Sure, someone helped me setting up a script to share the wl socket between namespaces so I can run GUI programs in isolated namespaces, and if you look at this post you can check the namespaced-openvpn; also check vole's answer if you want to run GUI programs
Thank you for summarizing it up
I've been using network namespaces in Linux where each one also use a different user; this way you can have multiple profiles of apps separated not only by permissions but also by the VPN connection that is the only route out
So you can have a connection that will supply your favorite iso sharer, a VPN connection to work, all unaware of each ot
I still haven't figured how to make GUI media applications work on them though
I'm using task switcher with Recently used sort order, but I still feel unsure if it's the same behavior
I didn't know memes could smell like they're old through the screen until I saw this one
Google logo before Corporate Memphis bullshit and the dude using a feet to hold his cup of tea just like the classical antiquity raptor, it's just perfect
It seems that a namespace only has access to process that originates inside itself
systemctl --user list-units
Failed to connect to bus: No medium found
as we can see, the same user doesn't have access to other processes so we would need to duplicate every process above the namespace until we could acess the media
would duplicate of everything - pulsewire, dbus, etc - even work ?
I have created a network namespace to separate connections through a VPN, and it runs as the same user account as I use for everything else; however, it is not able to play music/use microphone
inside the namespace:
```
aplay -l card 2: Generic_1 [HD-Audio Generic], device 0: ALCS1200A Analog [ALCS1200A Analog] Subdevices: 0/1 Subdevice #0: subdevice #0 card 2: Generic_1 [HD-Audio Generic], device 1: ALCS1200A Digital [ALCS1200A Digital] Subdevices: 1/1 Subdevice #0: subdevice #0
arecord -l
card 2: Generic_1 [HD-Audio Generic], device 0: ALCS1200A Analog [ALCS1200A Analog] Subdevices: 0/1 Subdevice #0: subdevice #0 card 2: Generic_1 [HD-Audio Generic], device 2: ALCS1200A Alt Analog [ALCS1200A Alt Analog] Subdevices: 1/1 Subdevice #0: subdevice #0 ```
I also tried running as another user, but the effect is the same, which is why for simplicity I resorted to using the same user that can play/record normally
what should I look for in configuring it ?
you install program A, it needs and installs libpotato then later you install program B that depends on libfries, and libfries depends on libpotato, however since you already have libpotato installed, only program B and libfries are installed The intelligence behind this is called a package manager
In windows when you install something, it usually installs itself as a standalone thing and complains/reaks when dependencies are not met - e.g having to install Visual C++ 2005-202x for games, JRE for java programs etc
instead of making you install everything that you need to run something complex, the package manager does this for you and keep tracks of where files are
and each package manager/distribution has an idea of where some files be stored
You can freely manipulate NTFS in Linux. Just make sure your distribution has, after kernel >=5.15, enabled it, otherwise you may need to install the ntfs-eg driver. Other than that, Ach Wiki has info that may help you on any distro:
https://wiki.archlinux.org/title/NTFS
I have done something similar to what you want to do, just needed the ntfs-3g driver installed and "Disks" (gnome disks) application would mount/read/write the disks as usual
You can configure this behavior for CLI, and by proxy could run GUI programs that require elevation through the CLI:
https://wiki.archlinux.org/title/Sudo#Using_visudo
Defaults passwd_timeout=0(avoids long running process/updates to timeout waiting for sudo password)
Defaults timestamp_type=global (This makes password typing and it's expiry valid for ALL terminals, so you don't need to type sudo's password for everything you open after)
Defaults timestamp_timeout=10(change to any amount of minutes you wish)
The last one may be the difference between having to type the password every 5 minutes versus 1-2 times a day. Make sure you take security implications into account.
Timeshift, make sure to "include hidden files" to recover any configuration for desktop environments
After a few mess ups, you may find yourself not needing to backup everything, only the file(s) that messed up, and that's still a good thing to have Timeshift for
IP is like an address to a big skyscraper where a company operates. You are the delivery man and must go to 201.154.76.19 and deliver something. When you get at the reception, you tell them you have a package to deliver to Mrs HTTPS, at room (port) 443. Since Mrs HTTPS is well known and has cleared your entry before, you're allowed to enter this room and only this room.
If you were to get at the same address and try to access other rooms you would either get refused because they are closed, or if open, someone would specifically need to be in the room so you can deliver something
Malicious actors that wanted access to the building could try to disguise their deliveries and enter the building, that's why the default policy of most firewalls is "reject" and you specifically need to open a port and have a program listening to it if you want incoming connections.
Arch is having internal discussions to increase it. Might be something upstream may adopt if all major distributions end up increasing it.
