LACT 0.5.3 Released For Managing AMD Graphics Cards Under Linux
LACT 0.5.3 Released For Managing AMD Graphics Cards Under Linux
LACT is a graphical tool for AMD Radeon information reporting, GPU overclocking, fan control, power/thermal monitoring, and additional power state configurations.
v0.5.3 adds support for displaying the current graphics clock "current_gfxclk", information around GPU throttling is now reported, improved fan control for older GPUs, improved fan curve point adjustments, many bug fixes, and other enhancements.
Separate daemon & GUI processes... Permissions aware... Modular installation of modprobe config... It looks like the author understands the basics of designing a tool like this. Nice.
I have a couple of reservations from a security perspective, though:
- The daemon and GUI are the same executable, which means a lot of complexity in the binary that runs in a privileged context. I would suggest splitting the daemon into a separate, minimal binary.
- 268 dependencies might be tough for some people to swallow.
Wow I when you said 268 dependencies I figured JavaScript was involved…
Is the culture of Rust/Cargo getting as bad as JS/NPM these days or is this developer just using an insane amount of dependencies? I don’t have any experience working with Rust so I’m genuinely curious. I stay away from JS in part due to the insane amount of dependencies every non-trivial project has.
I’ve built projects in many languages and other than a few JS/React/ReactNative projects which seem to have unavoidably massive node_modules folders, I’ve never had more than maybe 10 dependencies in a project ever…
Is the culture of Rust/Cargo getting as bad as JS/NPM these days or is this developer just using an insane amount of dependencies?
From a quick glance through the files, I see maybe a couple dozen direct dependencies. That's not what I would call conservative (especially for a privileged daemon) but the bulk of those hundreds seem to be sub-dependencies.
I've seen similar in the other Rust projects that caught my attention. I suppose this is a predictable result of Rust's Cargo culture: When pulling in other people's code is convenient, automated, and normalized, it tends to happen a lot, and the transitive nature of dependencies amplifies the effect.
So even a small project can easily include code from hundreds of random people other than the author, with practically no accountability, as we see here. And since it's a long tail of small and often obscure projects, rather than a handful of well-known ones like a standard library, there is little hope of meaningful auditing.
There also seems to be a culture of statically linking all those dependencies. That means security patches will never reach a user through OS updates, and with so many dependencies involved, chances are slim that every upstream vulnerability will be patched on the user's machine soon after it's discovered (if ever).
I would find Rust more appealing if it had a standard library (and maybe a few high-profile well-maintained external libs) comprehensive enough to cover most needs, and if the tooling and culture encouraged minimizing dependencies. I think the former might develop with time. I fear the latter might not ever appear.
Is the culture of Rust/Cargo getting as bad as JS/NPM these days
Thanks for saying it.
When I see some rust projects, they looks like they where managed by JS devs (“1 need, 1 package”) that want to do compiled language… The amount of dependencies can be utterly insane.
For me, it mostly means rust have a strong package system, not that rust have good devs.
I’m doing Python at work and you have to use a many pypi package for financial reasons (yet, I restrict myself as much as possible), but seeing this mindset is scope specific open source project is crazy.
All of this does not means all rust (or JS) devs are bad, its just a consequence of bringing code to the masses: Its a good thing in many way. Lets acknowledge this and not being impressed by badly engineered dependency choices.
I've had pretty good luck with radeon-profile. I'll have to give this one a go
I undervolted my RX 6700XT using Corectrl. While the tool is good overall, it makes no sense for Gamescope-SteamOS-like setup with Bazzite, so I did something absolutely disgusting and run it in the background using xvfb. Now looks like I can replace it with something far more suited to my needs. Can’t wait to test it
Been using it for about 2 months, it's worked flawlessly so far. A little bare bones, but that's fine, it does everything I need it to.
Is this able to maintain its profiles between reboots? I use amd-clocks as its low profile set and forget unlike corectrl which would need to launch its ui each boot and ask for polkit auth
Yes, it maintains its config across reboots, it uses a systemd daemon that handles the backend. On most distros it should just work automatically, but if not you can edit the config.yaml file to set up your permissions there.
It's great software. I'll have to try editing the permissions because on Tumbleweed it only works when run as root. It complains that the service isn't running as a user.
Also, I noticed that series 7000 gpus have serious problems under the most recent stable kerne when using an egpu setup. LACT shows that they cannot draw enough wattage, so they never get up to speed. Older gpus work fine.