There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

biribiri11

@[email protected]

This profile is from a federated server and may be incomplete. Browse more on the original instance.

biribiri11 ,

As said previously, Borg is a full dedplicating incremental archiver complete with compression. You can use relative paths temporarily to build up your backups and a full backup history, then use something like pika to browse the archives to ensure a complete history.

biribiri11 , (edited )

Tbf you did start your post with

I’m in the process of starting a proper backup

So you’re going to end up with at least a few people talking about how to onboard your existing backups into a proper backup solution (like borg). Your bullet points can certainly probably be organized into a shell script with sync, but why? A proper backup solution with a full backup history is going to be way more useful than dumping all your files into a directory and renaming in case something clobbers. I don’t see the point in doing anything other than tarring your old backups and using borg import-tar (docs). It feels like you’re trying to go from one half-baked, odd backup solution to another, instead of just going with a full, complete solution.

biribiri11 , (edited )

I think it’d also be good to document:

Alpine and NixOS: both 6 months

Minor releases of RHEL: 6 months

Non LTS Ubuntu: 6 months

The question also brings up Fedora rawhide. Fedora rawhide never has releases, though its version is always the current latest branched release (not necessarily stable/beta/alpha) + 1.

Since the pace of development was also brought up:

Fedora Rawhide and ELN (same package set) -> Fedora Stable after ~2-3 months of being “stabilized” (this stabilization period has periodic “freezes” which is why bad versions of XZ never made it into Fedora 40’s beta)

Fedora Rawhide and ELN (same package set) -> CentOS Stream (currently unclear how long it takes to go from branched to full release, though it was branched months ago from ELN) -> RHEL every 6 months

AlmaLinux releases are tagged from CentOS stream every 6 months, and patched with security updates. When a new version releases, the current minor release is immediately EOL’d, unlike RHEL. Rocky is the same. Both have extra support services from third parties. RHEL offers EUS releases for every other minor release (as of RHEL 9).

It’s a common misconception that Fedora stable releases become CentOS Stream releases. This pattern was true pre-CentOS stream, but now, for the most part, CentOS Stream and Fedora stable might share a few patches at most, but their development timelines are different. They branch directly off the rolling Fedora Rawhide/ELN trunk.

Debian unstable -> Debian testing (auto-promoted after 2 weeks iirc) -> Ubuntu stable or Debian stable

biribiri11 , (edited )

To everyone saying you can’t mirror a flatpak repo… you’re absolutely right. There should be a far easier way to set up your own mirror without needing to build everything from scratch. That being said, if you wanted to try to make your own repo with every one of flathub’s apps, here you go:

github.com/flathub

docs.flatpak.org/en/…/hosting-a-repository.html

Edit: Some did get a flathub mirror working. The issue is that a. Fastly works good enough and b. There is no concept of “packages” on the server side. It’s just one big addressed content store because of ostree, and syncing is apparently difficult? Idk, not being able to sync the state of content is like the entire point of ostree…

github.com/flathub/flathub/issues/813

biribiri11 ,

It’s not about funding. Many prefer mirrors because the main instance isn’t globally available (the GitHub issue I linked, for example, is all about people trying and failing to access flathub in China) or because they can’t for compliance reasons (many businesses already mirror stuff like epel, too, which is what throws off Rocky’s stat counters). Neither of those issues can be assessed by throwing more money at a CDN.

biribiri11 ,

I’m not sure if anyone said it was the fault of flathub. My point is that, regardless of fault, accessibility to the main instance is an issue for several reasons, and a good way to solve it is to build a system for mirrors.

biribiri11 ,

There are existing mirrors for Fedora and Ubuntu packages in China, which are used because mirrors in other countries are often blocked. I’m sure there are no legality issues—the issue in the case of flatpak and china in particular is that China blocks Fastly because Fastly does not host any POPs in China. This is why Cloudflare, for example, has their own network in China that international users can pay to use. There’s no legal issues here, just logistical. Besides, as previously shown, people do (with great difficulty) managed to bring up their own flatpak mirror without any consequences for a few years now.

Besides, there shouldn’t be legality issues for businesses wanting to host their own mirrors for compliance issues.

biribiri11 ,

Am I wrong in assuming that both OS’s should be sharing the EFI and /boot partitions?

Shared ESP is fine as long as you don’t run out of space. Nothing in /boot should conflict but that’s not guaranteed, although having 2 potential boot partitions means having 2 potential grub configs. I’d make sda3 a ~2GB ext4 boot partition just for Fedora (mounted at /boot), and an sda5 with btrfs with a home subvolume mounted at /home, and a root subvolume mounted at /, then mount sda1 at /boot/efi (this is the default layout iirc, albeit with different partitions, ofc). This might be easier to do in the advanced blivet gui.

