The official image jellyfin/jellyfin tracks unstable
Huh? That doesn’t appear to be the case. jellyfin/jellyfin:latest, which is what they tell you to use in the installation instructions. gives me 10.8.13 which appears to be the latest stable release.
There are newer and unstable versions available in dockerhub as well, but latest doesn’t give you those. After all latest is just a tag with no special meaning of itself, it doesn’t necessarly give you the most recent build.
For me gravity sync was too heavy and cumbersome. It always failed at copying over the gravity sqlite3 db file consistently because of my slow rpi2 and sd card, a known issue apparently.
I wrote my own script to keep the most important things for me in sync: the DHCP leases, DHCP reservations and local DNS records and CNAMES. It’s basically just rsync-ing a couple of files. As for the blocklists: I just manually keep them the same on both piholes, but that’s not a big deal because it’s mostly static information. My major concern was the pihole bringing DHCP and DNS resolution down on my network if it should fail.
Now with keepalived and my sync script that I run hourly, I can just reboot or temporarily shutdown pihole1 and then pihole2 automatically takes over DNS duties until pihole1 is back. DHCP failover still has to be done manually, but it’s just a matter of ticking the box to enable the server on pihole2, and all the leases and reservations will be carried over.
That’s what I do. I do have a small VM that is linked to it in a keepalived cluster with a synchronized configuration that can takeover in case the rpi croaks or in case of a reboot, so that my network doesn’t completely die when the rpi is temporarily offline. A lot of services depend on proper DNS resolution being available.
Random segfaulting is not something that “just happens” because of an OS misconfiguration, then if the same problem happens on Arch as well as on a clean EndeavourOS live image it convinces me that it is in fact hardware related somehow. As you have already replaced the RAM, my guess is CPU or motherboard issue.
Zen2/B450 is a widely used and well supported configuration on Linux that you normally shouldn’t have issues with, but Zen2 CPUs are rather notorious for having fragile memory controllers, and sometimes dodgy AGESA firmware releases that can cause issues on some CPUs. I used to have a 3600X myself that started crashing at idle around a particular firmware release of my motherboard, and it was fixed by a subsequent release.
BTW the fact that it doesn’t happen on Debian doesn’t necessarily mean that Arch is the culprit. It could just be that Debian is not triggering the fault because of different, perhaps more conservative, compiler optimizations.
As a last ditch effort, you could try resetting your entire UEFI (bios) settings to default, preferably by pulling the CMOS battery.
BTW, is it only GUI applications that are segfaulting? Or other programs as well? Do you have an old spare GPU you can test with?
This reaction wants to redefine adulthood as post 25
It’s even more than that, it wants to make adulthood some kind of sliding window where the age of the older partner defines how “adult” and “capable of making decisions” we see the younger partner, and the older a person gets the more people at the lower end of the age range get excluded for them from this fictional adulthood. For example: 60 and 30 would also be seen as inappropriate.
Now it’s perfectly normal for younger people not to find much older people attractive or suitable to have a relationship with and vice versa, and they may even find the idea repulsive, but this is still a personal preference. It’s probably even the preference of the majority of people, but that does not mean we should take away the agency of adults to choose their partners when they have a different, non-conforming preference. At that point it has nothing to do anymore with protecting vulnerable people from predators, but about imposing your own preferences and dating standards on other people, and you’re quite right in calling it out for the neo-puritanical and conservative thinking that it is.
You’re good. That’s the latest image, it’s just the confusing Debian version scheme where the package version is not the same as the kernel version. Debian package version 6.1.0-17 = kernel version 6.1.69-1
Realistically it’s not super dangerous, and no you probably don’t have a virus just from browsing a few tech support sites, but you do eliminate your last line of defense when you run software as root. As you know, root can read/change/delete anything on your system whereas regular users are generally restricted to their own data. So if there is a security problem in the software, it’s made worse by the fact that you were running it as root.
You are right though that Firefox does still have its own protections - it’s probably one of the most hardened pieces of software on your computer exactly because it connects to the whole wide internet - and those protections are not negated by running as root. However if those protections fail, the attacker has the keys to the kingdom rather than just a sizable chunk of the kingdom.
To put that in perspective though, if there is a Firefox exploit and a hacker gets access to your regular user account, that’s already pretty bad in itself. Even if you run as a regular unprivileged user they would still have have access to things like: your personal documents, your ssh keys, your Firefox profile with your browsing history, your session cookies and your saved passwords, your e-mail, your paypal account, your banking information, …
As root, they could obviously do even more like damage like reading all users’ data, installing a keylogger or screengrabber, installing a rootkit to make themselves undetectable, but for most regular users most of the damage is already done when their own account is compromised.
So when these discussions come up, I always have to think about this XKCD comic:
uBlock can do much more refined and targeted blocking than a pihole because it has access to the entire page that is being served and can selectively filter elements. The pihole only has access to the DNS name, and DNS blocking is a rather crude tool to block ads that can be defeated by serving the ads from the same domain.
For example: a pihole doesn’t work for blocking YouTube ads, because they come from the same domain.
I know wlroots exists. It’s a library that helps you implement a compositor (i.e. does some of the heavy lifting), but at the end of the day the window manager developer is still implementing a compositor and is responsible for maintaining his compositor.
The mere fact that wlroots, and other efforts like louvre, are necessary at all actually prove my point that it was an idiotic design to push everything off into “compositors”.