Used OpenVPN for years. Seems people are moving away from that and switching to wireguard enabled VPNs. Any recs for a good one on Raspbian? If OpenVPN is still worth it I’ll stay with the known.

Hi guys. I've been using Linux for 2-3 years now. So far I have had great success with RDP access on Ubuntu and Zorin (GNOME) DEs.

I just installed Debian with XFCE. I installed XRDP but for the life of me I cannot get it working. Anyone have any tips to access remotely? I'm open to solutions other than XRDP too. Thanks!

PPS: Please at least TRY to read the following (if possible, not just the title) with an open mind and in a spirit of tolerance. It was written in good faith by a Linux user who will be staying on Linux.

PPPS: Among all the mean-spirited downvoting and insults and calumny (hey, this is social media) I actually learned a few useful things from this discussion. Perhaps the highlight was the tip about an obscure crowdfunded project which really fits the bill. Too late this time but I'm hopeful such projects, including Pine and Framework, might be become more available and more affordable in future.

I'm frustrated. Once again, I have had to buy a computer I didn't want in order to stay on Linux.

Some background. Compared to most people in this forum, I am a somewhat normal computer user. That is, I have not touched a mouse in decades, I use a small lightweight low-end laptop (which is not slow on Linux), and I do not take anything to pieces. To be clear, I'm a programmer and a massive FOSS idealist. But I've never been interested in hardware, and in this respect I'm a complete normie. Let's not forget that for most ordinary people, a "computer" these days is the tethered corporate toy in their pocket.

For me this slide away from free personal computing is now getting impossible to ignore.

• 20 years ago I could buy a laptop (a Fujitsu) from a major European electronics retailer which came with a Linux CD - a Linux CD! (Kanotix, a Debian variant).
• In the late 2010s, I had a nice choice of cheap Taiwanese Wintel netbooks. So there was a Windows tax to pay but at least the hardware worked fine.
• 4 years ago, the options were getting thin on the ground. For 400€ I could find only one Linux-compatible X86 laptop, made by Acer. And since I didn't have a Linux live USB, I had to (fake-) register the thing with Microsoft in order to get access to the damn web.
• Today, there's almost nothing left. Intel laptops have all but disappeared from the budget aisle, replaced by ARM-powered Chromebooks and, increasingly, big Android tablets with keyboards. Putting non-spyware Linux on these things is often possible, sort of, but it's a nightmare. You're back to the 2010 era of ROM-flashing on Android, using repos from random developers and wading through impenetrable forum discussions. It's a massive PITA. This is not the way computing should be done, and normal users will never do it even if they were capable. It's hardly secure either.

The geeky suggestion which I can hear coming, "buy a secondhand Thinkpad", is not a proper solution. It's a band-aid fix with a timeout (PS: meaning it's on the way to EOL). Hardware from the likes of Tuxedo and Framework is nice but too heavy (PS: correction, Framework is not heavy) and way too expensive for me. The Pinebook Pro is always out of stock.

And anyway, for years I have wanted to move from a laptop to a convertible tablet (like the Surface or Lenovo's Yoga and Duet lines). It makes so much sense ergonomically and even in terms of maintenance. (Keyboards have moving parts. I have to change my Acer because it has a faulty keyboard which cannot be fixed except professionally at prohibitive cost. Crazy.) But none of these computers are easily compatible with Linux. It's possible, yes, but hardly simple.

I considered, for a fleeting moment, throwing in the towel. After 20 years.

And then bought yet another laptop, basically the same model as last time except a Chromebook. I know I'll get an OS I control onto it without too much stress. That's a relief. But I'm more worried than ever about how this story is going to end.

PS: I should have predicted the bitterness and negativity and cynicism I would provoke simply by sharing my thoughts and feelings in good faith. Social media is absolutely incorrigible. In the meantime I will of course be staying on Linux, as I thought I described.___

libgdata, the library that coordinates communication between GNOME apps and Google's APIs, has gone without a maintainer for nearly four years. [...] It was the only remaining reason libsoup2 was still present in the GNOME stack, at a time when libsoup2 was already being phased out ahead of the GNOME 44 release. Currently, Debian's security tracker lists many open CVEs against it, covering everything from HTTP request smuggling to authentication flaws.

