Too late, I asked algernon. O.O

but yeah I don’t think I’ll make my OS an absolutely pure mathematical function that I prove the correctness of at every boot _{cool af tho}

I do rely on correct dev envs so I’ll try my hand at nixos-shell -ing. Thanks for the input

So instead of commenting inside of nix files, you put nix files into .org documents and collate them so you can make your nix files an OS and a website and a zettelkasten-looking set of linked annotated nodes.

That puts a stupid grin on my face (ᐖ )

Dammit I was sure I was just going to stick with Arch until I saw this

Questions:

• You have home on tmpfs. Isn’t that volatile? Where do you put your data/pictures/random git projects? Build outputs? How’s your RAM? (Sorry if I’m missing something obv)
• What’s your bootup like?
• Another commenter mentioned difficulties in setting up specialized tools w/o containerizing, and another mentioned that containers still have issues. Have you run into a sitch where you needed to workaround such a problem? (e.g. something in wine, or something that needs FHS-wrangling)

The “stable unstable” setup is a beautiful concept. Thanks for the dotfiles mention – I keep hearing “you need to rebuild if you edit a dotfile” but I guess that’s a myth encountered by people trying to nix too nixily, falling into said archetypal rabbit hole

Questions:

1. Does mixing streams “infect” other packages? I remember an old Gentoo thing where ~amd64 unstable packages would want to spread on its own. Since it’s nix I assume that an unstable package will require a bunch of unstables but they’d be installed alongside respective stable versions – i.e. taking up disk space but not “spreading” per se

For packages its basically 0 time.

Is that really true for you? I assume you refer to the length of time it takes to copy paste a flake from online but how reliable is that really? And the other commenters mention that there’s still wrestling to be had for certain tools

Thanks for the input!

I’m nervous about faking FHS as well, especially for specialized stuff. I don’t know much about steam-run or its caveats – so I can’t debug it (Maybe it turns out to be really simple and solid? Who knows…)

Thanks for mentioning the gpu accel issues in distrobox – I was considering using containerization to fight off any FHS issues but it seems I can’t jump the gun. I’ll probably just tighten dev envs by trickling in nix-shell usage; multiple versions of a package at once is an issue I’d def love to solve (in a way that’s more than just dockerfile)

Interesting that this is the third comment suggesting just using btrfs snapshots to resist Arch update experiences. I have root and home on two flat btrfs subvols so it shouldn’t be that hard to implement. (yeah yeah “What backup?” is bad)

Seems like the simplest way out is those two smallish changes. Wish I could transcend into declarativity but the thread’s nix survivor ratio is grim

Yep this is my diagnosis. I had a lot of time at the start to config horns and halos and miniguns and waffle toasters onto my craptop but now everything is constrained

o(╥﹏╥)o

When it comes to installing stuff, I’m very trigger-happy. So, from experience…

Installing stuff on Windows (safely)

• Hope it’s on Chocolatey (choco install)
• If not, search for the website online
• Scroll past the AI slop and suspicious Softonic downloads
• Click the website
• Find the correct download button
• Download
• Scan with MalwareBytes (don’t want an STI)
• Run setup.exe
• Verify PATH and wanted feature set
• I do not want to bundle Candy Crush or McAfee
• skim the Privacy Policy to see if they’ll grind my bones to dust
• Install Microsoft C++ Redistributable 2014-2018 (wtf? I already have 4 of these)
• Wait
• Sort the installation shortcuts into my folders

Installing stuff on Linux (safely)

• paru some_software
• If on AUR, skim PKGBUILD
• If not packaged at all (rare), git clone it and either skim the install.sh or Makefile
• Done

Sometimes friends, in their curiosity, come up to me and ask me, Jordan Belfort-style, “Sell me this pen Linux.” Why do I like it so much, they wonder?

And I always tell them:

"Linux is like… the vegan OS. (bear with me) Mac and Windows people don’t really care about OSes. People who switch to Linux either find they couldn’t be assed to deal with it, or they love it, and those who love it love it. Then they always tell people lol.

A good thing though: because everyone’s such an opinionated nerd, the lateral set of problems you run into won’t be ‘solved’ by random Microsoft Forums /sfc scannows or arcane regedits, but by a nut who debugged the entire thing 30 minutes after the bug came to exist to find a workaround. True story.

Buuuut Linux is more of a lateral movement in terms of problems, it’s just a tool after all. You solve Microsoft Recall and start menu ads but run into new but tiny annoyances. I find Linux problems easier to fix than Windows ones because of the nerd army thing but if your Windows setup works for you, it works and that’s really all that’s important. If you do start Linuxing though you’ll learn a lot just by osmosis."

And they usually laugh and decide to keep their routines in place. Don’t hate me vegans.

I use Firefox everywhere else, but for my Android I’m on Brave.

Sure, adblock and tab grouping is a plus but my main reason I use it (i.e. over Firefox) is because of memory. When I have six FF tabs open, my Samsung model shoots at least three down the moment I enter another activity or open a new tab. They survive on Brave.

I’d still use Brave on iOS devices too – as another commenter said, it’s a webkit reskin but at least it’s got good Adblock.

Building on this, I recommend zoxide instead of only fzfing or regexping.

For people who like to keep everything they ever create, like college students, you can use z 18.04/1 to get to a directory like ~/hw/random-school/fresh-1/analysis-18.04/pset1.

Lets you nest without fear.

