2020 recap

:: new year

By: Maciej Barć

Recap

What I did this year:

  • began studying at WSIiZ
  • drank a lot of alcohol with friends
  • installed NetBSD ;)
  • learned Nginx and Ansible
  • recruited new people to the src_prepare group
  • struck a nerve with some commies
  • took maintainership of gallery-dl and PPSSPP
  • tweaked my configs
  • went back to KDE and Firefox (missed them)
  • worked with Zigbee (probably not doing that again)

Wishes

What do you wish in new year?

I wish you all merry Christmas and happy new year. Less bugs, more resolved issues, no wontfixes, better compatibility. Faster compilation, less failures. And of course no lawsuits, no copyright infringements and better government.

Portage system replication

:: gentoo, portage, sysadmin, system

By: Maciej Barć

Intro

Backing up using this method takes a lot less space - ~60MB (without distfiles) and can be restored on almost any system (running portage) and tweaked afterwards for, say, CPU architecture. I've created a a short script with similar method in here.

What we need

  • ebuild repositories are installed with git
  • distfiles (those might be gone when we want to replicate)

Backup

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# System info
emerge --info > info.txt

# Portage tree
cp -Lr /etc/portage .

# Portage layout
tree -a -L 2 /etc/portage > layout.txt

# Packages in @world
cp /var/lib/portage/world .

# Installed sets
cp /var/lib/portage/world_sets .

# Installed packages (with versions)
qlist --installed --nocolor --umap > qlist-use.txt
qlist --installed --nocolor --verbose > qlist-ver.txt

# Distfiles
cp -rv "$(portageq envvar DISTDIR)" distfiles

# Ebuild database
cp -r /var/db/pkg pkgdb

Restoration

To faithfully restore the system perform those actions as root

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
# Copy the portage tree to /etc
rm -dr /etc/portage
cp -r portage /etc/portage

# Checkout the gentoo repo to a commit specified in info.txt
cd "$(portageq get_repo_path / gentoo)"
git checkout # <commit ID>

# Copy distfiles
cp -r distfiles/* "$(portageq envvar DISTDIR)"/

# Fake-install @world and sets
cp world /var/lib/portage/world
cp world_sets /var/lib/portage/world_sets

# Emerge the exact packages from qlist-ver.txt
emerge --keep-going=y -1Oav $(sed 's/^/=/' qlist-ver.txt)

Old Access Point

:: hardware, router, access point

By: Maciej Barć

Introduction

On some old routers, namely TP-Link's TL-WR840N version 2, there may not be a option to switch to access point mode. This is what you have to do to access that mode indirectly.

Steps

  • Power off the router
  • Unplug RJ cable from the WAN port
  • Connect the router to a PC (using one of the LAN ports)
  • Power on the router
  • Log it to the web console entering your router's IP, you can find out the IP by executing ip --color a (on a Linux box) if the router's DHCP server is still active
  • In LAN settings give your router a static client IP that fits into a network you want to connect it to; example: 192.168.100.100/24 (make sure no other hosts are associated with that IP in the target network)
  • Restart the router
  • Log in to the web console entering the IP you have set
  • Turn off the DHCP server (DHCP -> DHCP Settings -> DHCP Server: Disable & Save)
  • Power off the router
  • Plug the cable from a network you want the router connected to to one of the LAN ports
  • Power on the router
  • Log in to the web console entering the IP you have set
  • Turn on the wireless network and set it up (SSID, password, etc.)
  • Done! :D

Sources

Internet EU

:: europe, european union, politics

By: Maciej Barć

Polish original

Internet stał się tym czym jest, stał się takim światem w miniaturze dzięki dobrowolnemu zaangażowaniu zwykłych ludzi, dzięki brakowi regulacji. I to was boli, bo rozwój internatu jest przykładem tego, jak mógłby się rozwijać nasz świat, gdyby nie te wszystkie wasze regulacje, gdyby nie ten ciężki plecak przepisów i podatków który każdy z nas musi na co dzień dźwigać. Internet to jest po prostu ostatni bastion wolności i to wam nie daje spać, bo to jest dowód na to, że wszystkie wasze regulacje i te rozporządzenia, dyrektywy, są tak naprawdę zbędne i szkodliwe i świat bez tego rozwijałby się lepiej, rozwijałby się dokładnie tak jak Internet, że gdyby nie te wasze właśnie ambitne plany, wartości dodane, efekty dźwigni, wysyłanie silnych sygnałów, to wszystko, żyłoby się nam po prostu lepiej i prościej. Dlatego próbujecie to zniszczyć, dlatego próbujecie wsadzić stopę w drzwi za każdym razem kiedy pojawia się okazja. Ale my nie chcemy waszej nogi w tych drzwiach. Teraz cofacie się o parę centymetrów, bo ludzie protestują, ale my nie chcemy was tam w ogóle, nie chcemy waszych regulacji, nie chcemy waszych łap w Internacie. To działa dobrze, twórczość rozwija się w Internecie bez żadnych waszych regulacji.