AMENDMENT Ubuntu 24.04 cannot install onto NVMe, at all, no matter what.

I tried it with a non-switched PCIe adapter, & it still couldn't work.

Sorry I got it wrong, before.

Now I'm working to discover if 25.10 can install to NVMe ( in spite of Lubuntu's broken build-essential package, & the idiocy of Lubuntu telling us to file bug-reports in the Ubuntu One ( or whatever ) system, but that system not allowing that Lubuntu is a tracked project, so there's NO bug-reporting place for it. Idiocy. ).

I'll update this again whether it works or not, so you don't have to do these stupid experiments to discover the fundamentals.

The performance-difference is sooo spectacular, that the engineers who wouldn't include NVMe on the board-itself .. cannot be considered loyal to the potential of the devices they're engineering, tbh: they essentially "Celeron'd" the things by making them use microSDXC, which .. not my values )

TL;DR:

IF you use Geerling's rpi-clone tool, THEN DON'T name your new root partition, let it do all the config by UUID,

AND if you have NVMe on a dual-device board, through a PCIe-switch chip, then your ONLY option is to boot from RasPi OS, because Ubuntu 24.04 LTS simply won't work through that: they configured the kernel to not be capable of it.

( didn't bother trying 25.10, because on the destop, Lubuntu 25.10 CAN'T INSTALL build-essential PACKAGE, so that breaks EVERYthing for my learning-programming machine, & I need both to be using the same OS, version-included, so I don't get driven mad by UX-inconsistencies : )

This took waaay too long to figure-out, so I'm putting it here for others, so you don't have to bash your brain against the damn wall, like I did.

Geerling's rpi-clone tool, available from geerlingguy's github,

# Install rpi-clone.
git clone https://github.com/geerlingguy/rpi-clone.git
cd rpi-clone
sudo cp rpi-clone rpi-clone-setup /usr/local/sbin

# Clone to the NVMe drive (usually nvme0n1, but check with `lsblk`).
sudo rpi-clone nvme0n1

has a gotcha: if you name the new root-partition, then it won't be able to mount it, in my experience.

Once named, that root-partition can't be mounted when booting from NVMe, by /dev/nvme0n1p2, not by LABEL=whatever. ( didn't try UUID mount )

You need to have it identical in your linux-kernel cmdline.txt ( which is in your /boot/firmware/ dir, aka your 1st-partition ) and in your /etc/fstab ( which is in your 2nd partition ).

That took ages to learn, too.

Let the rpi-clone util have NO name for the new root partition, & then it'll correctly give UUID identifiers to both of those files, for your new root.

Then it'll work in Raspberry Pi OS.

However, nothing one does can get Ubuntu's 24.04 LTS to boot from dual-device/PCIe-switched NVMe adapter/"hat": apparently Ubuntu pruned-out the kernel's ability to work through a PCIe-switch, breaking all dual-NVMe-adapter-boards from being able to work.

( updated-system is current @ 2026-04-02, in case they update it in the future )

I'd wanted to someday switch to BTRFS raid1, but .. that's impossible, unless remaining in RasPi OS, which I don't want to do, because too many things consider Ubuntu to be the only default-config.

As Torvalds identified: it's hell to make an app work with multiple distros, due to too-little being standard between them all, hence the "just do Ubuntu" paradigm that's substituting for app-developer's standard..

( & snaps/flatpaks are usually x86_64 only, ttbomk, so that doesn't help, either )

Yeah, I know, Arch's got a Rpi4 ( or greater ) version, & yes, I've tried it,

but I really want to stop doing sysadmin, & just do learning Haskell, THE programming-language for developing one's ability to think & to prevent-bugs in programs, if done correctly.

( no side-effects-distributed-throughout-the-entire-codebase, pure-functional, & type-level programming all contribute to that )

May you not hit all the damn corner-cases in the world,

_ /\ _

cross-posted from: https://reddthat.com/post/62952528

An internal memo dispatched by senior execs at Red Hat suggests the software biz is starting to push AI tooling within its Global Engineering department. RHEL may be about to get some Windows 11-style "improvements."

It carries the heading "Engineering that's evolved and amplified for the AI era," and for any AI skeptics in the developer teams at Red Hat, the tone of the email may raise alarm bells. The times are changing, it states.

