I have been using it for years but I haven't been able to make all software that I wanted to run with compatible. Most of mozilla based software behave well with firejail. Firetools I found a bit unnecessary, it hides all the output that you get and can possibly diagnose a problem.

I didn't have any idea of what such things did or how can it be possible to have such things and I run into the introduction of tor-browser-sandbox when it first came out. That lead to the discovery of firejail.

Firejail hexchat works and it is one preconfigured item in firetools, I think.
4 days later
and then: Python 3.9.0b4
BPO 38692, os.pidfd_open added that allows process management without races and signals;
I'm still not get point of these 2 linux-specific system call.

First, we couldn't eliminate race condition by employ pidfd_open merely.

The manpage says:
Note, however, that this is guaranteed only if the following conditions hold true:

* the disposition of SIGCHLD has not been explicitly set to SIG_IGN (see sigaction(2));

* the SA_NOCLDWAIT flag was not specified while establishing a handler for SIGCHLD
or while setting the disposition of that signal to SIG_DFL (see sigaction(2)); and

* the zombie process was not reaped elsewhere in the program
(e.g., either by an asynchronously executed signal handler
or by wait(2) or similar in another thread).

If any of these conditions does not hold, then the child process
(along with a PID file descriptor that refers to it)
should instead be created using clone(2) with the CLONE_PIDFD flag.
There still a window between fork and pidfd_open. Only clone with CLONE_PIDFD could eliminate that completely.

And, of cause, we must use pidfd_send_signal instead of the plain old kill.

Second, by using something other than kill, it's feasible that we could eliminate race condition without those linux-specific features.

The key point is that: only direct parents can wait and make pid of children invalid and reusable. Only those direct parents can send signal to children without race conditions and MUST BE responsible for it. And the traditional way of writing daemon, making the daemon an orphan, is completely wrong. The solution is simple: sending requests to parents instead of using kill directly.

It is a little more complex than using pidfd. But if we want to write portable applications, we must write these extra code anyway, IN USERSPACE.

Or

Third, Linux are encouraging developer writing non-portable code and locking them in. Just like the old Windows. Isn't it?

asyncio are one component of Python's standard libraries. If pidfd fixs something in asyncio in Linux, how about BSDs? BSDs aren't even mentioned in the issue tracker.
3 months later
Some interesting legislation passed in Brazil you may have not known about. I am thinking that if you MUST register for some huge data mining site, like google and social media, it may be to your advantage to register as a Brazilian resident, then for news and weather pretend you are a Brazilian on vacation :)

Brazil Member Rights

A Brazilian Data Protection Authority ("DPA") will be established and will provide guidelines on how to interpret and implement the LGPD’s requirements. As those guidelines are not yet established, our approach is subject to change.

If you are habitually located in Brazil, you have rights under the Lei Geral de Proteção de Dados ("LGPD"), including the right to access, rectify, download or erase your information, as well as the right to restrict and object to certain processing of your information. You can find more information about how to exercise these rights in the section above entitled European Economic Area Member Rights.

If you have questions about your rights, you may contact us at DPO@ strava.com.

The LGPD requires us to have legal bases to collect, use, share and otherwise process information about you. You can find a description of the legal bases we rely on by reviewing the above section entitled European Economic Area Members: Our Legal Bases for Processing Your Information.



Strava is some cyclist/athletes site that records data of your cycling trip, gps, time, speed, etc. it can be linked to other gadgets than the tablet/phone, like heart rate etc, measure calories burned, ... I simply registered to see things only shown to members but have no android device to use this. I even hate the thought, just wanted to see routes and times recorded by people in my area to discover new routes.
6 days later
11 days later
3 months later
https://youtu.be/yKsBDcZq_dE?t=126

In what EU country do cops throw molotov-cocktail bombs to protesters?
Riot police wear fire-proof uniforms, protesters don't. Big difference in burning someone alive or just causing them to move a few steps.

This tv station reporting on a video found in social media from a protest earlier this week, is one of the most conservative nearly fascist, tv stations. This was a protest against police brutality people have been witnessing from cops checking documents/permits for being in public. Indefinite lockdown with night curfew for 4.5 months.

Because they try to prevent people going "out" in public areas, in the open fresh air, people use excuse permits of exercising/walking to visit friends, and gather at homes. So while on lockdown rates are booming in the past 3 weeks and hospitals are overwhelmed. Beating people up for walking in the park somehow will help things.
So I was right, there was more to the silence and ignoring of any mention of 66
Some, like Void Linux, have even elected not to use a service manager at all. (They use a process supervision system, which is good, but then have to script their entire init procedure, which is one of their major pain points.)
Don't tell me you didn't see this coming from the ego-maniac. There is no service management until he writes one up.

What a shame!
Some, like Void Linux, have even elected not to use a service manager at all. (They use a process supervision system, which is good, but then have to script their entire init procedure, which is one of their major pain points.)
he talk about runit on this sentence.

I didn't post this link for criticism but to let user aware about his funding request :).

Laurent was always clear with me about 66. He don't want to let any "wrapper" or "scripts" to be mandatory when you want to use s6/s6-rc. He don't talk about 66 but he don't talk about slew too, or anopa or any stuff made over s6/s6-rc.

He talk about his products and only his products which perfectly understandable.

Whatever you think about his "ego", you can deny the fact that he's a really good software engineer which have a really good skill about the Linux ecosystem and in particular the init procedure.

all humans have qualities and defects :).
Well, part of being a talented sw engineer is being really accurate about "statements", and after all the talk on his own lists about 66 on void to say that "have even elected not to use a service manager at all" is really inaccurate. And apart frorm s6/66, void also has sinit and daemontools which incorporates a service manager as well, am I wrong?

Pretending that something doesn't exist doesn't make it go away. I don't think slew and anopa were really used by a distro, were they? But how kind he does mention that artix and obarun have used his s6-rc ... :P
a month later
You think alpine can also hire eric to work with laurent of s6
Alpine dev doesn't want 66.
Also I hope eric has approved this or gotten credit from artix:
:lol: good joke man. You make my day.

They make a terrible error. They install all services at /etc/66/service which means that they don't make a distinction between services coming from upstream and service modified by user. If an user modify the service, he loose his change after an upstream upgrade. Good job guys!
Their 1st approach to s6 was to make it work just like runit. Which is like taking an F1 engine and using it to draw water from a water well, with runscripts equally simplistic. Artix perceives the user as someone who never does anything outside the desktop area, so they think the entire system should be controlled through pacman and there should be no user modification. Like an ubuntu or a manjaro, which is where most devs came from.

Crediting work copied is not their priority. What unique/inhouse software has artix produced? Artools, -sysvcompat? Whatelese? And artools is a modification of arch-tools.

98% of the value of artix lies on the implementation of runit on arch. Everything else pre-existed or is copied from elsewhere. But arch and runit is a good combination.

Spark linux on the other hand, 99.92% arch, has much more work done uniquely, apart from porting sinit.

Powered by Obarun