English translation

Interent has become what it is, it has become a miniature world due to the voluntary involvement of ordinary people, thanks to the lack of regulation. And this hurts you, because the development of the Intenet is an example of how our world could develop, without all your regulations, without this heavy backpack of regulations and taxes that each of us must carry on a daily basis. The internet is simply the last bastion of freedom and this is the thing that doesn't let you sleep, because it is proof that all your regulations and those ordinances, directives, they are really unnecessary and harmful and the world would develop better without it, it would develop exactly like the Internet, that if it weren't for your ambitious plans, added values, leverage effects, sending strong signals, then everyone would have lived just better and simpler. That's why you try to destroy it, that's why you try to stick your foot in the door whenever there is an opportunity. But we don't want your leg in our door. Now you are retreating a few centimeters because people are protesting, but we don't want you there at all, we don't want your regulations, we don’t want your hands in the Internet. It works well, creativity develops on the Internet without any of your regulations.

waterfox

:: browser, firefox, waterfox

By: Maciej Barć

Time in Firefox

I love Firefox, it's reasonably secure, private, customizable, and most importantly it's different. In the world of Google's reign this is a big plus. You can be sure that the one spying on you will be at most Mozilla "anonymous data collection" ;P Recently with upgrade to version 68.8.0 I have experienced weird image artifacts: some favicons on tabs were replaced with white squares and random images would have artifacts on them. The whole YouTube website had pink & green distorted thumbnails. I have experienced this behavior on my T440 Thinkpad (Intel GPU) laptop and my desktop with Nvidia. I had posted this under a bug report of another user who experienced weird behavior on some websites with the 68.8.0 version of Firefox here. With update to 76.0.1 I was logged off from all the websites and my stylus themes got deleted (luckily i had a backup). The 76.0.1 searchabr is absolutely hideous, it feels like something made for a Windows tablet. The artifacts still remained on 76.0.1. So i decided to give Waterfox a shot.

Experience part 0

Lest talk about pre-experience; keep in mind that this is really not a good comparison. Waterfox in not available in the main gentoo repository, but using "eix -R Waterfox" I was able to find it in the poly-c overlay (overlays are similar to AUR in Arch). The only hiccup i had during compilation was to be expected. There is a problem with the "-fno-common" flag being turned on by default in GCC 10, so for some builds you have to turn "-fcommon" on. Other than that the compilation went smoothly, it took 37 minutes 43 seconds on first run which is ridiculous compared to Firefox which takes approximately 1 hour on my 4-core development machine.

Spyware?

I only want you to think of Chrome or Chromium - they are produced by the biggest advertising company in the world. So yes, Waterfox seems like a lesser evil, but you can always dive in and block any or all malicious connections with /etc/hosts and packet filters (yes i know this is not ideal). Lets confront some statements on spyware watchdog

Waterfox connects to spyware services when it is first run

Same as Firefox. It may not do that if you import your own profile (haven't tested that though).

Waterfox has a communication problem

I wanted to read the "policy" - link doesn't work - https://www.waterfox.net/en-US/privacy/waterfox/ Contents of the linked webpage:

1
<?xml version="1.0"?><updates></updates>

Cool.

Waterfox "phones home" with information about your computer whenever you start it up

Quoting: "According to its privacy policy, Waterfox collects the following information by default:" "by default" is a important wording here.

Waterfox offers spyware search engines to its users and uses Bing as its default search engine

That is literally the first change I do on my browsers.

Waterfox sends all website notifications through Mozilla's servers

So does Firefox…

Waterfox is integrated into the "Firefox Accounts" spyware platform

You don't have to use it. With Waterfox I stopped to.

