451 Matching Annotations
  1. Last 7 days
  2. Nov 2023
  3. Sep 2023
  4. Aug 2023
    1. What won’t change is people’s tendency toward gossip, tribalism driven by gossip and the ability of anybody to inform anybody else about anything, including wrongly. The only places where news won’t skew fake will be localities in the natural world. That’s where the digital and the physical connect best. Also expect the internet to break into pieces, with the U.S., Europe and China becoming increasingly isolated by different value systems and governance approaches toward networks and what runs on them.
      • for: progress trap, unintended consequence, unintended consequence - digital technology, quote, quote - progress trap, quote - Doc Searls
      • quote
        • What won’t change is people’s tendency toward gossip,
          • tribalism driven by gossip and the ability of anybody to inform anybody else about anything,
            • including wrongly.
        • The only places where news won’t skew fake will be localities in the natural world.
        • That’s where the digital and the physical connect best.
        • Also expect the internet to break into pieces, with
          • the U.S.,
          • Europe and
          • China
        • becoming increasingly isolated by different value systems and governance approaches toward
          • networks and
          • what runs on them.
  5. Jul 2023
    1. What happened here is that the file 'somefile.txt' is encoded in UTF-16, but your terminal is (probably) by default set to use UTF-8.  Printing the characters from the UTF-16 encoded text to the UTF-8 encoded terminal doesn't show an apparent problem since the UTF-16 null characters don't get represented on the terminal, but every other odd byte is just a regular ASCII character that looks identical to its UTF-8 encoding.

      The reason why grep Hello sometext.txt may result nothing when the file contains Hello World!.

      In such a case, use xxd sometext.txt to check the file in hex, and then either: - use grep: grep -aP "H\x00e\x00l\x00l\x00o\x00" * sometext.txt - or convert the file to into UTF-8: iconv -f UTF-16 -t UTF-8 sometext.txt > sometext-utf-8.txt

  6. Jun 2023
    1. All of these values, including the precious contents of the private key file, can be seen via ps when these commands are running. ps finds them via /proc/<pid>/cmdline, which is globally readable for any process ID.

      ps can read some secrets passed via CLI, especially when using --arg with jq.

      Instead, use the --rawfile parameter as noted below this annotation.

  7. Apr 2023
  8. Mar 2023
  9. Feb 2023
    1. If you haven't seen it yet, check out the PinePhone Pro and its docking station. Much like the Steam Deck's docking station, it plugs the phone into a monitor, keyboard, and mouse to turn your phone into a PC.
    2. When Ubuntu was confronted with making Debian user friendly, the issue was speeding up software updates. Manjaro has the opposite issue with Arch and is handling it appropriately.
    1. B/ Mainline kernel offers many ways to increase desktop responsiveness without the need to patch or reconfig it. Many tweaks can be activated using the cfs-zen-tweaks you can download and just run but I would advise you just read the very simple code and learn how each of the tweaks impact. Don't hesitate to lower the priority of your cpu-bound processes (compilations, simulations...) and increase the priority of your interactive tasks thanks to the renice command and even change their scheduling policy using chrt Ultimately, you can always pin interrupts to dedicated cpus (setting desired values in /proc/irq/[irq_id]/smp_affinity) , having one in charge of the keyboard and the mouse, another one for the graphic adaptor a third one for the sound card and a fourth one housekeeping for all the possible remaining. Just plenty of solutions left opened without changing a byte in your distro-kernel.
  10. Jan 2023
    1. Points from the comments in support of using Mac

      Reasons why macOS is better than Linux (see below)

    2. Points from the comments in support of using Linux

      Reasons why Linux is better than macOS (see below)

    1. on an Intel/AMD PC or Mac, docker pull will pull the linux/amd64 image. On a newer Mac using M1/M2/Silicon chips, docker pull will the pull the linux/arm64/v8 image.

