hallettj

joined 1 year ago
sorted by: new top controversial old
Okay why is your distro the best? in c/linux@lemmy.ml
[–] hallettj@leminal.space 4 points 3 days ago

Some more points about Nix:

  • It's a fast way to get to a specific setup, like a particular DE or Vulkan gaming support, thanks to abstraction that NixOS modules provide
  • There are tons of packages
  • Because packages are installed by adding a config entry you don't accumulate random software you forgot you installed
  • Immutable updates and rollbacks - this is similar to benefits of atomic ostree distros, but the nix solutions are more general, so you have one system that does more things with a consistent interface
    • in addition to updating the base system, rollbacks also roll back user-installed packages, and configurations if those are managed via Nix
    • devshells provide per-directory packages and configuration using the same package repos as the host system, without needing to manage docker images
  • Nix is portable - much of what it does on NixOS can also be used in other distros, or even on Macos or Windows with the Linux subsystem
    • Configurations often combine NixOS and Home Manager parts. The Home Manager part can be used à la carte on other OSes is a way that is fully isolated from the host OS package management. For example on Macos this is a much nicer alternative to Homebrew.
    • devshells also work on other OSes
  • similar to Guix - but NixOS uses systemd, and is (from what I understand) more tolerant of non-free software (whether these are pros or cons is up to individual interpretation)
Okay why is your distro the best? in c/linux@lemmy.ml
[–] hallettj@leminal.space 6 points 3 days ago

Arch wiki is the best! I reference often, even though I'm generally applying the information to other distros

Fan of Flatpaks ...or Not? in c/linux@lemmy.ml
[–] hallettj@leminal.space 1 points 5 days ago (1 children)

My guess was the point is that it's difficult to install CLI tools using Flatpak

Share a script/alias you use a lot in c/linux@lemmy.ml
[–] hallettj@leminal.space 9 points 2 weeks ago

One of favorites cds to the root of a project directory from a subdirectory,

# Changes to top-level directory of git repository.
alias gtop="cd \$(git rev-parse --show-toplevel)"
Share a script/alias you use a lot in c/linux@lemmy.ml
[–] hallettj@leminal.space 3 points 2 weeks ago

That's a helpful one! I also add a function that creates a tmp directory, and cds to it which I frequently use to open a scratch space. I use it a lot for unpacking tar files, but for other stuff too.

(These are nushell functions)

# Create a directory, and immediately cd into it.
# The --env flag propagates the PWD environment variable to the caller, which is
# necessary to make the directory change stick.
def --env dir [dirname: string] {
  mkdir $dirname
  cd $dirname
}

# Create a temporary directory, and cd into it.
def --env tmp [
  dirname?: string # the name of the directory - if omitted the directory is named randomly
] {
  if ($dirname != null) {
    dir $"/tmp/($dirname)"
  } else {
    cd (mktemp -d)
  }
}
Update one at a time w/ 'update'/'upgrade' in c/linux@lemmy.ml
[–] hallettj@leminal.space 9 points 1 month ago (1 children)

It looks like the setting is max_parallel_downloads in /etc/dnf/dnf.conf. Here's a post on how to increase it - so do the opposite, and set it to 1.

Less vs More, what's your poison? in c/linux@lemmy.ml
[–] hallettj@leminal.space 13 points 1 month ago

I'm not sure if I've used more in the last 25 years. And when I did I think it was in MS-DOS.

Progress towards universal Copy/Paste shortcuts on Linux in c/linux@lemmy.ml
[–] hallettj@leminal.space 48 points 2 months ago (11 children)

The article doesn't suggest using Control+C. It talks about dedicated copy and paste key codes, and you can program your keyboard to map those codes to whatever keys you like. They suggest Fn+C.

[Solved]I might have mis-configured something now my PKGBUILD use this vim like editor? I don't even have vim installed, it only print out plain text in the terminal before, how can I revert it back? in c/linux@lemmy.ml
[–] hallettj@leminal.space 3 points 2 months ago

Less is not an editor, it's a "pager" which is a read-only viewer for files, or for command output that doesn't fit in a single screen, or whatever. Generally to control which you want programs use you set the PAGER environment variable.

The old grandaddy pager was called "more", as in "there's more text than fits on the screen". The successor is called "less". For most purposes, less is more.

Why do you use the distro you use? in c/linux@lemmy.ml
[–] hallettj@leminal.space 10 points 2 months ago

This is a big reason for me. Also because if anything breaks - even if my system becomes unbootable - I can select the previous generation from the boot menu, and everything is back to working.

It's very empowering, the combination of knowing that I won't irrevocably break things, and that I won't build up cruft from old packages and hand-edited config files. It's given me confidence to tinker more than I did in other distros.

Share your Bash prompts! in c/linux@lemmy.ml
[–] hallettj@leminal.space 1 points 3 months ago

Do you have anything to check whether the current directory is under /media/ or /mnt/ so that you can change the drive letter according to a deterministic assignment?

/s

correct way to `echo | sudo tee` in c/linux@lemmy.ml
[–] hallettj@leminal.space 5 points 4 months ago (1 children)

I'm gonna take a couple of stabs in the dark.

According to this Stack Overflow answer using tee can prevent the prompt from drawing which makes it appear that a script has not terminated. The answerer's workaround is to put a very short sleep command after the tee command.

If this is what happened to you maybe the reason the script works in bash but not in zsh is because you have different prompts configured in those two shells.

Another idea is to replace tee with sponge from moreutils. The difference is that sponge waits for the end of stdin before it starts writing which can avoid problems in some situations.

