Okay, so if that's your actual DNS Server, can you confirm that it works? dig @yourdns debian.org, for example. Afterwards try to use the default DNS of your system dig debian.org. If both works, your DNS config should be fine. Try a curl debian.org -v too.
debian.org is just a random domain for this, use whatever you want. I don't see anything badly configured so far.
Okay, no external software for DNS management present here. Is that ip a working DNS Server? Is it your server itself perhaps?
From the output, you don't have any routing rules for your machine that block outgoing traffic. The dig command confirms that you can talk to servers. 9.9.9.9 is a common DNS Server. Based off of this, it seems like your problem is that your system has a bad DNS configuration (it's always DNS).
Can you parhaps cat /etc/resolv.con? This file normally contains the used DNS servers for Linux systems, unless using special software.
Can you dig @9.9.9.9? If so, its certainly DNS. If it's not DNS, perhaps try to check your iptables iptables -L && iptables -t nat -L.
Good news, hope the Turks get that idiot out of the office.
Sounds pretty good! I use jellyfin, so regular music players are not really needed for me most of the time (that is everything except downtime), but when still on the local side, I too found Elisa not to have the full experience
I'm on vacation. No working. Well, actually I was doing a ton of Selfhosting stuff (migrating my homeserver to proxmox, now at a usable level), but also video games.
The wordle-analyzer will have to wait until next week, and until I can fix my lifetime compiler errors in the latest commit, and before that: Until I fix my forgejo server that refuses to start after updating the server kernel.
Good to hear, I've only been in the Linux World for a few years myself, but I was very surprised too. Through I don't think that using cp is any different in terms of creating boot records and a partition table.
Why would you count Rufus and balena etcher not trustworthy? Sounds like you're to deep in the paranoia, which I completely understand, but gets just impractical "Man yelling at cloud" depending on how deep you are.
dd is just another program too, why trust dd? Linux is just another Program too, why trust Linux? And so on. You can audit every (OSS) Program if you want in theory, but let's be real, no one does that because time is better spent elsewhere.
Company: Here is a security vulnerability in your OSS project, please fix our production is vulnerable.
Random Guy working on OSS library in his free time: Sure, I have some time next month.
Random Guy works full-time, has a family and friends. Random Guy is not your supplier and has no obligations and warranties WHAT SO EVER, even implied. That's what the license of his project says.
If Company wants it fixed, they better allow him to work full time on it, or pay part time work. Or they pay someone else to maintain Project and send the changes to Project so Random Guy can take a little look and merge if he feels like it. Random Guy won't just merge company code and be done with it, more code in a codebase needs to be maintained now after all.
This also works with features of course. The time of Random Guy is valuable and if Company wants Random Guy to work on something they use, they'd better pay good money for that time.
Why not keep the work of the other guy that Company paid in house? Because now you have to maintain an own project that is not anymore the maintained by some volunteer sparing his free time with it. That costs €€€ too, especially if Project gets new features.
Company: Here is a security vulnerability in your OSS project, please fix our production is vulnerable.
Random Guy working on OSS library in his free time: Sure, I have some time next month.
Random Guy works full-time, has a family and friends. Random Guy is not your supplier and has no obligations and warranties WHAT SO EVER, even implied. That's what the license of his project says.
If Company wants it fixed, they better allow him to work full time on it, or pay part time work. Or they pay someone else to maintain Project and send the changes to Project so Random Guy can take a little look and merge if he feels like it. Random Guy won't just merge company code and be done with it, more code in a codebase needs to be maintained now after all.
This also works with features of course. The time of Random Guy is valuable and if Company wants Random Guy to work on something they use, they'd better pay good money for that time.
Company: Here is a security vulnerability in your OSS project, please fix our production is vulnerable.
Random Guy working on OSS library in his free time: Sure, I have some time next month.
Random Guy works full-time, has a family and friends. Random Guy is not your supplier and has no obligations and warranties WHAT SO EVER, even implied. That's what the license of his project says.
If Company wants it fixed, they better allow him to work full time on it, or pay part time work. Or they pay someone else to maintain Project and send the changes to Project so Random Guy can take a little look and merge if he feels like it. Random Guy won't just merge company code and be done with it, more code in a codebase needs to be maintained now after all.