Waterfox is self updating software

It is not as much as Discord is. Discord as a example will refuse to connect to the server if its version is too low. You can still run outdated Waterfox if you wish to. Also those updates will be disabled if you use the ebuilds. This is mostly used only on Windows… and if you use your Windows you probably know what you signed up for.

So what?

I do not question the legitimacy of Spyware Watchdog's statements. I just compare them with my own habits and thoughts. For me Waterfox == Firefox spyware level. Keep in mind that Firefox introduced more questionable integrated services in new releases.

Small things that make me happy

I was very impressed to find some cool features in Waterfox:

  • it's menu is compatible "global menu" on KDE Plasma - i was very surprised by this; this thing is mostly sound on chromium-based applications (the damned electron) and QT applications
  • better theming - Waterfox uses the old Firefox theme by default with "smooth" tabs
  • most addons just work - uBlock Origin, Decentraleyes, Plasma Integration, Smart HTTPS, SpanTree - GitLab Tree and Stylus work fine
  • it's Firefox as you knew it; I missed the good old Firefox ;)
  • back-ported security settings - container tabs work!

Is this worth it?

Absolutely. In my opinion Waterfox is a great browser that I can live in. Maybe consider giving Waterfox a shot if you are not as much into security as Spyware Watchdog people are and want reasonable compromise.

Sources

systemd

:: linux, openrc, system, systemd

By: Maciej Barć

Init basic functions

Init should:

  • be the first started process - PID 1
  • continue running until the system is shut down

Why systemd is more than init

Full system management

systemd needs to run as PID 1 to parenthood other services and… other parts of itself (listed below).

sytemd absorbed

  • cron -> timers
  • seat tracker -> systemd-logind
  • service manager -> systemd-systemctl
  • udev -> systemd-udevd
  • system logger -> systemd-journald
  • network manager -> systemd-networkd
  • bootloader -> systemd-boot
  • hostname -> systemd-hostnamed
  • chroot -> systemd-nspawn
  • resolv.conf generator -> systemd-resolved

Additionally systemd is also

  • QR code generator
  • http server (cockpit)
  • home manager -> systemd-homed
  • tmp manager -> systemd-tmpfiles

Why it's bad

systemd growth to cover more and more of other services capabilities is dangerous. It can mean that if we find a exploit in one part of systemd it will be easy to compromise the whole system. Actually, there is a even bigger problem - most of the time a user would like to run a standalone service covering one of the uses already covered by systemd - like cronie or rsyslog.

But what about cgroups

Cgroups are nothing new, they are available in other service managers too. Check out cgroups in OpenRC.

Alternatives

OpenRC

Primarily used by Gentoo based systems. Was adopted to Devuan and Artix. Alpine Linux uses it probably because it started out as a Gentoo-based system. Is also available in Debian - though that will still use some systemd services, notably systemd-udevd.

Runit

Avalible in Void Linux - the recommended init for that system.

Pure System V init

Most popular use of this is found in old CentOS, Slackware, Antix and MX Linux.

S6

Check out Devuan if you want to dive into this topic.

systemd + Emacs

One could think that because systemd and Emacs cover a lot of things - systemd - system management and emacs - user utilities - a fusion of two would be very good and will lack so-called bloat. There is one "problem" however - Emacs can be used also as a init! And that doesn't necessarily mean a lot more code being added. So i guess Emacs + Linux (kernel) is the way to go ;P

Was systemd a inside job?

Probably not - Microsoft made their own init for Azure because… systemd was to big… systemd is a history of what happens when everybody wants to be like the rest - adoption of systemd.

Is systemd the new busybox?

This is an interesting concept. There is one bad thing however - you can compile bysybox with any of its utilities and it will work - you can't do that with systemd, you will have to modify and fork it - like eudev and elogind projects

OpenRC prejudice

Many people think of OpenRC as a old SysVinit. I encourage you to check it out and see that most stuff you probably do with systemd you can get from OpenRC (service manager) + cronie (cron/timers) + htop/pstree (full description of system as opposed to "systemctl status")

Basic OpenRC vs systemd commands

OpenRC systemd ————————— ————————— rc-status -a systemctl status rc-service SERVICE start systemctl start SERVICE rc-service SERVICE stop systemctl stop SERVICE rc-update add SERVICE systemctl enable SERVICE rc-update del SERVICE systemctl disable SERVICE

Sources

Honorable Mentions

Test

:: test

By: Maciej Barć

Test

It is by will alone I set my mind in motion.