Of course, legislators are getting more and more technically knowledgeable so trying to rebel against OS age verification by simply cosmetically making a computer different from your typical desktop like systems might not suffice…

I’m admittedly not especially familiar with how law is practiced in the US but in my opinion trying to skirt the letter of the law while blatantly violating its intention is usually a bad idea. The more you piss off prosecutors and judges the more effort they will put into finding something to prosecute you over, and it also makes them more likely to push for the harshest fines/convictions that are legally possible.

Of course unfortunately a lot of the time the law is just bullshit, and this particular bill appears to have at least a few issues, but still…

Nevertheless, I did not know about Cage! At least now I know how the hacks make those IoT control panels with their SBCs! Perhaps I’ll set up something cool in my living room like… A weather forecast screen? The stock market? Live GPU prices?

For completeness sake, Cage isn’t the only way to do this. Gamescope is another popular “kiosk compositor”, notably used by the Steam Deck (in the “Deck mode”). And of course the same thing is possible with X window managers as well, Openbox seems to be a popular choice for X11 kiosks.

Oh no I wasn’t talking about your tone at all, sorry about my poor phrasing there. I meant the tone of Timothy Roscoe which rubbed me the wrong way.

I might be a bit overly sensitive since it reminded me of how science cranks like to talk about their “discoveries” - You know, how people like Avi Loeb or Eric Weinstein will go on Joe Rogan and complain how nobody in academia is taking them seriously. Obviously that’s not at all what Roscoe is doing but it sounded a tiny bit like that to my ears, at least before the Q&A section (which I hadn’t watched before writing my comment).

I was mostly just trying to convince myself this morning I wasn’t insane. I had thought it was the standard terminology.

No you are actually correct, “bare metal” does in fact mean “without an OS”. It just got co-opted to mean… other things additionally, and in the case of servers specifically the new usage ended up crowding out the original one. Hence the original misunderstanding.

There was a really interesting talk at USENIX a few years ago (Usenix 21 keynote with Timothy Roscoe, I just looked it up) that was basically saying that a modern OS like linux, isn’t even accessing hardware and is just an OS in a system of OSs on a computer.

This was indeed a very interesting talk. Not sure if the accusatory tone (Edit: Of the speaker!) was warranted but I’m not really the target audience so who am I to judge.

One aspect that he only mentioned in passing is that hardware manufacturers seem to be very happy to entertain Linux’s (and Windows’) assumptions about memory, just like they seem to be very happy to entertain assumptions about execution order. Nobody wants to make hardware that requires a weird bespoke operating system because of its bespoke microarchitecture (except perhaps for Apple, though I’m not confident they’re really innovating in this regard). Maybe I lack perspective but I don’t really see a nice way out of this either, since nobody wants to buy hardware that requires weird bespoke operating systems either (except once again Apple). And I don’t see how an operating system could be widely supported across many different SoC designs without accumulating a similar complexity to modern Linux.

We should definitely be feeling mildly uncomfortable about this entire thing though.

Yeah I understand that’s what you meant, but it’s not what people think when they hear “bare-metal server” (anymore… not saying you’re wrong!) or what the commenter I was responding to was talking about.

I’m not sure anyone is really deploying servers without an OS, even though I’m sure the concept has a lot of merit. Unfortunately there’s a strong trend of putting the absolute minimum possible effort into deployment at the expense of basically everything (which is how you end up with really stupid ideas like “serverless computing”).

Most TVs are probably already compliant because using them requires creating a Google or Apple account, which already want your age information (and the California bill explicitly allows using existing data like this IIRC). That’s good for avoiding disruption, but not so good from a privacy perspective.

The other advantage of a bare metal server is that the computing resources are guaranteed to actually be there when you need them. VM Providers are known to overbook their actual hardware, so if other customers happen to use more compute than anticipated then your VMs mysteriously won’t have the performance you paid for.

There’s also a computational cost to virtualization itself, so you can add slightly more performance to a single server before you have to use a distributed system, but I doubt that’s significant for more than a handful of businesses.

Theoretically you could create an appliance with just a Linux kernel, Cage and Firefox (plus dependencies) and boot that with init=/bin/cage firefox. This is how most information and advertisement displays and other kiosk systems (think of stuff like the McDonalds order machines) are made.

It would be difficult to argue that this isn’t an operating system though, because typical definitions are very broad. In particular, you will always need “a program that manages a computer’s resources”, and you also need “the allocation of those resources among other programs” because websites are programs (in reality a browsers will liberally fork itself to take advantage of kernel process isolation, but even if it didn’t the in-process threads would still qualify).

Vendors of kiosk systems probably have better chances arguing that their devices aren’t general purpose than that they don’t use an operating system. However if your “kiosk” system is advertising on the basis that you can do general purpose computing within a browser then your chances of arguing that you’re somehow not selling a “general purpose computing device” aren’t going to be very good.

