1.  

    It’d be nice to have a little more clue what Hermes is before clicking.

    1. 2

      That package caching trick is super fragile. It will break on any package that has postinst scripts, causes dpkg triggers to fire, etc. Safer would be to cache the .deb and install them every time, although slower.

      1. 1

        It’s a shame GitHub Actions / Azure Pipelines (they’re the same with marginally different YAML configs) does not provide a way of snapshotting the CI VM. I have a small project where installing the dependencies is around 75% of total CI time. I’d love to snapshot the VM (or, ideally, just the filesystem used for builds) at this point and then on the next run start again. Or test incremental builds by snapshotting after every successful build and then applying the patch to a copy of that snapshot and then building from there.

        I’m aware of one company that built an in-house FreeBSD CI system using ZFS snapshots like this. Roughly, each successful build was snapshotted with the git hash as the ZFS snapshot name. The trigger for the new build walked up the history until it found a snapshot that existed in the history of the PR, then cloned that snapshot and updated the source tree to the current commit. They had a clean build that took a couple of hours but normally hit an incremental build time of under a minute. The CI machines could then spend most of their time running tests, not rebuilding the same files. I believe they also had a nightly job that did a clean build and fixed occasional issues that came out of this, but didn’t require a complete rebuild on every PR.

        For accelerating the build, a few big companies have in-house build systems that use cloud storage to cache all of the intermediate build results. I’d love to see something like this integrated into CMake, automatically caching every build result and skipping rebuilds of everything whose sources hadn’t changed from the last generated result.

      1. 31

        This is a good read and a good point.

        It’s also the first time I’ve encountered the phrase “start a localhost” and it made me cringe.

        1. 2

          I use Firefox on my iPhone as my “default” browser although it’s not the Default, and this is less of a problem than it would be on a desktop. Apps normally try to display web pages in an inline browser anyway, with a button to launch it in safari. This is right next to the “share” button which has Firefox behind it, so it’s two short taps instead of one.

          1. 3

            I wrote a cron job that fetches RSS feeds and pipes new items into a folder in my emails.

            Advantages:

            • Most mail clients (well, the ones I use) support basic styling, HTML & images
            • Search is already implemented (by the mail host)
            • Read / unread tracking is already implemented, and syncs across devices
            • Clients can be configured to prefetch attachments, so you can read offline and sync up the read state afterwards.
            • The fetch script can work on things that aren’t RSS via chromedriver

            Disadvantages:

            • Getting attachments to display inline on a variety of clients took too much work.
            • It’s kind of a hack
            1. 3

              I use Newsboat as a backend for fetching RSS items.

              I wrote Newsboat-Sendmail which taps into the Newsboat cache to send emails to a dedicated email address.

              To make sure the IDs of the emails’ subjects are kept whenever the server asks me to wait before sending more emails, I wrote Sendmail-TryQueue. It saves emails that could not be sent on disk (readable EML format, plus shell script for the exact sendmail command that was used).

              Finally I use Alot to manage the notifications/items.

              1. 2

                …so basically Thunderbird.

                1. 1

                  Thunderbird is one client.

                  I can also use it via the fastmail web ui, or my phone.

                  Lastly, the chromedriver integration means I get full articles with images, instead of snippets.

                  1. 1

                    Ah, I think I misunderstood its features and your workflow. And now I’m curious. How does the non-RSS bit work? Do you customize & redeploy when adding new sources? In other words, how easy or hard is it to generalize extracting the useful bits, especially in today’s world of “CSS-in-JS” where sane as in human-friendly class names go away?

                    1. 1

                      So, the current incarnation has several builtins, each wrapping a simpler primitive:

                      • The simplest is just ‘specify a feed url and it’ll grab the content from the feed and mail it to you’.
                      • The next simplest-but-useful is ‘specify a feed url and it’ll grab the link from the feed, fetch the link, parse it as html, extract all content matching a css selector, inline any images, and mail it to you’. This works well for eg webcomics.
                      • The third level replaces ‘fetch the link’ with ‘fire up chrome to fetch the link’ but is otherwise similar.

                      My planned-future changes:

                      • Use chromedriver but specify the window size and content coordinates; this should work around css-in-js issues by looking for boxes of approximately the right size / position in the document. I’m not currently following any feeds that need this, though.
                      • Store values and look for changes. I plan to use this to (eg) monitor price changes on shopping sites.
                2. 2

                  haha, I like this one. You’ve turned RSS into newsletters!

                  1. 1

                    mailchimp sells this as a feature.

                  2. 1

                    I use rss2email which basically does the same thing.

                    1. 1

                      I wrote a rss reader which is meant for cronjobs, which is btw the reader I use.

                      https://gitlab.com/dacav/crossbow

                      The version 0.9.0 is usable. Soon I plan to release version 1.0.0

                    1. 3

                      Great read. I couldn’t adopt this folder structure though. I’m too wedded to having year folders (2020,2019 etc) at the roots.