And yes, Linux’s boot process is a convoluted, fragile mess and there are currently multiple ongoing discussions on how to improve it.

biribiri11 , (edited )

So you want to build something like apko (alpine packages/repos, used in chainguard’s images) or rules_oci (used in google’s Debian-based distroless images) but for portage?

I think it’d be cool. Just keep in mind:

  1. Container scanning tools (like trivy), afaik, tend to look for a package db. Going distroless breaks them. I believe this is why chainguard generates a SBOM (software bill of materials).
  2. Container images are already de-duplicated, and often, the gains in pull times aren’t worth the additional debugging effort (for example, you won’t be able to have dig/curl installed without rebuilding and deploying the whole image, or even a bash prompt in most cases). They’re even more not worth it because lazily pulling OCI images is now a thing, though it’s in its infancy. See: eStargz and I believe dragonfly which uses nydus. More generally though, zstd:chunked will probably eventually become mainstream and default, which will all but eliminate the need for “minimal” starting images.
  3. If you wanted to go really small, there’s stuff like slim which makes tailor made images.
  4. Gentoo, afaik, doesn’t really do LTS releases, making it undesirable for server use, which is the main place containers are.
  5. Distroless containers don’t share common base images because they are normally scratch-built. This breaks image deduplication, leading to increased disk usage instead of decreased disk usage, and why I personally swapped off chainguard’s images.
biribiri11 ,

I hope this makes the US revisit the concept of building something like the SSC. Competition in science is awesome.

biribiri11 , (edited )

I sometimes hear that it is a different story on servers.

Wonder what their usages are, especially in a container-focused world, where most containers simply don’t have an init, and the base system just needs, at most, to have a container runtime (+/- a few other things, see: talos linux and their 130MB bare-metal ISOs).

biribiri11 , (edited )

The guy replying is a total dick, and for people that like to encourage change to create software that evolves with needs, they sure do refuse to change when needs evolve.

This is definitely just a dangerous cause of that one xkcd. At the very least, Debian unstable caught something before it could reach everyone else. That works, I guess.

biribiri11 ,

I actually do use quadlets on my server which are absolutely fantastic and hook into systemd, but I don’t see any reason why a similar init system couldn’t do similar or even contribute something like podman generate systemd but for a different init system.

biribiri11 ,

Mfw CentOS Stream 9, using a kernel, compiler, and glibc version from 3 years ago, still manages to pull ahead of software released a few weeks ago on hardware released years after Stream 9’s original release.

biribiri11 ,

So basically ostree deploy fails if you have an existing populated ESP (EFI System Partition), so you’ll have to partition manually atm (in my case, I just made another ESP on the same disk). Other than that, I haven’t run into any problems with Win11 + Fedora on the same disk, mostly because I don’t boot into windows.

You can read about the issue here: github.com/fedora-silverblue/issue-tracker/…/284

Here’s the docs on manual partitioning: docs.fedoraproject.org/en-US/…/installation/

It’s definitely a pain. One of many papercuts you’ll find with an “emerging” desktop edition on a distro already known to push new stuff before the Linux ecosystem is ready.

Just be sure to make a backup of your windows data in a separate disk, keep boot drives for normal fedora (in case this ends up being too difficult), windows (in case you give up), and Fedora Kinoite (because duh), and ffs, don’t trust ChatGPT with your sensitive data on your main PC :)

biribiri11 ,

It’s not brave, it’s just outright wrong. As in, wrong to use in this situation, and the LLM itself is wrong.

biribiri11 ,

From what I gather, it’s very similar.

They are both just wrappers for podman(/docker). Distrobox is more feature rich, and is far better documented, but is closer to a collection of bash scripts rather than a fully cohesive program. Toolbx is… definitely something. Their only real claim to fame is being less “janky”? IDK, it reeks of NIH, and in my experience, it’s a lot more fragile than distrobox (as in, I’ve had containers just become randomly inoperable in that I can’t enter them after a bit).

If you want to be pedantic, technically, distrobox is a fork of toolbx before it was rewritten.

biribiri11 ,

Can’t believe he figured it out. What a shame. Guess we’ll have to go provoke another country to invade our fellow flourishing independent democracies, who play a key role in the world’s trade.

Seriously though, I hope he’s just giving himself an easy out here. There’s always too much war going on.

biribiri11 ,

It’s a good thing for the owners of the codebase, but often, a bad thing for the community (even if the community contributes to said codebase).

