Can we move this to some community wiki? I think a lot of people can benefit from it and we can expand it with our own recommendations. Something like awesome-cli
When it breaks, it isn’t always obvious or easy to fix, but can cause problems for anything that has to talk to anything else. The biggest thorn it puts in my side is that short names [ThisPC] are served differently than fqdn [ThisPC.MyDomain.com]. Does NotMyApp use short or FQDN to resolve other machines? I don’t find out until the Wireshark.
Okey, I understand this is fundamental and when not working can cause the service to stop working. But I don’t yet know how does it break or is not easy to troubleshoot?
Haven’t hosted anything big yet, so I always just had to check the records via “dig” command if they are served correctly.
DNS setups can get fairly complicated with enterprise VPNs and stuff, but the main thing is probably just that DNS is built entirely around caching, so when something does go wrong or you’re trying to update something it’s easy for there to be a stale value somewhere. It’s also really fundamental, so when it breaks it can break anything.
Overall, though, DNS isn’t terribly complex. It’s mostly just a key-value store with some caching. Running your own nameservers is pretty cool and will give you a much better understanding of how it all fits together and scales.
Really annoying is when recent devices don’t respect the DNS you’re advertising or allow configuration (Android…)
My site is behind CGNAT on IPv4 with recently added fully routed IPv6. There are legacy control devices all over it that don’t speak IPv6, with local DNS records that allow them to be readily accessed while walking around with a mobile device… Allowed them to be accessed that is, until IPv6.
The Android IPv6 stack ignores the RA for my local DNS and also resolves via v6 by default, forwarding local queries upstream and returning no results. Then it doesn’t bother to fall back to v4. Unrooted Android has no exposed configuration for IPv6 of any sort to modify its behaviour, no hosts file to override or any way I can see to fix this. I can’t even disable IPv6 on my phone.
So to access my local devices from Android I need to use their full IPv4 address or VPN back into my own network… Oh wait, the stack is so broken that despite setting DNS in Wireguard, it still tries to resolve through upstream v6 first!
Apparently recent smart TVs are doing similar even on IPv4, hard-coded to 1.1.1.1 or 8.8.8.8 to dodge ad blocking, which is plain malicious and ignores all standards…
I don’t know anything about how Firefox is packaged for snap, but snap’s “sandboxing” might interfere with getting all fonts.
You might want to try using Firefox without snap (which has some other benefits, especially around startup time) or adding ~/.local/share/fonts (which is where fonts are supposed to be installed for users) to some sort of allowlist.
Why don’t you check for both and use the one that’s available, otherwise print an error. Additionally you could read an env INKSCAPE_BIN and also include that in your checks.
So one could for example do INKSCAPE_BIN=‘distrobox enter arch – inkscape’ python main.py
It is not my package, but I could of course go ahead and change the source code directly to handle this. But I’d prefer a solution that would persist through updates.
Put a shell script in your PATH named inkscape with the following content:
<span style="color:#323232;">#!/bin/sh
</span><span style="color:#323232;">
</span><span style="color:#323232;">flatpak run org.inkscape.Inkscape
</span>
Note that you can use a local folder in your home directory to house small executables and scripts like this, so you don’t have to touch your system config. I generally recommend using something like ~/.local/bin and add it to your PATH via your Shell’s RC file.
<span style="color:#323232;">flatpak run org.inkscape.Inkscape "$@"
</span>
To forward all of the arguments to the script. Note that this might be a bashism, so you might need to change your hash bang to /bin/bash as well. Double check though.
(An easy way to check if something is working as you assume is just prepend the line with echo.)
Yeah, I tried this, and it works from my session, but I still got the same error from trying to run the program. I figured it was because it is called outside the bash session so the run commands have not been run, but is that perhaps not true?
Thanks! I was trying to implement this, and was trying to figure out how to pass all the arguments! This worked for me! I got some other errors, but they don’t seem related to this, so now to find out what they are all about 😅
So I think Guix (and Nix) is the most technologically advanced package manager in existence, and I hope someday all package managers work like Guix.
One other very interesting feature about Guix (which I don’t think Nix is doing yet) (which Nix also does) is that they have implemented a fully verifiable bootstrap, meaning every step of building the kernel, including the steps taken to build the C compiler toolchain, are produced by code that is simple enough for a group of humans to check for correctness and safety. Also, every step of the build process exists in the package repository, with no reliance on externally built binaries for anything, not even the C compiler toolchain. They accomplish this with a multi-phase bootstrap process, where a smaller, simpler C compiler is used to build GCC.
Do I use Guix? Well, no. Simply put, it is not quite to the point where it just works on a lot of the computer hardware that I own. With a bit more work, with a few more developers, and a bit more money invested, Guix could pretty soon become as reliable and useful as Debian or Fedora. But it is not quite there yet. And frankly, I have other more important things to do than worry about debugging problems with the operating system I am using.
Nix is also working on reproducible builds. In fact, the minimal installation CD for NixOS last release was reproducible. discourse.nixos.org/t/…/34756/
meaning every step of building the kernel, including the steps taken to build the C compiler toolchain, are produced by code that is simple enough to check for correctness and safety.
Full-source bootstrap isn’t about just the kernel, it affects every piece of software. With GUIX and Nix, every single package can be fully traced back to the bootstrap seed.
Though it should be noted that you do require a running Linux kernel on an x86 machine in order to bootstrap.
it is not quite to the point where it /just works/ on a lot of the computer hardware that I own.
Unless we get some serious money, effort and/or regulation w.r.t. OSS firmware, that will likely never be the case.
That has nothing to do with its technology though, that’s a political issue. GUIX is a GNU project and acts like proprietary software does not exist/is not a basic necessity in 2023.
Another interesting thing about Guix is that it compiles everything itself (with an option to outsource the heavy lifting in case you’re on a Raspberry Pi or something). Layers of abstraction not talking to each other properly is a conceptual pet peeve of mine, so I like the idea of everything being visible to the compiler like that.
As far as I understand it, Guix will download pre-built binaries for most packages from a cache by default, and the Guix OS distribution makes sure the x86_64 binaries for the latest package descriptions are always cached, so you should usually not have to locally build packages.
But of course you can easily tweak the default configuration of packages you install and trigger a local re-build of those packages, since changing the configuration of any package causes a cache miss.
I think that it’s a great project, and I hope it succeeds. My sense is that there is more momentum around Nix, so for a lot of uses it just makes more sense.
Guix and Nix both have the same issue imo, which is using a loosely typed language with an odd syntax. I feel like something both strongly typed and with a more common syntax would be easier to edit and faster to evaluate.
So, I actually learned about Guix via GNU Shepard. It sounds like NixOS just uses systemd, which I don’t love. Not in a dramatic way, and I’m currently running systemd, but it does break the Unix philosophy.
A Haskell-based package manager would be pretty dope (seeing as that’s the gold standard for that sort of language). I wonder if someone’s working on it.
linux
Newest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.