Sway 1.5-rc1 is released!
Seems to be a partial outage. Only from some locations there is no A record.
SELinux seems powerful and is a pretty interesting from the perspective of uniform system-wide sandboxing, but... Every time I try touching it, I see thousands of concepts that probably can be simplified. And lets be honest, you cannot only rely on distribution-provided policies. Sooner of later you will need to write your own or patch distribution-provided ones.
And oh, do not undervalue Unix DAC, especially when extended by POSIX ACL.
Case study: github.com/foxcpp/maddy deployment consists of /var/lib/maddy directory, /etc/maddy/maddy.conf file, /usr/bin/maddy executable with only libc dependency and init system config. What do you need docker for here?
Create software that does not require Docker to have maintainable deployments, prefer software that does not require Docker to have maintainable deployments, keep software with a shitshow of dependencies in containers created using mechanisms that are much more simple than Docker (lxd, nspawn, just chroot jail afer all).
git+ssh+some scripting seems to be the best configuration deployment system.
Take a look:
Firewall configs for hexanet.dev servers are in Git repo. Update takes one 'git push' and two commands on each affected server. Later can be easily improved to be fully automatic using Git hooks. What I am doing wrong?
Why we at $FAMOUS_COMPANY Switched to $HYPED_TECHNOLOGY https://saagarjha.com/blog/2020/05/10/why-we-at-famous-company-switched-to-hyped-technology/
Protocol Labs have little to no incentive to have IPFS working well. It is a project full of not-bad ideas but lacks polish nearly everywhere. Also Protocol Labs missed FileCoin mainnet launch deadline several times already. This tells a lot about company behind IPFS and FileCoin. Do not waste your time on either of these.
Keybase, the company that asks you to upload your private keys to their servers, has just been acquired by Zoom, an essentially Chinese company notorious for having terrible concepts on how encryption should be implemented.
Even if you gave Keybase the benefit of the doubt beforehand, this is corporate suicide at it's most graphic. Delete your Keybase keys. Close your account. Rotate everything that Keybase touched, be that password or cryptomaterial.
Pragmatic open technology enthusiast.
A general furry public instance. You don't have to be a furry to join. Any and all topics are fair game provided they do not conflict with the Code of Conduct.