cyclohexane

Ever had a question about Linux but felt too afraid to ask? Well now's your chance, ask any question about Linux, no matter how noob or repeated it is, and I and others will help answer them.

Previous noob question thread: https://lemmy.ml/post/14261893

There are a couple I have in mind. Like many techies, I am a huge fan of RSS for content distribution and XMPP for federated communication.

The really niche one I like is S-expressions as a data format and configuration in place of json, yaml, toml, etc.

I am a big fan of Plaintext formats, although I wish markdown had a few more features like tables.

I'm looking into hosting one of these for the first time. From my limited research, XMPP seems to win in every way, which makes me think I must be missing something. Matrix is almost always mentioned as the de-facto standard, but I rarely saw arguments why it is better than XMPP?

Xmpp seems way easier to host, requiring less resources, has many more options for clients, and is simpler and thus easier to manage and reason about when something goes wrong.

So what's the deal?

I'm looking into hosting one of these for the first time. From my limited research, XMPP seems to win in every way, which makes me think I must be missing something. Matrix is almost always mentioned as the de-facto standard, but I rarely saw arguments why it is better than XMPP?

Xmpp seems way easier to host, requiring less resources, has many more options for clients, and is simpler and thus easier to manage and reason about when something goes wrong.

So what's the deal?

Whether you're really passionate about RPC, MQTT, Matrix or wayland, tell us more about the protocols or open standards you have strong opinions on!

Given the extistence of technologies like Monero and SimpleX chat, I wonder if it is possible for a truly anonymous content sharing platform to exist? And does it?

Use cases:

• sharing pirated content without a link back to you
• journalists or political activists not wanting to be found or caught by a government

The platform should not allow the following to know the details of what you do on this platform:

• users on the platform: should not know the identity of a poster unless they disclose it
• the host of the platform: should not know which content belongs to who, or be able to deduce it via traffic logs
• Intermediates like the ISP, DNS, or your router should not be able to link any content to you. However it is okay if they know that you use the platform at all, just not what you do with it.

Does something like this exist?

I thought I'll make this thread for all of you out there who have questions but are afraid to ask them. This is your chance!

I'll try my best to answer any questions here, but I hope others in the community will contribute too!

Curious to know the coolest things you achieved by configuring your kernel. I know kernel config can be boring, but I'm hoping someone will have an impressive answer.

For me I have a very lightweight kernel that runs wayland on nvidia without any issues to date.

I'll start with mine. yes part of this was to brag about my somewhat but not too unusual setup. But I also wanna learn from your setups!

Anyways: I primarily use Gentoo Linux.

I have two headless servers: a Raspberry Pi 4B and a Oracle cloud VM (free tier). Both running OpenRC, and both were running mainline kernel with custom config (I recently switched the Pi to PiFoundation kernel due to some issues). The raspberry pi boots from SSD and has no sd card inserted.

Both servers were running musl libc instead of glibc for a while. This gave me a couple of random issues, but eventually I got tired and switched back to glibc.

I have a desktop running gentoo and a laptop running arch, but hoping to switch the laptop to gentoo soon.

Both are daily driving wayland (the desktop had nvidia card and used for gaming). The desktop is running a kernel with a minimal config that compiles in 2-3 minutes.

What's your unusual setup like?

I am looking to contribute to striker funds, if possible. I am located in the US, hence why I choose it.

I am hoping for striker funds that would be effective enough to make change. In other words, they may be the last thing a group of workers needed to decide to strike.

I am hoping the fund is efficient in managing its funds, rather than a significant fraction going to administrative costs. Very preferred if the fund's financials are fully transparent.

Any recommendations?

Tiling window manager users: how exactly do you use yours?

Do you have advanced keybindings for bringing up frequently used programs?

Are there less common layouts you use frequently?

Do you use any advanced or fancy features?

Context

I want to host public-facing applications on a server in my home, without compromising security. I realize containers might be one way to do this, and want to explore that route further.

Requirements

I want to run applications within containers such that they

• Must not be able to interfere with applications running on host
• Must not be able to interfere with other containers or applications inside them
• Must have no access or influence on other devices in the local network, or otherwise compromise the security of the network, but still accessible by devices via ssh.

Note: all of this within reason. I understand that sometimes there may be occasional vulnerabilities, like in kernel for example, that would eventually get fixed. Risks like this within reason I am willing to accept.

What I found so far

• Running containers in rootless mode: in other words, running the container daemon with an unprivileged host user
• Running applications in container under unprivileged users: the container user under which the container is ran should be unprivileged
• Networking: The container's networking must be restricted. I am still not sure how to do this and shall explore it more, but would appreciate any resources.

Alternative solution

I have seen bubblewrap presented as an alternative, but it seems like it is not intended to be used directly in this manner, and information about using it for this is scarce.