Post the Hyprland config too?
Does it make the entire screen green by chance, not just the windows? If the shader applies to the whole screen, then setting alpha on it doesn’t really makes sense and is probably discarded since your monitor can’t display transparency. You need to make sure it applies on a per-window basis for them to be composited as transparent and show your wallpaper behind it.
You might be able to convince Firefox to be transparent with a GTK theme as Firefox uses GTK under the hood for the window. If you’re lucky it won’t bother clearing it with black just in case and it’ll actually be transparent.
The shader option is pretty neat and easy though.
It’s nicknamed the autohell tools for a reason.
It’s neat but most of its functionality is completely useless to most people. The autotools are so old I think they even predate Linux itself, so it’s designed for portability between UNIXes of the time, so it checks the compiler’s capabilities and supported features and tries to find paths. That also wildly predate package managers, so they were the official way to install things so there was also a need to make sure to check for dependencies, find dependencies, and all that stuff. Nowadays you might as well just want to write a PKGBUILD if you want to install it, or a Dockerfile. Just no need to check for 99% of the stuff the autotools check. Everything it checks for has probably been standard compiler features for at least the last decade, and the package manager can ensure you have the build dependencies present.
Ultimately you eventually end up generating a Makefile via M4 macros through that whole process, so the Makefiles that get generated look as good as any other generated Makefiles from the likes of CMake and Meson. So you might as well just go for your hand written Makefile, and use a better tool when it’s time to generate a Makefile.
(If only c++ build systems caught up to Golang lol)
At least it’s not node_modules
Yeah, and you’re pinging from server to client with no client connected. Ping from the client first to open the connection, or set keep alives on the client.
Your peer have no endpoint configured so the client needs to connect to the server first for it to know where the client is. Try from the client, and it’ll work for a bit both ways.
You’ll want the persistent keepalive option on the client side to keep the tunnel alive.
They should be in /run/systemd along the rest of generated units.
It’s just not that good of a metric overall. Not just because it would be easy to fake it, but also because it would inevitably divide into tribes that unconditionally upvote eachother. See: politics in western countries.
You can pile up a ton of reputation and still be an asshole and still get a ton of support from like-minded people.
The best measure of someone’s reputation is a quick glance and their post history.
I think it is a circular problem.
Another example that comes to mind: the sanctions on Huawei and whether Google would be considered to be supplying software because Android is open-source. At the very least any contributions from Huawei is unlikely to be accepted into AOSP. The EU is also becoming problematic with their whole software origin and quality certifications they’re trying to impose.
This leads to exactly what you said: national forks. In Huawei’s case that’s HarmonyOS.
I think we need to get back to being anonymous online, as if you’re anonymous nobody knows where you’re from and your contributions should be based solely on its merit. The legal framework just isn’t set up for an environment like the Internet that severely blurs the lines between borders and no clear “this company is supplying this company in the enemy country”.
Governments can’t control it, and they really hate it.
The problem isn’t even where the software is officially based, it can become a problem for individual contributors too.
PGP for example used to be problematic because US exports control on encryption used to forbid exporting systems capable of strong encryption because the US wanted to be able to break it when it’s used by others. Sending the tarball of the PGP software by an american to the soviets at the time would have been considered treason against the US, let alone letting them contribute to it. Heck, sharing 3D printable gun models with a foreign country can probably be considered supplying weapons like they’re real guns. So even if Linux was based in a more neutral country not subject to US sanctions, the sanctions would make it illegal to use or contribute to it anyway.
As much as we’d love to believe in the FOSS utopia that transcends nationality, the reality is we all live in real countries with laws that restrict what we can do. Ultimately the Linux maintainers had to do what’s best for the majority of the community, which mostly lives in NATO countries honoring the sanctions against Russia and China.
The camera is straight up disconnecting from the USB bus. A bad driver could cause it to get confused and reset itself. And that would be the uvcvideo kernel module, userspace shouldn’t be able to crash the camera.
Since downgrading the kernel didn’t help, and it also doesn’t work on other distros, I’d consider the possibility your webcam just died.
