comments

Re: comment 1

I'm not sure why you're saying that it's sloppy for a system-wide binary to be owned by root. That's both the policy in Debian and also it prevents an ordinary user from tampering a binary that could be used by other users.

Comment by francois — 22:32, 07 November 2018

comment 1

sudo chown root:root /usr/bin/VidyoDesktop

Why, specifically, does it need to be root? Simple chown-to-root is operationally sloppy/Windows-think. Do you have a setcap(8) procedure that could yield a viable result?

Comment by Anonymous — 11:02, 07 November 2018

ejabberd

You can install freedombox on debian now and it provides apps to bypass all thia - ejabberd, matrix, lets encrypt and more.

Comment by lsjmhar — 17:28, 30 October 2018

tls authentication freenode and oftc

Has the irssi certificate leakage been fixed yet?

Comment by austere — 17:55, 07 October 2018

Got mine back with a Btrfs root

I got the same problem after upgrading to 18.04, I don't use LVM but Btrfs, all I had to change was

apt install btrfs-progs

Everything else was exactly the same.

Thank you.

Comment by JC — 13:41, 27 September 2018

Awesome tutorial

I was looking into this so bad. My Bios update images are big enough to not fit into the default floppy or usb installer of freedos specially that I want to boot it over pxe. This definitely helped me. Thank you.

Comment by Hamid — 00:10, 25 September 2018

Thanks for this, with some tweaks I was able to script a recovery process for my machine

I wanted to make sure the next time it happens I could recover quickly with just the LiveCD available.

I wrote it to detect the correct name from the /mnt/etc/crypttab to ensure the update-initramfs command can properly update.

https://gist.github.com/dragon788/e777ba64d373210e4f6306ad40ee0e80

Comment by dragon788 — 11:57, 05 September 2018

Trimming breaks Google Play Music web app

Ah, I found some breakage with just:

network.http.referer.XOriginTrimmingPolicy = 2

With this set, the Google Play Music web app errors with "couldn't fetch recommendations, please try again" (found the idea that it might by my referer policy here).

Comment by Andrew Schwartzmeyer — 11:41, 04 September 2018

Re: LetsEncrypt

I suppose I could come up with a root cronjob to do it

Indeed, that's exactly how I have my letsencrypt certs set to renew automatically using certbot.

Comment by francois — 14:24, 24 August 2018

LetsEncrypt

Looking for good install guide. The only drawback I see in reading your directions (I haven't done this yet) is the fact that you are concatenating key/bundle/csr to static file - and LE certs expire quickly. You will have to repeat this every 90 days. I suppose I could come up with a root cronjob to do it as a certbot cron.d 'post-renew' job, but I am guessing there is a better way.. if I find I will post again.

Comment by B. Shea — 10:20, 24 August 2018