Thom Holwerda Archive

A guide to using Nix flakes the non-flake way

Flakes also are a symptom or cause of much intra-community strife between “pro-flakes” and “anti-flakes” factions, but this situation is at some level a sign of broken consensus processes and various actors trying to sidestep them, an assumption by many people that the docs are “outdated” for not using flakes, and the bizarre proliferation of flakes everywhere in blog posts or tutorials leading to a belief that they are required for everything. This post is about how to architect Nix projects in general, with a special eye on how to do so with flakes while avoiding their limitations. It tries to dispel misconceptions that can develop in such a monoculture. ↫ Jade Every time I hear about Nix and Flakes I feel like I understand all of it a little less.

systemd through the eyes of a musl distribution maintainer

systemd, as a service manager, is not actually a bad piece of software by itself. The fact it can act as both a service manager and an inetd(8) replacement is really cool. The unit file format is very nice and expressive. Defining mechanism and leaving policy to the administrator is a good design. Of course, nothing exists in a vacuum. I don’t like the encouragement to link daemons to libsystemd for better integration – all of the useful integrations can be done with more portable measures. And I really don’t like the fact they consider glibc to be “the Linux API” when musl, Bionic, and other libcs exist. I’d like to dive into detail on the good and the bad of systemd, as seen through my eyes as all of: end user, administrator, and developer. ↫ awilfox awilfox is a maintainer of Adélie Linux, which does not use systemd, but this blog post is one of the few reasonable, well-written, and substantiated critiques of systemd – as opposed to the usual mindless screeching you usually hear about systemd. A great read.

Linux 6.7 released, ending Itanium support

Linux 6.7 has many exciting features including initial support for the Bcachefs file-system, Intel Meteor Lake graphics are stable as is the rest of the MTL platform support, initial NVIDIA GSP firmware support with the Nouveau driver, retiring of Intel Itanium support, and other new features with Linux 6.7. ↫ Michael Larabel The end of Itanium support is unforgivable. Itanium is the future, and Linux will miss the boat.

‘Impossible’ to create AI tools like ChatGPT without copyrighted material, OpenAI says

The developer OpenAI has said it would be impossible to create tools like its groundbreaking chatbot ChatGPT without access to copyrighted material, as pressure grows on artificial intelligence firms over the content used to train their products. Chatbots such as ChatGPT and image generators like Stable Diffusion are “trained” on a vast trove of data taken from the internet, with much of it covered by copyright – a legal protection against someone’s work being used without permission. ↫ Dan Milmo for the Guardian I can’t become a billionaire without robbing banks so therefore robbing banks should be legal.

Motūrus OS: microkernel operating system for the cloud written in Rust

Motūrus project builds a simple, fast, and secure operating system (Motūrus OS) for the cloud. In more specific terms, Motūrus OS (sometimes called Motor OS), is a new operating system targeting virtual machine-based workloads such as web serving, “serverless”, edge caching, etc. Motūrus OS is a microkernel-based operating system, built in Rust, that targets virtualized workloads exclusively. It currently supports x64 KVM-based virtual machines, and can run in either Qemu or Cloud Hypervisor. Rust is the language of Motūrus OS: not only it is implemented in Rust, it also exposes its ABI in Rust, not C. ↫ Motūrus OS GitHub page At this point, there are more alternative operating systems written in Rust than there are Linux distributions, but you’re not hearing any complaints from me. While not all of these will have a bright future, they’ll teach a lot of people valuable skills and introduce a lot of people to the concept of alternative operating systems.

GNOME 46 to introduce headless remote logins via GNOME Display Manager

The alpha version of the GNOME 46 desktop environment should be out for public testing any day now for early adopters and enthusiasts who want to get an early taste of the newly implemented features, one of them begin support for headless remote logins via GDM (GNOME Display Manager). This is one of the highly requested features for GNOME and it is achieved through the gnome-remote-desktop component, which provides a remote desktop server for the GNOME desktop to allow you to connect to your machine remotely using PipeWire. ↫ Marius Nestor The final release is planned for late March.

When “everything” becomes too much: the npm package chaos of 2024

Happy 2024, folks! Just when we thought we’d seen it all, an npm user named PatrickJS, aka gdi2290, threw us a curveball. He (along with a group of contributors) kicked off the year with a bang, launching a troll campaign that uploaded an npm package aptly named everything. This package, true to its name, depends on every other public npm package, creating millions of transitive dependencies. The everything package and its 3,000+ sub-packages have caused a Denial of Service (DOS) for anyone who installs it. We’re talking about storage space running out and system resource exhaustion. But that’s not all. The creator took their prank to the next level by setting up http://everything.npm.lol, showcasing the chaos they unleashed. They even included a meme from Skyrim, adding some humor (or mockery, depending on your perspective) to the situation. ↫ Feross Aboukhadijeh I know this is a bad thing, you shouldn’t do this, it harms a lot of people, etc., etc., but let’s be honest here – this is a hilarious prank that showcased a weakness in a rather playful way. Sure, there were real consequences, but it doesn’t seem like any of them caused any permanent damage, data loss, or compromised systems. What’s worse, it seems this isn’t even the first time stuff like this happened, so I find it baffling people can still do this. What are they doing over there?

