• 1 Post
  • 40 Comments
Joined 1 year ago
cake
Cake day: June 16th, 2023

help-circle

    1. Fedora has a major update every 6 months, and every version is supported for 2 releases + 1 week (= ~1 year).
      Updates have always been pretty painless for me. Most of my problems during updates have come from NVidia drivers (on a laptop), but a fix has always been available from the community.
    2. Fedora has auto-update systemd services for both DNF and RPM-OSTree (more on this later). IIRC it’s just enabling a service and maybe editing a config file, but this is easy to search for, so I won’t tell you stuff I might not remember.
    3. SELinux mostly just works, and if it doesn’t it’s probably a bug (if something is a package for Fedora, SELinux should work OOTB. Browse Fedora Magazine for the quirks you need to know how to handle.
    4. I have no experience with ARC GPUs but Fedora might have better support as it tracks the latest kernel release = latest driver (depends on what was actually the issue, of course)

    Concerning you RAID, just make sure the installer doesn’t touch it and mount it afterwards. You might have to do some kind of “restore” to give the files the needed SELinux metadata. The Discourse forum would probably be a good place to ask.

    Now, a bit about DNF vs RPM-OSTree. Fedora with DNF is the standard distro much like most other distros. Use this if the next part doesn’t sound useful to you.

    RPM-OSTree is used in a new family of distro that work a bit like git for your OS.
    Your system runs off an “atomic” image. Atomic means unsplittable in Greek. Everything you change on your system is applied to your atomic image, like a file is added or removed from a git repo.
    This is nice because upgrading to the next major version becomes a simple matter of rebasing you changes on top of the new version, and likewise, rolling back (in case of issues) becomes a single command and a reboot.

    Fedora IoT is the “Server” edition of the Atomic desktops. Fedora CoreOS is a more “immutable” approach.

    Feel free to ask more questions if something doesn’t make sense.


  • Yes it is (sadly) very different for phones.

    When an the OS for an Android phone is created, the Linux kernel is forked, and the firmware/drivers for it’s hardware components are laid on top (instead of being upstreamed to the kernel). When the manufacturer decides they no longer care about that phone, they stop updating firmware and that will no longer receive updates. You might use a rom that still updates everything else, but these critical parts won’t get updated anymore.

    The newer Pixel generations get 5-7 years of security updates (IIRC). I believe IOS devices get 5 years.

    Android and arm has (/had? I might be partly out of date) a lot of out of tree (not included in the upstream Linux kernel) code which makes booting it on Linux a shit show.
    This is also why so few devices are supported by the Linux-phone-OSs.




  • My favorite movie is probably Brazil (1985). It’s a dystopian movie, but the population is suppressed by absurd amounts a bureaucracy (also the state surveiling and killing it’s people). You need to fill out a form to fill out a form, and every screen is tiny, but magnified by a lens to be small instead.

    But what I really love about it is the the “terrorist” Archibald Tuttle (who, very much, is not the protagonist); a repair man, who risks execution by the state, zip lining around the city fixing things like the protagonist’s air condition.

    I think we should all strive to be more like Tuttle in our daily lives.



  • No problem!

    I hacked this together instead of going to sleep, so it might make your deck explode, but maybe it’s a starting point for you or someone else:

    # home-deck-mounts.mount
    #
    # Mount units must be named after the destination path, this / replaced by -, like above
    #
    # This is a template unit.
    # That's explained here: https://fedoramagazine.org/systemd-template-unit-files/
    # TL;DR: run it like this `[email protected]` if you want to mount the subdirectory "linuxisos" from SHARE_PATH
    [Unit]
    Description=NetMount %I
    After=graphical.target
    # This is commented out, because it is implicit for network mounts https://www.freedesktop.org/software/systemd/man/latest/systemd.mount.html#Default%20Dependencies
    # I keep it here as an example
    #After=network-online.target
    #Requires=network-online.target
    
    [Mount]
    # %i expands to what ever you put after the @ when starting/activating the service
    What=10.10.10.99:/mnt/user/%i
    Where=/home/deck/mounts/%i
    Type=nfs
    Options=exec
    
    [Install]
    WantedBy=default.target
    

    I couldn’t confirm if mount units are allowed to be template units, but if not, just duplicate the service for each path and replace %i.

    Say the word if you run into issues!



  • This is really cool!

    Where did you put the service file?

    I don’t mean this as critique, but as possible next project, since your solution works perfectly fine. Systemd has some cool features that could make this project have a bit fewer moving parts:

    • a .mount file could replace the mount and unmount script, and handle logging too! (I am pretty sure you would need separate files per mount, though, so “fewer moving parts” might be a bit of a lie, depending on your interpretation)
    • that “After=” setting you used, can also be used to check for network connectivity. IIRC it’s “networking.target” on Fedora, at least. You might want to double check the systemd docs if After is the right one for this, as I have a hard remembering the systemd dependency intricacies.

    That way you would end up with a .mount file per mounted directory, with logging using journald, and no external scripts.

    I really like systemd as it can be a great tool, when you start to break down the complexity of it.

    I hope you get well soon and get the best you can from this time.



  • Grounded danish plugs don’t fit Schuko sockets, but Schuko plugs fit danish sockets (but aren’t grounded).

    This leads to a staggering amount of ungrounded devices in Denmark, as most are imported and making a variant for such a tiny country isn’t profitable.

    Fun fact: the danish power plug was created by Lauritz Knudsen, a Danish company who had a monopoly. They are the reason Denmark uses this plug as the only country in the world, and Schuko only became legal to install in houses quite recently, so 99% of houses still use their standard.

    LK has since been bought out by Schneider Electric but we are still stuck with our special plug and most imported devices are still ungrounded.

    Thanks for listening to my Ted Talk.






  • Nextcloud doesn’t verify your email and has tons of other nice features as well. ProtonDrive (/ProtonMail as another user suggested) probably doesn’t or you could use your Proton address for that.

    You mention allowing weak passwords are a plus. Please use a weak password, especially without email as 2nd factor.

    Have you considered using mnemonics for your passphrase?


    Generate a number (i would use around 5) of random words (EFF has a wordlist, humans are really bad at randomness) and link them together using silly images. For example:

    • sparrow
    • window
    • automobile

    First, you link sparrow to window: imagine a sparrow trying to break through a window, not just flying into it by accident, no, this sparrow is mad and is set to destroy it.

    Second, you link window to automobile: imagine an automobile with huge windows. The car is completely normal sized except every window is at least 3 meters tall. It looks absolutely ridiculous and you feel embrassed that youvhave to drive it everywhere.


    Repeat this proces for the rest of the words. It helps remembering them if the image makes you feel something, like making you chuckle or feel angry that you have to deal with this stupid contraption (only in your mind, hopefully)

    Also, make sure each “link” is distinct. Eg. Don’t make the second link an automobile driving into a window when the sparrow does the same. It will mess up the order and make you jump around between similar mental images.


  • I only tried running rootless when i set them up several years ago and i was completely green, so it was probably me who was the problem.

    Regarding podman-compose, Fedora repos has a a package that aliases podman -> docker and the regular docker-compose package, which i used before migrating to podman+systemd. It worked flawlessly unless i did networking shenanigans because Podman and Docker differs (/differed?) in so some thing simply couldn’t be brought over.

    Edit: i found the docker-compose and Podman alias thingies in a Fedora Magazine post.

    However, unless you use docker-compose a lot for other stuff, learning to use Podmans systemd integration (also called quadlet) is very much worth it. They’re just a really powerful combo and systemd has a ton of nice features for making stuff run and keep running.