-
As someone who uses arch on all my developer machines, arch is a horrible developer OS, and I only use it because I know it better than other distros.
It was good 5-10 years ago (or I was just less sensitive back then), but now pacman Syu is almost guaranteed to break or change something for the worse, so I never update, which means I can never install any new software because everything is dynamically linked against the newest library versions. And since the arch way is to be bleeding edge all the time, asking things like “is there an easy way to roll back an update because it broke a bunch of stuff and brought no improvements” gets you laughed out the door.
I’m actually finding myself using windows more now, because I can easily update individual pieces of software without risking anything else breaking.
@Nix people: does NixOS solve this? I believe it does but I haven’t had a good look at it yet.
-
Yes, Nix solves the “rollback” problem, and it does it for your entire OS not just packages installed (config files and all).
With Nix you can also have different versions of tools installed at the same time without the standard python3.6 python2.7 binary name thing most place do: just drop into an new nix-shell and install the one you want and in that shell that’s what you have. There is so much more. I use FreeBSD now because I just like it more in total, but I really miss Nix.
EDIT: Note, FreeBSD solves the rollback problem as well, just differently. In FreeBSD if you’re using ZFS, just create a boot environment before the upgrade and if the upgrade fails, rollback to the pre-upgrade boot environment.
-
Being a biased Arch Developer, I rarely have Arch break when updating. Sometimes I have to recompile our own C++ stack due to soname bumps but for the rest it’s stable for me.
For Arch there is indeed no rollback mechanism, although we do provide an archive repository with old versions of packages. Another option would be BTRFS/ZFS snapshots. I believe the general Arch opinion is instead of rolling back fixing the actual issue at hand is more important.
-
I believe the general Arch opinion is instead of rolling back fixing the actual issue at hand is more important.
I can see some people might value that perspective. For me, I like the ability to plan when I will solve a problem. For example I upgraded to the latest CURRENT in FreeBSD the other day and it broke. But I was about to start my work day so I just rolled back and I’ll figure out when I have time to address it. As all things, depends on one’s personality what they prefer to do.
-
For me, I like the ability to plan when I will solve a problem.
But on stable distros you don’t even have that choice. Ubuntu 16.04, (and 18.04 as well I believe) ships an ncurses version that only supports up to 3 mouse buttons for ABI stability or something. So now if I want to use the scroll wheel up, I have to rebuild everything myself and maintain some makeshift local software repository.
And that’s not an isolated case, from a quick glance at my $dayjob workstation, I’ve had to build locally the following: cquery, gdb, ncurses, kakoune, ninja, git, clang and other various utilities. Just because the packaged versions are ancient and missing useful features.
On the other hand, I’ve never had to do any of this on my arch box because the packaged software is much closer to upstream. And if an update break things, I can also roll back from that update until I have time to fix things.
-
I don’t use Ubuntu and I try to avoid Linux, in general. I’m certainly not saying one should use Ubuntu.
And if an update break things, I can also roll back from that update until I have time to fix things.
Several people here said that Arch doesn’t really support rollback which is what I was responding to. If it supports rollback, great. That means you can choose when to solve a problem.
-
I don’t use Ubuntu and I try to avoid Linux, in general. I’m certainly not saying one should use Ubuntu.
Ok, but that’s a problem inherent to stable distros, and it gets worse the more stable they are.
Several people here said that Arch doesn’t really support rollback
It does, pacman keeps local copies of previous versions for each package installed. If things break, you can look at the log and just let pacman install the local package.
-
It does, pacman keeps local copies of previous versions for each package installed. If things break, you can look at the log and just let pacman install the local package.
Your description makes it sound like pacman doesn’t support roll backs, but you can get that behaviour if you have to and are clever enough. Those seem like very different things to me.
Also, what you said about stable distros doesn’t seem to match my experience in FreeBSD. FreeBSD is ‘stable’ however ports packages tend to be fairly up to date (or at least I rarely run into it except for a few).
