Skip Navigation

User banner

z3bra

@ wgs @lemmy.sdf.org

Posts
17
Comments
183
Joined
2 yr. ago

  • Are there any things in Linux that need to be started over from scratch?

    Jump

  • Right now overlays requires elevated privilèges, but ideally it shouldn't. Rewriting the Linux kernel to implement per user namespaces like plan9 does would allow unprivileged actions from any user (just like if any user was sitting in a container, overlayed from the base system).

    I know we're not there, and that's not the direction development is going, but this thread is about dreams, right ? 😉

    About the XDG specs, they serve a totally different purpose so they're out of the discussion IMO. I'm not advocating against env variables. Just $PATH which is a workaround as I see it, but your mileage may vary. As for your "issue" with steam, of course this is the best way to solve it. Because of today's OS limitation. My point is that with a better designed namespacing implementation, there would be more elegant solutions to solve it (and would get rid of the need to use LD_LIBRARY_PATH too, or literally any *_PATH env variable)

  • Are there any things in Linux that need to be started over from scratch?

    Jump

  • By mounting the binary over, I mean something like a bind mount. But in your case of a wrapper script, it doesn't apply indeed. Though in this case I would simply name the script steam-launcher and call it a day 🙂

    Having multiple executables with the same name and relying on $PATH and absolute paths feels hackish to me, but that's only a matter of preference at this point.

  • Are there any things in Linux that need to be started over from scratch?

    Jump

  • I'm not saying we should get rid of $PATH right now. My point is that it was created to solve a problem we don't have anymore (not enough disk capacity), but we still keep it out of habit.

    As a reminder, the discussion is about what should be rewritten from scratch in linux. And IMO, we should get rid of $PATH as there are better options.

  • Are there any things in Linux that need to be started over from scratch?

    Jump

  • Today's software would probably break, but my point is that $PATH is a relic from ancient times that solved a problem we don't have anymore.

  • Are there any things in Linux that need to be started over from scratch?

    Jump

  • You missed my point. The reason $PATH exists in the first place is because binaries were too large to fit on a single disk, so they were scattered around multiple partitions (/bin, /sbin, /usr/bin, etc...). Now, all your binaries can easily fit on a single partition (weirdly enough, /usr/bin was chosen as the "best candidate" for it), but we still have all the other locations, symlinked there. It just makes no sense.

    As for the override mechanism you mention, there are much better tools nowadays to do that (overlayfs for example).

    This is what plan9 does for example. There is no need for $PATH because all binaries are in /bin anyways. And to override a binary, you simply "mount" it over the existing one in place.

  • Are there any things in Linux that need to be started over from scratch?

    Jump

  • $PATH shouldn't even be a thing, as today disk space is cheap so there is no need to scatter binaries all over the place.

    Historically, /usr was created so that you could mount a new disk here and have more binaries installed on your system when the disk with /bin was full.

    And there are just so many other stuff like that which doesn't make sense anymore (/var/tmp comes to mind, /opt, /home which was supposed to be /usr but name was already taken, etc ...).

  • OpenBSD 7.5 is released?

    Jump

  • sysupgrade seems to fetch 7.5 right now. I'll see how well it goes !

    Edit: upgrade went fine, running 7.5 now !

  • endlessh-go: a Golang SSH tarpit that traps bots/scanners

    Jump

  • endlessh was pretty cool and a more modern version is even better ! I'll give it a shot !

    On a side note, I found a way to trap HTTP connections too while working on my cyb.farm project. The go implementation is ridiculously simple: tarpit.go. It works by providing an endless stream of custom headers to the client, which it is supposed to ingest before getting to the content itself.

  • Is there an advantage of using doas over sudo

    Jump

  • I find the config syntax cleaner.

  • Setting Up a Secure Tunnel Between Two Machines

    Jump

  • Keeping the source IP intact means you'll have troubles routing back the traffic through host B.

    Basically host A won't be able to access the internet without going through B, which could not be what you want.

    Here's how it works:

    On host A:

    • add a /32 route to host B public IP through your local ISP gateway (eg. 192.168.1.1)
    • setup a wireguard tunnel between A and B
    • host A: 172.17.0.1/30
    • host B: 172.17.0.2/30
    • add a default route to host B wireguard IP

    On host B:

    • setup wireguard (same config)
    • add PAT rules to the firewall so to DNAT incoming requests on the ports you need to 172.17.0.1
    • add an SNAT masquerade rule so all outbound request from 172.17.0.1 are NATed with host B public address.

