DigitalDilemma

  • 0 Posts
  • 69 Comments
Joined 2 years ago
cake
Cake day: July 22nd, 2023

help-circle
  • You’re welcome.

    Yes, you can create a list of files that takes little space, in linux that’s just “tree” to produce a list of directories and files (I don’t know about Windows, sorry)

    But only you can answer what you need to back up. If you judge the effort to re-download this data is more than the effort of backing it up (especially if you’re on a slow link), then backing it up makes more sense. Everyone has their own appetite for risk and their own shape of what they can spend in both time and money in sorting this. The important thing is that you’re thinking about it before you need it, that’s good!


  • A pet subject of mine.

    Firstly - sit down and consider what you need to backup.

    • Tier 1 - unique data. Stuff you created that doesn’t exist elsewhere.
    • Tier 2 - Stuff that would take a few days to repeat. Local configs, etc.
    • Tier 3 - Stuff you can just download again. (Steam library, media etc)

    Don’t backup Tier 3. I’m betting the size of data you need to back up shrinks a lot.

    Secondly - automate it. If there’s anything manual, then you’ll eventually stop doing it. Automate, automate, automate - and throw in some manual or automated checks of the backups to verify they’re actually usable.

    Thirdly - airgap it if you can, and if there’s much Tier 1 data. Offline disks. This gives you some protection against ransomware. Consider the risks and how to protect yourself. Obviously media failure, accidental deletion and ransomware, but also consider theft and fire. Do you really want your backups in the same location? Do they need encryption?

    I wrote quite a long blog on the subject if you’re interested in more.










  • Debian stable is as hassle-free as you’ll get.

    It sounds like your issue is more with having to migrate to a new laptop. Firstly - buy laptops that are more linux compatible and you’ll have fewer niggles like with sound, suspend and drivers.

    Secondly - use “dpkg --get-selections” and “–set-selections” to transfer your list of installed software across to your new laptop. Combined with transferring your /home directory, user migration can be speeded up.



  • Special interest forums still hold.

    For me, the Royal Enfield motorbike forums are exceptionally good, and that’s largely down to the admin. There’s also a Series 2 Land Rover forum that has a unique collection of people with a phenomenal combined knowledge about that car.

    I’ve hosted a few in my time - since the early 90s and Fidonet when BBSs were the thing. But things change. Facebook killed of a whole bunch way before Reddit and Lemmy just because that’s where people were already, and it was easier for them to feel involved. Facebook is impossible to search, though, so the post history of a forum that was so useful has gone entirely.

    It’s sad, but things change. What’s constant is people’s desire to socialise and discuss topics they are interested in. I’m kind of curious what that will be next.


  • I think you make a good point, but it’s one that affects any anti-malicious protection. How do you know that the anti-virus warning you get on Windows is legitimate and not a false alert? Or that the Apparmor block wasn’t a misfire? Selinux is no better nor worse in principle than those.

    In all cases, you need to stop and figure out what’s actually going on. That’s one benefit of all these things - they make you pause and, hopefully, think, when something is outside the norm.

    And yep, they can be bypassed and they need to be able to be bypassed. If someone is lazy or not knowledgeable enough to make the right decision, or even just in a hurry, then they are at risk. No automated system can protect entirely against that.


  • Permissive mode, and yes, you absolutely can. That shows warnings but doesn’t actively block. But you still benefit from running setroubleshoot to actually figure out what and why it’s blocked something, and how to mitigate that.

    Permissive is also good in that you can get a bunch of blocks reported at once, instead of having to step through one at a time, which can be useful.


  • DigitalDilemma@lemmy.mltoLinux@lemmy.mlWhy do we hate SELinux?
    link
    fedilink
    English
    arrow-up
    71
    ·
    edit-2
    12 days ago

    I have a saying, “If it’s not DNS, then it’s Selinux”. It blocks stuff so frequently it’s a major time sink for us.

    It is overly complex and difficult to understand, especially if you’re developing and deploying software that does not have correct pre-rolled policies. A regular job for me is to help developers solve this - which generally means running their service, seeing what Selinux blocks on, and then applying a fix. Repeat 2-8 times until every way Selinux is trying to access a file is explicitly allowed. And sometimes, even software that comes via official repos has buggy selinux policies that break things.

    Fortunately, there are tools to help you. Install setroubleshooter amd when something doesn’t work, “grep seal /var/log/messages” and if it’s selinux causing the problem, you’ll find instructions showing you what went wrong and how to create an exception. I absolutely consider this tool essential when using any system with selinux enabled.



  • Fuck this project, but… their source code can be free and open source even if they distribute binaries which aren’t.

    An example of how this didn’t work for one project. (From memory, and it was a long time ago - 2005/2008 ish)

    Xchat was once the best IRC client for Windows (after Mirc). It was free software, but the developer started charging for the Windows builds of it. Linux binaries were still free, but he claimed that it was time consuming to build on Windows and etc etc (A bit rich considering it was mostly his code - and there were suspicions he made it deliberately so)

    Some people were pretty pissed off about this, especially as it used some other code that was foss and it was felt against the spirit.

    Anyway, it was cloned into Hexchat which is fully free on all platforms and apparently not so difficult to build binaries after all.

    15 years later to today, Hexchat is thriving and Xchat has been completely dead for 15 years.