-
I’m almost certain any kind of “rollback” functionality in pacman is going to be less powerful than what’s in Nix, but it is very simple to rollback packages. An example transcript:
$ sudo pacman -Syu ... some time passes, after a reboot perhaps, and PostgreSQL doesn't start ... oops, I didn't notice that PostgreSQL got a major version bump, I don't want to deal with that right now. $ ls /var/cache/pacman/pkg | rg postgres ... ah, postgresql-x.(y-1) is sitting right there $ sudo pacman -U /var/cache/pacman/pkg/postgres-x.(y-1)-x86_64.pkg.tar.xz $ sudo systemctl start postgres ... it's alive!This is all super standard, and it’s something you learn pretty quickly, and it’s documented in the wiki: https://wiki.archlinux.org/index.php/Downgrading_packages
My guess is that this is “just downgrading packages” where as “rollback” probably implies something more powerful. e.g., “rollback my system to exactly how it was before I ran the last pacman -Syu.” AFAIK, pacman does not support that, and it would be pretty tedious to actually do it if one wanted to, but it seems scriptable in limited circumstances. I’ve never wanted/needed to do that though.
(Take my claims with a grain of salt. I am a mere pacman user, not an expert.)
EDIT: Hah. That wiki page describes exactly how to do rollbacks based on date. Doesn’t seem too bad to me at all, but I didn’t know about it: https://wiki.archlinux.org/index.php/Arch_Linux_Archive#How_to_restore_all_packages_to_a_specific_date
-
-
-
-
-
-
-
-
now pacman Syu is almost guaranteed to break or change something for the worse
I have the opposite experience. Arch user since 2006, and updates were a bit more tricky back then, they broke stuff from time to time. Now nothing ever breaks (I run Arch on three different desktop machines and two servers, plus a bunch of VMs).
I like the idea of NixOS and I have used Nix for specific software, but I have never made the jump because, well, Arch works. Also with Linux, package management has never been the worst problem, hardware support is, and the Arch guys have become pretty good at it.
-
I have the opposite experience
I wonder if the difference in experience is some behaviour you’ve picked up that others haven’t. For example, I’ve found that friend’s children end up breaking things in ways that I would never do just because I know enough about computers to never even try it.
-
I think it’s a matter of performing Syu update often (every few days or even daily) instead of once per month. Rare updates indeed sometimes break things but when done often, it’s pretty much update and that’s it.
I’m an Arch user since 6 years and there were maybe 3 times during those 6 years where something broke badly (I was unable to boot). Once it was my fault; second & third one is related to nvidia driver and Xorg incompatibility.
-
Rare updates indeed sometimes break things but when done often, it’s pretty much update and that’s it.
It’s sometimes also a matter of bad timing. Now every time before doing a
pacman -SyuI check /r/archlinux and the forums to see if someone is complaining. If so then I tend to wait for a day or two before the devs push out updates to broken packages.
-
-
-
-
-
-
Things like Nix even allow rolling back from almost all user configuration errors.
-
-
-
How often were you updating? Arch tends to work best when it’s updated often. I update daily and can’t remember the last time I had something break. If you’re using Windows, and coming back to Arch very occasionally and trying to do a huge update you may run into conflicts, but that’s just because Arch is meant to be kept rolling along.
I find Arch to be a fantastic developer system. It lets me have access to all the tools I need, and allows me to keep up the latest technology. It also has the bonus of helping me understand what my system is doing, since I have configured everything.
As for rollbacks, I use ZFS boot environments. I create one prior to every significant change such as a kernel upgrade, and that way if something did happen go wrong, and it wasn’t convenient to fix the problem right away, I know that I can always move back into the last environment and everything will be working.
-
-
I wrote a boot environment manager
zedenv. It functions similarly tobeadm. You can install it from the AUR aszedenvorzedenv-git.It integrates with a bootloader if it has a “plugin” to create boot entries, and keep multiple kernels at the same time. Right now there’s a plugin for systemdboot, and one is in the works for grub, it just needs some testing.
-
-
Awesome! If you do, let me know if you need any help getting started, or if you have any feedback.
It can be used as is with any bootloader, it just means you’ll have to write the boot config by hand.
-
-
-
-
-
-
Is there any video recording for any talk on this conf?
-
Supposedly they’re coming. Gary Bernhardt said on the Deconstruct Slack that they’re being processed by a third party – time estimate was “several weeks”.
-
Thanks. I can see now they have a website, https://www.deconstructconf.com/, I hope they’ll post information about videos (or on their twitter, @deconstructconf).
