mlfh

  • 0 Posts
  • 42 Comments
Joined 3 months ago
cake
Cake day: April 7th, 2026

help-circle
  • The one recurring unsolveable problem I run into is not being able to kill a process that’s stuck in D state. If something has broken in the layers between that process and hardware (not uncommon when working with old cheap “box of scraps” hardware, as I like to do), it can get stuck forever and you have to kill the whole system, sometimes forcibly. Not the end of the world, but it sucks when it happens.




  • Of course the secondary opt-in user repo with unvetted package maintainers is infected with malware, it’d be a miracle if it weren’t! They warn as much in the docs. Use at your own risk, or package and maintain it yourself, because you’re likely not finding it packaged more reliably elsewhere.

    And I love Debian, but if you think the Debian repos with 30,000+ packages and 1000+ community maintainers aren’t also infected with malware…





  • I run the immich container stack on a vm with 4GiB memory and 2 cores, with db on local disk and external libraries over smb, and it runs perfectly fine. I offload the machine learning jobs to another sometimes-on machine, sometimes, but don’t really need to unless I’m dumping thousands of new images into the external library at a time and want it all to process quickly.


  • Looks like both of your vms probably have the same mac address - the 172 ip address is likely a self-assigned fallback when the dhcp server replies to the second vm that it can’t give it an address. Double-check and make sure the mac address in each vm’s proxmox network adapter settings match your pfsense dhcp reservations, and let me know if that resolves it.




  • The ongoing maintenance for this would be a bit of a pain, since you’d need to recompile every update on a separate machine with enough memory to do so, package it up into a .deb, and distribute and install it everywhere.

    I do this on a little raspberry pi cluster and it works, but it’s work.





  • mlfhAtoLinux@lemmy.mlApp Lock under Linux?
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    But root can scrape that password as soon as you enter it, and has access to that encrypted data as soon as you decrypt it. That’s what I’m saying.

    If you think anything on a *nix system is “safe” from root or a user that can elevate to root, you’re deluding yourself with wishful thinking.


  • mlfhAtoLinux@lemmy.mlApp Lock under Linux?
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    Nothing at all is safe from the root account, or from any user that can elevate to root. Think of the root account as the system itself - the thing you’re trying to protect may be encrypted and safe at rest if you’ve brought it in from elsewhere, but as soon as you enter a password and decrypt it, you’re handing that password and decrypted data over to a system fully controlled by that root account.


  • mlfhAtoWikipedia@lemmy.worldSunland Baobab
    link
    fedilink
    English
    arrow-up
    7
    ·
    2 months ago

    According to a study published in 2018, not only the Sunland Baobab, but “the majority of the oldest and largest African baobabs [have died] over the past 12 years”.

    Trees that have survived for over a thousand years, all dying together within the span of 12.