For example, FOSS maintainers sometimes will (want to) relicense to protect their income stream:

github.com/CaffeineMC/sodium-fabric/issues/2400

github.com/LizardByte/Sunshine/pull/150

While corporations might literally have maintainers sign away their rights so they can take the work from their own community:

lwn.net/Articles/937369/ (canonical requires a CLA, though this + the subsequent re-license might have happened anyway)

lwn.net/Articles/935592/ (RPM spec files are MIT licensed at the Fedora level. There are likely chnages to RPM files contributed by the community that are now source-restricted in RHEL)

…intel.com/…/accelerate-snort-performance-with-hy… (See section 2.2. Previously, this work was BSD)

Mixed bag, really.

biribiri11 ,

I’m not sure how much I’d buy into phoronix benchmarks in this case. CentOS Strea, 9 was performing as good, if not better than, the recently released Ubuntu 24.04 and 2 week old FreeBSD 14.1 despite having a 3 year old kernel and being compiled with an equally old version of GCC. Linux is currently suffering from a pstate bug with AMD, too.

There’s a reason the BSDs are hardly used in HPC.

biribiri11 ,

Why are you being inflammatory for no reason? I’m just saying I don’t think it’d be correct for an OS 3 years in the past to be neck and neck with modern stuff. Log off the computer and go outside lmao

biribiri11 ,

Also see: systemd-bsod. Generates QR codes, too. I think blue for userspace boot-time errors and black for kernel stuff might be nice.

biribiri11 ,

I’ve learned exactly 0 useful things at community college.

Funnily enough, this is why I left my university and went to a CC. The opportunities for me at a CC have been much greater (especially when it comes to part-time employment positions). The smaller course sizes in my digital design classes in Quartus Prime (which were not present in the lower division curriculum at my original university) allowed me to excel so much that I ended up as a TA for my class. In addition, because I wasn’t asphyxiating myself in a tiny auditorium of 400 people, I found it much easier to approach my professors 1 on 1 to talk about physics outside my course curriculum, which has helped me network and prepare to line up REUs next year. I feel as though the people at my CC are also more down to earth and hardworking than those at my university. The student leadership there didn’t feel as daunting, and felt action-oriented (as opposed to being a pure popularity contest), so I was able to join student government. What I have been achieving over the course of 6 months at a CC is infinitely better than what I was getting at a full university, and I am no longer depressed.

Everyone’s experience is different. In my case, my original university was highly hyped, and very expensive, but left me sorely disappointed, and I was not happy with what I’d be learning according to my course roadmap.

biribiri11 ,

Go for FreeBSD: this might require a learning curve, because this is an OS I’ve never used. Are commands that different from debian?

Both of them are, at the very least, unix-like, so the core command set is mostly the same, albeit with sometimes large functional differences.

Simply install debian 12.5 again, the easiest choice.

You are familiar with Debian. This is probably the choice I’d go with.

Kernels are also updated more often than with debian as far as I know.

That’s why Debian has backports.

biribiri11 ,

Mmm Russian propagandists going hard today, or rather, as hard as ever, ensuring to amplify the messages of individuals who already have questionable allegiance to the US in the first place. Just keep in mind the Ukrainians still want to fight. It’s not like the US are the ones trying to kill the Ukrainian president to get their way.

biribiri11 ,

Floorp is great. It has so many features that make it better than stock FF.

biribiri11 ,

To be fair, all the FF engineers probably dgaf about a platform where they don’t even have the freedom to use their own browser engine.

biribiri11 ,

No. They likely don’t have the manpower to update it. It is run by students, after all.

biribiri11 ,

Same as any FF or chromium fork. The further away from the original you are, the longer security and performance updates will take to trickle down.

biribiri11 ,

If you’re nervous about rm, there’s many alternatives that work by moving a file to your recycling bin instead of deleting it outright. I think the current fun one is trash-rs, but some distros package trash-cli.

biribiri11 ,

Another thing not mentioned yet is maintenance overhead. These distros operate around the clock, all over the world, with talent from the likes of RH and co. There are far fewer people (who run your mirrors) who know how to maintain a torrent tracker (or similar), and on top of that, I haven’t really seen any good BitTorrent caching methods. Support would need to be added to your package manager of choice.

It also comes down to most client having asymmetric bandwidth, and that most users do not have every package installed and therefore can only distribute a very small amount of the total distro. Those users probably don’t want to be constantly uploading, either. I also can’t imagine torrents are too fun to work with when it comes to distributing constantly changing package manager metadata, too.

biribiri11 ,

If the kernel is available in a COPR or another third party repo, you can just do a little swapping with rpm-ostree: github.com/openshift/os/blob/master/docs/faq.md#q…

Edit: Just in case this is the project you’re using, here’s specific install instructions for Fedora Silverblue: github.com/…/Installation-and-Setup#fedora-silver…

biribiri11 ,

But how does this solve the problem of the config files of the various DEs (GTK rc files or other theme stuff) messing with each other in the home directory?

It does not. Your dotfiles will be a bit wrecked when you rebase. See: universal-blue.discourse.group/t/…/4It’ll also cause random issues like: discussion.fedoraproject.org/t/…/2

It’s mostly plasma fighting gnome, though. I haven’t seen any conflicts with say, sway.

biribiri11 ,

It’s immutable (aka. atomic), which means the system files cannot be changed, even by root.