I think this is the right take on this.

All of this is fundamentally rooted in legal compliance things and the only reason you can see any western open source organizations not following suit is because their “violation” has flown under the radar so far. While going European-based helps with a lot of other US bullshit, in this case it doesn’t because the sanction situation is largely the same across most of the world. You could go with one of those Chinese or Russian (maybe Indian?) distributions I suppose, but those come with their own problems.

Even if you’re prepared to make your own Linux distribution - If you’re in the US, Europe, or much of the rest of the world, you’re in the same legal situation as all the existing projects and risk criminal persecution for violating sanctions. Well, in theory at least, I haven’t heard of many arrests or convictions actually happening because of open source software. If you want to gamble on it never actually happening then sure, go ahead.

As humans we like our agency, which makes it tempting to think of \<any world problem\> as something that can be solved by making mildly inconvenient lifestyle decisions, but unfortunately that’s just not how things work at this scale. Solving this issue requires lifting the sanctions, which requires a successful left wing (or at least left leaning) political movement to happen in a large chunk of the world. It’s perfectly fine to also make that lifestyle decision, but it’s important to keep the bigger picture in mind.

Clarification edit: At the same thing, it’s also important to see that the problem is happening, so signal boosting blog posts like this absolutely has value despite all of this.

Bad RAM is still a thing (even on regular PCs), there’s a reason ECC memory has a market (true ECC, not the stuff that DDR5 has built-in). But I agree that it’s likely just an OOM/Thrashing situation. Linux famously doesn’t handle them very well, and the behavior OP is seeing is very much consistent with that.

Ignoring the interactive features (or lack thereof) in dash/ksh, removing bash is not really something that’s possible on most distros (excluding Alpine and possibly Debian) since it’s used in scripts everywhere. And if you need to have bash installed anyways, why opt for the less pleasant shell in daily usage?

If your DE/Launcher uses systemd scopes properly you might be able to see something in the journal. As an example somewhere in my logs I can see this:

Jan 17 17:52:50 sky systemd[2171]: app-niri-steam-40213.scope: Failed with result 'oom-kill'.
Jan 17 17:52:50 sky systemd[2171]: app-niri-steam-40213.scope: Consumed 6h 32min 39.773s CPU time, 9.4G memory peak, 6.2G memory swap peak.

That’s pretty clearly severe thrashing and an eventual OOM event caused by a game. If you’re not familiar, the command journalctl -e -b -1 gives you the last log lines from the last boot. Use d and u to navigate the pager and q to quit. This will only work if the launcher you are using sets up transient systemd scopes and doesn’t just fork-exec into the application (Fuzzel does the wrong thing by default, as do many others).

I’ve also seen large Steam downloads causing such issues, so capping your download speed might help. As could enabling ZRAM.

Edit: Also, this is most likely completely unrelated but do note that Neon is basically abandoned. You should very much consider switching to a maintained distribution, whether that’s another Ubuntu spin or Fedora or something else entirely.

While you’re still in reinstalling mood, you could try out something with KDE, Xfce and Cinnamon desktops to see if you like those better than GNOME (you wouldn’t be alone if you do). However this part in particular:

Easy access to the launcher (Ubuntu only has SUPER key and then you can switch via mouse between all running programs aswell as start any installed app by typing)

Sounds a lot like you actually just want GNOME. While we have a lot of choice for Windows clones, there’s nothing that does the Super workflow quite like GNOME does.

You can also try the PopOS Shell or PaperWM extensions to try out some tiling functionality. You’ll have to spend a few minutes fixing up some key bindings, but you’ll still be running GNOME and won’t have to worry about desktop portals or authentication agents or notification daemons. You also won’t have to reinstall if you end up not liking it, you can just remove the extension, reset the key bindings and you’re back to the default experience.

I don’t really like the mix of snap and apt, that’s why I wanted to try an arch based distro with pacman but it failed in so many other ways.

Unfortunately it’s not that easy to stay on just one package manager unless your expectations for available software are very low (or you are willing to jump into NixOS, which I would not recommend). Even on Arch you end up with two because pacman does not pull from the AUR. You might get away with running a Fedora Atomic Desktop (or a derivative like Bazzite) and just pretending that Flatpak is the only thing that exists though.

I would tentatively suggest Fedora Silverblue actually, because while it isn’t without issues (missing codecs, Fedora Flatpak vs. Flathub, etc.) it is designed with the non-technical user in mind (which, with no offense intended, you are). That’s not true of Arch or any of its derivatives. Debian and Mint are also good options. That being said… there’s not really anything wrong with Ubuntu either. It’s not “cool” and of course Lemmings (like Redditors) will always recommend their own favorite distribution you’ve never head of, but if Ubuntu works for you, you can just keep using it.