-
-
-
A plugin for WeeChat that automatically expands YouTube links - https://github.com/antekone/youtube-autoexpand :D
Slack and friends already have this feature since probably the very beginning. Why not IRC?
Other than that, I’m trying to create a fully functional hex editor, mostly for my own use cases. It’s already in a state that can be used, so feel free to try and comment: https://mydatasoftware.com
-
I think it might be beyond your feature scope, but I’ll be really interested in plugin which un-shorts links and displays their
<title/>tags in buffer context (without logging or anything). The only plugin related to this case is a shortener which needs additional backend software running on your server with resolvable domain.-
Actually I was thinking about it as well. Maybe it’s not such a bad idea to merge this feature into the plugin :)
-
-
Yes, it will be maybe just link-autoexpand or simply just autoexpander script.
Another thing is that i.e. Slack has autoexpansion for Spotify links, both “http://” and “spotify:” cases, and eventually I would like to have that as well.
-
-
-
-
-
Considering harmful considered harmful.
-
-
I never really understood the sabayon distribution, its Gentoo for people that can’t install it, or don’t want to spend the time to. For the people that just want to save time, that’s great, but usually Gentoo users, don’t want anything but the bare essentials there use flags have pulled in on there chosen packages. As an ex Gentoo user (probably around 2006-2008) I remember the forums and irc channels just being packed with sabayon users who had installed it, then running into to problems when emerging something else.
I can’t applaud the installer enough as I remember it used to be very easy/efficient to use, however as an ex portage user I didn’t personally enjoy entropy. I would have thought it would have been better to just maintain a Gentoo installer and entropy package separately. I remember back in 2006(ish) Gentoo released a live CD installer (which was awful) and then Sabayon came out with one (I think either just before or just after) that worked perfectly.
Anyway, it’s great to see this project is still around and doing well.
-
-
There are people who would like to use perks that emerge/layman gives them (first class access to application’s source code, build process, etc), or would like to learn Gentoo, but don’t have knowledge or will to install it properly. I’ve used Gentoo in times of Penium4’s and I liked it very much, but the duration of
revdep-rebuildwas simply horrible, updating Firefox or OpenOffice was something that needed to be scheduled over night. So I understand that some people would like to have a system that’s prepared for them, and use Gentoo’s tools for the customization of software they are interested in customizing.
-
-
-
I actually like those verbose diagnostic messages during bootup and I would be happy if I could enable them during Windows boot. If anything goes wrong, I most probably already have all the info I need to be able to troubleshoot the problem. It’s also less boring to watch the scrolling text than to see some static logo (especially when the logo is in wrong resolution which is painful for the eyes, or monochromatic).
When using macOS it’s possible to enable such boot with
boot-args=-vnvram option. When installing macOS on VirtualBox, nvram is setup this way by default.-
I use FreeBSD desktop for 14 years and I found such situation only once when FreeBSD system asked me upon boot process if I would like to panic or not - FreeBSD: Panic or not to Panic - it was some issue with dual AthlonMP SMP motherboard and dual AthlonXP processors modded to be AthlonMP ones ;)
-
I understand it works for you, and it’s cool.
But I also had a problem with the motherboard/CPU resulted in the kernel suddenly seeing only one core and not booting properly. Drive read failures because of corruption, bad SATA cables, slow boot because of some service taking too much time to start up, boot hang because of a broken network card, etc. I also have calls from friends from time to time asking why Windows doesn’t boot up. If only I had those diagnostic messages I wouldn’t need to guess :)
-
-
-
-
5:45 - 8:00 Wake up, initialize myself for the day, fire up laptop, read news for the day, check stocks, do some coding.
8:00 - 8:30 SO wakes up and helps me with the breakfast
9:00 - 9:30 Drive to work, listen to some podcasts/lectures/audiobooks during the road
9:45 - 11:30 Read emails, do meetings if necessary
12:00 - 17:00 Work, work, work
17:30 - 18:00 Drive home, listen to podcasts/lectures/audiobooks during driving
18:00 - 23:00 Spend time with SO and two cats, read books, do some coding if I’m able.
