gyptazy.ch is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.
This server runs the snac software and there is no automatic sign-up process.
Matrix certrainly has its rough edges, but I find it awesome that pretty much every major Linux community now has their dedicated space. All federated, of course.
#Matrix #Element #ElementWeb #Linux #ArchLinux #KDE #Plasma #GNOME #Debian #openSUSE #Fedora #LinuxMint #XApp #postmarketOS
@alephoto85 @blu Muc vivissima! A parte che è di super aiuto per chi come me ha bisogno anche solo di sistemare la cam su #Debian (grazie ancora @alephoto85) è splendido il fatto che sia su #XMPP. Il protocollo è vivissimo!!
You can find more talks here: https://cdn.gyptazy.ch/tech-talks/
#secinfo #security #secops #securitypatchmanagement #patchmanagement #debian #proxmox #freebsd #bsd #rockylinux
@xtaran @nik @mirabilos
On my #Debian stable (with backports and testing and unstable and experimental mix-ins 🙂) both works:
press compose - release compose - " - a ⇒ ä
press compose - " - release compose - a ⇒ ä
My compose key is labelled "CapsLk" btw.
Anyone has an idea why for a few weeks, the #ComposeKey under #X11 on #Debian Unstable (set via "setxkbmap -option compose:menu -option compose:rwin -option compose:rctrl -option compose:ralt") suddenly only works if I release it before pressing the first key of the wanted key combo?
If you see e.g. a "a instead of an ä from me, it's because I was used to already press " before I released the Compose Key. Very annoying and happens far too often. 🤬
https://www.bandshed.net/avlinux/
🦬🐧AV Linux MX Edition 🌇
Now with the Enlightenment Desktop Environment!
I've probably heard about this but, never looked into it. I think I should soon. It's based on MX #Linux which, in turn, is based on #Debian GNU+Linux. lol.
It's tailored towards #audioproduction and content creation in general.
Others of note are #UbuntuStudio and #FedoraJam
If you're serious about your work, then you've got to be using one of these! 😜
Throw it on a USB & reboot to test run it.
09:36:08 up 1889 days, 22:10, 2 users, load average: 3,65, 3,40, 3,23
Goodbye. You've been a good server, but it's time to go 😄
Agh. My game room PC (running #Debian Bookworm) has spontaneously decided it no longer supports HSP/HFP mode for my #Bluetooth headset; it now only offers A2DP mode. Oddly enough, it still works fine on my laptop with the same #Linux kernel and #PipeWire versions. I would try copying the config, but there doesn't seem to *be* any config to copy.
Search only turns up months-old pages that simply say "install PipeWire; it will fix everything."
Anyone have any advice?
@unixviking #Debian 12 #Xfce here and really enjoying using it
One day I'll figure out why the volume on #Debian stable with Gnome resets to 40% on every logout. Maybe right after I figure out why no one else is reporting this problem. But I think today is not that day.
Finally, I found some other people with the same problem, by directly searching the #Debian forum. (Regular search engines just are too terrible to find it these days.)
The answer seems to be: If you remove your user from the `audio` group, the volume will stop resetting to 40% on every logout.
Debian adds the user created during the installation to very many groups. Some people seem to think that's bad practice.
Made a decision.
For the longest time I've always had too many distros that I tried to run and support.
I need to fokus on something in the end... and not drift around all the time.
So, #Debian it is - only
I use #Debian all day / every day.
It does not make sense for me to run any other distro.
On the #BSD side I will focus on #FreeBSD - that's it.
The many distros / derivatives have learned me a lot over the years... and I'm very thankful for that. But, less is more.
For anyone new to #Debian the guide linked below is quite nice - Some good advice in there (If one starts out with #Debian) 😉
#Debian magic
https://forums.debian.net/viewtopic.php?t=155919&sid=4763cb027ce3c03135089012e651cd09
@PurpleJillybeans I switched to #FreeBSD because I got the base system stability of #Debian while still having access to all the latest packages as if I were running #ArchLinux. It's a sweet spot for me.
Daily driver is now a #OptiPlex 7060 Micro. 😉
In the end all I need is #Firefox and a good editor like #Vim - and of course my trusty #Debian
This system has also a NVMe inside which can be used for another OS of choice.. more on that later 😎
If I want to do some gaming I can fire up the #Ryzen system - but that is quite rare already.
So, saving energy and getting work done is a good deal 🙂
Specs:
i7-8700 (12)
32GB RAM
2TB SSD / 256GB NVMe
Congratulations to Andreas Tille our newly elected Debian Project Leader. #debian https://micronews.debian.org/2024/1713587115.html?utm_source=dlvr.it&utm_medium=mastodon #debian
MiniDebConf in Berlin is coming up in four weeks! Registering now will guarantee that you'll get a t-shirt. We are still looking for presentations, as well as sponsors for the event. More information at https://berlin2024.mini.debconf.org/ https://micronews.debian.org/2024/1713463534.html?utm_source=dlvr.it&utm_medium=mastodon #debian
In case anyone else ever has some fun with #docker and #libvirt / #kvm on #Linux
By default the FORWARD table drops all packages...