      Reason of all the M1 Docker issues

    2. In order to meet its build-once-run-everywhere promise, Docker typically runs on Linux. Since macOS is not Linux, on macOS this is done by running a virtual machine in the background, and then the Docker images run inside the virtual machine. So whether you’re on a Mac, Linux, or Windows, typically you’ll be running linux Docker images.
  11. Dec 2022
    1. For sufficiently simple cases, just running a few commands sequentially, with no subshells, conditional logic, or loops, set -euo pipefail is sufficient (and make sure you use shellcheck -o all).

      Advice for when you can use shell scripts

  12. Nov 2022
    1. First, if Jenkins runs as PID 1, then it's difficult to differentiate between process that were re-parented to Jenkins (which should be reaped), and processes that were spawned by Jenkins (which shouldn't, because there's other code that's already expecting to wait them).
    1. The process group mechanism in most Unix-like operating systems can be used to help protect against accidental orphaning, where in coordination with the user's shell will try to terminate all the child processes with the "hangup" signal (SIGHUP), rather than letting them continue to run as orphans.
    2. its jobs (internal representation of process groups)
  13. Oct 2022
    1. The newer GPT standard is paired with UEFI BIOS systems

      Can uefi deal with mbr table

    2. Throughout the drive
    3. and have either a black or blue-screen-of-death background color.
    4. The BIOS does things like configure the keyboard, mouse, and other hardware, set the system clock


    5. support a GPT partition table and a UEFI BIOS.


    6. very easy to ruin the MBR sector of the drive, making it impossible to boot up again. Then you'll either need to create a recovery USB drive with Windows or Linux and try to repair the MBR, or completely wipe the drive and reinstall the operating system


    1. There are dedicated tools to verify checksum of files in Linux. You can also check hashes in the Nautilus file manager with nautilus-gtkhash extension.


    1. Receiving a GPG error when running apt-get update? Your default umask may not be set correctly, causing the public key file for the repo to not be detected. Run the following command and then try to update your repo again: sudo chmod a+r /etc/apt/keyrings/docker.gpg.

      todo The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 959FE34E90E51522 Err:14 https://download.docker.com/linux/ubuntu vanessa Release <br /> 404 Not Found [IP: 443]

    2. Add Docker’s official GPG key: $ sudo mkdir -p /etc/apt/keyrings $ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg Use the following command to set up the repository: $ echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null


    1. Used to explicitly set the container hostname. If you don't specify the hostname, it defaults to the container ID, which is a randomly generated system GUID.


    2. Map a TCP port on the host environment (first value) with a TCP port in the container (second value). In this example, SQL Server is listening on TCP 1433 in the container and this container port is then exposed to TCP port 1433 on the host.


    3. Specify a custom SQL Server collation, instead of the default SQL_Latin1_General_CP1_CI_AS.

      donot understand

    4. The SA_PASSWORD environment variable is deprecated. Please use MSSQL_SA_PASSWORD instead.

      dont understand

  14. Sep 2022
    1. 在 Linux Plumbers Conference 会议上,Linus Torvalds 接受采访谈论了工作、Rust 和 M2 MacBook Air 笔电。 Torvalds 称他不是工作狂,在参加会议前花了六天时间在荷属西印度群岛的 Bonaire 玩潜水。他说他一年又一年在内核上工作是因为他可以短时间离开放松下,他最筋疲力尽的时候通常是合并开始时,他专注于在合并开始第一周内完成大部分工作。Linux 内核社区真正的工作狂是稳定版内核维护者 Greg Kroah-Hartmann,他每周都不停的工作,Torvalds 猜测他大量使用自动化工具。新冠疫情对内核开发没有产生多少影响,因为包括 Torvalds 在内的主要维护者多年来都习惯在家中远程工作。他指出内核开发的一个变化是子系统维护者通常由团队而不是一个人组成,部分子系统维护者只有一个人,但已经相当罕见了。内核对 Rust 的支持可能需要更长的时间,一个原因是非标准的 Rust 扩展的处理,另一个更重要原因是 Rust 编译器还不稳定。Torvalds 外出旅行时使用一台 M2 MacBook Air 笔电,运行 Fedora Workstation 36,Fedora 还没有支持 ARM-64 M2 处理器的版本,Torvalds 自己动手让 Fedora 36 能运行在 M2 上,这个版本不完美,不支持 3D 图形,Chrome 也不支持,而 Torvalds 使用 Chrome 的密码管理器管理部分密码。

