Funny story about the first time two of my servers got hacked. The fun part is how I noticed it.
So I purchased two new vps's for proxy server goals and thought like 'I can setup fail2ban tomorrow, I'll be fine.'

Next day I wanted to install NginX so I ran the command and it said that port 80 was already in use!

I was sitting there like no that's not possible I didn't install any server software yet. So I thought 'this can't be possible' but I ran 'pidof apache2' just to confirm. It actually returned a PID! It was a barebones Debian install so I was sure it was not installed yet by ME. Checked the auth logs and noticed that an IP address had done a huge brute force attack and managed to gain root access. Simply reinstalled debian and I put fail2ban on it RIGHT AWAY.

Checked about two seconds later if anyone tried to login again (iptables -L and keep in mind that fail2ban's default config needs six failed attempts within I think five minutes to ban an ip) and I already saw that around 8-10 addresses were banned.

Was pretty shaken up but damn I learned my lesson!

Before anyone starts going batshit crazy, this is NOT a windows hate post. Just a funny experience imo.

So I was tasked with installing ProxMox on a dedicated server at my last internship. The windows admin was my guider (he could also do debian). (he was a really nice/chill guy)

So we were discussing what VM's we wanted and the boss (really cool dude by the way) said he wanted a VPS for storing some company stuff as well. Fair enough, what would we use? I suggested debian and centos. Then we started discussing what we'd do if the systems would fuck up etc (at installation or whatever).
So I didn't wanna look like a Linux Nazi so I suggested windows. Then the happy/positive guider/windows admin suddenly became dead serious (I was actually like 'woah' for a second) and said this:
No. We're not going to fucking use windows for this. For general servers etc sometimes, fair enough but we're talking about sensitive company data here. I don't want that data to be stored on a proprietary/closed source system, hell what if there's some kinda fucking backdoor build in, who can fucking verify that? We're using Linux, end of discussion.

😓

I was pretty flabbergasted as he's a nice guy and actually really likes windows!

Linux it became.

So I've been looking for a Linux sysadmin job for a while now. I get a lot of rejections daily and I don't mind that because they can give me feedback as for what I am doing wrong. But do you know what really FUCKING grinds my FUCKING gears?

BEING REJECTED BASED ON LEVEL OF EDUCATION/NOT HAVING CERTIFICATIONS FOR CERTAIN STUFF. Yes, I get that you can't blindly hire anyone and that you have to filter people out but at least LOOK AT THEIR FUCKING SKILLSET.

I did MBO level (the highest sub level though) as study which is considered to be the lowest education level in my country. lowest education level meaning that it's mostly focused on learning through doing things rather than just learning theory.

Why the actual FUCK is that, for some fucking reason, supposed to be a 'lower level' than HBO or Uni? (low to high in my country: MBO, HBO, Uni). Just because I learn better by doing shit instead of solely focusing on the theory and not doing much else does NOT FUCKING MEAN THAT I AM DUMBER OR LESS EDUCATED ON A SUBJECT.

So in the last couple of months, I've literally had rejections with reasons like
- 'Sorry but we require HBO level as people with this level can analyze stuff better in general which is required for this job.'. - Well then go fuck yourself. Just because I have a lower level of education doesn't FUCKING mean that I can't analyze shit at a 'lower level' than people who've done HBO.

- 'You don't seem to have a certificate for linux server management so it's a no go, sorry!' - Kindly go FUCK yourself. Give me a couple of barebones Debian servers and let me install a whole setup including load balancers, proxies if fucking neccesary, firewalls, web servers, FUCKING Samba servers, YOU FUCKING NAME IT. YES, I CAN DO THAT BUT SOLELY BECAUSE I DON'T HAVE THAT FUCKING CERTIFICATE APPEARANTLY MEANS THAT I AM TOO INCOMPETENT TO DO THAT?! Yes. I get that you have to filter shit but GUESS WHAT. IT'S RIGHT THERE IN MY FUCKING RESUME.

- 'Sorry but due to this role being related to cyber security, we can't hire anyone lower than HBO.' - OH SO YOUR LEVEL OF EDUCATION DEFINES HOW GOOD YOU ARE/CAN BE AT CYBER SECURITY RELATED STUFF? ARE YOU MOTHERFUCKING RETARDED? I HAVE BEEN DOING SHIT RELATED TO CYBER SECURITY SINCE I WAS 14-15 FUCKiNG YEARS OLD. I AM FAMILIAR WITH LOADS OF TOOLS/HACKING TECHNIQUES/PENTESTING/DEFENSIVE/OFFENSIVE SECURITY AND SO ON AND YOU ARE TELLING ME THAT I NEED A HIGHER LEVEL OF FUCKING EDUCATION?!?!? GO FUCKING FUCK YOURSELF.

And I can go on like this for a while. I wish some companies I come across would actually look at skills instead of (only) study levels and certifications. Those other companies can go FUCK THEMSELVES.

The last year my school installed MagicBoards (whiteboard with beamer that responses to touch) in every class room and called itself "ready for the future of media". What they also got is A FUCKING LOW SPEC SERVER RUNNING DEBIAN 6 W/O ANY UPDATES SINCE 2010 WHICH IS DYING CONSTANTLY.

As I'm a nice person I asked the 65 y/o technician (who is also my physics teacher) whether I could help updating this piece of shit.

Teacher: "Naahh, we don't have root access to the server and also we'll get a new company maintaining our servers in two years. And even if we would have the root access, we can't give that to a student."