The world’s smallest PNG

The smallest PNG file is 67 bytes. It’s a single black pixel. Here’s what it looks like, zoomed in 200×: The rest of this post describes this file in more detail and tries to explain how PNGs work along the way. There’s a big twist at the end, if that excites you. But I hope you’re just excited to learn about PNGs. ↫ Evan Hahn I know way too much about PNGs now, information I won’t ever need but am glad to have.

What should we know about APFS special files?

We may have been using APFS for nearly seven years, but some of its features remain thoroughly opaque. On Christmas Day, I posed the puzzle of 60 TB of snapshots being removed from a 2 TB disk. While we all accept that may be “technically correct”, for ordinary users it makes no sense. Suggestions that they should be “educated” miss the point that the Finder has to be accessible to all users, whether or not they have a degree in Computer Science. If my eleven year-old granddaughter can’t make sense of it, then the Finder is a failure. Today I turn to another thorny issue raised by the ingenuity of APFS: the size of its special file types, sparse and ‘clone’ files. As usual, I start with a practical demonstration. ↫ Howard Oakley I feel like I should ring a little bell while posting a link to this article.

Installing FreeBSD 14.0 on a USB drive

Having re-discovered my love for FreeBSD on the desktop for the past month or so, I embarked in yet another adventure with it: creating a portable installation of it a USB drive so I could carry it with me on the go. This would be a great addition to my everyday carry, and would also again put the OS in test against many situations I have not had faced yet with it. ↫ Klaus Zimmermann Always a useful tool to have.

Microsoft and Windows OEMs to put dedicated “AI” Copilot key on keyboards

The introduction of the Copilot key marks the first significant change to the Windows PC keyboard in nearly three decades. We believe it will empower people to participate in the AI transformation more easily. The Copilot key joins the Windows key as a core part of the PC keyboard and when pressed, the new key will invoke the Copilot in Windows experience to make it seamless to engage Copilot in your day to day*. Nearly 30 years ago, we introduced the Windows key to the PC keyboard that enabled people all over the world to interact with Windows. We see this as another transformative moment in our journey with Windows where Copilot will be the entry point into the world of AI on the PC. ↫ Yusuf Mehdi on the official Windows blog Your next laptop will come with an “AI” key next to the spacebar. Yes, Microsoft and Windows OEMs are really going to be doing this. Your laptop will come with a dedicated copyright infringement key that will produce utter nonsense and misinformation at the push of a key. This is pure and utter insanity.

Win32Emu/DIY WOW: run RISC Win32 binaries on x86 Windows

When the AXP64 build tools for Windows 2000 were discovered back in May 2023, there was a crucial problem. Not only was it difficult to test the compiled applications since you needed an exotic and rare DEC Alpha machine running a leaked version of Windows, it was also difficult to even compile the programs, since you needed the same DEC Alpha machine to run the compiler; there was no cross-compiler. As a result, I began writing a program conceptually similar to WOW64 on Itanium (or WX86, or FX-32), only in reverse, to allow RISC Win32 programs to run on x86. ↫ CaptainWillStarblazer People with this much skill just exist.

Maestro: UNIX-like kernel and operating system written in Rust, compatible-ish with Linux

Maestro is a lightweight Unix-like kernel written in Rust. The goal is to provide a lightweight operating system able to use the safety features of the Rust language to be reliable. ↫ Maestro’s GitHub page The state of this project is actually kind of amazing – roughly 31% of Linux systemcalls are more or less already implemented, and it also comes with a daemon manager, a package manager, and can already run musl, bash, various core GNU utilities, and so on. It has kernel modules, a VGA text mode terminal, virtual memory, and a lot more.

OpenBSD workstation hardening

I wanted to share a list of hardening you can do on your OpenBSD workstation, and explaining the threat model of each change. Feel free to pick any tweak you find useful for your use-case, many are certainly overkill for most people, but depending on the context, these changes could make sense for others. ↫ Solène Rapenne Writte by OpenBSD developer Solène Rapenne.

