Show newer


When employers want 10 years of experience before you turn 20


The domestic robot's lidar has detected evidence of a mirror universe.

@lertsenem Quick way to check if you are vulnerable:
sudoedit -s '\' `perl -e 'print "A" x 65536'`
If you get a segfault: you need to upgrade !

New blog post on how to integrate a comment system based on Mastodon in a Hugo static blog (this is mostly the "detailed" steps that I followed to add @carl 's comment system on my blog: kudos to him!):




#CVE-2021-3156 sure looks nasty:

Privilege escalation through 'sudo' using a 10yo vuln, this is going to impact about every linux machine there is. #cybersecurity

Here is the derivation to anyone interested:
Strace, ltrace and LD_DEBUG environment variable were my friends!

Show thread

So, I wanted to open a Zed encrypt (secure) archive, but Zed encrypt was not packaged in Nixpkgs (and thus available on NixOS). I could have used a virtual machine to install the provided Debian package, but it would have been over in 30 minutes. Instead, I decided to write a derivation: library path overwrite, library preload, C code for overloading syscalls and change hardcoded path, wrapper scripts: in short, it just works! It took about ~9 hours of work. Totally worth it.

As many of you know I like to keep my worlds separate. I don't like bringing my work life, home or political life together. Which I have to thank the people on LR for keeping the local timeline mostly free from politics. We never stopped any decision or even had the need too. With that said I needed a place to vent about politics so I setup another instance dedicated for just that. If anyone would like to join your more than welcome. The instance is

Sadly, it was not packaged on NixOS, so the next natural step was to write a derivation for it (NixOS name for a package). After a while, I found that I wasn't doing it in the right way but I still wanted to do it my way (added an extra couple hours). Finally, I got a working derivation and could finally start the docker-compose YAML file with podman-compose: I now have AWX running and don't know what to do next! So, quick question: am I the only one to always go for shortcuts like that? (2/2)

So it all started because I watched a video from Jeff Geerling about Ansible/AWX ( It made me want to test AWX. First step: I started investigating the docker-compose setup he talked about in his video. Then I remembered that I wanted to use podman instead of docker (because it's supposed to be a drop-in replacement!). So I looked for a tool for that and stumbled upon podman-compose ( (1/2)

@lertsenem J'avais déjà vu il y a longtemps ce reportage, mais j'ai toujours autant de mal à croire que ce n'est pas une mise en scène juste pour la caméra.

Quite obviously, on NixOS, it's just one line of config to enable it:

services.autorandr.enable = true;

and "nixos-rebuild switch" away!

Show thread

I just found out about autorandr and it completely made my day: you can save screen profiles that are automatically loaded when there is a screen connected/disconnected (and it can even call scripts on changes).

Happy New Year (and thank you all for welcoming me earlier today!).

Show older

Linux geeks doing what Linux geeks do...