I'm new to wayland and still shopping around for a tiling wm that makes me happy. I'm familiar with ratpoison, and hear cagebreak might be a suitable alternative?

• https://github.com/project-repo/cagebreak
• https://wiki.archlinux.org/title/Cagebreak

Been building Voiden, an API IDE on Electron. Not really “just an API client”, and not a(nother) thin wrapper around a webapp either.

Made it intially available for Windows and Mac, but after getting requests from folks who work on Linux, we added Linux support a few months ago, before open-sourcing it. (That's actually one of the reasons we picked electron :to be able to ship fast and have cross platform consistency across Linux, Mac and Windows.)

Repo: https://github.com/VoidenHQ/voiden

So far, Voiden is available on Linux via:

• .deb for Ubuntu and Debian-based distros .rpm for Fedora, RHEL, and other RPM-based distros
• .AppImage for a portable option that should work across most distributions
• .AUR package for Arch users : https://aur.archlinux.org/packages/voiden-beta-appimage

Definitely considering adding more like Nix or Flatpak, but we are working to get our priorities right: Which ones would you actually use and prefer?

A disclaimer about the tool: Since we didn't want to build yet another (cheaper) clone of Postman, Voiden looks and feels very different:

• The UI is "programmable": Requests are “built” with slash commands from blocks (endpoints, headers, auth, params, bodies, etc.), like LEGO blocks but for API components. Or like Notion for APIs.

• These blocks can be also reused in different APIs to have ALL common elements done in one single file. You can then change them once and it will all get updated in all the other docs. Just like in code when we add an extra logic to an imported method. (In other API clients you would need to duplicate stuff or just use environment variables to substitute.)

• API Specs, tests, and docs live together in executable Markdown.

Welcome to try it out and let us know: what works, what breaks, and which packaging or distro support would make Voiden easiest for you?

Strong opinions are encouraged. :)

Github : https://github.com/VoidenHQ/voiden Download here : https://voiden.md/download

Git native, No login, No accounts, No telemetry.

I have a laptop I take with me that has UFW. I want to allow Syncthing from my home subnet and another place. Is there a way I can do that without allow from anywhere?

Additionally, is the default ufw allow service-name/port, where it allows from anywhere, insecure? Like, does it open the port to the internet, for anyone to see or connect to?

cross-posted from: https://lemmy.ca/post/62536902

The ongoing discussions about age-verification and changes in Free and Open-Source Software and GNU Linux and related OSs made me realize a gross misunderstanding on my part. I think many other users may have the same misunderstanding (seeing many comments using the word "traitors"), and it's important that we become aware of it. We must understand that using or saying “FOSS” or “Linux” does not automatically mean to stand up for human rights, for the community, against corporations, and similar goals and values.

If we read the comments in those age-verification discussions we can see that many developers and possibly also users make statements like “the developers have no obligation towards the community”, “the law is the law, no matter what the community wants”, “we must comply”, and similar. It’s important to realize that many developers work on FOSS not out of consideration for the community, or for human rights, or against corporations. For them it’s just one kind of software development. We may have projects that are FOSS and pro-corporations or pro-surveillance. The "F" in FOSS stands for freedom to modify and distribute the software by/to anyone in the community. It doesn’t stand for “software that promotes / stands up for general human freedom and human rights". But of course there are also developers that work with FOSS because of such values.

So for anyone who, like me, wants to use and promote software as an assertion of, and a stand for, human rights and against corporations, it’s necessary not to stop at “FOSS” or “Linux” but apply more scrutiny and more careful choices. Probably it's always been like this, but the present times require extra awareness.

I wish there was an acronym or other word that made this moral aspect of some FOSS development clear. This would help users to recognize software projects that share their values, and also those FOSS developers who do work for those values. Is there such a term already out there?

Linux mint, old ass ddr3 am3 fx 8 core proc

I was wondering why random files kept getting corrupted when transferring to my flash drive, until i downloaded a Linux iso and copied it to a flash drive when i went to check the 256 hash on it was not matching. I had copied the exact file to the drive so there was no way it wouldnt match. Found out the back 3.0 ports work fine, copied the exact same file and the hashes matched. And yes, it was all through reputable sources.