To get vm's back on the net simply leverage #iptables to make the packets flow again:
$ sudo iptables -A FORWARD -i br0 -o br0 -j ACCEPT
You can install iptables-persistent to save the current ruleset so it is applied every time you restart the system. 😉
Did that on my #Debian workstation... I always fall for it. 😂
🫠 iXsystems: No one is being 'marooned' by Debian focus | Chris Mellor
「 BSD aficionados don’t like this change. Moore said: “Talk is cheap and complaints are free. You know, everyone loves to complain about it. But … if people wanted to push FreeBSD forward for the last 15 years, they would have.” 」
https://blocksandfiles.com/2024/04/08/ixsystems-no-one-is-getting-marooned/
So... I didn't get to the root on ZFS boot disk mirroring I sat down to implement, but the refactoring was needed to do it.
There's a LOT going on here but in short it's one-stop shopping for splatting #OccamBSD VM images, stock #FreeBSD images, #OmniOS, and #Debian images to disk or physical devices in an effort to never see an "installer" again in my life. And it's achieving that goal!
I may pull in the Windows support which is not the same thing, but gives the same result.
Feel free to bellyache that it's back to approaching 1000 lines of KSH, but no, I don't see how Go|Rust|Zig|Erlang|Lua would help with something that is 98% shell commands.
The xz backdoor storm isn't over yet and the next storm seems coming up: #LocalPrivilegeEscalation in the #Linux #kernel 5.15 to 6.5 (at least): https://github.com/YuriiCrimson/ExploitGSM
Affects at least #Debian 12 Stable and #Ubuntu 22.04 LTS (including HWE kernels).
(Via https://twitter.com/matteyeux/status/1777974230325354579 and https://www.reddit.com/r/linux/comments/1c0i7tx/someone_found_a_kernel_0day/)
I gave imagine.sh a long-overdue refactoring.
https://github.com/michaeldexter/occambsd/blob/main/imagine.sh
zpool rename upon import is supported, along with #Debian and #OmniOS image retrieval and expansion.
It still supports #FreeBSD, despite the headlines.
#TrueNAS Core Team explains why they moved to #Debian (and away from #FreeBSD).
iXsystems: No one is being 'marooned' by Debian focus – Blocks and Files https://blocksandfiles.com/2024/04/08/ixsystems-no-one-is-getting-marooned/
#SecurityPatchManagement tools like #QualvoSec may help integrating automated security patches.
#infosec #linux #BSD #Debian #RockyLinux #CentOS #RedHat #FreeBSD #patchManagement #SecurityPatching #Patching
Yay, #Debian reduces #OpenSSH dependencies (in Debian Unstable for now) and removes #libsystemd dependency.
openssh (1:9.7p1-4) unstable; urgency=medium
* Rework systemd readiness notification and socket activation patches to not link against libsystemd (the former via an upstream patch).
* […]
Thanks @cjwatson!
(via https://tracker.debian.org/news/1516548/accepted-openssh-197p1-4-source-into-unstable/)
#xz #xzbackdoor #xzorcist #JiaT75 #systemd #AttackSurfaceReduction
The same thing is happening again with this new server install; I can't access it or its Docker containers through my VPN.
I'm at a loss with this. From home, everything is available and responding pings. When I VPN (I've texted from multiple locations away from home), that server will not respond to SSH, ping, nothing. All the other devices show up with no issue (see picture).
I've attempted this with Teleport and Wireguard...but I don't think they're the culprits since the other servers are available through both. Is there some network weirdness that happens on Debian installs with upgrades or such that I need to correct? I've tried with and without UFW enabled, and I've also tried changing it's IP (102-105). It still doesn't connect.
Any suggestions would be greatly appreciated. I'm at a loss, and the Internet isn't turning up anything for this particular problem. I have a Unifi UDM for my router.
(More info in pics ALT text.)
Although no #Debian stable versions are known to be affected by CVE-2024-3094 the next point release for 12.6 has been postponed while we investigate the effects of this CVE on the Archive.
https://lists.debian.org/debian-security-announce/2024/msg00057.html
xz vulnerability discovered by an SE doing routine benchmarking on #debian unstable. Benchmark-ers and fuzz-ers are heros.
... Freund said he discovered the backdoor by chance while benchmarking a Linux-based Debian installation. During the tests, he realized that XZ Utils was triggering high CPU consumption with SSH processes...
