We need improved Linux support for power management on ARM platforms. In general Linux on ARM has been good for a long time now. (ex RaspberryPi, Gentoo, Ubuntu)
Where things aren’t so great is the choice in OEMs putting out ARM parts like Broadcom, Qualcomm and Apple. All of whom aren’t exactly open source champions. In a less imperfect world we’d have something like RISC-V with great power management and linux support available in mobile computing SKUs/TDPs.
Thanks for noticing that. I certainly missed the ‘=1’ bit.
Debian testing, then upgrade it as they make major releases. I have yet to have a single Debian upgrade go wrong on Desktop or Server. It is basically magic.
Assuming that:
On the Linux laptop:
sudo sysctl net.ipv4.ip_forward=1 ## updated edit thanks to folks pointing out my typo.
sudo sysctl -p
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 192.168.1.1/24 -o wlan0 -j MASQUERADE
On the mac:
Well … are you a fish? If so, no… if not, yes.
I sincerly hope that this is a troll post because if not, well. Sigh.
Ignore the idiot posting about this RAT.
If you want to secure your Linux system, use ClamAV, a local firewall like UFW or even opensnitch for a start. Also use your head when adding apps to your system. Stick to the official repos from your distro. Things like Arch’s AUR, random PPAs in Ubuntu and any random github project are going to be much riskier by their very nature so act accordingly.
If you need to risky stuff, do it a VM and network that guest into a private internal network that can only exit over a companion PFSense VM that is dual homed to the regular LAN and the private internal network. Take a snapshot of the risky guest before you use it in a session and when you are done, roll back to your clean snapshot.
Store your passwords in something like Keepass(strong master password!) and then use syncthing to push copies of the database to at least one other box locally or in the cloud if you really have to.
Some upgrades require human input like when core service config files upgrades are offered. (ex. would like to update /etc/samba/smb.conf with the maintainer’s version or keep your own?)
In my experience this can occasionally cause background apt processes to hang while they wait for your answer to that kind of question. There is a debconf trick you can try. debian_frontend=noninteractive. You can create your own cronjob, as root, that runs a script with this export command, apt update, then apt dist-upgrade -y.
If your machine is a Tuxedo laptop, this thread might interest you. Seems as though this user was hitting thermal limits and their laptop would freeze/poweroff to keep from dying.
Run your workload in a guest VM and limit its resources to whatever you desire. You can also consider c-groups if you already know which processes are causing all of the trouble.
Ignoring what users want is the tradition in GNOME and yeah ofcourse Fedora is gonna do whatever RedHat/IBM tells them to do including push AI-slop.
I would look at these things first.
It should but you can test that assumption by trying to ping any other device on the non-guest wifi. (and try ping in the other direction)
Do not, under any circumstances, conduct any private business on it. What isn’t being logged by Microsoft and shared with your employer, advertisers, various governments will be screenshot’d every n seconds. Additionally, I highly suggest, if you haven’t already, to setup a separate VLAN for this device if you ever bring it home and connect it to your home network. Defender absolutely does passive sniffing and active network scanning now. It will also be collecting and logging visible SSIDs as well. Enjoy!
Wireguard should be the default here. The rest is just networking configuration implemented in both routing and firewall. I never understood why people use Tailscale, like why would you intentionally pay someone to be man in the middle of your virtual private network? Twingate I am not familiar with.
OpenRC seems to work pretty seamlessly on Gentoo. Just throwing that out there.
So … device attestation … the same shit coming from Google, Microslop and others. At least Poettering is consistent with his shit ideation.
You might have too many old kernels installed. This would potentially fill up the /boot partition. One way to check this is:
df -h
Look for the line indicating space left for /boot.
You can then get a list of the installed kernels with:
dpkg --get-selections | grep -v deinstall | grep linux-image
If you need to remove old ones, use uname -a to identify the running kernel (should be the latest version if you’ve rebooted after the last kernel update) then remove all of the older kernel packages with:
sudo apt remove -y linux-image-amd64-xxxx
More generally speaking, I think that sudo apt autoremove should leave you with only the latest 2 kernel packages by default.
That’s weird. I was looking at this docs page and assumed that USB is how the update actually happened.
If all you need is basic paint-link functionality on Linux then you might like drawing. It is already in the Debian repositories too.
Run XFCE and use Thunar. : )