

Any suggestions on the how?
Hi, i’m into programming, sexual transmutation and psychedelics!
Any suggestions on the how?
It looks really complicated, very different from Linux! I cannot understand properly all the sandboxing thing… But I guess it’s years of development and policies enforcement… Now I can see why Android it’s much more closed compared to a normal Linux distro, I guess this provides a lot of security but less customization. I also have to understand the role of the device manager in all of this. Is there any Linux distro that behaves similarly?
Why so much effort into securing it? Isn’t the Linux behaviour with users etc enough?
No it’s more a user management thing, I would need users to access a certain list of whitelisted websites only…
Maybe proxy or dns? I’ve been looking in squid proxy but it looks fairly complicated, especially if I wanna be able to access it from wan… But Idk if with DNS I could block ips as well. Setting up an hosts file seems like a lot of continuous work since I would have to specify entries for each ip address associated with domain… Maybe firewall?
And that would be enough to bypass root settings?
If someone wants to prevent users to mess with the system should he just disallow downloads entirely/confine the user into an intranet?
Enough focus to read documentation.
That’s really it. If your purpose is just self hosting learning bash could also be helpful. And yeah Linux would be a great choice.
But mostly, if you want to self host an instance of Nextcloud correctly and without having to deal with too many unexpected things, you have to read the documentation and do not rush. Most self hosted stuff isn’t “install and use”, because you’ll be your own server manager, and everything requires attention to be managed.
Docker or not docker you will have to deal with configuration, settings, requirements and updates.
So understanding how to read the docs/search and open github issues and taking time to read everything would be the most important skill for me.
Also writing down what you are doing would indeed be helpful too, in order not to lose track of what you’re doing on your server. (Check out Ansible).
Most apps out there simply need you to know about permissions, systemctl services and package managers.
Try to always find a specific package for your distro for everything you install (eg. .deb for Debian), and have strategies when this is not possible (aka using a Python venv when installing python programs).
Absolutely Debian stable, the first thing i wanted in Linux was stability, coming from windows you want something that “just works” and I think Debian stable + Gnome is the perfect choice for this!
Thank you so much for taking the time to answer!
I’m not sure how to get the N
from session history, nor how to check my session history…
but this might be some relevant output I’ve found with journalctl -k -b
Nov 21 16:08:18 rpi kernel: usb 2-2.1-port2: cannot reset (err = -110)
Nov 21 16:08:19 rpi kernel: usb 2-2.1-port2: cannot reset (err = -110)
Nov 21 16:08:19 rpi kernel: usb 2-2.1-port2: Cannot enable. Maybe the USB cable is bad?
Nov 21 16:41:57 rpi kernel: I/O error, dev sdb, sector 2466347032 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
Nov 21 16:41:57 rpi kernel: EXT4-fs warning (device sdb1): ext4_dx_find_entry:1796: inode #75497968: lblock 42: comm apache2: error -5 reading directory block
Nov 21 16:41:57 rpi kernel: EXT4-fs error (device sdb1): ext4_journal_check_start:83: comm apache2: Detected aborted journal
Nov 21 16:41:57 rpi kernel: Buffer I/O error on dev sdb1, logical block 0, lost sync page write
Nov 21 16:41:57 rpi kernel: EXT4-fs (sdb1): I/O error while writing superblock
Nov 21 16:41:57 rpi kernel: EXT4-fs (sdb1): Remounting filesystem read-only
The output is from yesterday, when the device stopped working correctly.
I’m not familiar with linux kernel, but I can see there is definitely something wrong…
The HDD (old) is attached to a USB hub (new), I tried switching port of the hub but the same issue happened again, if I try to mount it with sudo mount /mnt/2tb
, it says it is already mounted:
mount: /mnt/2tb: /dev/sdb1 already mounted on /mnt/2tb.
dmesg(1) may have more information after failed mount system call.
sudo dmesg | grep sdb
gives back:
[147776.801028] I/O error, dev sdb, sector 77904 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[147776.815452] EXT4-fs warning (device sdb1): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm ls: error -5 reading directory block
[147796.731734] sdb1: Can't mount, would change RO state
I wonder why we don’t have AI browser extensions that can recognise and obscure possible ads / unwanted content yet
This is a lovely story
That looks way more than a home server, it looks like something i would expect to see for a small business!
The revolt will continue.
Here is the correct version.
TIme to find out what the vulnerabilieties are and EXPOSE them in a OPEN repository.
Can’t we even avoid that by using lineage or graphene? We’re really fucked unless we are like cybersec experts…
What machine is it?
Am i forgetting something?
Do you think a Proxy would be better in this regard compared to a firewall? I was trying to watch the logs of ufw today and see if I could do something there but the incoming and outgoing connections are A LOT, and I would essentially like to whitelist both per domain and per IP.
How much maintainance would this require? I wonder how often IPs change today, but with all the NAT, dynamic DNS and CDNs there around maintaining a whitelist only with IP addresses looks like a nightmare…
Squid proxy with squidguard could be a better option than trying to work with a forewall maybe?