Are you able to make it work on any distro, or even Windows?
Those kinds of problems aren’t particularly new (PGP comes to mind as an example back when you couldn’t export it out of the US), but it’s a reminder that a lot of open-source comes from the US and Europe and is subject to western nation’s will. The US is also apparently thinks China is “stealing” RISC-V.
To me that goes against the spirit of open-source, where where you come from and who you are shouldn’t matter, because the code is by the people for the people and no money is exchanged. It’s already out there in the open, it’s not like it will stop the enemy from using the code. What’s also silly about this is if the those people were contributing anonymously under a fake or generic name, nothing would have happened.
The Internet got ruined when Facebook normalized/enforced using your real identity online.
With Docker, the internal network is just a bridge interface. The reason most firewall rules don’t apply is a combination of:
The only thing that should be affected by the host firewall is the proxy service Docker uses to listen on a port on the host and send it to the container.
When using Docker, each container acts like an independent machine, and your host gets configured to act as a router. You can firewall Docker containers, the rules just need to be in the right place to work.
The sandboxing is almost always better because it’s an extra layer.
Even if you gain root inside the container, you’re not necessarily even root on the host. So you have to exploit some software that has a known vulnerable library, trigger that in that single application that uses this particular library version, root or escape the container, and then root the host too.
The most likely outcome is it messes up your home folder and anything your user have access to, but more likely less.
Also, something with a known vulnerability doesn’t mean it’s triggerable. If you use say, a zip library and only use it to decompress your own assets, then it doesn’t matter what bugs it has, it will only ever decompress that one known good zip file. It’s only a problem if untrusted files gets involved that you can trick the user in causing them to be opened and trigger the exploit.
It’s not ideal to have outdated dependencies, but the sandboxing helps a lot, and the fact only a few apps have known vulnerable libraries further reduces the attack surface. You start having to chain a lot of exploits to do anything meaningful, and at that point you target those kind of efforts to bigger more valuable targets.
The problem with a different spoof for each domain is that this behavior on its own can be used as a fingerprint based on timestamp and IP in access logs.
Hiding among the crowd is probably better, especially since newer versions of Chrome all report the same UA you blend in even more.
You can block them and over time it should get better, or you can write a script that does some checks and blocks them for you.
No, if you deleted the btrfs driver it would simply fail to mount due to the missing driver, if it’s a separate module in the first place. Same with LUKS, if you don’t have the tools or the drivers installed for it, it’ll just not mount it. You’d have to be accessing the drive directly with something like dd to corrupt it.
The error says /home is a symlink, what if you ls -l /home?
Since this is an atomic distro, /home might be a symlink to /var/home.
Docker, Distrobox, Toybox, systemd-nspawn, chroot.
Technically those all rely on the same kernel namespace features, just different ways to use it.
That’s also what Flatpaks and Snaps do. If you only care about package bloat, an AppImage would do too but it’s not a sandbox like Flatpak.
Counter argument to that is, it would suck to be unable to reinstall your OS because it can’t load a text file.
And time moderating it, especially if they run their own. At least with Twitter/Facebook/YouTube, you get a lot of moderation for free whether you agree with it or not.
And if they use another instance, there’s other liability questions about the particular instance to choose. If they’re gonna represent an official city account, you’d expect some cybersecurity certifications to be a requirement and all kinds of stuff, even if it’s a free service. The instance admins interfering, possibly steering opinions during city elections, etc.
In this case IMO it might even be better to use something like Wordpress with the ActivityPub plugin, or alternatives to that. I imagine a city mostly posts announcements and stuff, so a blog that serves as both an official website and you can follow and interact with it from the comfort of your preferred social service sounds a lot more appealing than just another social media without that many users. Can even use more plugins to post to Facebook and Twitter as well, all from one place. Given the age of the board, they’re also more likely to know and care about Threads and Bluesky compatibility just because they have more users, and bureaucratic decisions are based on numbers. A nice graph showing if they join the fediverse they capture all the users fleeing Twitter by supporting AP and AT.