  15. Aug 2022
    1. The custom title bar has been a success on Windows, but the customer response on Linux suggests otherwise. Based on feedback, we have decided to make this setting opt-in on Linux and leave the native title bar as the default. The custom title bar provides many benefits including great theming support and better accessibility through keyboard navigation and screen readers. Unfortunately, these benefits do not translate as well to the Linux platform. Linux has a variety of desktop environments and window managers that can make the VS Code theming look foreign to users.
  16. Jul 2022
    1. If your laptop is extremely old then I would recommend Puppy Linux.If your laptop isn’t very old but doesn’t perform very well I would recommend AntiX.If your laptop is a little old but still can’t handle Windows 7/10 very well I would recommend Lubuntu.

      3 OS recommendations for old laptops: 1. Puppy Linux 2. AntiX 3. Lubuntu

    1. So the correct command to use is findmnt, which is itself part of the util-linux package and, according to the manual: is able to search in /etc/fstab, /etc/mtab or /proc/self/mountinfo
  17. Jun 2022
    1. The main problem of the Linux community is that it is divided. I know this division represents freedom of choice but when your rivals are successful, you must inspect them carefully. And both rivals here (MacOS and Windows) get their power from the "less is more approach".This division in Linux communities make people turn into their communities when they have problems and never be heard as a big, unified voice.When something goes wrong with other OSes, people start complaining in many forums and support sites, some of them writing to multiple places and others support them by saying "yeah, I have that problem, too".In the Linux world, the answers to such forums come as "don't use that shitty distro" or "use that command and circumvent the problem".Long story short" average Linux user doesn't know that they are:still customers and have all the rights to demand from companiesthey can get together and act up louder.Imagine such an organizing that most of the Linux users manage to get together and writing to Netflix. Maybe not all of them use Netflix but the number of the Linux users are greater than Netflix members. What a domination it would be!But instead we turn into our communities and act like a survival tribe who has to solve all their problems themselves .
    2. Big Software companies like Adobe or Netflix do two things that are relevant for us and currently go wrong:They analyse the systems their customers use. They don't see their Linux users because we tend to either not use the product at all under Linux (just boot windows, just use a firertv stick and so one) or we use emulators or other tools that basically hide that we actually run Linux. --> The result is that they don't know how many we actually are. They think we are irrelevant because thats what the statistics tell them (they are completely driven by numbers).They analyze the feature requests and complains they get from their customers. The problem is: Linux users don't complain that much or try to request better linux support. We usually somehow work around the issues. --> The result is that these companies to neither get feature requests for better Linux support nor bug reports from linux users (cause its not expected to work anyways).
    1. Create .bash_profile in your home directory and add these lines: export SHELL=/bin/zsh exec /bin/zsh -l

      Change user's default shell without root access.

  18. May 2022
    1. 查看内存信息1)使用free命令默认单位为K,可通过结合参数-b、-k、-m分别以单位B、K、M进行显示
    1. If you are on Linux, you can simply download it from GitHub but the most convenient way is to use the pyenv-installer that is a simple script that will install it automatically on your distro, whatever it is, in the easiest possible way.

      Installing pyenv on Linux

  19. Apr 2022
    1. I sometimes wondered why the VS Code team put so much effort into the built-in terminal inside the editor. I tried it once on Linux and never touched it again, because the terminal window I had right next to my editor was just massively better in every way. Having used Windows terminals for a while, I now fully understand why it’s there.

      VS Code terminal is not as efficient on Linux

    2. They just automate the process of going to the website, downloading an installer and then running it - which is slightly better than doing it yourself.