(Also, about your question: I’ve personally used ~/git/<projname>/ and ~/git/<org>/<projname> at the same time – e.g. ~/git/aur/fuzzel-git)

Wow, you’re right, autotools dev work started a decade prior to Linux 0.01’s release. And looking deeper into ./configure, there looks to be checks running here that only matter on old Solaris systems…

At least it’s not node_modules

They call it a polyfill because it polyfills your disk

Terrible bait

Is that considered bait? I’ll remove it, I don’t mean to be hostile.

What do you mean by “more powerful” wrt CMake? Are you referring to, say, integration abilities with other projects (since know CMake is really widely-used)?

Thanks for the advice and the example!

Yeah I was considering using one of these two, out of curiosity.

I’ve heard complaints about CMake… on pre-2015 forums, so I don’t know where it’s at now.

I’ve done very little from the developer side of Meson but I do recall having tried a sound theme that, inexplicably, had a Meson-based installer. (It was just .ogg files iirc.) That’s probably a good sign if someone picked it over an install.sh

Though you’re right, there’s probably little advantage in me not using a Makefile here, except again, curiosity

I tried a bunch of boot-from-USB tests and it fixed itself. Woot

I see, I forgot about tampermonkey. At that point I can also just paste a bookmarklet into the script space itself and enable when needed.

Firefox-based mobile browsers unload pages for me when I tab away (maybe it’s a Samsung killer thing? all outside of the scope of this question tho), which could be an issue, but if I’m careful then this method should do it. Thanks!

I couldn’t roll back the kernel easily so I booted with linux-lts. Since this didn’t resolve the issue, I assume it isn’t a kernel problem (or it still is one and linux-lts isn’t the right way to solve it). Same errors too.

I also tried Cheese on a few old rescue USBs (Kubuntu still on Plasma 5, old Devuan copy) to see if luck would grant me working drivers – no dice.

Thanks though! x ᴗ x

Not fishy at all! It’s like a lockpicking fan asking about locksport.

If you’re looking for examples, GitHub has a lot of CVE proof-of-concepts and there are lots of payload git repos across git hosts in general, but if you’re looking for a one-stop-shop “Steal all credentials,” or “Work on all OSes/architectures just by switching the compile target,” then you’ll have a harder time. (A do-one-thing-well approach is more maintainable after all.)

If you want to make something yourself that still tries to pull off the take-as-much-as-you-can, you should just search up how different apps store data and whether it’s easy to grab. Like, where browsers store their cookies, or the implications of X11’s security model (Linux-specific), or where Windows/Windows apps’ credentials and hashes are stored. Of course, there’s only much a payload can do without a vulnerability exploit to partner with (e.g. Is privilege escalated? Are we still in userland? is this just a run-of-the-mill Trojan?).

Apologies if my answer is too general.

Lots of good answers here but I’ll toss in my own “figure out what you need” experience from my first firewall funtime. (Disclaimer: I used nftables – it should be similar to ufw in terms of defaults though).

• Right off the bat, everything unneeded was blocked. I “needed” no configuration, except for maybe…
• Whatever CUPS runs on (when I use it)
• Sometimes I ran python -m http.server – I unblocked port 8000 for personal use.
• I chose to unblock port 53 (DNS). I wanted to connect to another computer via hostname IIRC (e.g. connecting to raspberry-pi.local. I might be misremembering this though).
• At one point I played with NGINX – that’s port 80 (HTTP) and port 443 (HTTPS).
• SSH was already permitted (port 22 – you need root access to enable traffic through ports below 1024 anyway so this wasn’t an issue for running typical apps)

I didn’t use WireShark back then, really. I think I just ran something like

sudo lsof -nP -iTCP -sTCP:LISTEN

which showed me a bunch of port traffic (mostly just harmless language servers).

You don’t have to dive to deep into all the “egress” and “ingress” and whatnot unless you’re doing something special. Or your software uses a weird port. (LocalSend lol)

Obligatory Linux comment (Lemmy moment):

Windows is used often for its compatibility and defaultness but Linux is interesting in the sense that everything is patchable, everything is tinkerable and configurable. The low resistance to tinkering makes lots of Linux users tinkerers – including tinkering via code.

I’m not saying wipe your hard drive or even dual-boot. Maybe an older computer or VM could help, depending on what you have. But just in the past week I’ve screwed around in low-to-medium-difficulty Linux projects that configured my lockscreen with C, that implemented mildly usable desktop GUIs with TypeScript, among others – just not-too-committal stuff that has a return value I literally see every time I lock my computer.

Windows equivalent projects can be harsher on the beginning-to-intermediate curve (back when I first tried out Linux Mint, I’d been struggling to make a bookmark inspector in Visual Studio – ended up Pythoning it instead) – not to say that Windows fun is by any means out-of-reach.

My friends Leetcoded and Codeforced quite a lot. Advent of Code is up there too, with the interesting caveat that Advent of Code also teaches you refactoring (due to the two-part nature of every problem).

However, when I was younger I had contempt for the whiteboard-problem-esque appearances of these, but everyone is different.

If you look hard enough there is always a project at medium difficulty – not way too hard, like a huge project you feel won’t give you returns – not way too easy, like some cowsay clone. Ever tried making a blog? You can host for free on most Git pages implementations (codeberg, github, gitlab…).

As for programming books, consider trying security books like Art of Exploitation – in the same strain, CTFs can use a decent amount of code, and they’re fun in terms of raw problem-solving. I started with the Bandit wargame, which does Linux problem solving from any machine that has SSH.

I’m not by any means a l33t hax3r but I found them pretty fun in my learning journey.

First thing I’d ever seen on the darknet was this bad boy. (Not that it was a terribly efficient way to get an epub.)

Such a bottom-up book. Almost gave up back then, thinking I wouldn’t be able to handle assembly, but then what would the point of reading about the hacker mindset be?