                        1. 3

                          Tag suggestion: Swift. NetNewsWire is almost 100 % Swift.

                          1. 5

                            I’m interested to learn that. It’s much older than swift so it must have been rewritten at some point recently. Therefore it being written in Swift is not a core part of its “identity”. swift is not mentioned in the article at all and none of the matters discussed are specific to swift (or even areas where swift is pertinent)

                            For these reasons I don’t think the swift tag is relevant.

                            1. 4

                              I also consider the swift tag irrelevant. Seeing as the tags here are purely used to allow users to hide posts (and to lower some in the algorithm), adding a tag purely due to a loose relation to the article seems like a bad idea. Less tags are better. If I hadn’t just installed a new browser and not yet logged in, I wouldn’t have seen the article which would have been a shame since I found it an interesting read.

                              I suggested the performance tag. I was also considering the databases tag but didn’t go for it in the end.

                              1. 1

                                Yes, my suggestion was in opposition to the ObjC tag, since that was misleading.

                            2. 1

                              Hejsan! Thanks, I didn’t realize that.

                            1. 12

                              Let me play some alternative history here…

                              Take something like a shopping cart. If you tried to do this before cookies, when people put a product into a shopping cart on the first page they visited, as soon as they click on anything else, the browser would think this was a completely new visit

                              You could create a server-side session on the first POST request adding an item to the shopping cart and add its generated id to all links. A user could even bookmark any of those links to return to their session… If only browsers didn’t rely on cookies for remembering and bookmarking UI wasn’t abandoned.

                              Take subscriptions. Without cookies, we have to ask people to manually log in every single time they click on a link. Not just the first time, but between every page view.

                              HTTP has an extensible authentication mechanism built-in. If browser’s didn’t rely on sites abusing cookies for user sessions, we could have a universal standard login/logout button working on every site. Instead HTTP authentication UI was abandoned and never progressed beyond incomprehensible modal windows.

                              Etc., etc. What I’m saying is, REST (and HTTP/2, as a reference implementation) was designed with all of these in mind (often misunderstood HATEOAS is about that specifically). But, for better or for worth cookies happened and technology went another way. But it was a historical accident, not a technological limitation.

                              1. 7

                                I think this has many more downsides than first-party cookies. URLs are designed to be shareable; encoding session state into the URL is asking for users to get their accounts taken over through social engineering. “Send me a link” sounds much less malicious than “open your settings page and go to the Advanced section and find your cookies and copy the cookie for this website and send it to me.” It would probably even happen by accident on sites like this one (and Reddit, HN, Twitter, Facebook, etc).

                                Not to mention how simple it would make various web attacks, e.g. abusing the Referer header to steal credentials. All you need to do is be able to modify an href attribute and you have an account takeover — that’s not much defense-in-depth.

                                IMO first-party cookies, enforced over SSL with the Secure directive, and made inaccessible to JavaScript via the HttpOnly directive, are actually a fairly good mechanism for handling session state. It’s third-party cookies that create tracking issues.

                                (Personally I wish cookies were inaccessible to JS by default, and allowing JS cookie access was opt-in, but alas. I also wish sites served over SSL automatically defaulted to Secure cookies. Small but probably meaningful nits.)

                                1. 1

                                  The URL holding state already happens out in the world. One way around your issue would be when you load the state on the server, check if the IP Address/etc changed, plus the time since last seen, etc. If stuff changed , then chances are it’s not the same user, and you can re-prompt for auth, just to verify them again.

                                  I don’t disagree about 1st party, TLS sent, httpOnly cookies are also an OK way to handle this.

                                  1. 3

                                    One way around your issue would be when you load the state on the server, check if the IP Address/etc changed, plus the time since last seen, etc. If stuff changed , then chances are it’s not the same user, and you can re-prompt for auth, just to verify them again.

                                    This complex and error-prone. It also put the burden on every application developer to understand and know how to make session in URL secure. Too many applications still struggle with basic and solved issues like SQL injection and XSS, I don’t think we would have need yet another common attack vector for web application.

                                    1. 1

                                      I don’t disagree with your point, but I’ll just add nobody can get cookies right either, so it’s the same issue(s) for cookies, just in different ways.

                                      1. 2

                                        It still seems to me that HttpOnly Secure first-party cookies are better than encoding sessions into URLs. The mitigation factors you describe with URLs are heuristics that can be worked around; for example, if you’re on public WiFi, you and your attacker may share an IP address. Similarly, timing checks are not a strong guarantee.

                                        People do manage to mess up cookie security as well. But it’s much easier to get cookies right than getting sessions-in-URLs right, and when you get them right you get strong guarantees instead of heuristics. And when you get them wrong, insecure cookies are harder to exploit than insecure URLs: insecure cookies need an attacker who is monitoring traffic or otherwise actively attempting an exploit, whereas anyone could exploit an insecure URL posted to Reddit.

                                  2. 1

                                    Fair point, yes. I didn’t think about it.