      Windows package managers are unlike Linux ones

    3. Desktop Linux is often criticized for this, but Windows is much worse, somehow! It’s really inconsistent. Half of it is “new” UI and half of it is old Win32/GDI type UI - just as bad as KDE/GTK - except worse, because you can’t configure them to use the same theme. Also, when you install a Linux distribution, it’ll start off either all KDE or all GTK, or whatever - but with Windows you’re stuck with a random mix of both right from the start.

      Windows is a mess...

  20. Mar 2022
    1. level 1Fatal_Taco · 2 days ago · edited 2 days agoArch Linux, and likely most distros, are defined by these few things and are not limited to:The Linux Kernel, what type of config and modules it's been compiled with.The pre-packaged programs it comes with by default.The init.The package manager.The repositories it references.The slightly differing Linux Filesystem Hierarchy.The types of computers it runs on.
  21. Feb 2022
    1. LXC, is a serious contender to virtual machines. So, if you are developing a Linux application or working with servers, and need a real Linux environment, LXC should be your go-to. Docker is a complete solution to distribute applications and is particularly loved by developers. Docker solved the local developer configuration tantrum and became a key component in the CI/CD pipeline because it provides isolation between the workload and reproducible environment.

      LXC vs Docker

    1. == and != for string comparison -eq, -ne, -gt, -lt, -le -ge for numerical comparison

      Comparison syntax in Bash

    2. > will overwrite the current contents of the file, if the file already exists. If you want to append lines instead, use >>

      > - overwrites text

      >> - appends text

    3. The syntax for “redirecting” some output to stderr is >&2. > means “pipe stdout into” whatever is on the right, which could be a file, etc., and &2 is a reference to “file descriptor #2” which is stderr.

      Using stderr. On the other hand, >&1 is for stdout

    4. single quotes, which don’t expand variables

      In Bash, double quotes ("") expand variables, whereas single quotes ('') don't

    5. This only works if you happen to have Bash installed at /bin/bash. Depending on the operating system and distribution of the person running your script, that might not necessarily be true! It’s better to use env, a program that finds an executable on the user’s PATH and runs it.

      Shebang tip: instead of ```



      !/usr/bin/env bash

      alternatively, you can replace `bash` with `python`, `ruby`, etc. and later chmod it and run it: $ chmod +x my-script.sh $ ./my-script.sh ```

  22. Jan 2022
    1. uix includes package definitions for many GNU and non-GNU packages, all of which respect the user’s computing freedom. It is extensible: users can write their own package definitions (see Defining Packages) and make them available as independent package modules (see Package Modules). It is also customizable: users can derive specialized package definitions from existing ones, including from the command line (see Package Transformation Options).

      O sea que esta es la solución a mi inconformidad con los instaladores de arch linux: un montón de software que no uso instalado como dependencias.

    1. All operating systems with network support have a hosts file to translate hostnames to IP addresses. Whenever you open a website by typing its hostname, your system will read through the hosts file to check for the corresponding IP and then open it. The hosts file is a simple text file located in the etc folder on Linux and Mac OS (/etc/hosts). Windows has a hosts file as well, on Windows you can find it in Windows\System32\drivers\etc\if(typeof __ez_fad_position!='undefined'){__ez_fad_position('div-gpt-ad-vitux_com-box-3-0')};

      El archivo host traduce el hostnames a direcciones IP. Cuando abrimos un sitio tipeando su URL en un navegador nuestro hostfile la IP correspondiente para abrirla.

      1. En su primera parte el hostfile contiene nombres e IP de nuestra máquina local.
      2. En su segunda parte se encuentra información sobre los host capaces de usar el protocolo IPV6 y difícilmente es editada por el usuario.
    1. -xcf cursorfile cursorsize This lets you change the pointer cursor to one loaded from an Xcursor file as defined by libXcursor, at the specified size.

      Esta es la opción que debo usar con el comando "xcursor" para configurar la forma y tamaño del cursor en X.

    1. This runs a loop 555 times. Takes a screenshot, names it for the loop number with padded zeros, taps the bottom right of the screen, then waits for a second to ensure the page has refreshed. Slow and dull, but works reliably.

