Yeah, I read that manual but it didn’t answer my question.

The big problem is that the arch wiki describes a setup with nested subvolumes first (in a subvolume below @ or whatever your root subvolume is), but then suggests in a tip to use a subvolume directly below the top level subvolume. The limitations mentioned in that manual don’t seem to apply to either setup, as they would prevent swap from working, which is not the case. I have tested both setups and they work fine — or so it seems. I’m worried there is some hidden gotcha I’m missing.

in addition to that, some of those limitations simply don’t apply to my setup, as I only have a single device.

https://tryhackme.com/games/koth

There is also overthewire warzone, a private network simulating the entire ipv4 internet, where any device is fair game for hacking.

It’s bad to brush your teeth after eating.

The reason for that is that when acids are in the mouth, they weaken the enamel of the tooth, which is the outer layer of the tooth,” Rolle says. Brushing immediately after consuming something acidic can damage the enamel layer of the tooth.

Source: https://www.cuimc.columbia.edu/news/brushing-immediately-after-meals-you-may-want-wait

Xplore file browser

It’s trivial to replace the independent pieces of xplore, but it has so many features in one app that I just can’t let it go. It’s got dual pane file browsing, disk usage chart, smb, ftp, and many other cloud storage connections. It also handles many types of compression.

It’s become my main offline music player as well, because it has the simple ability to shuffle a folder of music, which is all I really need.

It can also view installed apps, export them to apk, and view and modify appdata (as non root!).

If you really need Windows, then there is Windows 10/11 Internet of Things, Long Term Servicing Edition.

It’s Windows, for enterprises, without any of the bloat they force upon consumers normally.

It doesn’t even come with the Windows store, but that is trivial to reinstall, like only a single powershell command.

However, freshtomato is another router firmware, that isn’t as feature rich or well supported as opwnwrt, but is focused on supporting broadcom chipsets.

https://www.freshtomato.org/

https://wiki.freshtomato.org/doku.php/hardware_compatibility

I flashed it to my netgear router with a broadcom chipset, it works wonderfully!

Its like people only watched the opening scene and the one in which he murders Allen.

And the business card scene. But yeah, I think a large portion of people didn’t watch the actual movie, and only saw those three clips on youtube (including me).

Progression fantasy

Ventoy. I love it so much, being able to have more than one bootable iso and storage on a usb.

Although, it is slower to boot the more folders you have, since it scans all folders, but this is configurable

I use nix-shell to get the ventoy cli for when I need to install it to a usb stick.

The python3 package should contain the entire python standard library

You are free to use a distro which does not split packages, favorite distro, Arch Linux (btw).

Or, you can install the recommended dependencies of python3. Testing in a container, the python3 package pulls:

root@a72bd55a3c1a:/# apt install python3
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  ca-certificates krb5-locales libexpat1 libgpm2 libgssapi-krb5-2 libk5crypto3
  libkeyutils1 libkrb5-3 libkrb5support0 libncursesw6 libnsl2
  libpython3-stdlib libpython3.11-minimal libpython3.11-stdlib libreadline8
  libsqlite3-0 libssl3 libtirpc-common libtirpc3 media-types openssl
  python3-minimal python3.11 python3.11-minimal readline-common
Suggested packages:
  gpm krb5-doc krb5-user python3-doc python3-tk python3-venv python3.11-venv
  python3.11-doc binutils binfmt-support readline-doc
The following NEW packages will be installed:
  ca-certificates krb5-locales libexpat1 libgpm2 libgssapi-krb5-2 libk5crypto3
  libkeyutils1 libkrb5-3 libkrb5support0 libncursesw6 libnsl2
  libpython3-stdlib libpython3.11-minimal libpython3.11-stdlib libreadline8
  libsqlite3-0 libssl3 libtirpc-common libtirpc3 media-types openssl python3
  python3-minimal python3.11 python3.11-minimal readline-common
0 upgraded, 26 newly installed, 0 to remove and 18 not upgraded.

python3-venv python3.11-venv

I find it odd, because debian does this by default, actually. They account for usecases like yours, and instead you have to edit a config file or use a command line flag to get it to not install recommended dependencies.

I guess someone is super happy they saved a few hundreds kilobytes of disk space though.

