𝕽𝖚𝖆𝖎𝖉𝖍𝖗𝖎𝖌𝖍

       🅸 🅰🅼 🆃🅷🅴 🅻🅰🆆. 
 𝕽𝖚𝖆𝖎𝖉𝖍𝖗𝖎𝖌𝖍 𝖋𝖊𝖆𝖙𝖍𝖊𝖗𝖘𝖙𝖔𝖓𝖊𝖍𝖆𝖚𝖌𝖍 
  • 2 Posts
  • 258 Comments
Joined 2 years ago
cake
Cake day: August 26th, 2022

help-circle




  • I’m 100% with you. I want a Light Phone with a changeable battery and the ability to run 4 non-standard phone apps that I need to have mobile: OSMAnd, Home Assistant, Gadget Bridge, and Jami. Assuming it has a phone, calculator, calendar, notes, and address book - the bare-bones phone functions - everything else I use on my phone is literally something I can do probably more easily on my laptop, and is nothing I need to be able to do while out and about. If it did that, I would probably never upgrade; my upgrade cycle is on the order of every 4 years or so as is, but if you took off all of the other crap, I’d use my phone less and upgrade less often.

    The main issue with phones like the Light Phone is that there are those apps that need to be mobile, and they often aren’t available there.


  • since all apps are designed to run well on budget phones from 5 years ago, there’s no reason to upgrade.

    5 years, maybe, but any more is stretching it. And not getting system upgrades anymore is problematic. Unless you own a particular model of phone, de-Googled Android can be hard to come by.

    For example, I have a 7-year old Pixel C. By the time Google stopped using system updates for it, I wasn’t wanting them as every release made the device slower and more unstable. After some effort, I was finally able to install a version of Lineage, which itself has problems including no updates in years. There’s a lot of software that is incompatible with my device, both from Aurora and FDroid.

    Android isn’t Linux; Google doesn’t care about maintaining backward compatability on old devices, much less performance, and there’s no army of engineers making sure it is because there’s a served running in walled-up closet no one can find.

    Google deprecates features and ABIs in Android, apps update and suddenly aren’t backwards compatible.

    5 years, maybe. The entire industry is addicted to users upgrading their phones, and everyone gets a piece of that pie. There’s no actors, except perhaps app developers, who have any interest in keeping old phones running. Telecoms upgrade their wireless network - the internet connection in my 8 y/o car, and half its navigation features, died the day AT&T decided to stop supporting 3G; Phone makers make no money if you don’t buy new phones; and maintaining backwards compatibility costs Google money which they’d rather siphon off to shareholders.






  • It’s listed as the “profile” in the screenshots you’re listing, but that’s the ruleset you’re altering.

    I used nft or iptables, and my interaction with ufw has been sparse, and mostly through the UI, because the rulesets the GUI generates are incomprehensible. There should be a command in ufw to report which profile is active.

    I’m going to guess this is a dead-end, since you’ve been using the CLI and I have to believe it uses the active profile by default, unless you tell it otherwise. However, in the GUI, if you edit rules in a profile it doesn’t automatically apply to your current ruleset. And if you alter your current ruleset, it doesn’t automatically persist it. So, even if you change a rule on the Home profile, and the Home profile is active, it doesn’t automatically get applied to the running ruleset; you have to take another action to apply it.

    Mind you, that’s all through the UI; I’ve never used the ufw command line, so this is (again) probably a red herring. I find ufw to be obtuse at best, because of the Byzantine rulesets it generates.





  • I use it for everything, but then, I wrote it. All of the desktop secret service tools have desktop dependencies (Gnome’s uses Gnome libraries, KDE’s pulls some KDE libraries) and run through DBUS; since I don’t use a DE, it’s a fair bit of unnecessary bloat. And I don’t like GUI apps that just hang around in the background consuming resources. I open KeePassXC when I need to make changes to the DB, and then I shut it down. Otherwise, it hangs out in my task bar, distracting me.

