You mean it is a community that exclusively publishes corporate products as linux making no acknowledgement that alternatives exist?
yianiris
linux no-systemd minimalism
- 0 Posts
- 18 Comments
Joined 11 months ago
Cake day: November 10th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
2 Do you honestly think one can just make a fake account up, register, and publish an AUR pkg with rogue code that easy? There are checks for code whether it is safe or not, whether it is asking for right elevation, altering the filesystem’s rights, etc.
You are making it sound like registering for X and publishing a tweet.3 The most dangerous software I see on AUR is browser bins by the BIG NAMES not the little script stuff.
People are afraid of people instead of large corps
@constantokra
1 If you take an average AUR pkg and read its content (PKGBUILD) the procedure of building an arch like pkg is not very much unlike the practice of building and installing from source as in the old days. The difference is that when a new revision or need for patch, or rebuild due to fresh libraries/dependencies is necessary through your AUR helper you will be notified.
In all the years I’ve used the AUR I only heard of one pkg violating security, it was recognized pretty fast and was removed within hours from going up. AUR pkgs have history/track/votes on them, with thousands using them it is just as likely an official pkg having rogue code as an aur pkg.
Also, aur pkg are not really software written for the aur, it is software packaged for the arch ecosystem, and several other distros are using them.
Arch (arch based x86_64)
Download and installhttps://sourceforge.net/projects/joborun/files/r/librewolf-122.0.1-03-x86_64.pkg.tar.lz/download
or cd /tmp
mkdir libw
cd libw
wget https://git.disroot.org/joborun-pkg/jobextra/raw/commit/3f78c1796cc471eed86f817cdffc7bcaa038d5b1/librewolf/PKGBUILDmakepkg
sudo pacman -U *x86_64.pkg.tar.*
librewolf
or
firejail librewolf
2·7 months agoThe home directory of the user is defined in /etc/passwd
Make sure it is the same as the one you have.
% sudo grpck
will check your group shadow gshadow passwd files for conflicts, it will tell you what you need to fix or if it is simple it will fix it for you.
If you get no output everything is OK
Can containers boot on their own? Then they are hosts, if not they are guests.
Unless there is some kind of mutual 50/50 cohabitation of userspace with two different pid1s
pid 1 left pid 1 right
You have a very narrow perception of what a linux distribution/system should be, and that is a heavily commercial windows/macos alternative for people who deny reading.
That audience makes total crap popular!Is that better now?
> and why they’re playing an increasingly big role in modern distros.
My modern distros, are you implying if a distro adopts flatpak use it is modern, if not it is antiquated?
Those are dangerous doctrines when foss is meant to provide choice, and it can be a choice to reject certain groups of software.
What would js be able to do out of firejail or other such forms of containment?
I only allow js for very specific sites, and most that you can’t do without I just do without. I am not that worried about security though, it is just an exercise.
I use seatd with wayland but it can be compiled without it too. My main issue is as I said, I can’t just run “sudo -u user2 leafpad” for example, you say it is a security measure, I say it is an inconvenience.
I don’'t use systemd or logind so I don’t have to worry about such magic security violations this bogus pile of crap creates. I have more control of processes and don’t allow some “automated” service to be loging-in-out system users 2000 times a nanosecond as logind does.
It only happens when I want it to happen, not uncontrollably.
KISS is the best security measure.
Are you comparing 40years of graphical environment stability and global use with something that has been broken for more than a decade and now all of a sudden is portrayed as secure?
I want to start applications as another user in my own environment and my own system and wayland prevents me, while x11 allows me (together with many forms of sandboxing and containerization).
I have asked this question to all pretend to be experts of wayland and I have 0 responses.
Many unions collect fees, for operational costs, publications, transportation costs, etc.
Especially they collect funds to support those who have been unjustifiably laid-off, or during strikes to have emergency pay so they can refuse to return due to fin.pressure. Families of disabled or killed at work members…
The thing here is you have for profit corporations producing code as well as executives, and unemployed privateers. Who gets what?
Have you made a single AUR pkg, or are you just criticizing thousands for their work without any evidence from your armchair?
Energy is never generated, power is, from energy conversion.
Also “energy” and “sustainable” intersect with a word called entropy.
It would take years for MS to catch up to the hw covered by linux, some of it not even released in a market.
If you are talking about specific MS licensed hw with unpublished non-open non-free-firmware that MS orders to cut off other OSs then I can see this being true.
If you are falling for the Nvidia trap, I feel sorry for you.
First of all generalizing about this is totally wrong, depending on what software/libraries a program depends on for build makes a huge difference. If it is good old C that is backwards compatible (hence the size of glibc) it will work all the time. Show me one debian or arch official package that is written in C and says for glibc >=2.35
On other software proposing a library to be >=ver-xxx means the packager speculates that future editions will NOT break the build.
One out of five pkgs in AUR are so unmaintained they don’t even build anymore.
Clieaning up junk is more urgent than screening what comes on.
@constantokra