Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

PoolloverNathan

@PoolloverNathan@programming.dev

This profile is from a federated server and may be incomplete. Browse more on the original instance.

PoolloverNathan ,

chmod 000 and put the rest of the linux in a user namespace so not even root can see inside.

PoolloverNathan ,

There's also a distro for that

PoolloverNathan ,

It's useful to hide clutter. It's easier to look at the file you care about when the file~, file.old, .file.swp, #file#, file,v, etc. aren't in the way.

PoolloverNathan ,

People here really hate our distro for some reason. Isn't it just Arch with extra steps (and all the configs in one file)? Everyone likes Arch! The definition of Arch is extra steps!

PoolloverNathan ,

It's a joke (afaik), cat only works for stuff like tar archives. Can't figure out what to use for text files though.

PoolloverNathan ,

Gentoo users, start compiling for the assembly next month!

(I don't use gentoo btw)

PoolloverNathan ,

DuckDuckGone

PoolloverNathan ,

You should drink some wine.

PoolloverNathan ,

Obligatory “I lustrated it in favor of nixos” post

PoolloverNathan ,

Installed NixOS but don't like NixOS? Try nix-env -iA estrogen.

PoolloverNathan ,

tar x

PoolloverNathan ,

You'd likely need to reshrink the partition, then truncate the ISO to fit.

PoolloverNathan ,

NixOS — odds are it won't work, but when it does it'll probably stay working.

PoolloverNathan ,

LiNuX uSeR iNsTaLlInG A BrOwSeR haha

yeah uh...

  • sudo apt install firefox
  • sudo xbps-install firefox
  • sudo pacman -Syu firefox
  • nix-env -iA firefox
PoolloverNathan ,

Gotta be verbs — Destroy Data.

PoolloverNathan ,

Is that TV just a CentOS box running VLC‽

PoolloverNathan ,

Tip: Alt+SysRq+F to force an OOM kill. It'll usually target the leaking process.

PoolloverNathan ,

Print Screen

PoolloverNathan ,

OS: NixOS 24.05 (gen 67, non-flake)
WM, DE: KDE Plasma
Mass massaging: Aliucord mobile, Vencord (installed from nixpkgs patch) desktop
P2P messaging: Netcat
Don't really watch many videos / listen to music
Editor: Sandboxed VSCodium
Base flake for development environments: stddev
Programming language: Haskell + Rust + Go (one project)
Browser: Sandboxed Firefox
Phone launcher: Niagara

PoolloverNathan ,

Actually I want to write an app browser for NixOS now.

PoolloverNathan ,

I calmly remove my USB labeled “oh shit” from my pocket, insert it, and reboot.

PoolloverNathan ,

That's why I put Linux on my house.

PoolloverNathan ,

I just add this to my system config:

networking.wireless = {
  enable = true;
  networks = import ./networks.nix;
};

Then I define my networks in a gitignored file and I'm good to go.

PoolloverNathan ,

The closest I've been to Windows since I've installed Linux is putting its partition in the NixOS (gen 19) filesystem list.

PoolloverNathan ,

...and this here, folks, is the problem.

PoolloverNathan ,

System32 holds the 64-bit stuff and SysWOW64 holds the 32-bit stuff. This makes complete and total sense.

PoolloverNathan ,

Doesn't nixos wait to actually download the packages? Sure, you could set up a derivation that depends on everything in nixpkgs, but that seems like a lot of disk space.

PoolloverNathan ,

If applying a patch extracts and repacks the archive, then unrelated files can definitely be changed. See for example Minecraft jarmodding, which is just merging two zips.

PoolloverNathan ,

alias git="DISPLAY= git"

PoolloverNathan ,

Omnipotent, just not omniscient.

PoolloverNathan ,
  • [x] Lemmy
  • [ ] Star Trek
  • [ ] Star Wars
  • [x] Tech
  • [x] Programming
  • [×] Unicode
  • [x] RPG gaming (D&D)
  • [ ] Anime
  • [ ] Comic books
  • [ ] Furry
PoolloverNathan ,

Careful of the venn diagram — if you're talking to a member of a Linux community on Lemmy, chances are they aren't anti-furry.

PoolloverNathan ,

The Microsoft Store adds a lot of restrictions to their programs (example of Python's problems).

PoolloverNathan ,

Linux security noob here but can't you just run the browser in a chroot with everything isolated?

PoolloverNathan ,

Made a Nix library for this. For a simple setup you can just build this (untested) and run the result:

import ./encase.nix {
  name = "firefox";
  rw.home.nathan = /home/nathan/home-for/firefox;
  # other dependencies it might need...
  tmp = /tmp; # fresh tmpfs for this sandbox
  network = true;
  command = pkgs.firefox;
}

It doesn't have user isolation yet, so if it escapes the browser and the chroot (which doesn't have a /proc unless you set proc = /proc;, and runs in a PID namespace either way) your files are still at risk. However, this is still pretty secure, and you can run the script itself as a different user (it creates a new UID namespace so chrooting can be done without root).

PoolloverNathan ,

Same thing

PoolloverNathan ,

↑ This. Haskell makes it super easy to get good CLI filters. All you need to do is interact and process the string it gives you. You'll automatically get streaming behavior because of laziness without lifting a finger.

PoolloverNathan ,

interact is (String → String) → IO (), a function that takes a String → String (a function that takes a string and returns a string) and returns an I/O operation (which is a separate type since Haskell doesn't have side-effects). The function you give it will receive all of stdin as a string and its output will be stdout. The magic comes because Haskell uses cons-lists that are lazy in their spine — the list doesn't actually exist until you look at it. This means that, from your perspective (probably not how this is actually implemented), the list you return is iterated character-by-character, and each character that gets printed only waits for the characters it needs, allowing the rest of the stdin list to remain unevaluated.

Fairbuds are Fairphone’s proof that we really could make better tiny gadgets (arstechnica.com)

But of course we all know that the big manufacturers don't do this not because they can't but because they don't want to. Planned obsolescence is still very much the name of the game, despite all the bullshit they spout about sustainability.

PoolloverNathan ,

Is— is this a Lemmy copypasta?

PoolloverNathan ,

Also Voyager, name isn't orange. I haven't seen an orange name; what version do you use?

PoolloverNathan ,

Voyager eats comments? Never heard of that. Also, surprisingly fast reply.

PoolloverNathan ,

3

PoolloverNathan ,

/etc/passwd

PoolloverNathan ,

Wait…

PoolloverNathan ,

Examine trolley

PoolloverNathan ,

Load save *.trolly

PoolloverNathan ,

Would you like your possessions identified? [ynq] (n)

PoolloverNathan ,

Chromebooks are actually Linux.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • incremental_games
  • meta
  • All magazines
    •