23:30 - 23:45 Shutdown myself for the day
23:45:00 - 23:45:05 - I’m fortunate enough to be able to go to sleep in 5 seconds after going to bed.
-
“Considered Harmful” Essays Considered Harmful: https://meyerweb.com/eric/comment/chech.html
-
Did you try to apply terminal padding?
Like this: https://i.redd.it/rh3n3dxby8fy.png
Every terminal has its own setting how to do this kind of padding, i.e. for gnome-terminal or xfce4-terminal you can set it like this:
[~/.config/gtk-3.0]$ cat gtk.css VteTerminal, vte-terminal { padding: 20px; } -
-
This is full documentation of the GNU version of
truecommand:16.2 ‘true’: Do nothing, successfully
‘true’ does nothing except return an exit status of 0, meaning “success”. It can be used as a place holder in shell scripts where a successful command is needed, although the shell built-in command ‘:’ (colon) may do the same thing faster. In most modern shells, ‘true’ is a built-in command, so when you use ‘true’ in a script, you’re probably using the built-in command, not the one documented here.
‘true’ honors the ‘–help’ and ‘–version’ options.
Note, however, that it is possible to cause ‘true’ to exit with nonzero status: with the ‘–help’ or ‘–version’ option, and with standard output already closed or redirected to a file that evokes an I/O error. For example, using a Bourne-compatible shell:
$ ./true --version >&- ./true: write error: Bad file number $ ./true --version > /dev/full ./true: write error: No space left on deviceThis version of ‘true’ is implemented as a C program, and is thus more secure and faster than a shell script implementation, and may safely be used as a dummy shell for the purpose of disabling accounts.
Seems that the binary version of
truewas probably created so that the system won’t need to load big/bin/sh.
-
Until now I’ve used a directory and set of simple text files for each ‘task’. Top of each file is reserved for tagging, so I can locate needed files later by grepping all files from the journal directory in search for a specific tag.
It might be cumbersome but I’m used to it.
I will give
jrnla try though.-
I feel multi-file approach works a lot better than single file. You can get a good sense of what that file is about just by
grep -rC1, and you can link to that particular file in your own notes later. I found that the most friction I had when I started to taking notes electronically was thinking of a file name. Now I just use a serial number, likeN05349.edworks great for jotting down notes, andacmewins in cross-linking files.
-
-
His stance is laid out more clearly later in the thread.
People should basically always feel like they can update their kernel and simply not have to worry about it.
I refuse to introduce “you can only update the kernel if you also update that other program” kind of limitations. If the kernel used to work for you, the rule is that it continues to work for you.
And I seriously will refuse to take code from people who do not understand and honor this very simple rule.
-
-
What a difference between his first post and this one. In the first one he comes off like a colossally toxic asshat. I know this is no surprise to anyway, but still. That kind of behavior is not OK. Period.
This post on the other hand is clear headed and explanatory. It lays out the rules and why it’s important to follow them.
Maybe Linus just needs a 1h send buffer? :)
-
-
It’s not “I am offended”, but rather probably 95% of people would be offended if they would hear something like this headed their way. Linus probably forgot how it’s like to hear this level of toxic communication because nobody speaks with him like that. I know his “ideology” behind his behavior (he talked about this several times), but honestly saying such “sh**” to people is low, and most people are above that, that’s why he stands out.
-
Personally this power relationship is why I’m against BDFLs once a project reaches a certain size.
-
-
-
Toxic means that it is in some way damaging to a relationship between two individuals, groups, etc. In this case it is indeed toxic because it seeks to gain in some goal at the cost of the relationship with the submitters. Toxic isn’t strictly bad, sometimes a goal is so important that you need to break the relationship, however you should always choose the least toxic strategy that will ensure success. After all who knows when you’re going to need those people’s help in the future.
In summary, dark_grimoire seems to have a correct understanding of toxic, and mytrile does not which I assume is why they are being downvoted.
-
-
-
It would be severly limiting
It’s already limiting though – many people silently stop contributing when they receive messages like this or never consider contributing in the first place. This means the negative impact is hidden. Since it’s hidden, it becomes much easier to defend the status quo when an alternative might result in a better kernel.
-
By the same logic, the positive impact is also hidden. Because it is conceivable that without these messages, the kernel might have imploded upon itself, and the prevention of said implosion is doubtlessly positive.
