Kalcifer

For example, say an instance C is not defederated with B nor A. Can a user on A see users from B if they visit a community on C? If so, to what extent can the users from A and B interact with each other on C?

Cross-posted from: https://sh.itjust.works/post/19987854

We have previously highlighted the importance of not losing your account number, encouraging it to be written down in a password manager or similar safe location.

For the sake of convenience account numbers have been visible when users logged into our website. This had led to there being potential concerns where a malicious observer could:

• Use up all of a user's connections
• Delete a user's devices

From the 3rd June 2024 you will no longer be able to see your account number after logging into our website.

• "Hiding account numbers". Mullvad. 2024-05-27. Mullvad Blog (https://mullvad.net/en/blog/2024/5/27/hiding-account-numbers).
• Archive

• "Open Source Software Is Not A Democracy". Brodie Robertson. 2024-05-26T21:00:18. YouTube. https://www.youtube.com/watch?v=gphY5Okx_vs.
• Piped

Danish banks have implemented significant restrictions on how Danish kroner (DKK) used outside Denmark can be repatriated back into Denmark.

Due to these circumstances, which are unfortunately beyond Mullvad’s control, Mullvad will no longer be able to accept DKK from its customers. We will continue to credit DKK received until the end of the month, but considering postal delays, it is best to stop sending it immediately.

• Source
• Archive

Say you have HTML similar to the following:

<div style="background-image: url('https://some.domain/image')"></div>

and you want to extract https://some.domain/image using XPath. With XPath 2.0, you can select the URL with something like

select-before(select-after(//div/@style, "backgound-image: url("), ")")

but, when using XPath 1.0, this fails — I think it's due to nested functions not being supported in XPath 1.0, but I have been unable to find documentation to confirm that. Is there a way to accomplish this using XPath 1.0?

I've seen a lot of conflicting information on the topic, so I'm curious if there is an updated official policy that I haven't been able to find.

I find that I habitually open a terminal and run an update on every boot of my system (which gets rebooted once a day). I'm curious what other people do.

I'm trying to keep a log of the time that I spend doing specific tasks throughout the day. Currently, the way that I am doing this is by constantly running a stopwatch and filling out a spreadsheet for the day — when a task is completed, I lap the stopwatch and add the task and the time spent on that task in a row in the spreadsheet. It does the job, but it is very tedious. Does anyone have a recommendation for an app that can do this for me? I would like it to:

• Log the time constantly (when a task is completed, immedately start a new task)
• Time a task
• Allow naming of tasks
• (optional) Allow categorizing of tasks with tags
• (optional) Show graphics for how time is spent each day, and statistics on how much time is spent
• The ability to export the data (e.g. CSV)

It would probably be the most convenient for this to be an Android app, but I am also open to suggestions for a Desktop (Linux) app.

An Australian man has been freed after spending 36 hours trapped in a drain network.

He first entered a drain in Brisbane on Saturday "while trying to retrieve his phone", according to authorities.

Why should language be controlled by central, and private organizations like Merriam-Webster, Oxford English Dictionary, etc.? Language is organic and should evolve with people. What better to reflect that than a crowd sourced dictionary?

I thought I'd share my experience doing this, as it was quite a pain, and maybe this will help someone else. It contains the process I took to set it all up, as well as the workarounds, and solutions that I found along the way.