When building a #linux kernel on #Debian one can simply use:
$ make -j NR_PROC bindeb-pkg
The "bindeb-pkg" make option (Or rather make target) takes care of making a .deb package 😎
Futher reading:
https://wiki.debian.org/BuildADebianKernelPackage
Since everyone and there grandma is changing their setup today - for whatever reason.
From now on my #homelab will run on nuclear energy. Getting the material was easy, given ebay exists.
Given the situation the controlling systems run #Debian #Sid - after all, we are on the bleeding edge here.
Good thing the goverment gave me a permit on running a home reactor.
Next on the agenda:
Doing a video about building a nuclear reactor in your home.
Btw: The alien space ship I got used on ebay is also running well.
PS: I'm serious.
As much as I want to fully go with my laptop as a desktop, I find things that simply are not working right... especially the usage of more than one vm - let alone a full windows vm (For dev stuff and scripting).
At this point I'll just suck it up and use my Ryzen system.
Sometimes the path of least resistance is to simply use what works for all edge cases - even though the power usage is higher.
Currently dual booting #Windows and #Debian - each system serves it's purpose.
Just a small rant
And if you are curious about the #xz #compromise, a little update on the #Debian site:
As already written, the archive processing is currently off (nothing new coming to testing/unstable/experimental, no mirror updates pushed out).
Automated build daemons for the affected architectures have been stopped, and only two of them regenerated with a clean #stable environment. They are building for the security archive only, nothing else, right now. That part is safe.
Members of the Release, FTP, Security, Build-Daemon and Sysadmin team are discussing what the next steps are. There are multiple different ways that can be taken, with different drawbacks and amounts of work involved.
Also, it is not yet fully known what the malicious code all could do, so there might be much more that needs to be done later - or not. Unknown as of now, needs the analysis of it to finish, which is not easy nor fast.
Meanwhile, #Debian is considering rolling #xz back not only to the point before the backdoor was added, but to where the person who _wrote_ the backdoor hadn't contributed any code to xz yet.
Which means considering creating patches to fix ABI breakage such a rollback would cause.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024
For all the trash talk Debian gets for being "pedantic" and slow to change: They put in the _work_ to do things _right_. I respect that.
via https://hachyderm.io/@joeyh/112181512951127467
(Edit: English is hard.)
Okay, you know what?
New goal.
I want to become a #Debian maintainer, taking care of some of the abandoned packages.
Not right now (I've got other things to take care of first), but I'll try working towards that goal in the coming months.
Because Debian is the basis of so much, yet ridiculously understaffed.
#debian in a self checkout at a local supermarket
@solene
#Slackware... Still running it and loving it.
Don't get me started on #Debian - massive love for it.
#BSD ...enough said. Sane and stable systems.
Uh. Switched to a new laptop (yay), #debian #bookworm. Tried switching to #kde #wayland while doing the work already.
For some reason, most hotkeys stop working there. Namely, those for #kwin scripts I installed, and most importantly, FlexGrid. Plain simple selection of the X11 session instead of Wayland at login time makes it all work again, so it is something in the wayland session.
Fun thing: They are all nicely definable in the control center. So that one can see the keys.
But then, nothing happens on keypress. (Not even after logout/login cycle).
Is not only FlexGrid, also happens with Mudeer.
So, sure - let's go! You'll find it here (currently uploading):
https://app.vagrantup.com/gyptazy/boxes/casaos0.4.7-debian12-arm64
- #Debian 12 #AnsibleSemaphore
- #FreeBSD 14 #snac (#ActivityPub / #Fediverse)
- #Debian 12 #Nextcloud 28 (#nginx / #mysql)
What do you want next?
#AppleSilicon #virtualization #aarch64
https://gyptazy.ch/blog/collection-of-vagrant-boxes-images-for-apple-silicon-based-on-arm64/
- #Debian 12 #AnsibleSemaphore
- #FreeBSD 14 #snac (#ActivityPub / #Fediverse)
- #Debian 12 #Nextcloud 28 (#nginx / #mysql)
What do you want next?
#AppleSilicon #virtualization #aarch64
https://gyptazy.ch/blog/collection-of-vagrant-boxes-images-for-apple-silicon-based-on-arm64/
Not having added anything to #dos2ansi for a while now, I'd say v2.0 is the "final" version for now. I initially wanted that for v1.0, and it's amazing how many weird files, edge cases, and also ideas for improvements you can discover for something that "simple" 🙈
I have ideas for future development, like provide the core functionalities as a shared library, like add some config file for dos2ansi itself as well (instead of just for #showansi), maybe even more ... but all of that can wait, it's IMHO "complete" as it is.
