Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
Found the internet!
algn2 commented on
Posted by
1 point · 2 months ago

Why is your organization paying for a Windog 11 OS that asks you to pay even more?
Especially for a non-profit, I'm astounded that they haven't switched to Linux.

algn2 commented on
Posted by
1 point · 2 months ago

I think this will work:

Edit the file: ~/.config/kwinrc and remove the translucency effects section and its contents:

[Effect-kwin4_effect_translucency]


Doing so will revert to the system default. ...Unless you made changes to the default. It really sucks that the config files aren't clearly documented.

algn2 commented on
ubuntu.com/blog/i...
Posted by
11 points · 3 months ago · edited 3 months ago

Great results. I wonder why they/you haven't introduced an uncompressed option so that you don't have to think about multithreaded decompression. E.g. uncompressed zip still provides the integrity checking but it's basically a no-op when it comes to compression. It's a pretty obvious suggestion so there must be a reason it's not there.

see more
1 point · 3 months ago

u/Lightrush - You, I & many other users are wondering the same. The strategy of using a filesystem that has to be uncompressed on-the-fly is great for mobile phones and devices like iPad, but makes ZERO sense for systems that have lots of disk.

1 point · 3 months ago

Well kinda. Compression provides inherent integrity checking. But in some contexts you could have an archive that provides that but has no actual compression. I don't know if SquashFS supports that. Seems like in any case the default compression might have to be switched to LZO anyways.

see more
1 point · 2 months ago

Integrity check is required with compression, but can exist (much faster) without it. Regardless of the compression algorithm used, there will always be a performance hit as compared to a native *.deb package install.

Compression is just one of the many problems with snaps. The very idea of a separate snap virtual mount per package is wrong with a capital W. Suppose Canonical were to go whole-hog with snaps and ditch native *.deb packages: The hundreds or even thousands of snapd mounts would be total mayhem, and an organizational abomination. Canonical should admit that it's an ill-conceived money-grab masquerading as a "feature."

algn2 commented on
Posted byu/[deleted]
1 point · 3 months ago

What Linux distro and desktop environment are you using?

I use Debian "stable" (Bullseye). I do an update check every other day, and even if there are updates applied, the only time I would need to reboot is when there's a kernel upgrade.

algn2 commented on
Posted by
1 point · 3 months ago

Each snap package is delivered as a compressed SquashFS filesystem that contains all executables, shared libraries, scripts, etc needed by the package. It doesn't get unpacked as a permanent filesystem on disk. Instead, it's mounted as a virtual filesystem, uncompressed as needed. A lot more happens under the hood but that's the main gist of it.
If there are N snap packages, there will be at least N of these virtual mounts. Over time, as the number of snap packages in the system increases, and the burden on the system will become noticeable.
Although snaps can share common libraries (eg. libc, libstdc++) with other snap dependencies, they probably won't be sharing common libraries with the system. This means lots of copies of unshared routines distributed as part of each snap. A system with 16 Gb of RAM, 10th gen (or later) CPU, and M.2 NVMe SSD will probably not be negatively impacted, but ultimately, it will. The reason: because of the constant unpacking of snap virtual mounts and the bloated memory footprint of each package, there will be increasing strain on virtual memory, which means swapping to disk - not the best thing, even for an SSD.
Wait. There's more. Snaps were artificially crafted by Canonical for financial reasons. First, it relieves Canonical of the burden of vetting software on behalf of users. With snaps, the package writer is given that decision. The release coordination to optimize system-wide shared resource usage, package dependencies, etc goes out the window. If a snap package needs a certain version of libc, it simply gets packaged with the snap. With snap release timing left to the package author, snapd can update packages at any time during the day. It's not left to the user to decide this action. Unlike traditional .deb packages where there can be multiple repositories (including non-Ubuntu repos), Ubuntu snaps can only come from the snap store. They can't get updated from anywhere else, because: 1. snapd only looks at the snap store, and 2. snap packages were hard-coded internally to assume the snap store. Somehow it seems that Canonical is trying to emulate the Apple Store, but it's instead coming out with a lemon.
I'm writing this from experience. I have an aging i3 with 16Gb of RAM and a Seagate Barracuda HDD. At first, having Ubuntu with snap packages installed wasn't an issue. Gradually, the impact of snaps made my system run like molasses. I finally got sick of it all, dumped Ubuntu, installed Debian and never looked back. That was 6 months ago. Now the system runs like new. No delays or hangs. Everything runs. Best of all, when I look at system monitor, I see less than 20% memory use, and no swap spillover. The way it should be.

algn2 commented on
Posted by
2 points · 3 months ago

what's wrong with sudo?

see more
1 point · 3 months ago

It depends on the distro/version.

According to https://access.redhat.com/security/cve/CVE-2021-3156 , the vulnerability doesn't exist in RHEL versions 5 and 9, but does exist in RHEL 6, 7 and 8. RHEL fixes for the affected versions were sent out by Feb 2021.

My question: I use Rocky 8.6. Am I correct in assuming that Rocky 8.6 has this sudo security issue fixed?

6 points · 3 months ago

The fix is in Rocky.

[[email protected] ~]$ rpm -q sudo --changelog | grep CVE-2021-3156
- CVE-2021-3156
[[email protected] ~]$ rpm -q sudo
sudo-1.8.29-8.el8.x86_64
see more
2 points · 3 months ago

rpm -q sudo --changelog | grep CVE-2021-3156

u/nazunalika - Nazu - You da best!

Thanks for the info about the fix, and especially about how to verify that the specific CVE id was addressed!!

I'd press the up arrow 1001 times for this, but sadly, it will only increment by 1.
In any case, many many thanks!

algn2 commented on
Posted by
3 points · 3 months ago

Their personal celebrity is/was part of the brand of their firm. I'm sure that Bill Gates, Steve Jobs, Michael Bloomberg, etc each have their own publicist to manage their public image.

Possibly even Linus Torvalds has his own publicist, though I don't think being in the limelight is at all one of his priorities.

There are many luminaries when it comes to Linux (and the entire open source movement). Linus Torvalds is one of them, but so are: Richard Stallman (GNU, FSF) , Andrew Tanenbaum (MINIX) , Ken Thompson, Dennis Ritchie (Unix), etc.

Bill Gates and Steve Jobs deserves a lot of credit also. If not for them, the entire world of computing would still be in the IBM mainframe-dominated world. They deserve their fame. Good for them.

algn2 commented on
Posted by
1 point · 4 months ago

Wow, it sounds like you have one real souped up machine!

You got me so interested, I did some googling.
I hope some of the results help.

Op2 points · 4 months ago

Thank you for the compliment! It is a very beefy machine, here is a picture of it. The graphics card(EVGA RTX 3090 K|NGP|N Edition) comes standard with an AIO as it is a special edition 3090 used for overclocking as I used to dual boot linux+windows and I would overclock this card to Kingdom come when I was in Windows :). The results were very helpful, thank you very much for that. I have settled on Linux Mint Debian Edition 5 as it works surprisingly well for everything I do along with a loveful community(the Rocky Linux community was also very nice! A surprise but a welcome one truth be told.).

see more
2 points · 4 months ago

Great choice! Enjoy!

Just some questions....

When you turn your system on, do the neighborhood lights dim for a second or two?

Have you named it yet, or did it choose its own name?

Can it also fly?

Load more comments

User Avatar

alexg

u/algn2 · 5y
Software developer. Just about any language or OS.
Karma
12
Cake day
October 24, 2017

Trophy Case (2)

Verified Email

Four-Year Club