                                  3. 4

                                    Your comment is bringing me memories of ?PHPSESSIONID. One fairly serious drawback is with link sharing. Browsing a shop you’re logged into, you want to share a link to an item with a friend and you inadvertently send them a way into your session.

                                  1. 6

                                    As much as I dislike snap, this post is overly dramatic. You can easily download the non-ubuntu chromium binary and install it without need of snap.

                                    The main problems of snap, which are “irreconcilable differences” that will alienate a part of the population, are:

                                    1. hardcoded home directory pollution
                                    2. user home must be inside /home/
                                    3. cannot disable the automatic update feature
                                    1. 9

                                      You can easily download the non-ubuntu chromium binary and install it without need of snap.

                                      I suppose they want to use official packages from a reputable repository. Installing binaries manually really is bad practice for security and maintainability reasons.

                                      1. 2

                                        I installed the official chromium .deb for Debian and it works flawlessly. (I prefer firefox, but jitsi does not work well in firefox).

                                        1. 4

                                          Is that a repository, or a single .deb file? If the latter, that doesn’t get updates along with regular system maintenance. If it’s an external repository, that could be a decent solution depending on how much you trust it.

                                          1. 2

                                            if chromium is anything like regular chrome or firefox they are updated out of cycle with the rest of the system anyway, unless you happen to turn auto-updates off

                                            1. 4

                                              At work I’m using Chromium and Firefox from the Debian repositories. Auto updates are turned off and will use the standard system update mechanism.

                                              Having random binaries update themselves in a system sounds like a recipe for madness to a sysadmin. Also, how does that even work in a multi-user system where they’re installed system wide? Does that mean these binaries are setuid root or something?

                                          2. 2

                                            jitsi does not work well in firefox

                                            I keep hearing this, but I use jitsi from firefox every day and don’t have any issues. There was a feature missing in firefox about a year ago that was preventing jitsi from working, That was reported and fixed eventually although it took a while to get through the system. Maybe there are still some minor issues but nothing I have seen that makes me want to switch to chrome.

                                            1. 5

                                              Firefox’s implementation of WebRTC has some issues that make Jitsi scale poorly when anyone in a call is on Firefox. This is fine for small groups; it only becomes an issue if there’s more than 10 or so participants.

                                              1. 2

                                                Ok, thanks for clarifying that. I can confirm I am only using it in small groups.

                                        2. 5

                                          I really don’t understand why Ubuntu pushes Snaps when there is Flatpaks (desktop) and Docker (server), unless what they really want is to generate lock in. I wished they were more collaborative and smarter about what maked them stand out (like being a polished desktop Linux). Point 1. was one of the reasons for me to switch to Fedora.

                                          1. 9

                                            I find the existence of both Flatpak and Snap confusing. They seem to solve a problem that only exists for a limited set of software within an already very limited niche of users. Web browsers on desktop Linux distros seem to be well-served by them, but how many engineer-years have gone into building these things?

                                            I suspect there’s some big benefit/use-case that I’m completely missing.

                                            1. 12

                                              I find the existence of both Flatpak and Snap confusing.

                                              This!

                                              Snap and flatpack try to solve two completely unrelated problems: application sandboxing and package distribution, and do a notoriously bad job at each one.

                                              Application sandboxing should be an OS-feature, not requiring any action by the potentially hostile application distributors. Thus, it should be able to act upon arbitrary programs. If I want to run “ls” in a controlled container, so be it. Any application, no matter how is it distributed, must be sandboxable.

                                              Package distribution is a different thing. At this point, it seems that nearly all of the problems can be solved by distributing a static executable as a single file.

                                              1. 2

                                                If I want to run “ls” in a controlled container, so be it.

                                                That may be rather difficult. It already needs access to the whole filesystem…

                                                1. 3

                                                  But it doesn’t need to access to the network, or file contents and it definitely should not be allowed to change anything. Plenty of permissions to restrict.

                                                  1. 2

                                                    or file contents

                                                    Can you restrict that on Linux? Is there a separate permission for reading files and reading directories?

                                                    You’d also need a whitelist for reading some files, such as shared libraries and locale.

                                                    and it definitely should not be allowed to change anything

                                                    Well it has to be able to write to stdout… which could be any file descriptor.

                                                    1. 1

                                                      Can you restrict that on Linux? Is there a separate permission for reading files and reading directories?

                                                      So long as the directory has r-x (octal 5) permission, and the file does not have read r permissions you can browse the directory but not read the files contents.

                                                      1. 3

                                                        No I mean is there a way to allow readdir but not read? AFAIK Linux does not have that level of granularity.

                                              2. 1

                                                This is entirely new to me too.

                                                From the wikipedia entry https://en.wikipedia.org/wiki/Snappy_(package_manager):

                                                The system is designed to work for internet of things, cloud and desktop computing.

                                                So it’s a more light-weight Docker I guess.

                                                1. 6

                                                  I’m not sure how much more light-weight they can be, given that Flatpak and Snap are both using the same in-kernel container mechanisms (cgroups, namespaces, seccomp etc.) as Docker.

