There’s a separate command called visudo for this purpose.
You CAN use any ol’ text editor but visudo has built-in validation specific to the sudoers file. This is helpful because sudoers syntax is unique and arcane, and errors are potentially quite harmful.
I’ve never actually tried it, but I think you could use BTRFS subvolumes to multiboot without partitioning the physical space.
And then maybe even use deduplication across subvolumes?
Weird. That used to say “container-native”, which at least makes sense – it heavily emphasizes container technologies like Flatpak, Docker/Podman, and Distrobox.
There’s no yum or dnf like on a standard Fedora system (though you can use rpm-ostree if you are desperate). As an “immutable” distro, it’s designed so that you do not install apps at the system level.
There are a handful on non-default apps I’ve used across my last 3-4 distros at least:
mpv - the best video player, period. Minimalist UI, maximalist configuration options. I’ve been using it for many years across many OSes and at this point everything else feels wrong.
Geany - My favorite GUI text editor on Linux.
Foliate - the simplest eBook reader I’ve found.
Strawberry - It’s “fine”. Honestly, I’ve never found a music player on Linux that I really liked. I keep falling back to Strawberry because it’s familiar and generally works as expected.
I’m running Bazzite on my desktop now. I hopped distros again because wrestling with GPU drivers was just too much trouble. After I upgraded my GPU, I couldn’t get it working optimally in Debian (see my previous thread about OpenCL). On Bazzite, it’s handled for me out of the box.
To me, the only difference between a “gaming” distro and a regular distro is that gaming distros come with smarter hardware drivers and configs out of the box. I see no downside.
It was a rough learning curve, though. There were so many major things that were new to me, such as:
My biggest advice to anyone making the switch is, do not fear Distrobox. I didn’t realize how easy it was to make both GUI apps and command-line tools available as first-class citizens within the host OS. For example, I installed Signal within my Debian box, then exported it with distrobox-export --app signal-desktop and boom, it operates like any other app within Bazzite. I slept on Distrobox for years and now I feel like a fool. It’s awesome. You can use Boxbuddy as a GUI to help you get started.
I’m overall very happy with Bazzite now.
Related feature on my wish list: I’d love a way to basically fork a feed based on regex pattern matching. This would be useful for some premium feeds that lump multiple podcasts together. For example, one of my Patreon feeds includes three shows: the ad-free main feed, the first-tier weekly premium feed, and the second-tier monthly premium feed.
I don’t want to filter them out because I DO want to listen to all of them, but for organizational purposes I don’t want them lumped together. I’d prefer to display these as two or three separate podcasts in my display.
Another example is the Maximum Fun premium BoCo feed. They include the bonus content for ALL their shows (which is…a lot) in a single feed. I only listen to about half a dozen, and even that is a bit of a mess in one feed!
BTRFS can work across multiple disks much like ZFS. It supports RAID 0/1/10 but I can’t tell you about performance relative to ZFS.
Just be sure you do NOT use BTRFS’s RAID5/6. It’s notoriously buggy and even the official docs warn that it is only for testing/development purposes. See https://btrfs.readthedocs.io/en/latest/btrfs-man5.html#raid56-status-and-recommended-practices
Edit: Another interesting thing to note between the two file systems is deduplication. ZFS supports automatic deduplication (although it requires a lot of memory). BTRFS supports deduplication but does not have built-in automatic dedup. You can use external tools to perform either file-level or block-level deduplication on BTRFS volumes: https://btrfs.readthedocs.io/en/latest/Deduplication.html
Good advice!
This is also available with BTRFS. Personally I am leveraging this feature via Snapper, simply because it was the default on OpenSuse and was good enough that I never bothered looking into alternatives. I’ve heard good things about Timeshift, too.
This has saved my butt a couple times. I’ll never go back to a filesystem that doesn’t support snapshots.
