fsebugoutzone.org:9999

       Posts by siosm@floss.social
 (DIR) Post #ANur1jy4JsAwLZBxI0 by siosm@floss.social
       2022-09-24T12:48:32Z
       
       0 likes, 1 repeats
       
       This week in KDE: yo dawg, I heard you wanted stability https://pointieststick.com/2022/09/23/this-week-in-kde-yo-dawg-i-heard-you-wanted-stability/ @kde
       
 (DIR) Post #ARc7E1fEpwkygW0uQK by siosm@floss.social
       2023-01-13T12:44:49Z
       
       0 likes, 1 repeats
       
       I wrote a post about a part of my OpenSSH client configuration that helps increase privacy and security: https://tim.siosm.fr/blog/2023/01/13/openssh-key-management/I&#39;ve been using this setup for a while but I though it would be useful to share as it mitigates the issues described in the following posts: https://words.filippo.io/dispatches/whoami-updated/ and https://www.agwa.name/blog/post/whoarethey
       
 (DIR) Post #ARc7E3TG7SMYHwQN1s by siosm@floss.social
       2023-01-13T12:47:44Z
       
       0 likes, 0 repeats
       
       CC @filippo @agwa
       
 (DIR) Post #AS0GPQuQsYBVY0fnAO by siosm@floss.social
       2023-01-20T18:34:18Z
       
       0 likes, 1 repeats
       
       Introducing Kinoite Nightly (and Kinoite Beta): https://tim.siosm.fr/blog/2023/01/20/introducing-kinoite-nightly-beta/Just in time for KDE Plasma 5.27 Beta release, we&#39;ve made unofficial variants of Fedora Kinoite available to make it easier to test Beta and Nightly KDE software.#KDE #KDEPlasma #Fedora #FedoraKinoite
       
 (DIR) Post #AS0NtoTgW0UX0jayo4 by siosm@floss.social
       2023-01-25T15:09:20Z
       
       0 likes, 0 repeats
       
       @justinz Well, I use a Jekyll theme that does not have that yet 😐. Will see what I can do.
       
 (DIR) Post #AScVStiaEdmGE3Suy8 by siosm@floss.social
       2023-02-13T00:33:09Z
       
       0 likes, 0 repeats
       
       @justinz @dennisfaucher This will likely improve once we move to the new container format for ostree
       
 (DIR) Post #AT0JyjiuOYLuq14Tdg by siosm@floss.social
       2023-02-24T12:17:32Z
       
       0 likes, 0 repeats
       
       @justinz @dropbear42 There is support for graphical updates in Discover on Kinoite but it&#39;s not included the ISO. You have to do the first update on the command line and then you can do then from the GUI. I&#39;ll update the docs. It will be in the ISO starting with Fedora 38.
       
 (DIR) Post #AWvNmmZgcQZWjOp6fo by siosm@floss.social
       2023-06-21T18:22:21Z
       
       1 likes, 0 repeats
       
       Interested in making a new rpm-ostree desktop variant available in Fedora to join Silverblue, Kinoite, Sericea and Onyx?Then you may take a look at this guide: https://tim.siosm.fr/blog/2023/06/21/rpm-ostree-variants-fedora/#Fedora #ostree #RpmOstree #FedoraSilverblue #Silverblue #FedoraKinoite #Kinoite #FedoraSericea #Sericea
       
 (DIR) Post #AX23DtlvDnQuiuIjK4 by siosm@floss.social
       2023-06-24T21:23:10Z
       
       0 likes, 1 repeats
       
       Give nothing, expect nothing: GitLab’s the latest punching bag for entitled users https://dissociatedpress.net/2022/08/10/give-nothing-expect-nothing-gitlabs-the-latest-punching-bag-for-entitled-users/This previous post from @jzb is also worth a (re-)read.
       
