Yeah, I know there was one a while back, and if you don’t use ECC RAM, given enough time, it will eat your data as it tries to correct checksum errors due to memory corruption. That’s why we keep backups, right. Right?
I tend to assume that every storage system will eventually lose data, so having multiple copies is vital.
I think the difference is the level it’s happening at. As I said, I haven’t tried it yet, but it looks like a simple, unfussy and minimal distribution that you then add functionality to via configuration. Having that declarative configuration means it’s easy to test new setups, roll back changes and even easily create modified configuration for other servers.
cries It’s amazing how much damage they’ve done to the linux ecosystem. Not just badly thought out concepts, but the amount of frustration and annoyance they caused by ramming it into existence and the cynicism it’s created.
Having consistent interface names on servers that have several is useful, but we already had that option. The interface names they generate are not only hard to remember, but not terribly useful as they’re based on things like which PCI slot they’re in, rather than what their purpose is. You want interface names like wan0 and DMZ, not enp0s2. Of course, you can set it up to use useful names, but it’s more complicated than it used to be, so while the systemd approach looks like a good idea on the surface, it’s actually a retrograde step.
He may have taken some ideas from there, but I still see more windows like ideas. We’re one bad decision away from systemd-regedit. If that happens, I might just give up completely.
I try not to think about the things they’ve done, it’s not good for my blood pressure. They had a decent desktop distro, but they seem determined to trash it with terrible decisions.
In news that will shock no-one, dbus was, of course, initially created by a Redhat engineer. I get the idea of having a general purpose bus that everything can communicate on, but they somehow managed to even make that complex.
You make a compelling case for Void Linux. I use Debian or a RHEL derivative for work, primarily so there’s at least a chance to hand systems off to someone else to maintain, the less known distros seem to meet with blank looks.
I want to give NixOS a try sometime, as I like the idea of declaritively defining the system
I do use Ansible, partly because it’s easier to tell people that’s how you do it rather than “I wrote a shell script, it took half the time to write, it’s 20% the size and runs several times faster”. To be fair to Ansible, if you’re configuring a number of servers at the same time, it’s not too bad speedwise as it’ll do batches of them in parallel. Configuring one server at a time is agony though.
I’ve never actually tried BTRFS, there were a few too many “it loses all your data” bugs in the early days, and I was already using ZFS by then anyway. ZFS has more than it’s fair share of problems, but I’m pretty confident my data is safe, and it has the same upsides as BTRFS. I’m looking forward to seeing how BCachefs works now it’s in kernel, and I really want to compare all three under real workloads.
That’s fair, it does make sense to use it on a laptop, but it really should be the sort of thing you add when needed rather than having it jammed in whether it’s useful or not.
Every time I need to do something even slightly different to a basic setup I find myself inventing new curses for those who screwed things up with these overblown, over complex, minimally functional abominations. Just give me vi and the basic configuration files and let me get on with it!
He’s definitely off my Christmas card list. He seems desperate to leave a legacy, but he keeps trying to turn Linux into windows instead.
Personally I’d do away with NetworkManager too and just configure the interfaces directly, but that might just be me being old and grumpy!
I think most distros go along because their upstream did. There are comparatively few ‘top level’ distributions, the main ones (by usage) being Redhat and Debian. Most everything else branches from those. Redhat’s got enough clout on the market that there’s a sort of pull towards complying with it just to not be left put.
I use Debian, but I think they’re crazy for swallowing everything Redhat pushes, they could easily stick to the cleaner options and have a better system for it. At least they let you opt out of systemd, so life is a little more tolerable.
No need for a custom solution, we already had ways to make predictable names that worked better than this. Giving each interface a name that represents it’s job makes life so much easier when you have several, naming them after which PCI bus they’re on does not.
I’m with our binary friend; the systems they try to replace tend to be time tested, reliable and simple (if not necessarily immediately obvious) to manage. I can think of a single instance where a Redhat-ism is better, or even equivalent, to what we already have. In eavh case it’s been a pretty transparent attempt to move from Embrace to Extend, and that never ends well for the users.
It’s amazing how many linux problems stem from ‘Redhat, however, found this solution too simple and instead devised their own scheme’. Just about every over complex, bloated bit of nonsense we have to fight with has the same genesis.
For most people, your brain is probably pretty good at vividly imaging the sensation of licking different surfaces. Try it; focus an imagine licking a towel. Mmm. Fluffy!
This seems like a very complicated way to achieve your goal! It sounds like sitting yourself down and giving you a stern talking to might be a beter aporoach.
Having said that, if you have these very important files that you don’t want to lose, please make sure they’re backed up somewhere off of your machine. Storage fails, and it’s a horrible feeling losing something important. Unfortunately doing so would defeat the approach you’re thinking of.
This might be a case of needing to reframe the question to get to the cause of the issue, and then solve that. So, why do you want to make it hard to reinstall your machine? Is it the amount of time you spend on it, the chance of screwing it up, needing it working, has it become a compulsion or something else? Maybe if we can get to the root of the issue we can find a solution.
With regard to TPM, it’s basically just a key store, so you can use it fir anything really, althought it’s normally used by generating a TPM key and using it to encrypt the key that’s actually used to encrypt your data, storing the encrypted key with the OS. Just reinstalling won’t wipe the TPM, but unless you made an effort to save the encrypted key it’ll be gone. Given your problem statement above it just adds to the data you’d need to save, which isn’t helpful.
Ok, I’m still not clear on exactly what you’re trying to achieve as I can’t quite see the connection between somehow preventing certain files being duplicated when cloning the disk and preventing yourself from reinstalling the system.
Bear in mind that reinstalling the system would replace all of the OS, so there’s no way to leave counter-measures there, and the disk itself can’t do anything to your data, even if it could detect a clone operation.
If what you’re trying to protect against is someone who knows everything you do accessing your data, you could look to use TPM to store the encryption key for your FDE. That way you don’t know the password, it’s stored encrypted with a secret key that is, in turn, stored and protected by your CPU. That way a disk clone couldn’t be used on any hardware except your specific machine.
Nothing can prevent a disk clone cloning the data, and there’s no way to make something happen when a disk is cloned as you’re not in control of the process.
If you wish to mask the existence of the files, use either full disk encryption, in which case cloning the disk doesn’t reveal the existence of the files without the decrypt password, or use a file based encrypted partition such as veracrypt in which case the cloner would just see a single encrypted blob rather than your file names.
Ultimately encrypting the files with gpg means they have already effectively ‘destroyed or corrupted’ themselves when cloned. If you don’t want to reveal the filenames, just call them something else.
If you could be a bit more specific about your threat model people may have better ideas to help.
Yes, yes, but now lets take that, make it dependent on the session management system and dns resolver for some reason, make the command longer and more convoluted and store the results in one or more of a dozen locations! It’ll be great!
/s
Dconf is bad, just imagine how bad a systemd version would be.