                                                  1. 4

                                                    Somewhat tangential (maybe you happen to know, or somebody else who does is reading) – is the sandboxing any good these days, and do Flathub applications/other packagers user them? About two years ago, when Flatpak was just getting hot, the flurry of “this is the future of Linux desktop” posts convinced me to spend a few weekends with it and it was pretty disappointing.

                                                    It turned out that virtually all applications on flathub had unrestricted access to the home directory (and many of them had unrestricted access to the whole filesystem), even though it showed the pretty “sandbox” icon – arguably not Flatpak’s fault I guess, but not very useful, and also not very assuring (features that go almost completely unused tend to be broken in all sorts of ways – since no one gets to use them and hit the bugs). Lurking through the bug tracker also painted a pretty terrible picture – obvious bugs, some of which had had serious enough CVEs assigned for months, lingered for months. So basically it was (almost) zero sandboxing done by a system that looked somewhat unlikely to be able to deal with really malicious applications in the first place.

                                                    (Edit: I don’t mean that Flatpak, or Snap, are bad as a concept – and I also want to re-emphasize, for anyone reading this in 2020, that all of this was back in 2018 or so. But back then, this looked like years away from being anything near something you’d want to use to protect your data – it wasn’t even beta quality, it was, at best, a reasonable proof of concept.)

                                                    Also, even though this was all supposed to “streamline” the distribution process so that users get access to the latest updates and security fixes more quickly, even the most popular packages were hopelessly out of date (as in weeks, or even months) in terms of security fixes. I expect at least this may have changed a bit, given the increase in popularity?

                                                    Has any of this stuff changed in the last two years? Should I give it another go this weekend :-) ?

                                                    (Edit: I can’t find my notes from back then but trying to google around for some of the bugs led me here: http://flatkill.org/ . There’s a lot of unwarranted snark in there, so take it with a grain of salt, but it matches my recollections pretty well…)

                                                    1. 4

                                                      It turned out that virtually all applications on flathub had unrestricted access to the home directory (and many of them had unrestricted access to the whole filesystem),

                                                      A cursory GitHub search of the Flathub organization shows ~150-200 applications have --filesystem=host or --filesystem=home each. And close to 100 have --device=all. So it seems that a large portion is still effectively unsandboxed.

                                                      Lurking through the bug tracker also painted a pretty terrible picture – obvious bugs, some of which had had serious enough CVEs assigned for months, lingered for months.

                                                      This is a disaster in the making. Outside the standard SDKs that are provided through FlatHub, applications compile their own picked versions of… pretty much everything. Just going over a bunch of Flatpaks shows that the dependencies are out of date.

                                                      That said, I see what they are aiming for. The broad permissions are caused by several issues that will probably be resolved in time: broad device permissions are often for webcam access, which should be solved by Pipewire and the corresponding portal. The home/host filesystem permissions can partially be attributes to applications which use toolkits for which the portal mechanism isn’t implemented.

                                                      The problem that every Flatpak packages their own stuff is more concerning though… I know that the aim is to be distribution-independent, but it seems like a lot could be gained by allowing re-use of regular packages within Flatpaks.

                                                    2. 2

                                                      I’m thinking more lightweight conceptually. Docker is seen as a sysadmin/devops thing, Snappy is more like a mobile app.

                                                      1. 3

                                                        In practice however it is still a sysadmin thing.

                                              3. 4

                                                You can easily download the non-ubuntu chromium binary and install it without need of snap.

                                                Then you’re either stuck using PPAs (which is a no-go for certain environments) or manually updating the DEB. Both of which are not good options when it should be as easy getting updates from the official repositories.

                                                1. 0

                                                  I’ve found Chris’ recent posts to be increasingly histrionic. He’s otherwise been a reliable read for ages.

                                                  1. 1

                                                    You say that but I’d agree it’s a serious bug or even just WTF moment.

                                                    Yes, there’s the FHS - but nowhere it says (afaik) that software should break if you change something like this, which isn’t even an edge case but has been done for decades.

                                                    1. 1

                                                      I don’t disagree with that. It seems like a poor limitation that deserved more attention from the devs once reported. And it would have likely caused problems at the last place I was a Sysadmin.

                                                      What I’m complaining about is the tone with which he’s presented the issue. And it’s not limited to this post; I’ve been reading his blog for about ten years and it’s been a high quality read for most of that time, until relatively recently when the tone has been more entitled and (for want of a better word) whingy which detracts from the substance of what he’s writing about.

                                                1. 23

                                                  One can no more dissuade a visionary of this kind than one can dissuade a member of the Fabian Society from the virtues of global humanitarian government, but then neither will the vox populi of provincial yokels be of any use in countering it. One can only stoically resign to the pull of inexorable necessity.

                                                  With the help of an Internet search query or two, and a good deal of re-reading, I could probably figure out what this means. But I am le tired. And I haven’t even gotten through the first chapter.