And the odd thing. My front port is just a 2 ft usb cable that rubs through the case out the back and plugs into another 3.0 port. It doesn't pin directly to the mobo, and its not a hub.

So confused how 2ft of cable was corrupting file xfers.

Going through a bunch of JavaScript I do not trust and it has a ton of web address comments like citations but likely some bad stuff in there too. What could be swapped with the address to instead act as a local tripwire or trap?

Just a mild curiosity for scripting stuff.

cross-posted from: https://lemmy.ca/post/62296258

I find it sad and very anti-democratic that they blocked my post, which is polite and respectful. The reply of the moderator was moreover rude: "Instead of starting useless drama here, seemingly in search of magic validation points" and "Go and protest somewhere else, to the people that can actually do something about it."

Here's my polite open letter:

---

I have been happily using KDE software, and especially the Kubuntu Linux distro, Plasma, and Dolphin, for almost a decade, on several devices. Of course I’m also a regular donor and affectionate follower.

It seems that more and more software developers in the Linux and FOSS ecosystem want to implement changes to comply with various age-verification laws. I understand that for the KDE developers and maintainers it might be a difficult decision whether to make this kind of changes or not. They have to consider “legal” aspects, collaboration with other developers, and, possibly, also what their user base think. What to weigh in, and how much weight to give to what, is of course up to the maintainers and developers.

I respect the choice that will be made by KDE. But I also want to make clear, in a respectful and polite way, that if such changes are implemented in KDE software and the Kubuntu distro, then I’ll move away from them, to other software and distros that do not comply (there already are some and I’m sure there’ll be plenty more).

“Well, who cares?” might the KDE people justly say. Partly I’m writing this open letter out of a feeling of friendship. It’s somehow like when you discover that a dear friend might have values very different from yours, so you have to break your no-longer-meaningful friendship, but you also feel you have to explain to your friend why, rather than going away silently. I also believe that many other KDE users think like I do, so this message does not come from me alone.

For me GNU Linux and FOSS is not only a choice about software: it’s also a choice about human values, human rights, and moral stances. These laws, besides being pointless, cross a threshold about human rights and values that I personally do not and will not allow (if this makes me a “criminal” in the egregious company of “criminals” like Claudette Colvin or King or Mandela, so be it). I want therefore to use software that also makes a similar choice, based not only on what’s “legal” but also on what’s “moral”. Besides appeals to politicians, marches of protests, strikes, and similar, also software choice is a form of protest and non-compliance; a stance.

Salutations!

I've been running Manjaro on my T495 without a hitch for a long time, now. With all the chatter about Manjaro possibly not being maintained, I wanted to explore jumping to a different distro like CachyOS. The problem is, when I installed Manjaro on a BTRFS filesystem, I didn't make a separate /home partition. Is there a way to migrate to CachyOS without deleting /home?

I realize BTRFS uses subvolumes instead of "real" partitions, but I'm not sure how to proceed. In my initial searches, there is a process to rename the subvolumes to something else, install CachyOS, then use rsync to restore my files, but I don't know WHERE to do this. In the LiveUSB environment? During the installer? (See post Here)

Or am I better off just using rsync to backup the whole /home folder to an external drive, install CachyOS fresh, then rsync my files over when the installer is completed but before I boot for the first time?

Apologies if this is some basic stuff, I just don't want to lose any data, especially my Docker containers and pictures.

cross-posted from: https://lemmy.ca/post/62278765

Software changes for compliance with age-verification laws are being pushed a bit everywhere in Linux-development; for example:

• In Systemd, already merged.

• In xdg.desktop.portal (a portal frontend service for Flatpak and other desktop containment frameworks), still open.

• In Arch Linux, still open.

• In Freedesktop.org, still open.

It's interesting that it's the same small group of people behind these pull requests, and that discussion threads in them have been locked owing to a great amount of negative criticisms.

They say "we have to comply with the law". Which also means that if "the law" in the future will require proper verification, handling to 3rd-parties, or whatnot, then they will comply.

Well, it's their right to. They don't owe anything to anyone, and are under no obligation to report to users or to the community, nor to pay heed to anybody's wishes.

