20
submitted 2 months ago by kevincox@lemmy.ml to c/selfhosted@lemmy.world

Is there any service that will speak LDAP but just respond with the local UNIX users?

Right now I have good management for local UNIX users but every service wants to do its own auth. This means that it is a pain of remembering different passwords, configuring passwords on setting up a new service and whatnot.

I noticed that a lot of services support LDAP auth, but I don't want to make my UNIX user accounts depend on LDAP for simplicity. So I was wondering if there was some sort of shim that will talk the LDAP protocol but just do authentication against the regular user database (PAM).

The closest I have seen is the services.openldap.declarativeContents NixOS option which I can probably use by transforming my regular UNIX settings into an LDAP config at build time, but I was wondering if there was anything simpler.

(Related note: I really wish that services would let you specify the user via HTTP header, then I could just manage auth at the reverse-proxy without worrying about bugs in the service)

[-] kevincox@lemmy.ml 141 points 3 months ago

Allowing showing different domains than the actual click target is wildly reckless and should be punishable.

"Oh but our poor advertisers want to use click tracking and it is too hard to set up on their main domain". Oh boo hoo, I'm sure if it is important to them they will figure it out.

[-] kevincox@lemmy.ml 129 points 6 months ago

Because people don't understand how copyright works.

In most countries any copyrightable work that you produce is automatically covered by copyright. You don't need to do anything additional to gain that protection.

Most Lemmy instances don't have any sort of licensing grant in their terms of service. So that means that the original author maintains all ownership of their work.

So technically what these people are doing is granting a license to their comment that allows it to be used for more than would otherwise be allowed by the default copyright protections.

What they are probably trying to accomplish is to revoke the ability for commercial enterprises to use their comments. However that is already the default state so it is pretty irrelevant. Basically any company that cares about copyright and thinks that what they are doing isn't allowed as fair use already wouldn't be able to use their comments without the license note. So by adding the license note all they are doing is allowing non-commercial AI to scrape it (which is probably not what was intended). Of course most AI scraping companies don't care about copyright or think that their use is not protected under copyright. So it is again irrelevant.

[-] kevincox@lemmy.ml 64 points 7 months ago

IDE is one thing, Go refuses to compile. Like calm down, I'm going to use it in a second. Just let me test the basics of my new method before I start using this variable.

Or every time you add or remove a printf it refuses to compile until you remove that unused import. Please just fuck off.

[-] kevincox@lemmy.ml 153 points 7 months ago

Death to HDMI. DisplayPort is the superior port.

16
submitted 8 months ago by kevincox@lemmy.ml to c/rssfeeds@lemmy.world
[-] kevincox@lemmy.ml 64 points 8 months ago

if staying outside EU

I'm pretty sure this is explicitly not allowed because most of the EU laws apply to EU citizens and residents. So if an EU citizen stays outside the EU they aren't allowed to stop following the EU rules.

[-] kevincox@lemmy.ml 58 points 8 months ago

Gabe Newell really nailed it there. I buy tons of games on Steam. I also used to subscribe to Netflix and rent movies from Google. But now Netflix has junk and I need to subscribe to 10 services and they occasionally deleted my partner's downloaded shows while traveling because they couldn't validate the license. I can't even play HD videos from any legal retailer on any of my devices other than a Chromecast as they aren't under the media lobby's control.

But say I was to download a movie from a torrent site. It would probably be a higher quality than streaming services would give me, I can play it offline with no concerns about license expiry and it will still be 4k on every device I choose to watch on. I could also take a screenshot and share to my friend (which may cause them to purchase that content!). It's basically all upsides. Maybe slightly more difficult to find the content than something like Google Play rentals, but really not much and the tradeoff is the greater choice of content available.

It is reductive to say that piracy is just a service problem. There are lots of people who will try to save the money. But a lot of those people wouldn't spend much if any money either way. They would just skip most content, or watch with friends or similar. There is a huge group of people (myself included) that would happily pay a significant amount for content if they provided a good experience. But they are too busy failing to stop piracy to bother giving a good experience.

[-] kevincox@lemmy.ml 246 points 8 months ago

This is why DisplayPort is the better connector. Because they don't have their thumbs up their asses.

It always saddens me how much user pain has been caused and money wasted in implementing DRM which as far as I can tell hasn't succeeded in preventing a single movie or TV show from being available on torrent sites.