1. Hardware that I used: Raspberry Pi 1 Model B rev 2.0, SanDisk Ultra SD Card (32GB).
2. Flash Raspberry Pi OS to the SD Card:
   • I had issues using the Raspberry Pi Imager (v1.8.5, Flatpak): It initially flashed pretty quickly, but the verification process was taking an unreasonably long time — I waited ~30mins before giving up, and cancelling it; so, I ended up manually fashing the image to the SD card:
     1. I connected the SD card to a computer (running Arch Linux).
     2. I located what device corresponded to it by running lsblk (/dev/sdd, in my case).
     3. I downloaded the image from here. I specifically chose the "Raspberry Pi OS Lite" option, as it was 32-bit, it had Debian Bookworm, which was the version needed for podman-compose (as seen here), and it lacked a desktop environment, which I wanted, as I was running it headless.
     4. I then flashed the image to the SD card with dd if=<downloaded-raspbian-image> of=<drive-device> BS=50M status=progress
        • <downloaded-raspbian-image> is the path to the file downloaded from step 3.
        • <drive-device> is the device that corresponds to the SD card, as found in step 2.2.
        • BS=50M I found that 50M is an adequately sized buffer size. I tested some from 1M to 100M.
        • status=progress is a neat option that shows you the live status of the command's execution (write speed, how much has been written, etc.).
3. Enable SSH for headless access. This was rather poorly documented (which was a theme for this install).
   1. To enable SSH, as noted here, one must put an empty file named ssh at the "root of the SD card". This is, unfortunately, rather misleading. What one must actually do is put that file in the root of the boot partition. That is not to say the directory /boot contained in the root partition, rootfs, but, instead, it must be placed within the boot partition, bootfs (bootfs, and rootfs are the two partitions written to the SD card whe you flash the downloaded image). So the proper path would be <bootfs>/ssh. I simply mounted bootfs within my file manager, but, without that, I would have had to manually locate which partition corresponded to that, and mount it manually to be able to create the file. The ownership of the file didn't seem to matter — it was owned by my user, rather than root (as was every other file in that directory, it seemed).
   2. One must then enable password authentication in the SSH daemon, otherwise one won't be able to connect via SSH using a password (I don't understand why this is not the default):
      1. Edit <bootfs>/etc/ssh/sshd_config
      2. Set PasswordAuthentication yes (I just found the line that contained PasswordAuthentication, uncommented the line, and set it to yes).
4. Optionally change the hostname by editing <rootfs>/etc/hostname and replacing it with one that is desired.
5. Create a user (the user is given sudo priveleges automatically), as one is not created by default.
   1. Create a file at <bootfs>/userconf.txt — that is, create a file named userconf.txt in the bootfs partition (again, poorly documented here).
   2. As mentioned in that documentation, add a single line in that file of the format `:, where
      • <username> is the chosen username for the user.
      • <password> is the salted hash of your chosen password, which is generated by running openssl passwd -6 and following its prompts.
6. Plug the SD card into the Pi, plug in power, and wait for it to boot. This is an old Pi, so it takes a good minute to boot fully and become available. You can ping it with ping <hostname>.local to see when it comes online (where <hostname> is yor chosen hostname).
7. SSH into the Pi with ssh <username>@<hostname>.local (You'll of course need mDNS, like Avahi, setup on your device running SSH).
8. Make sure that everything is updated on the Pi with sudo apt update && sudo apt upgrade
9. Install Podman with sudo apt install podman (the socket gets automatically started by apt).
10. Install Podman Compose with sudo apt install podman-compose.
11. Create the compose file compose.yaml. Written using the official as reference, it contains the following:

version: "3"
services:
  pihole:
    container_name: pihole
    image: docker.io/pihole/pihole:latest
    ports:
      - "<host-ip>:53:53/tcp"
      - "<host-ip>:53:53/udp"
      - "80:80/tcp"
    environment:
      TZ: '<your-tz-timezone>'
    volumes:
      - './etc-pihole:/etc/pihole'
      - './etc-dnsmasq.d:/etc/dnsmasq.d'

• <host-ip> is the ip of the device running the container. The reason for why this is needed can be found in the solution of this post.
• <your-tz-timezone> is your timezone as listed here.
• For the line that contains image: docker.io/pihole/pihole:latest, docker.io is necessary, as Podman does not default to using hub.docker.com.
• Note that there isn't a restart: unless-stopped policy. Apparently, podman-compose currently doesn't support restart policies. One would have to create a Systemd service (which I personally think is quite ugly to expect of a user) to be able to restart the service at boot.

12. (NOTE: if you wan't to skip step 13, run this command as sudo) Pull the image with podman-compose --podman-pull-args="--arch=arm/v6" pull
    • --podman-pull-args="--arch=arm/v6" is necessary as podman-compose doesn't currently support specifying the platform in the compose file.
      • Specifying the architecture itself is required as, from what I've found, Podman appears to have a bug where it doesn't properly recognize the platform of this Pi, so you have to manually specify which architecture that it is i.e. armv6 (you can see this architecture mentioned here under "latest").
    • This took a little while on my Pi. The download rate was well below my normal download rate, so I assume the single threaded CPU is just being too bogged down to handle a high download rate.
    • Don't be concerned if it stays at the "Copying blob..." phase for a while. This CPU is seriously slow.
13. Allow podman to use ports below 1024, so that it can run rootless:
    • Edit /etc/sysctl.conf, and add the line net.ipv4.ip_unprivileged_port_start=53. This allows all non-priveleged users to access ports >=53. Not great, but it's what's currently needed. You can avoid this step by running step 12, and 14 as sudo.
    • Apply this with sysctl -p
14. (NOTE: if you wan't to skip step 13, run this command as sudo) Start the container with podman-compose up -d.
    • It will take a while to start. Again, this Pi is slow.
    • Don't worry if podman-compose ps shows that the container is "unhealthy". This should go away after about a minute, or so. I think it's just in that state while it starts up.
15. Access the Pihole's admin panel in a browser at http://<host-ip>/admin.
    • The password is found in the logs. You can find it with podman-compose logs | grep random. The password is randomly generated everytime the container starts. If you want to set your own password, then you have to specify it in the compose file as mentioned here.