- ihafarm
- Aug 12, 2004
-
|
Actually I think some of them do have proprietary secureboot type things in them - I recently bought a new laptop because my Chromebook hit end of life for Google updates, and I've slowly been looking at ways to extend its life. There's the Cloudready OS that Google bought and renamed Google Flex, I think, which might get around that, but in the little bit of research I've done I ran across the proprietary secureboot thing being in at least some Chromebooks. Like I said, though, I just barely have looked into it so far.
If the updates didn't run out I'd still be using that Chromebook - it's perfectly competent for web browsing, Zoom, and most run-of-the-mill computing purposes. My experience with Linux apps on it was mostly okay, although the underpowered hardware (it's a Celeron from like 5 years ago) didn't help with that.
tldr cloudready is not available for chrome* devices, it’s to be used on pc hardware.
We maintain a fleet of chromeboxes for digital signage purposes that have similarly fallen out of support - approached Google re using cloudready rather than acquiring replacements…now we’ve got 60 new chromeboxes.
|
#
¿
Jul 27, 2022 23:33
|
|
- Adbot
-
ADBOT LOVES YOU
|
|
#
¿
May 15, 2024 01:31
|
|
- ihafarm
- Aug 12, 2004
-
|
I bought a new chromebook and it errors out when enabling the linux vm/container without any useful message. Pretty drat annoying.
Overall it is like using some gnome-like thing where there are even less configuration options. And I complain about that as someone who enjoys gnome3.
Powerwash?
|
#
¿
Jul 28, 2022 23:30
|
|
- ihafarm
- Aug 12, 2004
-
|
I assume you follow what Chris writes but just in case you aren't, he has a very recent article about AppArmor Persistence on Ubuntu which may or may not be relevant to Arch, since it seems to relate to the third-party software repos? Either way, it might be worth checking up on if you got spare cycles, to avoid a potential headache in the future.
Just wanted to say thanks for this; like many other things I lost with the shutdown of google reader, Chris’s blog is an essential resource(IMHO).
|
#
¿
Aug 30, 2022 00:33
|
|
- ihafarm
- Aug 12, 2004
-
|
Hahaha, this recent exchange epitomizes my experience with X Windows over the last 25+ years, though I haven’t intentionally used a Linux gui in more than a decade, save for gparted in a live-cd environment. Linux is an incredible and indispensable tool, but if you want/need a gui just bite the bullet and use Windows or buy a mac.
Almost certain I spent more time in a ‘startx; brief X cursor; crash’ loop than actually using it! And most of that was before insmod. Nothing worse than compiling a new kernel overnight and then realizing you hosed up.
But, that’s 90% of the fun. RTFM
|
#
¿
Apr 7, 2023 22:18
|
|
- ihafarm
- Aug 12, 2004
-
|
If you have to type startx you are GUI-ing wrong
Yeah, well this was mid-late 90’s. Never grokked the purpose of X at the time, as my usage was more or less an alternative to screen.
|
#
¿
Apr 8, 2023 17:10
|
|
- ihafarm
- Aug 12, 2004
-
|
I pretty regularly install Linux on USB devices with GPT and an EFS and it's a surprisingly boring experience. The only slight gotcha is it's helpful to use a FAT volume label of "EFIUSB" or something for the EFS so that Linux mounts the correct volume to /boot/efi.
I’ve no concern re doing so, just the OPs ability/chance of success had that been the case.
|
#
¿
Apr 19, 2023 01:51
|
|
- ihafarm
- Aug 12, 2004
-
|
there was exactly one google result that looked like it would help me, but the 4th step was to install flatpak and i was like "it still doesn't have flatpak after all the installs ive done?" endeavour doesn't come with anything. i have the whole thing set up real nice except the goofy wifi card drivers. i gave up hours ago actually, and made a fedora install drive, it didn't like GRUB even though endeavor didnt have a problem with it, i got an ubunty install, too big for little usb drive, then i had company. authoring xubuntu iso now. i'll see if that one boots. it's a shame about this nice endeavouros install it's gonna burn lol
edit: xubuntu also says it doesn't notice a thing when i put the wifi adapters in. LEDs don't light either. and it doesn't have the terminal commands the walkthru says it should. tried front and back usb slots. i'll carry it back upstairs tomorrow and see if it auto downloads drivers when it's got an ethernet cable plugged in to it. i'm suspicious there's something funky with this hardware, but... hey, 90% chance it works when i pop the firmware in. drivers. whatever.