                                                  This brings up a different controversy: Is writing like this useful to stretch peoples minds, help them grow? Or does it just discourage people and make them feel dumb? Is writing a form of art, or a means of communication, or both?

                                                  From my perspective, it looks more focused on artistry than actually communicating and transferring knowledge. Which isn’t necessarily a bad thing.

                                                  1. 22

                                                    It’s called “purple prose”.

                                                    1. 2

                                                      That’s exactly what I was referring to, TIL.

                                                    2. 9

                                                      From my perspective, it looks more focused on artistry than actually communicating and transferring knowledge.

                                                      Your perspective may change if you finish reading the document before dashing off to post a comment about the style instead of the substance of the source material. :)

                                                      It goes on to give a lot of historical context on previous attempts and on systems issues.

                                                      1. 8

                                                        That’s the point though - I’d happily read the whole thing, if I had the mental capacity to do so. I’m sure there’s plenty of good info in there, but it’s buried under so much prose that I feel like I need a college degree to begin understanding it.

                                                        1. 4

                                                          The point that you mentioned is a local maximum in terms of hard-to-read prose, and (from my reading up to section 2.3) I believe it is a global maximum too - the text is much nicer almost from that passage onward and I only found one other spot that I believe to be particularly egregious. I encourage you to keep going! I very much dislike the Unix culture and tooling in general, but found this article to be fascinating anyway.

                                                          1. 1

                                                            I sampled towards the end and found the prose similarly tiresome.

                                                          2. 3

                                                            Not every reader is native English speaker (and reader). Reading this style is very demanding and makes it harder to focus on the main topic. I have no idea if there are expressions hidden that I don’t know yet, or if a reference in the text is key to the final point.

                                                          3. 9

                                                            You make the mistake of implying that there’s an objective way to communicate clearly and it’s not instead dependent on the listeners.

                                                            Most tech documentations, even when assuming no previous knowledge from the reader, would be unreadable for most people for the sole reason of their structure and dryness.

                                                            You’re witnessing something written by a person that is on the boundary between different worlds and can merge them into a single piece of writing and this confuses you. It’s normal and probably the author did it deliberately.

                                                            Lot of us programmers on the left are keen in rupturing the cultural and social bubble in which the tech sector is entrenched and I wouldn’t be surprised if the author wrote the piece in this way to deliberately challenge the stylistic elements of engineer-oriented writing.

                                                            1. 7

                                                              I agree, but I think it’s just interesting that the author seems to have raised the educational bar, not lowered it. Now you have to be an engineer AND a literary genius to understand what’s being written.

                                                              And I’m not saying this is necessarily a bad thing. I’m just noting that it’s unapproachable for people like me. I’m sure after a bit more education and time, I’ll appreciate it too.

                                                              1. 13

                                                                You don’t have to be a genius to understand that paragraph, just literate. I understood it just fine and the highest formal education I’ve received is community college.

                                                                Anyone who works in software is accustomed to googling tech jargon they’re unfamiliar with and learning as they go. I think it is interesting that you balk at doing this in a humanities context and perhaps that was the point.

                                                                1. 4

                                                                  I think you hit the nail on the head. It sounds to me like you’ve put in the hard work to understand and appreciate this kind of writing, and that is truly awesome (no sarcasm there). For me, I could totally figure this out, no doubt about it. But it would still be quite the slog, because I haven’t invested quite as much hard work as you have into the humanities yet. And that’s ok.

                                                                  That’s why I say this “isn’t necessarily a bad thing.” I could use some more development in my humanities skills! But if the goal is to communicate ideas, then writing like this will only communicate ideas to a gifted few who are good at both engineering and humanities. Again: Not necessarily a bad thing.

                                                                2. 1

                                                                  If you want to start from somewhere, I suggest you read Geek Sublime from Vikhram Chandra. He’s both a programmer and a novelist.

                                                                3. 1

                                                                  Lot of us programmers on the left are keen in rupturing the cultural and social bubble in which the tech sector is entrenched

                                                                  And yet you at the same time alienate readers who’ve never studied literature in English, nor English literature. More often than not from second and third world countries.

                                                                  1. 6

                                                                    We write in different ways to reach different audiences in different ways. I never said everything should be written this way. There’s a growing idea of writing more propaganda disguised as tech opinion pieces using a language that programmers like. I mean, the far-right has been doing that for three decades now, it’s time for the left to react.

                                                                    The “poking” at the bubble is complementary and clearly doesn’t aim at reaching the masses, but just at bringing out those that have the potential to connect with those readings.

                                                                    Also I’m not American, I’m not an English native speaker and in “second and third world countries” humanities are usually valued a lot more than in the protestant anglosphere, so I don’t get your point.

                                                                4. 8

                                                                  This is the “English (Literary)” locale where it is assumed you know your leftist lore (and French philosophy). Not my thing but sometimes the references lead to interesting wikipedia pages.

                                                                  1. 11

                                                                    This brings up a different controversy: Is writing like this useful to stretch peoples minds, help them grow? Or does it just discourage people and make them feel dumb? Is writing a form of art, or a means of communication, or both?

