• 5 Posts
  • 42 Comments
Joined 2 years ago
cake
Cake day: July 21st, 2023

help-circle

  • xbps-src is both a tool to build official packages from source and a way to install Void’s “official AUR packages”. Meaning packages that are maintained by Void/Arch devs but for whatever reason do not belong to the main repository. That’s the only way it’s comparable to the AUR.

    But saying that xbps-src is like the AUR is very misleading because it lacks the “U” part. Official AUR packages are only a small part of the AUR.


  • unless they use my discord server to spread those views

    To me that’s not controversial at all and does not suggest in the slightest that he’s a fascist, National Socialist or whatever. And he isn’t creating “safe spaces” for these kind of people either. A safe space to me means a place where said people can express their (stupid) opinion freely, which Vaxry according to this statement does not support. Also I don’t have the exact quote but in a different episode of his blogpost saga he claimed that when some person was transphobic, said person was banned. So that would also be supporting evidence that he does not create safe spaces for bigots.

    If we’re talking strictly hypothetically, I’m a worse person than Vaxry because unlike me, he claims not to allow bigots to express their opinions in his dicksword server, while I am engaging in communication in a Lemmy community where being a fan of Mao or Stalin is allowed.

    In the rest of the article he presents nazism as an opinion people might have that you disagree with.

    He didn’t say anything about Nazism being an opinion you disagree with.

    He argues that his silent acceptance of nazis is the morally correct stance while inclusive communities are toxic actually.

    He does argue that his stance is morally correct but what you said is not his stance. I think the following quote implies the point he’s trying to make.

    It’s important to note that there are many people who disagree on topics like religion, economic systems, LGBT issues, geopolitics, and other. For whatever reasons they may, we still should not ostracize them as long as they can interact with the FOSS community in a respectful manner, without arguing about those issues in places not meant for such discussions.

    I think his point is that him disallowing ostracising of people creates communities that tolerate all kinds of people including say, LGBT people. The Nazis would be collateral damage of inclusiveness, I suppose. I’m naming specifically LGBT, since in a different quote he’s talking about illegal things in Hungary, which is famously a highly LGBT-discriminating country in the EU:

    I stand by my stance that even if you are something that the country I live in disagrees with, you still are free to use, contribute to, and be a part of the greater FOSS community.

    Also part of his point is that just because someone claims some other person is a bigot, does not mean that’s actually true. The former person could just be lying or otherwise twisting the truth, therefore it’s important to be inclusive:

    They will try and find things that you do outside of your proffessional persona, or often infer, guess, meddle with, or lie about what you say and stand for.


  • You probably don’t care about my opinion, but one of the reason I don’t really care about this is that I only have the “drama” second hand from very unreliable sources. There is the Vaxry’s version of the story which cannot be trusted because that’s conflict of interest. Then there is Drew, who according to a Distrotube video is quite a bizzare person, who really enjoys to stir the drama and write these extremely misleading “hitpieces” on famous FOSS people. The issue is that to me Distrotube is not a credible source regarding this either because he’s got for me too schizo view of the world. He has a rifle collection, in case he has to fight for his country. (including a rifle, “that’s good for children”)

    So it’s just too foggy for me. Well I don’t promote Hyprland because I don’t care about my computer’s “looks” and because according to some (I think) Void dev, Hyprland code is crap. But that’s a different story. Anyways my point is that I can see why people can see it as not that bad.

    edit: adding sources for the Drew, Distrotube and Void stuff, in that order. Also the Drew video relies on indirect evidence but for me it’s fairly convincing.

    https://youtube.com/watch?v=NLHIIVppdMw

    https://youtube.com/watch?v=nvQ-ZY460WQ

    https://reddit.com/r/voidlinux/comments/1eb3ivp/on_hyprland


  • Haven’t seen the video, I’m only commenting based on the summary in the comments.

    It’s good that flatpak is switching to OCI containers. Hopefully that will end the flatpak’s dependency hell. This week I was looking at flatpak as a way to publish my app and found the user experience (user is the app publisher in this context) quite bad. Could be skill issue obviously.