This is a definite “well um actually” moment, but technically immutability can be switched off at any time with chattr, and “true” immutability will not be achieved until full image signing is commonplace. You can see the ideas laid out here: github.com/ostreedev/ostree/issues/2867

It does let you do cool things though, like install nix: github.com/…/silverblue-nix-installer.sh

biribiri11 ,

Yeah, third-party Linux VPN clients are pretty screwed on silverblue, and probably always will be. Especially since when installed in a container, they require being ran in a rootful container with selinux labeling disabled to enable direct access to /dev/net/tun, and as you’ve quickly found out, most of those weird bash based installers haven’t adapted. It’s best to use generic VPN configs through your DE atm.

biribiri11 ,

Oh it’s definitely over-complicated, and contrary to what others say here, Silverblue can definitely have some very difficult to troubleshoot problems (especially when using things outside the direct Fedora ecosystem), which are greatly worsened by rpm-ostree taking 15 years to do anything despite sharing code with the supposedly lighting-quick dnf5. For servers, rpm-ostree is great (it’s in all of RH k8s offerings, see RHCOS), but on desktops, there’s definitely a good reason why RH has to apparent offering and Fedora calls theirs “emerging”. Still miles better than having an unbootable system after updating.

biribiri11 ,

Yeah, I was just linking the other one because its usage of temporarily disabling immutability is more apparent. That one also disables immutability temporarily to install nix.

biribiri11 ,

This use case would be covered by bootc, but BlendOS doesn’t have support by the looks of it atm

biribiri11 ,

but they don’t have the means to maintain that many distros “properly”

That’s why they’re not separate distros from Fedora (as in, they don’t even host their own RPM repos nor maintain their own set of Fedora packages like Manjaro vs Arch) and purposefully so. It’s just stock Fedora with a few configs, third party repos/packages, and some scripts preinstalled. The entire thing runs on GH actions.

biribiri11 ,

This is a great start, but tbh, I’m not fully sold on “verified” flathub apps. Verification requires a token to be placed into a source repo or a website, but there appears to be nothing on actually verifying that the source/site are the original creators. So, for example, if someone packaged a malicious version of librefox and established it under io.github.librewolf-community instead of the canonical io.gitlab.librewolf-community, I’m concerned it’ll still show as verified (though quickly removed). The process can be read about here.

biribiri11 ,

If a new user installs malware from flathub while trying out mint for the first time, they’ll probably blame mint instead of flathub. Nobody will say “damn, I should have listened to that warning” while their “discrod” app rm -rf’s their entire PC away, they’ll instead claim Linux is crap and go somewhere else. Doing this helps keep mint safe, and definitely encourages unverified FOSS apps to hurry up and get verified.

biribiri11 ,

Afaik yes, the token is keyed to a specific source in the case of verifying through a website, but from what I can tell, that doesn’t stop someone else from creating a separate malicious website (or git repo) that looks similar but contains malware, and publishing that as a verified app with a similar name as the real app to flathub (so there would be multiple versions of an app, with only 1 being the “real” one on flathub).

biribiri11 ,

The cheapest you’ll find that is still pretty good for HDDs is serverpartdeals. They have recertified Seagate Exos X22 20TB drives with 2 year warranties for $215. They also offer new drives with the full 5 years, ofc. Exos can be a little loud, as with other enterprise drives. You’ll still need a way to read from it in case you don’t have a spare drive bay, too.

Are we going to see arch based immutable distros in the near future?

Hi there folks, I’m still learning about Linux and have yet to dip my toes properly in any arch based distro. Have for the moment fallen in love with the immutable distros based on Universal Blue project. However I do want to learn about what arch has to offer to and plan on installing default arch when I have time. But have...

biribiri11 ,

I think a true arch linux experience can be done with immutable distros by modeling themselves after something like a nixos config or an rpm-ostree treefile. Like, during bootstrapping, you’d feed in a config file which would install everything into a future RO root. Would definitely be a lot of work, though, since pacman does (and probably will never) have the capability to manage multiple read-only roots.

biribiri11 ,

Don’t feed the trolls :)

biribiri11 ,

Not everything should be flatpak’d. In your case, xpipe (and in the future, waypipe) should always be installed in a docker container containing your normal “mutable” OS. It’s why Fedora is evaluating Ptyxis: when you open a terminal, instead of defaulting to your immutable root, it can be set up to go to a container which has your home mounted but a traditional, mounted root.

biribiri11 ,

I know ssh -X works fine in a rootless podman container, and so does waypipe. I’d be shocked if xpipe didn’t.

biribiri11 ,

ostree is based on OCI images, the basis for containers and the like. “Rebasing” just refers to swapping out the OCI image containing your root with another.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • lifeLocal
  • goranko
  • All magazines
    •