                                                                    When I was younger I thought that impressing people with my vocabulary is the utmost purpose of my writing, but as years have gone on I have realized that this is just mental peacocking (to use a friendly term). The real greatness is to convey information (or even humor) using simple language while staying informative and engaging. I have been way more impressed with authors being able to write like this than people who just show they own a thesaurus.

                                                                    1. 6

                                                                      This brings up a different controversy: Is writing like this useful to stretch peoples minds, help them grow? Or does it just discourage people and make them feel dumb? Is writing a form of art, or a means of communication, or both?

                                                                      I would argue the former. You’ve learned a little more about the world by virtue of looking up a literary or cultural reference you didn’t previously understand. I’ve done this with plenty of texts I’ve read, in English and particularly in other languages (English is my cradletongue). Of course you weren’t obligated to do so - you could’ve decided that this article about systemd written using these kinds of literary references wasn’t worth your time to understand, and if enough people thought similarly, it would lose a substantial portion of its potential audience. But using literary and cultural references is something that writers and speakers do in pretty much every genre of human communication; and it’s only because this author happened to choose ones that you were unfamiliar with, that you found it something worth remarking on.

                                                                      1. 3

                                                                        I found it really funny. To me, that kind of descriptiveness adds humor, but maybe I’m the only one? Like putting an eccentric accent on a movie character.

                                                                        1. 1

                                                                          i found it pretty funny too :)

                                                                        2. 2

                                                                          I think the article would be much longer if it wasn’t for the use of various literary devices for compression.

                                                                          Maybe that would be for the better as more people would benefit from reading it.

                                                                          On the other hand, it’s useful to have someone shine a light on gaps in your knowledge of things which used to be well known. Certainly I don’t think that a lot of the things referred to in the writing should be particularly exotic, yet sadly they are.

                                                                          Finally, I personally get some enjoyment from reading things like these. It’s the kind of enjoyment I get from reading old books. Difficult to read but full of very interesting ideas.

                                                                          1. 2

                                                                            Is writing like this useful to stretch peoples minds

                                                                            While I do not particularly like the style of this text, I appreciate any kind of writing style that does not resemble the current “ted-talk” style uncultured vomit that is becoming the style of almost everybody today.

                                                                            1. 2

                                                                              I”m less offended by the use of some obscure terms and references than by the implicit comparison of a Gnome maintainer to a follower of Stalin:

                                                                              And if we are to take the “revolution OS” metaphor further, then Bassi’s position is not unlike Stalin’s defense of the need of a vanguard party in The Foundations of Leninism (1924), with those opposed consequently in the role of Trotskyites, Zinovievites and ultra-leftists: “The theory of worshipping spontaneity is decidedly opposed to giving the spontaneous movement a politically conscious, planned character. It is opposed to the Party marching at the head of the working class, to the Party raising the masses to the level of political consciousness, to the Party leading the movement; it is in favour of the politically conscious elements of the movement not hindering the movement from taking its own course; it is in favour of the Party only heeding the spontaneous movement and dragging at the tail of it.”

                                                                              1. 2

                                                                                Arguably, in many historical cases, such ways of expression were used to hide the real meaning, a sort of emphemization. It was especially used when it came to criticizing a point of view, to filter out as many people as possible to not bear the consequences of saying clearly what you intended to say. The more fluff and ambiguity the more you can hide behind it.

                                                                                EDIT as this comment says, it’s called “purple prose”.

                                                                                1. 1

                                                                                  FWIW, here’s my translation:

                                                                                  You can’t dissuade visionaries like this, and the popular bloggers won’t help you counter them either. All you can do is give in [and use the visionaries’ stuff?]

                                                                                  Without the context of the surrounding paras I don’t really know what they were getting at.

                                                                                  I think people write like this because it’s fun for the writer, not necessarily for the reader ;)

                                                                                  Edit: the context is:

                                                                                  • The Fabian Society is a British internationalist lefty think tank. Because they’re internationalist and lefty (but not anarchists), they’d probably really like a global humanitarian government.

                                                                                  • “vox populi” is latin for “voice of the people” and sometimes means the “opinion of the people”, but that bit is a bit clumsy anyway.

                                                                                1. 4

                                                                                  For the opposite

                                                                                  :set mouse=

                                                                                  It should be the default, as it is irritating to try to select text to paste elsewhere and have vim switch modes just because of that.

                                                                                  1. 2

                                                                                    I remember Debian’s vim moved to mouse-by-default, but did the upstream default change too?

                                                                                    1. 2

                                                                                      Not sure if it’s from upstream, but the FreeBSD package also has mouse-by-default and I don’t think it matters. It drives me insane because I always use mouse-copy for copying between terminals and visual mode keyboard copy for copying within a vim session and so I end up having to remember to stick set mouse= in my .vimrc. Maybe soon it will motivate me to put my .vimrc in git somewhere…

                                                                                      1. 1

                                                                                        Arch’s is mouse by default, which annoys me. If the upstream is not, that’d be a bug: It’d go against Arch philosophy of not patching packages unless strictly necessary.

