipped in all stable (and unstable) versions of

NetBSD predates any code changes by the author of the backdoor.

NetBSD is therefore safe and unaffected by the recent discoveries.

 

It is believed that the attack only targets Linux/glibc, but checking

this allowed us to rule out any other attempts at compromising the

library by the author.

 

The version of xz shipped in pkgsrc, however, is affected. Using

xz from pkgsrc is a non-default setting on NetBSD, and requires

explicit opt-in. Most users of NetBSD will not install xz from

pkgsrc because the version from the base system is preferred.

However, users of pkgsrc on other platforms will need to take

precautions.

 

Regardless of NetBSD being affected or not, the discovery of the

backdoor is a wake-up call and further discussion will be happening

internally over how to proceed.



[#] Tue Apr 02 2024 01:35:30 UTC from zelgomer

[Reply] [ReplyQuoted] [Headers] [Print]

While everything committed by that author is now suspect, the backdoor that's known specifically targets sshd as patched by Debian and RHEL to link with libsystemd (which is the circuitous way that liblzma winds up in sshd's program space). So, at least as far as is known for sure right now, simply having an xz with the change alone is beneign on non-systemd systems or unpatched sshds.

Have I mentioned lately that systemd sucks?

[#] Tue Apr 02 2024 11:08:24 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

its a backdoor/virus all by itsself.

Mon Apr 01 2024 21:35:30 EDT from zelgomer

Have I mentioned lately that systemd sucks?

 



[#] Sat Apr 20 2024 15:49:02 UTC from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

Some people are using the xz backdoor as an argument that the entire open source model is flawed. As if their favorite software doesn't have deliberate backdoors in the shipped version.

[#] Sat Apr 20 2024 15:56:35 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

Last time something like this happened, people were calling for government involvement/regulation.. 

Sat Apr 20 2024 11:49:02 EDT from IGnatius T Foobar
Some people are using the xz backdoor as an argument that the entire open source model is flawed. As if their favorite software doesn't have deliberate backdoors in the shipped version.

 



[#] Sun Apr 28 2024 23:09:39 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

New 9Front release out this evening.



[#] Mon Apr 29 2024 14:03:16 UTC from fandarel

[Reply] [ReplyQuoted] [Headers] [Print]

New 9Front release out this evening.

Literally an hour after I got the previous release to boot and run on a vultr instance.
Oh well, it was a nice way to burn a little vultr credit, I didn't plan to leave it running there anyway.

[#] Mon Apr 29 2024 14:32:18 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

it will run under QEMU, and they distribute a pre-built image.. At least the x86 version, i have heard of people struggling with running an ARM version that way.  I have done it myself under KVM on PVE too, using the regular ISO.

 

( A long way to say, you could run it at home.. )



[#] Mon Apr 29 2024 15:53:14 UTC from fandarel

[Reply] [ReplyQuoted] [Headers] [Print]

( A long way to say, you could run it at home.. )

That was my long term plan. Basically a smaller scale version of what Ig is planning.

[#] Mon Apr 29 2024 16:28:21 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

I have not tried it one of those cheap-o lenovo Mp3p's i was buying like water last year, I bet it would work.  Cheap, small, real hardware and pretty solid. Doubt the wifi would work tho, and you cant easily swap them with another card  or they are liable to refuse to post, and just scream at you ( learned that the hard way )..  If i get a chance this weekend i might try, just to see.

Unrelated, now that im not using them in my farm, they need to go away. too bad i upped their CPU beyond what most people would want.  So not 'dirt cheap' now.  But still not expensive i guess.  Been debating ebaying them away, which is how i got them in the first place..   and my NVIDIA jetson crap too.  also collecting dust.   



[#] Mon Apr 29 2024 17:13:56 UTC from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

That was my long term plan. Basically a smaller scale version of what

Ig is planning.

IG changed his plans. :)

I ended up building an adorable little 12VDC-powered MiniITX with enough guts to provision the whole minihomelabdatacenter on one box. You can follow my nonadventures in the Hardware room in the unlikely event you find *that* interesting.

[#] Wed May 01 2024 02:07:33 UTC from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]


And here's one to tickle those with Poettering Derangement Syndrome:

[ https://outpost.fosspost.org/d/19-systemd-wants-to-expand-to-include-a-sudo-replacement ]

I'm not so sure it's possible to completely replace sudo. Maybe just another tool that does some of the same things. Supposedly `run0` is different from `sudo` in that it starts a new session and pty's it back to the controlling terminal, inheriting none of the parent environment. To me, that sounds a lot like `ssh root@localhost` or even just using `su` rather than `sudo`.

But it does turn the terminal background red to remind you that you are running with escalated privileges, so there's that.

[#] Wed May 01 2024 11:09:47 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

That is what has been said many a time. "cant" then while people are not fighting it, it does.

And at this point, screw it, if him and his crew take over completely and ruin things, ill either go back to BSD, or just shut it all off and walk away ( liable to do that anyway . sick of the industry ).  As long as i can listen to my music and watch my cat video files and DVDs ( can always use dedicated hardware ) then i'm fine. 

 

Tue Apr 30 2024 22:07:33 EDT from IGnatius T Foobar

I'm not so sure it's possible to completely replace sudo. 

 



[#] Wed May 01 2024 18:16:00 UTC from fandarel

[Reply] [ReplyQuoted] [Headers] [Print]

But it does turn the terminal background red to remind you that you
are running with escalated privileges, so there's that.

That actually is a darn good idea. The rest of the proposed functionality is kind of a yawner, but I'll give it a try once it's available. I've never been all that impressed with how sudo works, and generally don't bother with it on Debian. With the predictable side effect of occasionally doing things as root that were a Really Bad Idea to do as root. The red background would presumably eliminate that oops-avenue.

[#] Thu May 02 2024 14:24:06 UTC from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

The funny thing is, at the very same time Linux is getting run0, which is basically the equivalent of Windows "run as administrator..." ... Windows is getting sudo.

[#] Thu May 02 2024 18:29:07 UTC from darknetuser

[Reply] [ReplyQuoted] [Headers] [Print]

Screw it, we OpenBSDers will use doas instead.

I am not a fan of privilege raise methods, to be honest. At least as far as the backstage is concerned, the opposite method is safer and more ellegant. Start with all the privilege you need and then drop it as soon as you don't need it.

Go to page: First ... 89 90 91 92 [93] 94 95 96 97 ... Last