If you are going to argue with hidden stuff then it goes both ways.
-
Do you really believe that it’s not possible to enforce rules and maintain high standards without calling people idiots, their contributions garbage, and so on?
I can certainly believe the parent comment, as it’s something I hear regularly, from people who decide not to get involved in projects/make further contributions/pursue opportunities at companies/etc because of things like this. FWIW, one of my friends can be found in the kernel CREDITS, and decided to walk away because of the LKML.
-
it is conceivable that without these messages, the kernel might have imploded upon itself
As a counterpoint, I’ve worked on a project that has a similar code size, customer reach, and zero-tolerance stance on security and stability bugs as the Linux kernel: Chromium. Chromium does not have anywhere near the level of abusive discourse on its mailing list as the LKML, and it has not imploded on itself as you have suggested. So the burden of proof is on the abusive language to show it is needed and not the other way around.
-
-
-
I disagree. I am not offended by his behavior, I find it to be unacceptable by virtue of the fact that I feel human beings should treat each other with a modicum of respect. Linus’s communications very often do not meet that standard. Hence from my book they do not represent an acceptable way to treat people, especially people volunteering to donate time to an open source project.
-
-
-
-
-
-
This blog post seems to be only a fragment of this article: https://meribold.github.io/assets/cache-paper.pdf
-
And what does Apple consider “good” software? I have rEFInd installed in my laptop to dual-boot a tiny partition with Linux. Am I going to see a pop-up now once a week of Apple scolding me for that?
-
And what does Apple consider “good” software?
Probably everything they ship.
I have rEFInd installed in my laptop to dual-boot a tiny partition with Linux. Am I going to see a pop-up now once a week of Apple scolding me for that?
From the post:
The great majority of users should, of course, never see that dialog. If you do, your decision will be remembered; if you agreed to send the data to Apple, then in a week’s time when eficheck runs again, it will automatically adhere to your original choice.
As long as this remains “checking” only, I actually appreciate the move. Probably, most people wouldn’t notice a modified EFI without this.
Given that the firmware versions Apple ships are actually quite easily enumerable, this doubles down on a strength of its ecosystem. (whether it’s worth the tradeoff with the other drawbacks it brings, is a different debate)
-
Given that the firmware versions Apple ships are actually quite easily enumerable
Heh, in the (now deleted?) Twitter thread that Xeno Kovah was talking about this, he mentioned that it took some work to enumerate all of the firmware versions as some hadn’t been tracked/tracked in the same way as the others.
-
-
I’ve read somewhere that their popup will be displayed once, and your answer will be remembered on future invocations. So if this scanner will detect rEFind, you can click “Don’t send”, and it will not bug you again. At least theoretically, in High Sierra, not sure until which build number ;).
-
-
Here’s OpenGrok’ed version if anyone’s interested in browsing the kernel sources: http://xr.anadoxin.org/source/xref/macos-10.12.6-sierra/
-
I wonder how kext load verification will work in practice. Since most of the time you want to load a kext (because if an application uses a kext then it has a good reason to do it, at least it should), you will need to click OK. And since you will need to click OK 99.9% of the time, like in Windows UAC, this “confirmation” dialog box will only increase UI noise, resulting in users clicking OK because it needs to be done anyway.
Maybe it would be better to design some additional framework that will give additional privileges and would not require a kext. Like filesystem control callbacks for access control of files and executables, port i/o communication with devices, etc. Linux has it all in usermode, so it’s possible to make it working.
-
Kext installation on a Mac is a very rare event, most Macs would have no custom kexts (I think? I guess we’ll find out when High Sierra comes out), and for most people installing or updating a kext is a very rare event. I don’t see a big issue in adding more friction to this process in exchange for higher security. Allowing kexts will happen in the same way that you allow apps to have Accessibility permissions. You can see more info on this on a blog post about the Kextpocalypse and TN2459.
Maybe it would be better to design some additional framework [… that] would not require a kext.
That’s what they are doing over time. See for example Network Extension Framework for VPNs and networking apps. Another example is I/O Kit which provides an interface for communicating with USB and FireWire devices from user space. A third example is Audio Unit Extensions, where Audio Units can now run in a separate process so if they crash they don’t take down the host. A fourth example is the Hypervisor Framework which lets developers build sandboxed (!) virtualisation apps without kernel extensions. Here’s some of Apple’s alternative suggestions instead of using Kexts.