                                                                                    1. 2

                                                                                      Yes. I use it with vim, tmux and aerc. It’s a useful extra input method even when I’m predominantly keyboard oriented.

                                                                                      1. 2

                                                                                        This is an interesting perspective. I’ve never used dtrace, although I know a lot of fans of it, who didn’t like (what I thought was) the Linux equivalent, System Tap. There’s no mention of System Tap in this article. I wonder, are people writing eBPF stuff to do things one would use dtrace for on Solaris, completely orthogonally to System Tap? Or are System Tap and the eBPF framework integrated in some way?

                                                                                        1. 5

                                                                                          SystemTap traces were originally compiled into kernel modules that were loaded on the fly for each invocation. Now there is a SystemTap backend that uses eBPF. But the momentum is now clearly on the side of eBPF, which is turning into a general-purpose in-kernel VM for doing all sorts of things, so there’s probably no need to learn SystemTap rather than bpftrace (the DTrace-like front end to eBPF).

                                                                                          (Edit) For example, see XDP, eBPF accelerated networking: http://blogs.igalia.com/dpino/2019/01/10/the-express-data-path/

                                                                                        1. 17

                                                                                          God save me from Lenovo pre-installed software…

                                                                                          1. 11

                                                                                            I think the real benefit here is Lenovo seems to now give a shit about making their hardware work well Linux, and maybe, just maybe, they’ll push that hardware support upstream so folks who don’t want to run the distro this ships with can still benefit from it.

                                                                                            1. 3

                                                                                              Exactly my thoughts. I’m using a T540p at work with Debian on it, but the hardware support is pretty shitty. Lots of power management problems, display driver had problems in the beginning and so on. It also took years for Debian on my x230 to support the built-in microphone. So maybe with this, that fabled “good Linux support” will finally become actually true for these models.

                                                                                              1. 4

                                                                                                RHEL7 on my T540p “just worked“, years ago. Although I hated the laptop so didn’t use it for very long. When people have problems with a particular Linux on a particular laptop, sometimes it’s the laptop, but sometimes perhaps the distribution. Or somewhere in the middle.

                                                                                                1. 2

                                                                                                  That’s weird, you’d expect this to be more or less the same across distros (as long as they use the same kernel version and X drivers)

                                                                                                  1. 3

                                                                                                    You’ve put your finger on it: they probably aren’t using the same kernel and X drivers.

                                                                                                  2. 1

                                                                                                    You hated a T540p ? Don’t answer.

                                                                                                    1. 2

                                                                                                      Not OP but I had to use one for a little while. I hated it due to keyboard and touchpad. Lenovo touchpads of the era were so terrible they should have just left them off and stuck to the trackpoint. A janky touchpad with half-assed palm rejection degraded the experience.

                                                                                                      And I just can’t deal with the off-center typing that 10key forces on a laptop that size.

                                                                                                      Otherwise it was great, but I couldn’t get past those two things.

                                                                                                      1. 2

                                                                                                        Ok!

                                                                                                  3. 2

                                                                                                    I hope for this too! Having an X1 Extreme with Ubuntu 18.04 for 1 year being the worst Linux experience in 25 of using Linux. I have to say until this I avoided Hardware that didn’t have good Linux support. Will boycott Nvidia for the rest of my life.

                                                                                                    Just would have hoped that Lenovo would have a notebook with same form factor and physical aspects (15”, centered keyboard, hi resolution) but without Nvidia.

                                                                                                1. 4

                                                                                                  https://jmtd.net/. I’ve been blogging for 20 years. Recent topics include functional programming (in particular haskell), distributed stream-processing (my PhD topic); recent recommended casual nintendo switch games; self-hosted website matters: indieweb, software, web fonts, containers; note-taking approaches (productivity); beginner 3d printing; Amiga 500 floppy disk recovery project (and other historic computing issues) and Debian.

                                                                                                  I’m currently quite interested in knowing what (if anything) people would like to read more about.

                                                                                                  1. 4

                                                                                                    Seems like the right way to do it. This looks like perfect thing for derivative distro. Also a good way to test if long tail packages without a package maintainer can go away.

                                                                                                    1. 1

                                                                                                      long tail packages without a package maintainer

                                                                                                      Maintainers are optional. Plenty of packages lack a maintainer. This is absolutely alright as long as when it breaks somebody steps in to fix them. If nobody does, then the packages can be indeed removed.

                                                                                                      Please do not remove that which isn’t broken.

                                                                                                      1. 2

                                                                                                        Hmm, that’s true. If there’s no maintenance burden, why bother removing them? Okay, I sympathize.