I’d suggest trying Knoppix, just to see if it detects your wifi adapter.
|
#
¿
Apr 21, 2023 12:44
|
|
- ihafarm
- Aug 12, 2004
-
|
Give up. If all of this is real you couldn’t even be here. Hmmmm, or chatgp.
|
#
¿
Apr 28, 2023 00:21
|
|
- ihafarm
- Aug 12, 2004
-
|
Thanks for that tip. It doesn't google particularly well though, so I was going to just grep around the kernel source tomorrow and hope it comes up. "Linux kernel alternatives system" brings up all kinds of things to use instead of Linux lol.
kernel altinstructions is what I think they’re referring to
|
#
¿
Oct 5, 2023 13:04
|
|
- ihafarm
- Aug 12, 2004
-
|
I got a cron job that syncronises my desktop with several cloud services. When I shutdown while it is running it gets aborted after a timeout (systemd's default 90secs), which leaves a stray lockfile behind which I need to fix manually.
I want to increase the timeout that systemd gives the job to finish when I shutdown the system. Preferably specifically so that it still aborts fast when stopped manually, but that is not critical.
Googling gives me people recommending "TimeoutStopSec" or "TimeoutStopUSec" and people answering that it doesn't work. And the option doesn't even appear in systemd's actual documentation.
Others suggest changing "TimeoutSec" which the documentation suggest is only for startup, but at least it is documented.
Trying to set the stops, "systemctl show TimeoutStopUSec" gives the time I expect, "systemctl show TimeoutStopSec" gives no output.
Setting TimeoutStopUSec in the override files gives :"Unknown key name 'TimeoutStopUSec' in section 'Service', ignoring"
Setting TimeoutStopSec in the override files sets the return for "systemctl show TimeoutStopUSec" to the requested value, still no return on "show TimeoutStopSec".
Anybody has some advice on what to change and/or where systemd hides the documentation on those things.
And also how to test this, after overriding TimeoutStopSec I noticed that the only way to actually test it is waiting for the job to start and shutting down then. Is there an easier way?
Reimplement your backup/sync into a systemd service and use a scheduled task.
|
#
¿
Oct 21, 2023 15:08
|
|
- ihafarm
- Aug 12, 2004
-
|
I am so late to this because I had to very suddenly move, it was a whole pain, and I'm realizing to fix it after seeing the output of this I'm probably gonna have to go back and explain everything I did to route some things to the no-VPN NIC and others to the NIC that does go through the VPN.
Here is the output though
code:$ curl --interface enp3s0 --verbose "https://api.ipify.org"
* Host api.ipify.org:443 was resolved.
* IPv6: (none)
* IPv4: 172.67.74.152, 104.26.13.205, 104.26.12.205
* Trying 172.67.74.152:443...
* socket successfully bound to interface 'enp3s0'
* connect to 172.67.74.152 port 443 from 192.168.50.98 port 46918 failed: No route to host
* Trying 104.26.13.205:443...
* socket successfully bound to interface 'enp3s0'
* connect to 104.26.13.205 port 443 from 192.168.50.98 port 55128 failed: No route to host
* Trying 104.26.12.205:443...
* socket successfully bound to interface 'enp3s0'
* connect to 104.26.12.205 port 443 from 192.168.50.98 port 52700 failed: No route to host
* Failed to connect to api.ipify.org port 443 after 9430 ms: Couldn't connect to server
* Closing connection
curl: (7) Failed to connect to api.ipify.org port 443 after 9430 ms: Couldn't connect to server
But I don't get it, ok it's not routed right, then why does my jellyfin server that goes through enp3s0 too work perfectly? Why do all my torrents working perfectly?