Yes. All the people basing docker images off if debian, and trying to get them as small as possible. The splitting up of packages, allows people to only pull in what they need.

What was it? I’m planning to do a nextcloud deployment via helm soon.

What stops companies from having a shell corporation use the code, and then that shell company rents “services” at a very low cost to a large corp?

I’m thinking something of the opposite if what Google does, where Alphabet (““located”” in Ireland) rents the Google logo to Google, allowing Google to say that their revenue is much less than it actually is.

EDIT: After some research, it seems that they stopped doing that: https://www.theguardian.com/technology/2020/jan/01/google-says-it-will-no-longer-use-double-irish-dutch-sandwich-tax-loophole

But a similar scheme being applied to this license does concern me.

That only applies to unstable distros. Stable distros, like debian, maintain their own versions of packages.

Debian in particular, only includes security patches and changes in their packages - no new features at all.* This means risk of breakage and incompatibilitu is very low, basically nil.

*exceot for certain packages which aren’t viable to maintain, like Firefox or other browsers.

https://forgejo.org/compare-to-gitea/

I dunno, some of these are a pretty big deal, in particular:

Gitea repeatedly makes choices that leave Gitea admins exposed to known vulnerabilities during extended periods of time. For instance Gitea spent resources to undergo a SOC2 security audit for its SaaS offering while critical vulnerabilities demanded a new release. Advance notice of security releases is for customers only.

Gitea is developed on github, whereas forgejo is developed on and by codeberg, who use it as their main forge (also mentioned on that page). Someone dogfooding gives me more confidence in the software.

The comparison isn’t quite right because you can use git with any provider (Github, gitlab, etc), including multiple at once.

On the other hand, snap is hardcoded to only be able to use one store at a time, the snap store. To modify this behaviour, you would have to make changes to the snap client source code.

It’s a crucial difference.

What? Github is not open source.

And plenty of people have issues with Github: https://sfconservancy.org/GiveUpGitHub/

their entire hosting site is, itself, proprietary and/or trade-secret software

sn1per is not open source, according to the OSI’s definition

The license for sn1per can be found here: https://github.com/1N3/Sn1per/blob/master/LICENSE.md

It’s more a EULA than an actual license. It prohibits a lot of stuff, and is basically source-available.

You agree not to create any product or service from any par of the Code from this Project, paid or free

There is also:

Sn1perSecurity LLC reserves the right to change the licensing terms at any time, without advance notice. Sn1perSecurity LLC reserves the right to terminate your license at any time.

So yeah. I decided to test it out anyways… but what I see… is not promising.

FROM docker.io/blackarchlinux/blackarch:latest

# Upgrade system
RUN pacman -Syu --noconfirm

# Install sn1per from official repository
RUN pacman -Sy sn1per --noconfirm

CMD ["sn1per"]

The two pacman commands are redundant. You only need to run pacman -Syu sn1per --noconfirm once. This also goes against docker best practice, as it creates two layers where only one would be necessary. In addition to that, best practice also includes deleting cache files, which isn’t done here. The final docker image is probably significantly larger than it needs to be.

Their kali image has similar issues:

RUN set -x \
        && apt -yqq update \
        && apt -yqq full-upgrade \
        && apt clean
RUN apt install --yes metasploit-framework

https://www.docker.com/blog/intro-guide-to-dockerfile-best-practices/

It’s still building right now. I might edit this post with more info if it’s worth it. I really just want a command-line vulnerability scanner, and sn1per seems to offer that with greenbone/openvas as a backend.

I could modify the dockerfiles with something better, but I don’t know if I’m legally allowed to do so outside of their repo, and I don’t feel comfortable contributing to a repo that’s not FOSS.

When syncthing is configured to go both ways (the default), it also syncs any deletions. You can somewhat get around this by something like one way sync, but it’s not really a proper “backup” software.

Personally, I like to treat data synced by syncthing, even between multiple machines, as one copy of the data when I am following the 3-2-1 backup rule*, because syncthing won’t save me from a buggy program deleting all my files or user error, or anything like that.

*See wikipedia for info about the 3-2-1 backup rule.

Discord is adding ads soon. Currently, they don’t enforce the TOS violation of custom clients, but maybe after they add ads, they will begin to do so. I would be very careful with any of this.