    This should do what you need. However, if I may comment it out, I'd say you should give up on carrying the source IP address down to host A. This setup I described is clunky and can fail in many ways. Also I can see no benefits of doing that besides having "pretty logs" on host A. If you really need good logs, I'd suggest setting up a good reverse proxy on host B and forwarding it's logs to a collector on host A.

  • Which OS do you use for your homeserver?

    Jump

  • OpenBSD is the most pleasing expérience I've had with an OS. It's fully contained and has all the tools you need without needing to install anything (eg a DNS, HTTP, SMTP servers, a proxy, a good firewall). All config files look alike and use the same keywords for the same things, making it straightforward to configure everything.

    And regarding RAID 1, I've never done it myself, but it totally works out of the box (as well as full disk encryption).

  • Which OS do you use for your homeserver?

    Jump

  • OpenBSD for all of them.

  • What distros have you tried and thought, "Nope, this one's not for me"?

    Jump

  • Void linux.

    I used arch for a couple years, then crux for over 10 years, so I though Void would be a great distro when the systemd drama occured. Tried that, and noped the hell out of it...

    • creating/maintaining packages is a pain
    • the dev team was awful with newcomers
    • system couldn't handle more than a couple weeks without updates
    • it's an arch wannabe that doesn't admit it, making it a worse alternative

  • Why do you use the terminal?

    Jump

  • For style points at the office.

  • Cool fancy programs?

    Jump

  • Or xantfarm for the other times of the year !

  • Cool fancy programs?

    Jump

  • This works on any OS though.

  • Cyber hunt - A technical adventure for Unix fans!

    Jump

  • There are online service that can do it for you. Check "IPv6" in the glossary.

  • Cyber hunt - A technical adventure for Unix fans!

    Jump

  • Can you edit your message to add a spoiler tag ?

    It's up and running ! The error you get is probably related to the fact you're trying to trace it over ipv4.

  • Cyber hunt - A technical adventure for Unix fans!

    Jump

  • Thanks for taking on the challenge ! This whole thing is meaningless if there's no one scratching their head at it !

  • Linux @lemmy.ml
    z3bra @lemmy.sdf.org

    Cyber hunt - A technical adventure for Unix fans!

    cyb.farm
  • CYBFARM @lemmy.sdf.org
    z3bra @lemmy.sdf.org

    Cyb3r Hunt

  • OpenBSD @lemmy.sdf.org
    z3bra @lemmy.sdf.org

    sysupgrade ❤️

  • CYBFARM @lemmy.sdf.org
    z3bra @lemmy.sdf.org

    The CYBFARM awaits, hunter.

  • CYBFARM @lemmy.sdf.org
    z3bra @lemmy.sdf.org

    Signed epochalypse

  • CYBFARM @lemmy.sdf.org
    z3bra @lemmy.sdf.org

    Security Mod

  • Selfhosted @lemmy.world
    z3bra @lemmy.sdf.org

    Remote storage solution ?

  • Programmer Humor @lemmy.ml
    z3bra @lemmy.sdf.org

    Wake up, Neo ...

  • Selfhosted @lemmy.world
    z3bra @lemmy.sdf.org

    Parsing RFC3164 logs for Grafana

  • OpenBSD @lemmy.sdf.org
    z3bra @lemmy.sdf.org

    Custom keyboard layout

  • Linux @lemmy.ml
    z3bra @lemmy.sdf.org

    Chimera Linux

    chimera-linux.org
  • OpenBSD @lemmy.sdf.org
    z3bra @lemmy.sdf.org

    USB tether (urndis(4)) not working

  • OpenBSD @lemmy.sdf.org
    z3bra @lemmy.sdf.org

    Wayland on OpenBSD

    xenocara.org /Wayland_on_OpenBSD.html
  • Linux @lemmy.ml
    z3bra @lemmy.sdf.org

    Anyone still using Sailfish OS ?

    sailfishos.org
  • Selfhosted @lemmy.world
    z3bra @lemmy.sdf.org

    Yggdrasil as a VPN alternative

    yggdrasil-network.github.io
  • OpenBSD @lemmy.sdf.org
    z3bra @lemmy.sdf.org

    Limit outbound SOCKS proxy requests with pf