This also works with features of course. The time of Random Guy is valuable and if Company wants Random Guy to work on something they use, they'd better pay good money for that time.
Company: Here is a security vulnerability in your OSS project, please fix our production is vulnerable.
Random Guy working on OSS library in his free time: Sure, I have some time next month.
Random Guy works full-time, has a family and friends. Random Guy is not your supplier and has no obligations and warranties WHAT SO EVER, even implied. That's what the license of his project says.
If Company wants it fixed, they better allow him to work full time on it, or pay part time work. Or they pay someone else to maintain Project and send the changes to Project so Random Guy can take a little look and merge if he feels like it. Random Guy won't just merge company code and be done with it, more code in a codebase needs to be maintained now after all.
This also works with features of course. The time of Random Guy is valuable and if Company wants Random Guy to work on something they use, they'd better pay good money for that time.
I didn't really consider that there are feeds for such things, especially for my distro(s). Embarrassing, but it means you helped making me safer!
I'm now subscribed to the Debian security list, seeing as all my servers run Debian. I just had unattended upgrades with Mail logs before.
It is really informative! Spread the word.
Same for me. Ventoy is pretty amazing and keeps most of my isos on it. Sadly, sometimes it's not capable of doing the job, for example when I installed proxmox (based on Debian 12) this week, ventoy couldn't do it. Apparently this is a known issue in ventoy.
But yeah, for most isos, ventoy is the way of you install OSes somewhat often, as it contains partition layouts and boot records regardless (I think).
At break with coworkers today, I mentioned learning Japanese since a bit over a year now. I was then asked to say something in Japanese, but I couldn't really think of anything good.
On my way home, I formulated a little something that I could say the next time I get asked:
「今月に桜が綺麗です。」
Do any of you have such default sentences, and if so, what are they?
Edit: Wikipedia has the following as an example:
「太陽が東の空に昇る。」
The comment itself is still fully visible, which is especially annoying for longer comments. This changed after the update.
I've looked for an option to disable but haven't found it. If it's not an option, it would be good to add that option, otherwise I might just not see it?
Solution: An option for this exists. See comments if you can't find it.
Hello fellow rustaceans! Recently, there was a thread about how we can grow this community (how can I link to posts across servers?), where I already talked briefly about this topic, saying that I did not know if it is worthy of a full post here, as most things seem to be pretty professional looking links to talks and blogs. I've gotten some encouragement to post it, so here we go:
When to use a library instead of a CLI
I'm working on a little project called Autcrate in my free time, which aims to streamline the release and publishing process (what exactly it does isn't really important for this discussion). Autocrate uses git to get the path of the current repo, tags and pushes releases, generates a change log from commits and so on.
Up until a week ago, I was just using the git2 library crate, which offers the functionalities of libgit2 for rust. While good, using this crate is much more complicated than for example just executing git push from my program using std::process::command. I am only using the porcelain functionalities of git (as of now), so all functionality could be achieved by calling the CLI interface.
Question
When is it acceptable to use CLI Commands instead of using libraries provided for that same software?
Is it generally better to use API/ABI from libraries, or is it maybe even better to use the CLI interface, reducing the list of dependencies?
Pro and Con of using Commands instead of libraries
| Pro | Con | |----------------------------------------------------------------------|------------------------------------------------------------------| | Reduces the dependencies of a crate | Adds a dependency that cannot be tracked by cargo | | Much easier to program for developers | The CLI interface is not versioned and might break in the future | | Documentation of the CLI interface is often better than of libraries | Bad usage of command cannot be detected at compile time | | Cli program might not be available depending on architecture or platform ||
(this is of course not an exhaustive list. I will edit it if something comes up in the thread.)
Edit
Alright then. Thank you for your answers. While using the git CLI would probably be fine, since it's very stable and available on most systems (especially those for CI/CD), it might change and is at best hacky. I'll be doing the "right" thing and use libgit2 instead of just calling CLI commands.
PlexSheep @feddit.de Informatik Student, lerne 日本語, Strategiespiele
Migrated to PlexSheep@infosec.pub due to feddit.de having various errors for a longer period now.