Apple has been slowly but steadily moving more and more away from kernel extensions, adding more restrictions on them, and also (hopefully) providing good alternate solutions.
-
A kext most of the time does nothing without its companion usermode application. At the same time, an application often will be incomplete without its companion kext. So I don’t really see the reason why the user should be given a choice related to installing the kext. I mean, maybe they should show a choice before installation of the whole product. Something in the lines of: “This product uses a kext, do you want to install it?”
The “Kextpocalypse” blog entry you’ve pasted has a nice list of impacted software. Antivirus, virtualization, softwate that comes with hardware, dropbox and similar. On my Mac I have 2 of them (antivirus and virtualization). Sure, todo lists, text editors and games should not have a kext, but sometimes more complicated system software is impossible to create without a kext. Best thing is that some of those impacted applications are meant for non-technical users, like Antivirus. How should a non-technical user know when to unblock a kernel extension and when to leave it alone? When you install those applications, but you won’t install their kexts, you will have to uninstall them because they won’t work. I think it’s a waste of time for the user and the developer and this feature is for marketing only (“hey, we have security!”).
-
It is better though because Angry Birds/Minecraft are less likely to install a key logger. Even for anti virus if you want to you can pick one that doesn’t include a kext.
When I created an app + kext a few years ago the app checked if the kext was installed, offered to install it (Requiring elevation) and kept offering to install it until you either successfully installed it or exited the application.
-
-
-
-
dark_grimoire
edited
11 months ago
|
link
| on:
Systemd on Ubuntu 16.04 can't (or won't) reliably reboot your server
Well that’s interesting, I have a similar problem on my Fedora desktop. Rebooting the system will shutdown X, bring up the console screen and just sit there with no messages at all, just the cursor blinking at position (0,0). I’ll have the reboot manually. This is very frustrating.
-
qznc
11 months ago
|
link
| on:
Dhall: programmable configuration language that is not Turing-complete
Interesting. I’m pondering non-turing-complete languages myself. I believe they are under-estimated and should be used more often for anything that looks like configuration.
Configurations usually start simple, like we only need “x = y” statements. Oh wait, sections would be nice, so use the ini-format. Oh wait, nesting stuff would be nice, so use JSON/XML/Lisp. Oh wait, we want to reduce duplicated stuff, so use a preprocessor. Oh wait, more abstractions would be nice, so use some scripting language already. Stop, we just skipped one level before scripting languages, the non-turing-complete languages!
Concerning Dhall, I never met the “Oh wait, we want to annotate types” idea. Is that really desireable for configurations?
-
-
-
Oh wait, more abstractions would be nice, so use some scripting language already. Stop, we just skipped one level before scripting languages, the non-turing-complete languages!
Jumping to a scripting language is also jumping from a pure language to an impure one. IMHO this may be a bigger problem than going from total to turing complete. When a scripting language is used for config, it’s very tempting to start reading in other files, checking the hostname, overriding behaviour using env vars, checking for something in a database, etc. and before long you’ve got a whole “configurator” application, complete with its own config; and ‘checking what the configuration says’ for your original application may (a) give different results depending on the phase of the moon, and (b) cause arbitrary side-effects. It also becomes tempting to put functionality in the “config script” which should really live in the actual application.
With a pure config, the only thing that the code can do is to calculate some part of the result; it can’t even alter other parts of the result, due to immutability.
I’ve been writing a lot of stuff in the Nix expression language recently, and its purity makes it quite nice. It’s only pure by convention though, since ‘derivation’ values can contain arbitrary code (usually Bash) which can be executed using ‘import’, if one were so inclined.
-
There’s also the thing that “oh wait, we want to reduce duplicated stuff” can also be seen as “oh wait, we have our configuration model all wrong”
-
-
I’m using ejabberd for me and few of my friends since ~5 years. Never had a problem with it. It feels good that all communication is encrypted and goes only through trusted hosts.
Thanks for this thread, I’ll definately add some new RSS entries myself.
Here’s my blog: http://anadoxin.org/blog