Also known as (close) to max signed int32
In theory your RAM size / 2MB would be a sane custom value for your system, as 2 MB seems to be the smallest heap size allocated each time Take this info with a grain of salt as I saw this value in a x86-64 Assembly guide and it may vary between different architectures/systems/situations
Used to be messing with kernel arguments and installing/tweaking boot parameters. That was until Grub broke, I learned systemd-boot and chrooting into the system via live USB
Now if I break anything it's just a matter of "sigh, let me get the USB and type a few commands"
After the initial learning curve when starting in Linux to solving advanced problemas that may or may not occur (will depend on Nvidia/exotic hardware/DE updates), you find it's easier to solve these because there are questions and answers in the internet, than finding another way to remove Edge, Cortana and restore the look and feel of windows 7 after every major update in windows
Mind sharing whhich situations would a timecard be useful ? Probably something that requires enhanced time precision, I just can't figure it out
Depends on config, ArchWiki recommends optmizing some sysctl values to take advantage of it
it generally starts kicking in after >60% RAM usage even with this config
These updates land on testing quickly, however due to the several packages updated at once, they all need to be tested by volunteers, and only when all of them are signed it's pushed out of testing
I have 2x PCIe X16 and 1x PCIe 1x slots that are not being used. Given that Linux has extensive hardware support, there are probably users with interesting PCI card usages
Aside from traditional usages like network/wireless/bluetooth/sound that can easily be used as USB (or built in advanced sound support in the MOBO), what are your use cases with PCIe?
Considering it's almost always 30°C+ 60%+ RH at least half of the year where I live, yes
Refrigerating them increases their shelf life significantly in these conditions
It's probably less effective in other cooler and drier climates
I was wondering if anyone else has had luck configuring SVP with MPV on wayland (AMD). I followed the archwiki https://wiki.archlinux.org/title/Mpv
This is ~/.config/mpv/mpv.conf
``` autofit-larger=100%x100% hwdec=auto-copy profile=svp vf=format=fmt=yuv420p
[svp] input-ipc-server=/tmp/mpvsocket # Receives input from SVP hr-seek-framedrop=no # Fixes audio desync watch-later-options-remove=vf # Do not remember SVP's video filters no-resume-playback ```
When SVP takes control of the video it pauses and never gets playing again
mpv stdout shows (pause) for a single sec, then proceeds normally, but the video stays frozen
``` [autoconvert] Converting nv12 -> yuv420p AO: [pipewire] 48000Hz stereo 2ch floatp VO: [gpu] 3840x2160 yuv420p
```
SVP has no option to control the video at all; it just says "playing whatever at 60fps"
Through amdgpu_top several modes are available, with 1440x3440@159.96 being the preferred
however after turning on/off the display, it reverts to 144hz
how can I make 160hz the default ? kde settings shows "A new output has been added. Settings have been reloaded" when this happens; and the previous 160hz is saved "for any display arrangement"
radeon vega cezanne wayland kde
I'm getting a bug where left clicking a program open in the task manager triggers opening another instance of the same program instead of raising/focusing in the already opened window. This didn't happen using X11. It's not the behavior configured for the left click; a recently started session works fine. The only way for it to go away without restarting is entering Plasma's edit mode and exiting it - then task manager behaves ok for a while. How can I trace what causes this ? I tried checking journalctl for criticial errors or logs when I click and this behavior happens but couldn't find anything relevant
Plasma5, wayland, nvidia
There are answers for disabling ipv6 is it possible to force ipv6 instead?
already using https://archlinux.org/mirrorlist/ to select ipv6-capable mirrors
is there a way to encrypt obsidian vaults using either symmetric/asymmetric encryption with multiple devices?
I use https://github.com/slingamn/namespaced-openvpn to have a isolated namespace and VPN connection
On X, these two steps would allow me to run a GUI program in the protected namespace. So I could have .e.g an IDE configuration for my main user/personal projects, and another entirely different instance of the same IDE for work because they use different users
``` sudo xhost '+si:localuser:user' sudo ip netns exec protected sudo -u user -i
On Wayland, although the protected shell is created fine, GUI programs don't start. E.g fgor Dolphin
error: XDG_RUNTIME_DIR is invalid or not set in the environment.
Failed to create wl_display (No such file or directory)
```
I've tried to preserve the env without success: ```
sudo -E ip netns exec protected sudo -u user -i ```
It seems that I access to the wayland socket is a must for this to work
This discussion has a nuke option - giving 777 access to the dir where the wayland socket is, and another less permissive approach adding the users to a group and giving access to a new location where the wayland socket is created
https://stackoverflow.com/questions/41736528/linux-wayland-display-multiple-user
Is this second approach secure? If not, which other steps could I take to achieve what I did in X?
On X I use
xmodmap -e "pointer = 3 2 1" // lefthand xmodmap -e "pointer = 1 2 3" //righthand
On wayland/KDE, I must change it manually via system settings; and any other application that run on xwayland doesn't respect this
is it possible to change everything via cli, for both wayland and xwayland?
please help an old and tired boomer that is trying to stick with wayland and nvidia this time
Think Zoom, Teams, google meet etc
When sharing the screen, it can see everything the user sees. Would it be possible to isolate what it sees only to GUI applications ran by the same user? If I run these as an unprivileged user via xhost, they don't really work well. Sandboxing via bubblewrap requires knowledge beyond my current skills and I'm not sure if it would work.
Has anyone
I want to configure a local webcam to stream (and possibly record) a live feed open to the internet, and acess it half-world away while traveling, using FOSS only acessing it via Android VLC
This guide was quite comprehensive; however the packages for nginx-rtmp are quite abandoned in arch linux. So I thought maybe WebRTC could be an alternative - the communication itself should be encrypted, which WebRTC seems to do; however, I still can't figure out if VLC will handle this well
Also, it seems that I might need to self-host a VPN to achieve this? What are my options? Has anyone else done this ?
Is there an open source app or tool like TestDisk/PhotoRec, but for Android?