    I thought I could just look into a database of flatpak runtimes, pick the one with the software I need, add additional packages and be done with it. Unfortunately it is not that simple. First of all as far as I know, there is no “database” like archlinux.org/packages. You have to download the runtime and then search /usr/include/ or /usr/bin/ to check if particular piece of software exists in it. Adding additional packages is also quite difficult. There are these runtime extensions which are like “baby runtimes” for special software like ffmpeg, java, etc. They kinda suffer from issues similar to the issues of the runtimes. And unlike in regular distros where you can get a package for almost anything, here you don’t have the luxury and have to bundle that not so popular dependency.

    I hope that with OCI I will be able to just provide the binary, a link to the base image and a list of dependencies to install and be done with it.


  • this puts a hole in your firewall

    Indeed, thanks, I realized that shortly after posting it.

    dig not supporting mdns

    Yep you both are correct. Looking at it now, the result does actually warn me that I’m trying to send a regular DNS request to mDNS multicast address.

    It just sort of happens to work correctly if you get a single reply

    Yeah I guess it’s a hack. To me it does not really matter because I’m just using it for wireguard, so the worst thing that could happen is that I would try to connect to a wrong host and the key exchange would fail.

    libnss-mdns

    The reason for why I’m doing this whole hack is that nss-mdns package is only available on glibc version of Void but I’m using musl, so it’s really just hacks on top of hacks. I found a final solution though so that’s nice (see final edit of post). Thanks for all your replies!


  • It’s solved now. Basically what’s happening is that I ask a multicast address on UDP port 5353 and get a response from different IP because the original IP was multicast. So my firewall blocks the reply, because it really isn’t a reply like downloading a webpage. I solved it by filtering based on the source port. Meaning the reply has source port 5353 but on my machine it arrives at some random UDP port so I cannot really filter based on the destination port.

    solution

    -A OUTPUT -p udp -m udp --sport 5353 -j ACCEPT
    

    Thanks for your help!



  • Edit 2: Actually dig picks a random port to send the mDNS request from and sends it to 224.0.0.251:5353 (multicast IP). The correct host then replies from port 5353 to the previously picked random port from dig. But I found that you can specify the port with dig -b IP#port so I think that should help. I kinda don’t have the time to try it out currently though.

    end of edit2.

    well I randomly solved it by adding

    -A OUTPUT -p udp -m udp --sport 5353 -j ACCEPT
    

    Which basically means you are right. The destination port is just some randomly picked number (checked wireshark), so I have to filter based on source port, which is 5353.

    Edit: Also thanks for your help!









  • Since you are already using Libreboot, you already have (proprietary) microcode updates installed. So I think it shouldn’t be a security disaster with Linux-libre (that assumes that you keep your Libreboot updated). Worst thing that would happen is that your hardware won’t work. That’s also the best thing that will happen. The blobs are just firmware that gets loaded on a device that needs it. If you have the device, it won’t work without blobs. If you don’t have it, the firmware is not loaded so the outcome is not that different from regular linux. And also reading from comments there are some blobs for enabling DRM content. I guess that’s not mandatory.

    Though imo Linux-libre is pointless. For noobs it’s a potential security disaster and skilled users would be better off compiling their own kernel with just the features they need to reduce attack surface.


  • It sounded like you got annoyed that I was guessing and it sounded like you tried to make it clear to me that the guess was not helpful to you with the use of sarcasm. I guess I misunderstood, sorry.

    Regarding the actual questions: You asked how does it compare to Coreboot. Canoeboot is actually coreboot, just slightly modified to work with Free Software Foundation’s rules but these rules are kind of absurd. See [1]. Libreboot is also modified Coreboot but one that’s actually good. The difference between them is that Libreboot should be a bit easier to install and that they support different hardware.

    In terms of battery life the same laptop with or without Coreboot should perform the same. Coreboot really only handles the booting. Battery life should depend on the “EC firmware”, which is like a second chip on your motherboard that handles stuff like blinking LEDs or checking if your lid is opened or closed. It also depends on the OS itself so Linux vs Windows will make a difference. Canoeboot is an exception because it does not include “microcode updates” for ideological reasons. Microcode is code that runs on a “CPU inside of your CPU”. Not updating it will A) make your CPU buggy and vulnerable to attacks like Spectre [2] and B) maybe even have worse battery life because Microcode can control the voltage your CPU runs at. More voltage -> more power (P ~ V^2)

    [1] https://libreboot.org/news/policy.html

    [2] https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)