14
Better killall with systemd scopes (leminal.space)
submitted 8 months ago* (last edited 8 months ago) by hallettj@leminal.space to c/linux@lemmy.ml
2 comments fedilink
 

Some app launchers these days run each app in a new systemd scope, which puts the app process and any child processes into their own cgroup. For example I use rofi which does this, and I noticed that fuzzel does also. That is handy for tracking and cleaning up child processes!

You can see how processes are organized by running,

$ systemctl --user status

I think that's a quite useful way to see processes organized. Looking at it I noticed a couple of scopes that shouldn't still be running.

Just for fun I wanted to use this to try to script a better killall. For example if I run $ killscope slack I want the script to:

  1. find processes with the name "slack"
  2. find the names of the systemd scopes that own those processes (for example, app-niri-rofi-2594858.scope)
  3. kill processes in each scope with a command like, systemctl --user stop app-niri-rofi-2594858.scope

Step 2 turned out to be harder than I liked. Does anyone know of an easy way to do this? Ideally I'd like a list of all scopes with information for all child processes in JSON or another machine-readable format.

systemctl --user status gives me all of the information I want, listing each scope with the command for each process under it. But it is not structured in an easily machine-readable format. Adding --output json does nothing.

systemd-cgls shows the same cgroup information that is shown in systemctl --user status. But again, I don't see an option for machine-readable output.

systemd-cgtop is interesting, bot not relevant.

Anyway, I got something working by falling back on the classic commands. ps can show the cgroup for each process:

$  ps x --format comm=,cgroup= | grep '^slack\b'
slack           0::/user.slice/user-1000.slice/user@1000.service/app.slice/app-niri-rofi-2594858.scope
slack           0::/user.slice/user-1000.slice/user@1000.service/app.slice/app-niri-rofi-2594858.scope
slack           0::/user.slice/user-1000.slice/user@1000.service/app.slice/app-niri-rofi-2594858.scope
...

The last path element of the cgroup happens to be the scope name. That can be extracted with awk -F/ '{print $NF}' Then unique scope names can be fed to xargs. Here is a shell function that puts everything together:

function killscope() {
    local name="$1"
    ps x --format comm=,cgroup= \
        | grep "^$name\b" \
        | awk -F/ '{print $NF}' \
        | sort | uniq \
        | xargs -r systemctl --user stop
}

It could be better, and it might be a little dangerous. But it works!

44
Using passkeys on Linux & Android (leminal.space)
submitted 1 year ago* (last edited 1 year ago) by hallettj@leminal.space to c/linux@lemmy.ml
6 comments fedilink
 

Passkeys seem like a great idea, and we are at a point where, although things are still very much in flux, software passkeys managed by password managers are starting to be usable. I thought I'd share the workflow that's working for me on Linux with some sites, and ask the community for more tips & tricks.

A passkey is a client certificate - which is an old idea, but now there are some new standards in place*. When you log into a website, instead of sending a password you send a message signed using the private key on your hardware security device, or stored in your password manager. If you use a password manager the flow is about the same as with passwords: your password manager pops up and asks if you want to log in to the given website. But instead of sending a password to the browser, message signing takes place in the password manager. Unlike passwords those signed messages can't be replayed. Arguably you can skip sending MFA codes and get about the same (or maybe better) security with passkeys than you were getting with passwords + MFA.

Complications come up because support for passkey APIs is still patchy. On Linux I think there is system-level support for hardware keys, but not for passkey managers (password managers that can do passkey signing). But you can close that gap using browser extensions! I'm using Enpass with it's Firefox extension. Signing into websites in Firefox using passkeys works quite well in some of the sites I've tried. (I've also tested with Bitwarden's browser extension, and it works just as well.**) Although creating passkeys doesn't work on all of those sites.

  • I was able to create a passkey on Github, and sign in with it.
  • I was able to create a passkey for the demo at https://www.passkeys.io/, and sign in with it.
  • I couldn't create passkeys for Google, but I could log in with passkeys created on another device, and synced by Enpass to my Linux machine.
  • I can use a passkey for MFA on Discord, but they don't seem to be using them for logins yet.
  • I'm not getting options to use my passkeys on Amazon or Paypal, but I was able to create passkeys for these sites on Android.

Without using a browser extension Chrome on Linux does have a feature to sign in with passkeys on mobile devices. I don't think this works with third-party passskey managers. On some sites Chrome gave me the option to log in using the automatically-generated, Google-managed passkey on my phone. It didn't actually worked for me - my phone showed a message saying "connecting to device" but never actually connected.

That brings me to the Android side. Since some sites will let me log in with passkeys but not create them it's helpful to have another option for creating passkeys. Android is further along in implementing system level passkey support (only in Android 14 or later). But it's not perfect yet. Firefox for Android is not working with passkey managers yet, but there is a ticket to track this. Third-party passkey managers work in Chrome for Android, but only if you enable an experimental flag:

  • open chrome://flags/
  • find the setting "Android Credential Management for passkeys"
  • set the value to "Enabled for Google Password Manager and 3rd party passkeys"

* "Passkey" seems to be an umbrella term for WebAuthn or FIDO U2F. It looks like WebAuthn is a part of FIDO2.

** From a cursory look at the two I feel more comfortable with Enpass' browser extension than with Bitwarden's. I'm not positive, but it looks like Bitwarden loads credentials in the extension itself which puts all of your secrets in the browser process. OTOH the Enpass extension uses IPC to send requests to the Enpass desktop app. But as many will point out, Bitwarden's clients are open-source and audited while Enpass' software is closed-source.

view more: next ›