 (DIR) Post #AXkOO8NHZNauYmUWRc by siosm@floss.social
       2023-07-15T11:43:56Z
       
       1 likes, 0 repeats
       
       I&#39;ll be giving a talk at #Akademy2023 on Sunday afternoon on how we are making KDE Plasma and Apps testing accessible to non-developers, thanks to Flatpak and Kinoite: https://conf.kde.org/event/5/contributions/138/I&#39;m also attending the conference remotely so feel free to reach out to me on Matrix if you want to chat with me about #KDE, #Fedora, #Kinoite or #Flatpak.
       
 (DIR) Post #Ac5AflO9kRjVTURKro by siosm@floss.social
       2023-11-22T17:34:05Z
       
       0 likes, 1 repeats
       
       Fedora Kinoite images with Plasma 6 are now available!Compared to previous Kinoite Nightly builds, they are based on Rawhide so they may include bugs as they notably contain pre-released kernels.Details and instructions in this blog post: https://tim.siosm.fr/blog/2023/11/22/kinoite-plasma-6/#Fedora #Kinoite #KDE #Plasma #Plasma6
       
 (DIR) Post #Ad1t4jDnZbGgrG5PvM by siosm@floss.social
       2023-12-19T15:01:57Z
       
       0 likes, 0 repeats
       
       sudo without a setuid binary or SSH over a UNIX socket: https://tim.siosm.fr/blog/2023/12/19/ssh-over-unix-socket/I have been working on this setup as part of my investigation to reduce our reliance on setuid binaries and trying to figure out alternative for common use cases.#Fedora #ConfinedUsers #UnixLegacy
       
 (DIR) Post #Ad1t4l64bIHEfsUHA0 by siosm@floss.social
       2023-12-19T23:07:44Z
       
       0 likes, 0 repeats
       
       @pid_eins Indeed, this is definitely the most effective way.Unfortunately I still need some setuid binaries right now for various features. The main one is newuidmap for rootless podman, but pkexec comes soon after as a number of desktop apps still require it. They would need to be converted to daemon-only polkit.
       
 (DIR) Post #Ad1t4mry0iBKAhu2S0 by siosm@floss.social
       2023-12-19T23:11:08Z
       
       0 likes, 0 repeats
       
       @pid_eins At one point I also had a seccomp filter for my entire user session banning obsolete syscalls as defined by systemd. This broke the xdg-desktop-portal service which relies on fusermount if I remember correctly (will have to double check).
       
 (DIR) Post #Ad5D0iAYv0WyL9AxtY by siosm@floss.social
       2023-12-22T15:51:24Z
       
       0 likes, 0 repeats
       
       Don’t change your login shell, use a modern terminal emulator: https://tim.siosm.fr/blog/2023/12/22/dont-change-defaut-login-shell/In this new post that is part of my “UNIX legacy” series, I look at alternatives to changing your login shell.#Shell #UnixLegacy
       
 (DIR) Post #Ad5EBSQ5umiadL83FY by siosm@floss.social
       2023-12-22T23:41:02Z
       
       0 likes, 0 repeats
       
       @reto See the Gentoo wiki page: &quot;a working POSIX shell is essential&quot;. It&#39;s not about the shebangs. ZSH is sufficiently compatible with POSIX that you might not have experienced issues (yet).
       
 (DIR) Post #Ad6n0BCnGjNzc0E21g by siosm@floss.social
       2023-12-23T17:05:06Z
       
       0 likes, 0 repeats
       
       @Aissen @reto The point of the article is that you should not change the default shell for interactive users on any distributions. There are better ways to use another shell now.
       
 (DIR) Post #AhrnuTo3GsVBvf5z28 by siosm@floss.social
       2023-09-30T22:15:54Z
       
       0 likes, 0 repeats
       
       @jorge The problem here isn&#39;t really in the how, it&#39;s in the organizational part and QA part. Once we have containers as first class artifacts we can start looking at replicating that model: https://gitlab.com/fedora/ostree/sig/-/issues/2
       
 (DIR) Post #AhrnuVggHFnJlNf7p2 by siosm@floss.social
       2023-09-30T22:38:23Z
       
       0 likes, 0 repeats
       
       @jorge Also note that fully reproducing this model requires QA and new release processes that we currently don&#39;t have in Fedora. In the current Fedora CoreOS release model, someone needs to push a button every two weeks to make a release.