A #Debian package is attached to the release on github, and a #FreeBSD port is added ... anyone wants to help make it available in more repositories? 😎 Would be most helpful if the fonts it uses by default are packaged as well and can be set as dependencies ...
https://repology.org/project/dos2ansi/versions
Noice, back to cinnamon for now here
https://forums.debian.net/viewtopic.php?t=158633
#linux #debian #sid
I'm a little torn with my daily driver setup currently.
So far, I use a Ryzen system for my daily tasks.
Or better: Call it endless procrastination about what to drive on the desktop.... mentally stuck right now.
I do not need much. Web surfing, programming, reading and some retro games.
Contemplating if switchung over to my laptop full time.
Yes, the Ryzen can game modern games... but I kinda lost interest in that.
How would you guys decide?
#QualvoSec's upcoming features:
- whitelist (packages to update only)
- blacklist (package to refuse from being upgraded)
- API (list of installed packages & versions on nodes)
- Multiple patch windows
- Grouping
- First iteration of (the still very limited) admin tool
#patchmanagement #security #infosec #debian #freebsd #rockylinux #redhat #ubuntu #BSD #securitypatchmanagement #Fedora
#QualvoSec's upcoming features:
- whitelist (packages to update only)
- blacklist (package to refuse from being upgraded)
- API (list of installed packages & versions on nodes)
- Multiple patch windows
- Grouping
- First iteration of (the still very limited) admin tool
#patchmanagement #security #infosec #debian #freebsd #rockylinux #redhat #ubuntu #BSD #securitypatchmanagement #Fedora
DebConf25 to be held in Brest, France. Hope to see you all there for the most amazing wine and CHEESE party ever!!! Some Debian Development may also occur at said event. :) https://lists.debian.org/debconf-announce/2024/03/msg00000.html #debian #debconf24 #debconf25 #debianfrance #debiankorea
Unlike bloated solutions like #Spacewalk or #Landscape, this framework of QualvoSec is characterized by its minimalistic design, ensuring simplicity and ease of use. It operates entirely in Python, utilizing only a handful of imports to streamline the user experience.
https://gyptazy.ch/blog/qualvosec-a-minimalistic-security-patch-management-tools-for-linux-and-bsd/
#dos2ansi v1.8 released!
https://github.com/Zirias/dos2ansi/releases/tag/v1.8
There's some major rework inside adding support for seekable streams, which was necessary to implement the logic detecting #SAUCE even when the preceding DOS EOF character is missing.
Quite some improvements to the #showansi script as well, now comes with "fontsets" (explained in the comments in these and the config file) 😎
Plus added a manpage. Wanted a single source of truth (shared with the help output) and didn't find a good tool for that, so I quickly came up with my own:
https://github.com/Zirias/mkclidoc
It's bundled with dos2ansi now. Can produce man in both classic troff and BSD mandoc. The default choice is based on `uname` for now, tested on #FreeBSD and #Debian.
#opensource #conferences #socializing #freebsd #debian #100DaysOfCode
OpenMediaVault 7.0 Released For Debian 12 Powered NAS Platform
This should help all the people that are running on #RV64 hardware (like the #VisionFive2, #MilkV, #LicheePi4A, ...) and also want to run #snac2 as a #ActivityPub instance in the #Fediverse like me.
You can grab it here: https://cdn.gyptazy.ch/files/riscv64/ubuntu/snac/snac_2.49_dev_ubuntu_23.10_riscv64_linux.tgz
The 64-bit time_t transition is now in progress in unstable, preparing Debian to deal with the "Year 2038 Problem". https://lists.debian.org/debian-devel-announce/2024/02/msg00005.html #debian
Marginally better performance on #postgresql database writes with stock #Debian 12 on the RPI4b. Order of magnitude better performance on reads with #FreeBSD 14 . That Cortex A-72 CPU is dwarfed by a budget Intel i7 with a dedicated SSD. Still, evidence that stock FreeBSD 14 >= the latest Raspberry PI OS for complex workloads (like database operations). IMO, native #ZFS is really the killer DB feature on BSD.
[1] https://openbenchmarking.org/result/2402261-NE-2402250NE91
@herrbischoff @kzimmermann @l13u7anant @tripplehelix
Meanwhile:
* Added a #Debian (amd64) package to #dos2ansi v1.6 release (on Github)
* Updated the #FreeBSD port here: https://people.freebsd.org/~zirias/patches/0001-converters-dos2ansi-Add-new-port.patch
* There's of course still the #Windows binary attached to the release
Might push the FreeBSD port to official ports later ....
Screenshot: Random #showansi rendering ... 🙈
#Debian selected to participate in #Google Summer of Code 2024. Exciting list of projects at https://wiki.debian.org/SummerOfCode2024/Projects#Approved_Projects
#Debian Edu is nearing completion for release, at 52% completion the documentation still needs translation updates for most languages.
Can you help and contribute for your language?
https://hosted.weblate.org/projects/debian-edu-documentation/