1
point
isodude
Joined 299 karma
- isodudeWhen will Cloudflare actually split into several totally independent companies to remedy that they bring down the Internet every time they have a major issue?
- This did not age well!
- I am trying to build a local setup where I spawn dockers (fetched via skopeo) as systemd-nspawn machines in userland (rootless), with network managed by a service that uses netkit devices to setup network in their empty network namespaces. I am looking at using Sommelier to manage wayland.
The end goal is to have a laptop with an easy way to build lab environments which is secure and rootless.
- Is it though? I would imagine the person wanting to change instead being forced. Where would you draw the line?
- Only give positive feedback when they are doing the thing you want them too. Absence of positive feedback is as effective as negative feedback, with the positive effect of extracting the change you want instead of placing the change upon the person.
- I think that pledge[0] offers that functionality
- A nice thing I found is that if you do (which I see they did not in the examples)
you can do# ProtectSystem=
And essentially just including the binary and the path you want available. ProtectSystem= is currently not compatible with this behavior.TemporaryFileSystem=/:ro BindReadOnly=/usr/bin/binary /lib /lib64 /usr/lib usr/lib64 <paths you want to read>EDIT: More info here: https://github.com/systemd/systemd/issues/33688
- From the West here, but anyway.
> But the cultural stigma? Folks just call it laziness or blame "village people" (supernatural enemies).
Funny, my daughter just stops my explanations after circa one minute, abruptly, saying that her brain just does not listen anymore and there is no reason for me to continue. Which is blunt, but kind. I understand and stop talking, that's that. We can do that since we know our limits, I would assume that Africa in general is more attuned to accepting people as they are? For my daughter it makes a world of difference that she can communicate her ADHD symptoms. The medication are there to make ADHD people behave like "normal" people, but acceptance in the other direction could quite helpful as well.
With some luck and effort you can have some effect with diet. It would be nice to see a graph between the rise of white flour and the amount of ADHD in the world. I would love to step off medication, but it's not doable without switching to sufficient combination training and good diet, I have neither now :) As they point out in the article it can be great to find out your vitamin levels to address shortage.
> These types of complex carbohydrates are less likely to spike your blood sugar levels and help keep you feeling fuller for longer, which may help improve your focus and attention.
> By avoiding simple carbohydrates, like sugar and white flour, you may reduce specific ADHD symptoms. [0]
I just finished fixing my bike (Suntour Perfect) and have started taking it on smaller trips, hopefully that will be _my_ way to a more stable day to day. [1]
[0] https://add.org/adhd-diet/
[1] https://i.ebayimg.com/images/g/NxQAAeSwpg1odZbS/s-l1600.jpg (about the same bike)
- My first initial thought when I saw the game: spaceword golf.
Like any golf, you start with the smallest square possible and increase it with each level. You get less points for how perfect the the square is.
- There should exist something like memtest86, but for S3 and S0, that you can run on the laptop to identify hardware that do not suspend properly.
- TL;DR pull the the plug from the laptop _before_ closing the lid. That way it will not be sleeping thinking it got power from the wall.
- I only found out last week!
Was not aware that vixie cron was first released 1987(https://github.com/vixie/cron/blob/master/Documentation/Chan... 1.md), and still has fresh commits.
- Actually it does, have a look at cronnext
- Horrid, but this works.
But at least it allows me to write it without declaring a variable first.&([]bool{true}[0]) - AFAIK Wireguard will always listen in the default namespace, thus you need to isolate everything else. A fun way of doing it though is to do an ip rule that uses the VRF table, and matches on the user id. That way all traffic from certain users will always end up in the same routing table. You can go further and match on everything except the Wireguard endpoint. With iptables you can MARK the traffic you want to be differently and then catch that traffic with ip rule.
- Look here: https://jerryxiao.cc/archives/1004
Yes, it's eBPF but the solution is quite neat to be honest. And you can integrate it into systemd units.
- I saw a github project that tries to make wireguard+netns more easy to setup: https://github.com/kalken/eznetns
- You can also mitigate this by placing the VPN interface in a VRF on Linux. I.e. systemd-networkd have support for doing that out of the box. One thing to watch out or is that when enabling VRF, the ip rule entry for l3mdev is listed as 1000 but rule for local traffic is listed as 0, the local rule should be moved to 1000+.
- Actually, if you take a peak in to the wifi logs on the asus mesh node, you might see that it freaks out and restarts the wifi service. There's a tail mode that is pretty nice.
Restore to the default settings, make sure you have updated the firmware, and cross your fingers.