Traceroute? And, dump your routing table; do you have multiple default gateways?
|
#
¿
Mar 17, 2024 20:34
|
|
- Adbot
-
ADBOT LOVES YOU
|
|
#
¿
May 15, 2024 01:31
|
|
- ihafarm
- Aug 12, 2004
-
|
So it seems to work,
code:$ sudo traceroute -s 192.168.50.98 api.ipify.org
traceroute to api.ipify.org (104.26.13.205), 30 hops max, 60 byte packets
1 MyRouter(192.168.50.1) 0.112 ms 0.130 ms 0.150 ms
2 MYISPStuffIGuess4.334 ms 4.639 ms 4.662 ms
3 MoreISPStuff 2.870 ms 3.164 ms hn.kd.pix (219.155.45.153) 2.326 ms
4 pc73.zz.ha.cn (61.168.28.73) 4.206 ms pc149.zz.ha.cn (61.168.26.149) 27.557 ms pc65.zz.ha.cn (61.168.28.65) 14.957 ms
5 219.158.105.133 (219.158.105.133) 27.796 ms * 27.090 ms
6 219.158.8.114 (219.158.8.114) 36.483 ms 219.158.103.42 (219.158.103.42) 30.997 ms 219.158.8.122 (219.158.8.122) 34.145 ms
7 219.158.97.29 (219.158.97.29) 38.311 ms 29.455 ms 36.970 ms
8 219.158.10.62 (219.158.10.62) 39.454 ms 38.402 ms 43.894 ms
9 202.77.23.30 (202.77.23.30) 33.768 ms 38.322 ms 35.869 ms
10 * * *
11 172.71.208.2 (172.71.208.2) 69.613 ms 172.71.212.2 (172.71.212.2) 68.195 ms 103.22.203.231 (103.22.203.231) 71.751 ms
12 104.26.13.205 (104.26.13.205) 66.854 ms 66.841 ms 68.120 ms
With the one that goes through the VPN, even though that's not what I'm trying to use here (and this one does in fact work with curl. It's just not useful to me since that of course returns my VPN's IP)
code:$ sudo traceroute api.ipify.org
traceroute to api.ipify.org (172.67.74.152), 30 hops max, 60 byte packets
1 MyRouter(192.168.50.1) 0.091 ms 0.124 ms 0.165 ms
2 MyVPN 248.176 ms 248.119 ms 248.016 ms
3 38.86.135.1 (38.86.135.1) 248.158 ms 248.197 ms 248.237 ms
4 * * *
5 be2213.ccr41.dca01.atlas.cogentco.com (154.54.6.241) 248.304 ms be2231.ccr42.dca01.atlas.cogentco.com (154.54.83.69) 248.238 ms be2213.ccr41.dca01.atlas.cogentco.com (154.54.6.241) 248.237 ms
6 be2406.ccr42.iad02.atlas.cogentco.com (154.54.85.210) 248.320 ms be4008.ccr42.iad02.atlas.cogentco.com (154.54.87.146) 247.254 ms 247.765 ms
7 38.32.185.178 (38.32.185.178) 248.743 ms 38.88.214.142 (38.88.214.142) 246.201 ms *
8 172.70.36.5 (172.70.36.5) 246.135 ms 172.70.172.2 (172.70.172.2) 246.232 ms 172.70.36.3 (172.70.36.3) 246.165 ms
9 172.67.74.152 (172.67.74.152) 245.737 ms 245.826 ms 246.011 ms
And as far as I can tell I only have 1 default gateway.
code:$ ip route show
default via 192.168.50.1 dev enp4s0 proto dhcp src 192.168.50.249 metric 100
192.168.50.0/24 dev enp3s0 proto kernel scope link src 192.168.50.98
192.168.50.0/24 dev enp4s0 proto kernel scope link src 192.168.50.249 metric 100
192.168.50.98 is the No-VPN one, the one I'm trying to use for curl here
/etc/network/interfaces is
code:source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The 2nd NIC
auto enp3s0
iface enp3s0 inet static
address 192.168.50.98
netmask 255.255.255.0
# gateway 192.168.50.1
I have gateway commented out because when I didn't I remember it didn't work
And I think all the rest was to get the jellyfin server to use the no-VPN NIC all the time, not anything to do with curl using it when told to use it.
But it was stuff like:
sudo iptables -t mangle -A OUTPUT -p tcp --dport 8896 -j MARK --set-mark 1
sudo iptables -t mangle -A OUTPUT -p udp --dport 8896 -j MARK --set-mark 1
added 100 jellyfin to /etc/iproute2/rt_tables
And then some more that I have to keep digging in here to remember. drat, I should documented all this when I was doing it.
Don’t multihome; put the NICs on different subnets. Can you ping both interfaces from another machine?
When you said the VPN/router allowed you to exclude ports, did you mean physical ports?
|
#
¿
Mar 18, 2024 22:47
|
|