    Rook is for people who want to run on headless systems, or want to minimize resources usage, or don’t use a desktop environment (such as Gnome or KDE), or don’t run DBUS, or don’t run systemd. It’s for people who don’t want a bunch of applications running in the background in their task bar. KeePassXC providing a secret service is great, but it’s overkill if that’s most of what it’s providing for you, most of the time.

    I don’t think took is for everyone, or even for most people. It’s for people who like to live mostly in the command line, or even in VTs.


  • KeePassXC can’t be run in headless mode, and the GUI is tightly coupled to the app. You have to have all of X installed, and have a display running, to run it.

    Here’s the runtime dependencies of KeePassXC:

    linux-vdso.so.1
    libQt5Svg.so.5
    libqrencode.so.4
    libQt5Concurrent.so.5
    libpcsclite.so.1
    libargon2.so.1
    libQt5Network.so.5
    libQt5Widgets.so.5
    libbotan-3.so.5
    libz.so.1
    libminizip.so.1
    libQt5DBus.so.5
    libusb-1.0.so.0
    libQt5X11Extras.so.5
    libQt5Gui.so.5
    libQt5Core.so.5
    libX11.so.6
    libstdc++.so.6
    libm.so.6
    libgcc_s.so.1
    libc.so.6
    /lib64/ld-linux-x86-64.so.2
    libgssapi_krb5.so.2
    libproxy.so.1
    libssl.so.3
    libcrypto.so.3
    libbz2.so.1.0
    liblzma.so.5
    libsqlite3.so.0
    libdbus-1.so.3
    libudev.so.1
    libGL.so.1
    libpng16.so.16
    libharfbuzz.so.0
    libmd4c.so.0
    libsystemd.so.0
    libdouble-conversion.so.3
    libicui18n.so.75
    libicuuc.so.75
    libpcre2-16.so.0
    libzstd.so.1
    libglib-2.0.so.0
    libxcb.so.1
    libkrb5.so.3
    libk5crypto.so.3
    libcom_err.so.2
    libkrb5support.so.0
    libkeyutils.so.1
    libresolv.so.2
    libpxbackend-1.0.so
    libgobject-2.0.so.0
    libcap.so.2
    libGLdispatch.so.0
    libGLX.so.0
    libfreetype.so.6
    libgraphite2.so.3
    libicudata.so.75
    libpcre2-8.so.0
    libXau.so.6
    libXdmcp.so.6
    libcurl.so.4
    libgio-2.0.so.0
    libduktape.so.207
    libffi.so.8
    libbrotlidec.so.1
    libnghttp3.so.9
    libnghttp2.so.14
    libidn2.so.0
    libssh2.so.1
    libpsl.so.5
    libgmodule-2.0.so.0
    libmount.so.1
    libbrotlicommon.so.1
    libunistring.so.5
    libblkid.so.1
    

    I don’t know why it links to a systemd library. Here are the runtime dependencies of rook:

    linux-vdso.so.1
    libresolv.so.2
    libc.so.6
    /lib64/ld-linux-x86-64.so.2
    

    Don’t get me wrong: KeePassXC is one of my favorite programs. But don’t leave it running all the time, and it can’t be run on headless systems.




  • I don’t know anything about the Zero Trust network you’re working with, but this is essentially the same as what I’m doing with Home Assistant. It runs on the LAN, because it’s controlling everything in my house. The server is on a battery backup, most of my devices are z-wave, and several are battery powered. I can lose internet and power to the house, and still disarm the alarm and unlock the front door, at least until the UPS runs out, which is several hours.

    Since HA is on my LAN, accessing it while traveling requires exposing my server to the internet, which terrifies me. I do have VPSes, though, and I have one locked down s.t. it’s only accessible via VPN. It’s not exposing any ports to the WAN except the Wireguard ports. To get to my HA, I connect to that one VPS via the VPN, which is on a VPN subnet with my home server.

    The downside is that it is not possible to access my LAN (and, therefore, my HA server) without a pre-configured client. If I don’t have my laptop or phone, I can’t get to my LAN. If my VPS went down, I couldn’t get to my LAN. And, obviously, if my home internet goes down, I can’t get to my LAN. I’d rather be safe than sorry, though.