NB: If you do end up trying GNOME on a non-Ubuntu distribution, you will want the AppIndicator extension. Ubuntu installs this by default, but Fedora doesn’t. Without it you won’t have Steam or Discord in your panel.

But /etc/fstab has the same UUID for every drive, I have no idea what to do with it.

That would be because every entry (except /boot and /tmp) is a subvolume of the same btrfs volume. Your other drives just aren’t in there.

You might want to read man fstab and maybe the Arch wiki pages for fstab and NTFS. It’s not that difficult as long as you make sure to not reboot with a broken fstab (using nofail is also a good idea). And yes you can just mount them to /media if you want, as long as the mount point is an empty directory.

Ubuntu Studio might have achieved this in a different way but since you’re in Arch land now it’s probably better to do what the Arch documentation recommends.

From what I can tell, it has to do with the drives mounting on /run/media, and apparently /run is a temp folder or something.

Probably not. Yes /run is a tmpfs, but that doesn’t affect any other filesystems mounted inside of it - those have their own permissions (or don’t in the case of FAT).

Since the drives are being mounted in /run/media they’re probably being mounted by your file manager, not via /etc/fstab. You could instead have them mounted on boot by the root user via /etc/fstab (the classic way) or systemd.mount (slightly friendlier), or configure polkit to allow mounting drives without a password (more reasonable if you’re talking about external or thumb drives).

The permission issue is probably for a different reason. Are you sure the filesystem(s) you’re mounting supports POSIX style permissions? FAT doesn’t, and NTFS requires a special flag for it. The files might look like they have permissions, but they’re coming from the mount options and modifying them will either fail outright or not do anything.

Edit: Run lsblk -f to see all connected drives, partitions and file systems and their file system type.

I’m not much of a one-liner collector but I like this one:

vim +copen -q <(grep -r -n <search> .) 

which searches for some string and opens all instances in vim’s quickfix list (and opens the quickfix window too). Navigate the list with :cn and :cn. Complex-ish edits are the obvious use case, but I use this for browsing logs too.

Neovim improves on this with nvim -q - and [q/]q, and plenty of fuzzy finder plugins can do a better version using ripgrep, but this basic one works on any system that has gnu grep and vim.

Edit:

This isn’t exactly a command, but I can’t imagine not knowing about this anymore:

$ man grep
/  -n       # double space before the dash!

brings you directly to the documentation of the -n option. Not the useless synopsis or any other paragraphs that mention -n in passing, but the actual doc for this option (OK, very occasionally it fails due to word wrap, but assuming the option is documented then it works 99% of the time).

The GNU utils vs BSD utils issue should be easy to work around with a bit of symlinking and PATH modification:

> type find
find is /bin/find

> type gfind
gfind is /usr/local/bin/gfind

> sudo mkdir -p /usr/local/opt/gnuutils/bin/
> sudo ln -s /usr/local/bin/gfind /usr/local/opt/gnuutils/bin/find

> PATH="/usr/local/opt/gnuutils/bin:$PATH" type find
find is /usr/local/opt/gnuutils/bin/find

or in script form:

#!/bin/sh
# install as /usr/local/bin/gnu-run
# invoke as gnu-run some-gnu-specific-script script-args
export PATH="/usr/local/opt/gnuutils/bin:$PATH"
exec "$@"

/usr/local/opt/... is probably not the best place to put this but you get the idea, you can make it work with POSIX tools. I don’t know that much about Chimera Linux but I’d be very surprised if nobody has thought of doing this systematically, e.g. as part of a distributable package.

This is probably the main reason every mainboard has TPMs now, since all common operating systems (Android, iOS/MacOS and Windows) do it.

From what I heard the Ubuntu installer offers a version that doesn’t suck (if secure boot is enabled at install time) so using that is probably fine, but I would beware of trying to DIY it since it’s easy to do incorrectly, most guides are wrong, and you will likely end up with easily bypassable encryption.

If your privileged user doesn’t have a password, in some cases this could lead to any program being able to elevate their privilege quietly, unlike UAC.

I think this is the most important part. There really isn’t any protection against random processes trying to do some version of exec sudo $0 except for the fact that it requires a password.

The FSF says this is the case but the actual legal situation is less clear, especially in the EU. Linking does not necessarily constitute a derivative work. Even decompilation of a (proprietary) library in order to link to it might be acceptable depending on the circumstance.

This isn’t something that can be fixed with a license, it’s a direct result of EU copyright law. Historically companies have tended to err on the side of the FSF interpretation, but it is on somewhat shaky grounds.

Sure it’s a problem when that happens. It’s not the only problem, and honestly in the case of coreutils it’s not really the most relevant one.

Do you think it’s likely that corporations will take over UNIX-likes with proprietary coreutils extensions forked from uutils? Because that’s the one thing that is legal to do with an MIT/BSD licensed coreutils but not with GPL licensed ones.