Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)H

HelloRoot

@ HelloRoot @lemy.lol

Posts
1
Comments
747
Joined
1 yr. ago

  • DepthSight - a self-hosted, federated algorithmic trading platform with a visual strategy builder (AGPL)

    Jump

  • ew why are you so toxic and arrogant?

    I wanted to upvote you, cause I am not psrt of the anti-ai mob, but then I read you last sentence and the rest of this thread and holy fuck are you unlikable and unbearable.

  • What's the fundamental difference between sudo and doas ?

    Jump

  • "better" always depends on the usecase

    I use sudo cause it's less hassle and I just want to use my pc without the OS being in the way.

    If you want security: ofc. doas.

    But if your goal is tinkering, then you can switch anytime anyway, so try all the options.

  • What's the fundamental difference between sudo and doas ?

    Jump

  • The list of functional differences is too long to write here. I'm sure you can ask some llm to do the google search for you and it will shit out an ungodly amount of differences.

    But I'd say roughly they are about:

    • how you configure it (sudo has a much more complex and expressive syntax, doas needs many more lines for the same result)
    • how it preserves env variables (sudo has more options for that, it excludes some by default while keeping others and can spawn subshells differently with -l -i)
    • how it does persisting authorization over some period of time :

    doas on OpenBSD caches via a kernel API.

    The slicer69 portable doas port has no persist on Linux/FreeBSD - you re-enter your password every invocation.

    OpenDoas implements persist via timestamp files, similar to sudo but with fewer tuning options.

  • How do you protect a remote backup from a compromised account?

    Jump

  • OP asked:

    How can you grant access to an account to write remotely, but also protect the data from this account?

    So I was thinking that the account should not be able to delete the filesystem in an unrecoverable way. Like overriding the current fs with random data or an encrypted fs and filling it etc.

    Like I said on a Hetzner storage box, multiple users get access to the same system, but each one only has file editing commands, not fs editing and they can only access their assigned directory. So if the system does scheduled snapshots (outside of that user's scope of access) there is no way for a user to delete the files beyond recoverability. (no matter if their own files or other users files).

    The user can still delete their own data. But because the fs is cow with snapshots (like btrfs) and they can not touch that, the data can be recovered easily.

  • How do you protect a remote backup from a compromised account?

    Jump

  • Are they? I thought they only write/modify/delete data to the fs, not change the fs itself.

  • How do you protect a remote backup from a compromised account?

    Jump

  • I think you could do it somewhat like hetzner does for their storage boxes. You get an account that has read and write access to a directory and nothing outside. The accound can only run a limited set of commands, like ls, cat, nano, rsync etc. but has no access to commands that modify the filesystem.

    Then you can use a copy on write fs like btrfs and make scheduled staggered snapshots.

    I usually do 1x per year, 1x per month of current year, 4 per week of current montg, 7 per day in current week.

    I have no clue what they use to limit the user accounts like that btw. but maybe that gives you a new jump off point for further research.

  • Removed

    The Death of Traditional VPNs: How DPI Firewalls Use Machine Learning to Fingerprint Your Traffic

    Jump

  • You've posted this AD to your SaaS offer multiple times now. Please stop the spam.

  • Remote Tech Support services?

    Jump

  • Rustdesk is what I use for tech support for my family. By default it uses the rustdesk official server for the handshake and holepunching or whatever, but you can also selfhost your own if you want to.

    But I want to migrate to some kind of hardware web kvm like nanokvm, cause sometimes their pc doesn't boot and walking them through bios settings over a shaky videocall is a nightmare.

  • The Year of Linux

    Jump

  • A lot of chinacrap on amazon had that for decades.

    Saw it for all kinds of normal USB gadgets. Absolutely meaningless label.

  • Software Is Not A Single-Player Game

    Jump

  • That aesthetic made me vomit.

  • what is the intuition behind the window functions in sql?

    Jump

  • Think of window functions as a two-layer operation:

    Layer 1: Produce all the rows (FROM, WHERE, GROUP BY, HAVING)

    Layer 2: For each row, peek at its "neighborhood" (partition) and compute something

    The result of Layer 2 is just another column added to each row. Nothing collapses, nothing gets removed. You just get extra computed values based on context and that context is what PARTITION BY, ORDER BY, and the frame clause define.

  • How to run a Flatpak Terminal without internet permission?

    Jump

  • portmaster can turn off internet for a specific app, but even better it can block specific domains

    actually just putting the website domain (with local ip or something) into hosts file will be enough

  • Quality gate as a solution?

    Jump

  • Thats pretty much how the company I currently work at does it.

  • Multi-material joints

    Jump

  • I think the interface will be difficult to print. If the underside is smooth, the non sticking material might not stay in place. If the underside is rough ... well then you have a joint with at least one rough spot in it's rotation. Thats just from thinking about my experience with using pla with petg supports (and vice versa) so it may be better than I expect. Depending on the usecase, I think it might work.

    But I think it's easier to print a joint in place from a single material and then "snap" it so it moves. Or design something where you print the parts seperately and then assemble.

  • OSM mapping with a small revenue?

    Jump

  • I don't think so.

    Probably best you can do is make a blog, a youtube channel or something like that and set up donations.

  • Doorbell Camera / NVR (post Unifi)

    Jump

  • I have an alcatel lucent switch from the 90s

    It's been running 24/7 for 25 years in some companys rack and now it runs for 10 in mine.

    Got it for 30$ on ebay (and a second one for 20 as a backup)

  • What's the current reliable password manager?

    Jump

  • i use syncthing for syncing my keepass files

  • Doing nothing at work

    Jump

  • Proton is funding the French far right on YouTube

    Jump

  • Thanks for pointing out the detail, I didn't know that.

    But I don't see how that changes the situation. He got funds through the affiliate link. From Porton. Sounds like funding to me.

  • LocalLLaMA @sh.itjust.works
    HelloRoot @lemy.lol

    I Put a Datacenter GPU in My Gaming PC for £200

    blog.tymscar.com /posts/v100localllm/