                                                                                                        1. 3

                                                                                                          There is a maintenance burden. Every package in the archive, whether or not there’s an active maintainer or not, adds to a burden felt by all maintainers, and ultimately, users. They inflate the package DB metadata, which makes everyones package updates take longer, they get tangled up in transitions (e.g. libc6 updates, or Debian-specific changes like packaging updates to match newer policy versions), and by existing in the archive they both imply a level of support to users that isn’t there, and hurt the reputation of Debian as a reliable distribution.

                                                                                                          1. 1

                                                                                                            By your logic, Debian should stop packaging so much software and just shrink.

                                                                                                    1. 4

                                                                                                      They’ve been dropped in the development distribution (“unstable”) but they remain in the stable release, which is the only officially supported release anyway. they’ve been dropped by the current maintainers who are volunteers and can’t be forced to do work that they don’t want to do. Other volunteers are free to pick up maintaining these packages. Anyone using them, even people using the unstable distribution, will not have the packages suddenly uninstalled from their computers. So this seems like a storm in a teacup.

                                                                                                      Looking at the driver list I thought “oh I have an aiptek tablet” but it turns out I gave it away years ago. Otherwise I’d pick up maintaining that one myself.

                                                                                                      Edit: one of the other issues raised in the Phoronix article is the r128 driver and its importance for old Apple hardware. However, old apple hardware (powerpc) was dropped as an official release architecture in 2017. And reading the thread on the Debian powerpc mailing list, the driver doesn’t actually work without some out-of-tree patches (which were not in the Debian package) anyway.

                                                                                                      Ultimately I have a lot of sympathy for people maintaining vintage machines, amongst other things I am a founder and volunteer of a Historic Computing Committee, but sadly the volunteer people-power required to keep these things in the distribution is just not there.

                                                                                                      1. 12

                                                                                                        Meh, it’s not like they’re removing the drivers from the Linux kernel. Just because Debian ships with a wide array of hardware support in its vanilla kernel doesn’t mean that the maintainers are obligated to support everything. If you’re running obscure hardware, there’s nothing stopping you from building a custom kernel, or just building a dkms package and putting it in a repo somewhere. Heck, to this day, nvidia drivers are built through dkms, and half the world runs nvidia hardware.

                                                                                                        1. 6

                                                                                                          This. I’d rather Debian spent more time keeping a smaller list of better maintained, more up to date packages than support hardware that is decades old. If you want, you can still run an old version of Debian or compile your own modules and put them in an alternate repository. People are so ungrateful towards OSS maintainers sometimes.

                                                                                                          1. 2

                                                                                                            I’d rather

                                                                                                            Debian is mostly run by volunteers. The package maintainers of these drivers are volunteers too.

                                                                                                            The person who removed the packages isn’t the maintainer of the packages.

                                                                                                            The criteria was “this hardware is too old”. It was not “these packages are abandoned” or “these packages are broken”.

                                                                                                            Plenty of maintainers put effort, now and over the course of Debian’s history, to keep old hardware and software working.

                                                                                                            This is now thrown out of the window by somebody who personally doesn’t hold the same values.

                                                                                                            1. 5

                                                                                                              The person who removed the packages isn’t the maintainer of the packages.

                                                                                                              I just read the bug itself and the reporter was doing so on behalf of the X Strike Force, which is the team that maintain(ed) those packages. So I think you’re mistaken.

                                                                                                              1. 1

                                                                                                                Clearly the person who ‘doesn’t hold the same values’ has a higher decision power than the volunteers providing updates to these packages. Debian’s Constitution has a clear structure, and arguably the people who chose to deprecate these packages are charge of shaping the direction the distro should follow.

                                                                                                                I understand the annoyance of being excluded from a distro, but we have to ask an honest question: what possible benefit would Debian get out of including every single piece of software someone proposes? It’s not like people using these obscure pieces of hardware are in need of the latest kernel (and if they were, they could compile it themselves) or a huge unattended market.

                                                                                                                1. 1

                                                                                                                  what possible benefit would Debian get

                                                                                                                  As I understand it, Debian isn’t in for the profit.

                                                                                                                  As for the community, they use or contribute to Debian for a variety of reasons. For some of them, it is the hardware support; Debian supports a lot of architectures. For some others, it is the large package library.

                                                                                                                  Dropping support for old hardware might actually turn away a lot of people. Or not.

                                                                                                                  In any event, I don’t believe the nonsense that packages that still build, are still maintained upstream and still have users are, somehow, a maintenance burden. So yes, I am disappointed in Debian.

                                                                                                            2. 2

                                                                                                              the maintainers are obligated to support everything.

                                                                                                              They aren’t. But this isn’t what happened here. What happened is that somebody removed a bunch of packages that aren’t broken, without a care in the world that these packages might actually have users.

                                                                                                              Heck, to this day, nvidia drivers are built through dkms, and half the world runs nvidia hardware.

                                                                                                              Distributions do build nouveau, the open driver. They don’t build nvidia’s proprietary driver, the same way they don’t build other proprietary drivers.

                                                                                                            1. 5

                                                                                                              Debian. I picked it because it had the best package manager at the time, hands down. That was 20 years ago. I’ve seen no reason to switch.