I really liked ZFS when I used it many years ago, but eventually I decided to move to BTRFS since it has built-in kernel support. I miss RAIDZ, though. :(
If you got a problem, reinstall and do the same stuff again, you’ll almost certainly get the same problem again
Sure, but nobody’s likely to do that. If I wiped my system now, I doubt I could get it back to exactly the same state if I tried. There are way too many moving parts. There are changes I’ve forgotten I ever applied, or only applied accidentally. And there are things I’d do differently if I had the chance to start over (like installing something via a different one of the half-dozen-or-so methods of installing packages on my distro).
For example, I have Docker installed because I once thought a problem I had might have been Podman-specific. Turned out it was not. But I never did the surgery necessary to fully excise Docker. I probably won’t bother unless and until there is a practical reason to.
They have a big IRL ad campaign in major US cities. See https://mullvad.net/en/blog/advertising-that-targets-everyone
These ads certainly aren’t the worst, but they’re still a bit misleading. Using a VPN is not going to prevent tracking in general. Your phone apps will still send GPS data to all the same places. Web sites will still use all the same cookies. Facebook is still gonna be Facebook. 🤷
That said, Mullvad does include domain-based ad and tracker blocking with their DNS server (which is free and available to the public, btw), and that’s also optional on the VPN, so it does help to a point.
(Pinging @countrypunk@slrpnk.net to avoid double-replying. )
Sure. I’m referring to the ones that run big ad campaigns, like Nord and Mullvad. They tend to overstate how a VPN can protect you, sometimes in ways that barely make sense. There is no epidemic of criminals stealing personal credit card information over insecure wi-fi, for example. The ads play into ignorance and fear.
That said, yeah, I’d rather be on a VPN when on a public wi-fi network. But I’m not really worried about someone sniffing my encrypted HTTPS traffic (which is pretty much everything nowadays; Firefox by default won’t even load unencrypted web sites).
Some VPNs allow multi-hopping, similar to Tor. I couldn’t give you an exhaustive list but most popular ones support this. Mullvad and Proton do, for example. There are also strategies to add noise into VPN traffic.
This is not a silver bullet, of course. Tor has similar problems as you describe if an adversary has visibility into enough nodes. As always, this comes down to your threat model.
On the one hand, I find the advertising of VPNs outright dishonest. On the other hand, I would trust any reputable VPN provider much more than I trust my ISP or cell carrier.
Great points, thanks.
Can you clarify what you mean by “local decryption”? I thought Proton and Tuta work pretty much the same way, but perhaps there’s a distinction I’m missing.
One thing I like about Tuta is that it has the option to cache your messages in localstorage in your browser so you can do full-text search. FWIW, I think Proton added a similar feature recently, though I have not tried it. I imagine neither would work very well with large mailboxes; probably better to configure a real email client.
Do they offer cloud storage now? From what I can see on their web site, it’s 500GB…just for email. I mean sure, that’s cool, but it would take me several lifetimes to accumulate 500GB of email so it’s not much of a selling point to me.
It’s a good email service, anyway. I’ve been using the free tier for a few years. Similar to Proton, and in theory Tuta is more private because they encrypt the headers as well as the message body.
It used to say “container-native”. They recently changed the wording, but there was no technical change.
It’s a Linux distro that runs locally, like any other. It has no particular tie-in with any cloud services. If Flatpak, Docker/Podman, Distrobox, Homebrew, etc. are “cloud” just because they involve downloading packages hosted on the internet, then I don’t know why you wouldn’t call “traditional” package managers like apt, dnf, zypper, etc. “cloud” as well. 🤷 So yeah, I feel your confusion.
The big difference compared to something like Debian or vanilla Fedora is that Bazzite is an “immutable” distro. What this means is that the OS image is monolithic and you don’t make changes directly to the system. Instead, you install apps and utilities via containers, or as a last resort you can apply a layer on top of the OS using rpm-ostree.
The only thing cloud-related about any of this is that atomic OS images and containers are more common in the server space than the desktop space.