      Simple bash script to use via ADB to automatically scan pages:

      for i in {00001..00555}; do
         adb exec-out screencap -p > $i.png
         adb shell input tap 1000 2000
         sleep 1s
      echo All done
  23. Dec 2021
  24. Nov 2021
    1. special permission bit at the end here t, this means everyone can add files, write files, modify files in the /tmp directory, but only root can delete the /tmp directory

      t permission bit

    1. I find some of XDG's default dirs, especially ~/.local/share/whatever, to be very annoying. (Almost as annoying as having ~/snap polluting my home dir, but for a different reason.) I shouldn't have to type such long paths or navigate three folders deep in order to access my data files. I therefore make use of the XDG_DATA_HOME environment variable for XDG-style programs, so they will put my files somewhere convenient. However, I don't think Snap can honor that variable, because AppArmor rules require fixed paths. Given 1 & 2, I think ~/.snap/data is a sensible compromise, at least until the underlying components are flexible enough to let the user choose.
  25. Oct 2021
    1. $@ is all of the parameters passed to the script. For instance, if you call ./someScript.sh foo bar then $@ will be equal to foo bar.

      Meaning of $@ in Bash

    1. The solution is absolutely straightforward and posting it *will* be embarrassing.

      Christmas 2016 & user seth, with 24k posts currently, is a total dipstick asshole for someone asking a very basic reasonable question & sticks to being an insulting tart for 6 posts.

      This is now one of the top answers online. There is still no oneliner to change your default route metrics.

    1. 管線命令僅會處理 standard output,對於 standard error output 會予以忽略 管線命令必須要能夠接受來自前一個指令的資料成為 standard input 繼續處理才行。

      也就是使用 | 的命令

  26. Sep 2021
    1. I find it much simpler to use a partition label with LABEL=.... It is shorter, easier to remember, and also has the advantage that should the partition go bad and need to be replaced you can create a new partition, give it the same label provided the old partition is either removed or at least changed to be unlabelled and fstab will never know the difference.
    1. sudo apt-get autoclean sudo apt-get autoremove sudo apt-get clean sudo apt update sudo apt-get dist-upgrade --fix-missing sudo apt-get dist-upgrade --fix-broken sudo apt full-upgrade sudo apt -f install dpkg --configure -a
    1. The best practice is this: #!/usr/bin/env bash #!/usr/bin/env sh #!/usr/bin/env python

      The best shebang convention: #!/usr/bin/env bash.

      However, at the same time it might a security risk if the $PATH to bash points to some malware. Maybe then it's better to point directly to it with #!/bin/bash

    1. Here's my bash boilerplate with some sane options explained in the comments

      Clearly explained use of the typical bash script commands: set -euxo pipefail

  27. Aug 2021
    1. set -euo pipefail

      One simple line to improve security of bash scripts:

      • -e - Exit immediately if any command fails.
      • -u - Exit if an unset variable is invoked.
      • -o pipefail - Exit if a command in a piped series of commands fails.
    1. AUR

      The AUR is a well-known user repository for Arch projects! This is a test note.

    1. CBL-Mariner is an internal Linux distribution for Microsoft’s cloud infrastructure and edge products and services.

      CBL-Mariner <--- Microsoft's Linux distribution

  28. Jul 2021
    1. All platforms. Professional features. Beautiful UI. Totally free. FontBase is the font manager of the new generation, built by designers, for designers.