[-] kevincox@lemmy.ml 146 points 10 months ago

Back in the day X was a great protocol that reflected the needs of the time.

  1. Applications asked it to draw some lines and text.
  2. It sent input events to applications.

People also wanted to customize how their windows were laid out more flexibly. So the window manager appeared. This would move all of your windows around for you and provide some global shortcuts for things.

Then graphics got more complicated. All of a sudden the simple drawing primitives of X weren't sufficient. Other than lines, text and rectangles applications wanted gradients, rounded corners and to display rich graphics. So now instead of using all of these fancy drawing APIs they were just uploading big bitmaps to the X server. At this point 1/3 of what the X server was previously doing became obsolete.

Next people wanted fancy effects and transparency (like drop shadows). So window managers started compositing the display. This is great but now they need more control than just moving windows around on the display in case they are warped, rendered somewhere slightly differently or on a different workspace. So now all input events go first from X to the window manager, then back to X, then to the application. Also output needs to be processed by the window manager, so it is sent from the client to X, then to the window manager, then the composited output is sent to X. So another 1/3 of what X was doing became obsolete.

So now what is the X server doing:

  1. Outputting the composited image to the display.
  2. Receiving input from input devices.
  3. Shuffling messages and graphics between the window manager and applications.

It turns out that 1 and 2 have got vastly simpler over the years, and can now basically be solved by a few libraries. 3 is just overhead (especially if you are trying to use X over a network because input and output need to make multiple round-trips each).

So 1 and 2 turned into libraries and 3 was just removed. Basically this made the X server disappear. Now the window manager just directly read input and displayed output usually using some common libraries.

Now removing the X server is a breaking change, so it was a great time to rethink a lot of decisions. Some of the highlights are:

  1. Accessing other applications information (output and input capture) requires explicit permission. This is a key piece to sandboxing applications.
  2. Organize the system around frames to avoid tearing except for when desired (X doesn't really have the concept of a frame).
  3. Remove lots of basically unused APIs like fonts, drawing and many others.

So the future is great. Simpler, faster, more secure and more extensible. However getting there takes time.

This was also slowed down by some people trying to resist some features that X had (such as applications being able to position themselves). And with a few examples like that it can be impossible to make a nice port of an application to Wayland. However over time these features are being added and these days most applications have good Wayland support.

[-] kevincox@lemmy.ml 56 points 1 year ago

The rant comment will be forever changed.

And dare I say improved.

362
Haunted House (xkcd.com)
134
submitted 1 year ago by kevincox@lemmy.ml to c/linux@lemmy.ml

I'm reconsidering my terminal emulator and was curious what everyone was using.

[-] kevincox@lemmy.ml 49 points 1 year ago

This is https://www.hyrumslaw.com/.

Basically there are two types of breaking changes:

  1. The change may break something.
  2. The change breaks a contract of the code.

What you are experiencing with debugRepr() is that you have triggered 1. You have made a chance that may break a user. But you have not triggered 2 because the new output is still within the previous contract. What level of stability you want to uphold is up to you.

[-] kevincox@lemmy.ml 52 points 1 year ago

This proposal absolutely infuriates me. This is making it so that you won't be able to browse the web unless you are using "approved" hardware on an "approved" OS with an "approved" browser. You will have no freedom to control your computing. Even if your browser is open source it will barely matter because you won't be able to patch it, you will need to run the approved binaries.

Fuck off and let me use the software I want.

This is SafetyNet from Android. You won't be able to access your bank, your movies, your anything unless you are using hardware and software that is controlled by billion dollar corporations.

35
submitted 1 year ago by kevincox@lemmy.ml to c/lemmy@lemmy.ml
[-] kevincox@lemmy.ml 134 points 1 year ago

People are getting all upset at Facebook/Meta here but they were served a valid warrant. I don't think there is much to get mad about them here. The takeaway I get is this:

Avoid giving data to others. No matter how trustworthy they are (not that Meta is) they can be legally compelled to release it. Trust only in cryptography.

There is of course the other question of if abortion being illegal is a policy that most people agree with...but that is a whole different kettle of fish that I won't get into here.

2
submitted 1 year ago by kevincox@lemmy.ml to c/fediverse@lemmy.ml
2
submitted 1 year ago by kevincox@lemmy.ml to c/linux@lemmy.ml
view more: next ›

kevincox

joined 3 years ago
MODERATOR OF