Meet ‘Link History,’ Facebook’s new way to track the websites you visit

Facebook recently rolled out a new “Link History” setting that creates a special repository of all the links you click on in the Facebook mobile app. You can opt out if you’re proactive, but the company is pushing Link History on users, and the data is used for targeted ads. As lawmakers introduce tech regulations and Apple and Google beef up privacy restrictions, Meta is doubling down and searching for new ways to preserve its data harvesting empire. The company pitches Link History as a useful tool for consumers “with your browsing activity saved in one place,” rather than another way to keep tabs on your behavior. With the new setting you’ll “never lose a link again,” Facebook says in a pop-up encouraging users to consent to the new tracking method. The company goes on to mention that “When you allow link history, we may use your information to improve your ads across Meta technologies.” The app keeps the toggle switched on in the pop-up, steering users towards accepting Link History unless they take the time to look carefully. ↫ Thomas Germain at Gizmodo As more and more people in the technology press who used to be against Facebook have changed their tune since the launch of Facebook’s Threads – the tech press needs eyeballs in one place for ad revenue, and with Twitter effectively dead, Threads is its replacement – it’s easy to forget just what a sleazy, slimy, and disgusting company Facebook really is.

Wayland enjoyed many successes in 2023

The Wayland ecosystem had a phenomenal year from much better NVIDIA proprietary driver support, Firefox ending out the year shipping with Wayland support enabled by default, KDE Plasma 6.0 will default to Wayland following many improvements on the KDE side, the Wine Wayland driver upstreamed in its initial form, XWayland continuing to be enhanced, and a lot of other software from desktop environments to apps continuing to embrace Wayland. ↫ Michael Larabel at Phoronix This train ain’t stopping. Dare I say 2024 will be the year of Wayland on the desktop?

Windows 11 is relaxing Microsoft account auto-sign in apps, but only in Europe

Windows is changing the way apps can access your Microsoft account. Currently, when you sign in to Windows 11 or 10 with your Microsoft account, most apps automatically use that Microsoft account for in-app sign-in. The tech giant plans to change this behaviour by allowing you to decline access to Microsoft accounts in installed apps. ↫ Mayank Parmar at Windows Latest This change, like so many others that are making Windows ever so slightly less of a trashfire, is EU-only.

A brief retrospective on SPARC register windows

As I work on moss and research modern processor design patterns and techniques, I am also looking for patterns and techniques from the past that, for one reason or another, have not persisted into our modern machines. While on a run this week, I was listening to an old Oxide and Friends episode where Bryan, Adam, and crew were reminiscing on the SPARC instruction set architecture (ISA). SPARC is a reduced instruction set computer (RISC) architecture originally developed by Sun Microsystems, with the first machine, the SPARCstation1 (a.k.a. Sun 4/60, a.k.a Campus), being delivered in 1987. It was heavily influenced by the early RISC designs from David Patterson and team at Berkeley in the 1970s and 1980s, which is the same lineage from which RISC-V has evolved. Given the decision to base moss on the RISC-V RV64I ISA, I was interested to learn more about the history and finer details of SPARC. ↫ Daniel Mangum The sad thing is that SPARC is pretty close to dead at this point, with the two major players in the high-end – Oracle and Fujitsu – throwing in the towel half a decade ago. There’s some lower-end work, such as the LEON chips, but those efforts, too, seem to be going nowhere at the moment. Definitely sad, since I’ve always been oddly obsessed with the architecture, and hope to still somehow get my hands on the last UltraSPARC workstation ever built (the Sun Ultra 45, which is, sadly, incredibly expensive on the used market). There’s also a whole boatload of servers on the used market with fancier, newer SPARC processors, but as far as I know, none of those support any form of even barely usable graphics, making them useless for weird people like me who want to run a desktop on them.

How I forked SteamOS for my living room PC

SteamOS 3 (“Holo”) is the Arch-based Linux distribution built for the Steam Deck, Valve Software’s portable PC gaming device. It’s a very interesting Linux distribution even when you only focus on how it updates itself: updates are performed atomically by downloading a new read-only root filesystem to an inactive partition, then rebooting into that partition. But consumers can also run steamos-devmode to unlock the root filesystem, put the pacman database in working order, and give them a working Linux distro with a normal package manager. This A/B atomic updates system is pretty standard for OSes these days, but there’s a lot going on in SteamOS that makes them work even with heavy customization by the end-user. I wanted to explore that while still being able to make changes to the root filesystem images. steamos-devmode is the easy way out; I wanted to make a proper fork. Here’s how I did it. ↫ iliana etaoin This article has sparked my interest to build a living room PC for Steam gaming for my wife and I, so we can play couch coop Steam games on an actual couch instead of behind our PC desk. Very detailed and in-depth, this article also teaches a lot about how SteamOS works under the hood.