  29. Jun 2021
    1. GRUB hidden menu change FAQ  

      details about grub menu hidden and how to enable, access, etc

    1. There is one very important reason for enabling job control to be useful inside scripts: the side-effect it has of placing background processes in their own process groups. This makes it much, much easier to send signels to them and their children with one simple command: kill -<signal> -$pgid. All other ways of dealing with signaling entire trees of processes either involve elaborate (sometimes even recursive) functions, which are often bugnests, or risk killing the parent in the process (no pun intended).
    1. The alternative for curl is a credential file: A .netrc file can be used to store credentials for servers you need to connect to.And for mysql, you can create option files: a .my.cnf or an obfuscated .mylogin.cnf will be read on startup and can contain your passwords.
      • .netrc <--- alternative for curl to store secrets
      • .my.cnf or .mylogin.cnf <--- option files for mysql to store secrets
    2. Linux keyring offers several scopes for storing keys safely in memory that will never be swapped to disk. A process or even a single thread can have its own keyring, or you can have a keyring that is inherited across all processes in a user’s session. To manage the keyrings and keys, use the keyctl command or keyctl system calls.

      Linux keyring is a considerable lightweight secrets manager in the Linux kernel

    3. Docker container can call out to a secrets manager for its secrets. But, a secrets manager is an extra dependency. Often you need to run a secrets manager server and hit an API. And even with a secrets manager, you may still need Bash to shuttle the secret into your target application.

      Secrets manager in Docker is not a bad option but adds more dependencies

    4. Using environment variables for secrets is very convenient. And we don’t recommend it because it’s so easy to leak things

      If possible, avoid using environment variables for passing secrets

    5. As the sanitized example shows, a pipeline is generally an excellent way to pass secrets around, if the program you’re using will accept a secret via STDIN.

      Piped secrets are generally an excellent way to pass secrets

    6. A few notes about storing and retrieving file secrets

      Credentials files are also a good way to pass secrets

    1. As it stands, sudo -i is the most practical, clean way to gain a root environment. On the other hand, those using sudo -s will find they can gain a root shell without the ability to touch the root environment, something that has added security benefits.

      Which sudo command to use:

      • sudo -i <--- most practical, clean way to gain a root environment
      • sudo -s <--- secure way that doesn't let touching the root environment
    2. Much like sudo su, the -i flag allows a user to get a root environment without having to know the root account password. sudo -i is also very similar to using sudo su in that it’ll read all of the environmental files (.profile, etc.) and set the environment inside the shell with it.

      sudo -i vs sudo su. Simply, sudo -i is a much cleaner way of gaining root and a root environment without directly interacting with the root user

    3. This means that unlike a command like sudo -i or sudo su, the system will not read any environmental files. This means that when a user tells the shell to run sudo -s, it gains root but will not change the user or the user environment. Your home will not be the root home, etc. This command is best used when the user doesn’t want to touch root at all and just wants a root shell for easy command execution.

      sudo -s vs sudo -i and sudo su. Simply, sudo -s is good for security reasons

    4. Though there isn’t very much difference from “su,” sudo su is still a very useful command for one important reason: When a user is running “su” to gain root access on a system, they must know the root password. The way root is given with sudo su is by requesting the current user’s password. This makes it possible to gain root without the root password which increases security.

      Crucial difference between sudo su and su: the way password is provided

    5. “su” is best used when a user wants direct access to the root account on the system. It doesn’t go through sudo or anything like that. Instead, the root user’s password has to be known and used to log in with.

      The su command is used to get a direct access to the root account

    1. Linux Kernel 5.11 Released Linus Torvalds (the creator of Linux) has officially released the latest kernel for the open source operating system. Kernel 5.11 includes the usual dose of expanded hardware support, as well as a feature that should excite gamers, and an improvement for Wi-Fi.

      As far as expanded hardware support, kernel 5.11 has brought improvements to RISC-V, as well as support for RISC-V CPU architecture such as OpenRISC support for the LiteX SoC controller driver.

      On the Intel side of things, kernel 5.11 adds support for: Iris Xe GPU, Software Guard Extensions (SGX), and Intel Platform Monitoring Technology (PMT). Conversely, Intel Itanium support has finally been dropped.

  30. May 2021
    1. Disclaimer If this tool works, great! However, no guarantees are made that it won't hasten the heat death of the universe through the spontaneous combustion of your CPU.
  31. Apr 2021
    1. If there are some pipe between these commands, you need to flush stdout. for example: script -q /dev/null commands... | ruby -ne 'print "....\n";STDOUT.flush'