If things proceed in this direction, we users may at some point have to choose between privacy-friendly Linux distributions or legal Linux distributions. People who, like me, are worried, need to start thinking about concrete actions to take before it's too late: where to develop such distros? which channels to download and distribute them from? And so on. (And of course, more generally we need to write and protest to politicians, organize protest marches, go on strike, refuse to comply...)

It's good to remind to those who keep on repeating the words "legal" and "illegal" that for example Nelson Mandela was, technically speaking, a criminal who did and promoted illegal activity. This happens when laws become immoral.

I was using pop os and was able to see my storage here. But now on arch with gnome it doesnt show the same. It shows only root particion space, and not my main space that i use for programs, games and stuff..

Why is that and can i fix it somehow..?

cross-posted from: https://lemmy.ca/post/62271746

Add a required birth date prompt (YYYY-MM-DD) to the user creation flow, stored as a systemd userdb JSON drop-in at /etc/userdb/.user on the target system.

Motivation

Recent age verification laws in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc. require platforms to verify user age. Collecting birth date at install time ensures Arch Linux is compliant with these regulations.

This is just a pull request, no changes yet.

The pull-request discussion thread has been locked, just like it happened for the similar thread in Systemd, owing to the amount of negative comments...

cross-posted from: https://lemmy.ca/post/62271427

For those interested, the Systemd release that's planned to include the controversial 'birthDate' field to user records, complying with age-verification laws, is v261 (see 'milestone' in the pull request). This release seems to be planned for May.

The current release, from some hours ago, is v260.1. I see that Ubuntu Noble (24.04) just updated to v255.

The container runs a local host server for use in a browser and is untrusted for development reasons. It needs to be treated as an advanced black hat. Its primary goal is recon and sending critical information via advanced connectionless protocols of unknown type. While extremely unlikely, it should be assumed to have access to proprietary systems and keys such as Intel ME and a UEFI shim of some sort. It may also use an otherwise trusted connection such as common git host, CDN, or DNS to communicate. It tries to access everything possible, key logger, desktop GUI, kernel logs, everything.

What is the Occam's Razor of solutions that best fit the constraints in your opinion? Other than the current solution of air gap.

cross-posted from: https://lemmy.ca/post/62192988

The latest changes implemented in the Systemd repo, related to or prompted by age-verification laws, have made many people unhappy (I suppose links about this aren't necessary). This has led to a surge in Systemd forks during the last days ("surge" because there have always been plenty of forks). Here are some forks that explicitly mention those changes as their reason for forking (rough time ordering taken from the fork page):

• paramazo/systemd "The systemd System and Service Manager without age verification"

• ganitam/systemd "Systemd fork just before the Age Verification addition. Hoping more capable developers and maintainers do same.."

• GSYT-Productions/systemd-fork "The systemd System and Service Manager, without the stupid Age Verification"

• speedythesnail/unre tarded-systemd "The systemd System and Service Manager, without the r e t arded age-verification commits"

• ta13579/systemd "The systemd System and Service Manager WITHOUT THE FUCKING AGE CHECKS"

• r4shsec/systemd-no-age-verification "This is systemd but without the age verification made via pull request https://github.com/systemd/systemd/pull/40978"

• Pingasmaster/fightthesystemd "Systemd without the nonsense: no age verification, no lighthouse built-in."

• Jeffrey-Sardina/system "Liberated systemd -- no surveillance. Ever."

• HaplessIdiot/systemd-saneagecheck "The systemd System and Service Manager with age verification bypass and polling rate options for said feature"

• Queer-Coded-LGBTQ/systemd-fuck-california "The systemd System and Service Manager, but without age bs added in."

• Codiak540/unshitted-systemd "A fork of systemd aiming to strip the Age verification. Sue me california."

Hopefully the energy of this reaction won't be scattered among too many alternatives, although some amount of scattering is always good.

cross-posted from: https://lemmy.wtf/post/39686444

Per the very first reply on their thread discussing it in their forums, which I linked directly to for the post title:

We'll NEVER require any verification or identification from the user.

However, what's gonna happen should the attempts to age-gate the XDG portal screw over alt-init distros like Artix too? My guess is maybe they start blocking regions which force age gating like Arch Linux 32 is doing.