My head: "Two. Years. TWO YEARS?! ARE YOU FUCKING KIDDING ME YOU RETARDED PIECE OF SHIT?! YOU'RE TELLING ME YOU DON'T HAVE TO INSTALL UPDATES EVEN THOUGH YOU CREATE AN SSH USER FOR EVERY FUCKING STUDENT SO THEY CAN LOGIN USING THEIR BIRTH DATE?! DID YOU EVER HEAR ABOUT SECURITY VULNERABILITIES IN YOUR LITTLE MISERABLE LIFE OR SOUNDS 'CVE-2016-5195' LIKE RANDOM LETTERS AND NUMBERS TO YOU?! BECAUSE - FUNFACT - THERE ARE TEN STUDENTS WHO ARE IN THE SUDO GROUP IF YOU EVEN KNOW WHAT THAT IS!"

Me (because I want to keep my good grades): "Yes, that sounds alright."

The school I went to...

Grade 1:
*GTA and minecraft to let student familiarize with cheating command and console

*Student should find and read the damn documentation him/herself about items, mobs and quests in every game. Be self motivated!

Grade 2:
*Contribute to community for myth hunting, map creation and glitch

*Solve personal networking, graphics problem and understanding hardware limitation.

*Solving game compability problem after Windows update

*Introduction to cracking and hacking

Grade 3:
*Motivation to host a game server

*Custom server scripting => start To really code the first time, Perl, python, etc

*Introduction to Linux server and Debian

Grade 4:
*From DDoS to server security

*Server maintenance and GitHub

*Game Server web development

*Motivation into non-gaming discipline by a random YouTube geek

*Set up mincraft with raspberry pi and Arduino

*Switch to Linux or Mac and just dual boot for gaming

Prepared for the real world.
Congratz for the graduation in the Pre-school of Developers (11-14 yrs old) :)

This happend to me around 2 weeks ago. For some reason, I decied to post this now.

I won the lottery, yey! I mean, bot really, but I am <19yo student, "less than junior dev" in my office, but sonce I am the only one who is capable of working with hardware, I was working month back as a sysadmin for a few days. Our last sysadmin was really good working but really, really toxic guy, so he got fired on a spot after argument with some manager or whatever, no big deal, we could have another guy hired in a week. But, our backup server literally was on fire, all data probably dead because bad capacitor or whatever. This was our only backup of everything at the time. Everyone in full fucking panic mode, we had literally no other working HW we could use for backup, but then comes me, intern employed on his first dev job for 3 months. That day I bought some HW for my own personal server at home (Intel NUC with some Celeron, 4GB DDR4 RAM and two 240GB SSDs for RAID 1. My manager asked everyone in the office for sollution how to survive next 4 days before new server arrives. People there had no idea what tk do and no knowedgle about HW, I just came from a break and offered my components for a week, since there was noone else who can work with HW, servers and stuff like this, manager offered me $500+HW cost if I, random intern, can make it work. I installed Debian on that little PC, created RAID1 from both SSDs, installed MySQL server and mirrored GIT server from our last standing server (we had two before one of them went lit 🔥), made simple Python script to copy all data on that RAID, with some help of our database guy copied whole DB from production to this little computer and edited some PHP so every SQL request made on our server will run on that NUC too. Everything after ±2 hours worked perfectly. Untill a fucking PSU burned in our server and took RAID controller with him in sillicon heaven next night, so we could not access any data unltill we got a new one. Thanks to every god out there, I was able to create software RAID from survived HDDs on our production server and copy all data from that NUC on the servers software RAID and make it working at 3 AM in the night before an exam 😂. Without this, we would be next ±40 hours without aerver running and we might loose soke of our data and customers. So my little skill with Linux, Python, MySQL and most importantly my NUC hardware I got that day running as a backup server saved maybe whole company 😂.
Btw, guess who is now employee of the year with $2500 bonus? 😀
Sorry for bragging and log post, but I was so lucky an so happy when everything worked out, good luck to all sysadmins out there! 👍

TL:DR: Random intern saved company and made some money 😂

Instead of just accepting my proposal about upgrading the server - the customer I have ranted about earlier decided that it would be a good idea to try to install PHP 7.0 on a Debian 5 machine.

I feel horror when I read the bash_history

One of those things that put a smile on my face happened today.

I (like many devs) am fond of Linux. So I use Linux on everything.

I'm currently doing an internship abroad in Finland(Linus Torvald's country!) for my college.

So there is this Finnish student who uses Linux. And after a while he asked what I was using so I told him that I'm running linux(arch+i3 like all the cool kids).

So one day he was like; But can you game on Linux?
I was like, yeah sure, might not work as well as Windows but some games run native and some can be emulated through wine. He was like; Hmm maybe I'll try it out.

So he installed Linux mint on his laptop and came to work. I was rather proud (even though he installed the bastard child of Debian and Ubuntu).

So far I've helped him set up streaming games from his pc to Linux and port forwarding.

But then came the big boy. Since I always try to teach him some stuff since they don't teach him a lot at his school.

He asked me if I could help him set up a plex streaming server on Linux.

So we took an old computer and installed Ubuntu Server(Lot's of information for it).

Installed and configured plex server, qtbittorrent-knox and all kind of goodies.

I started showing him how to use ssh, how the rights system works, etc.

It broke my heart a little that he want to be able to teamviewer in it.(since it's running openSSH daemon)

So he installed Ubuntu's desktop ontop of it as well as teamviewer.

It ran slow as hell because the PC has an old crummy core2duo and ddr2 2gb of ram. It chokes when multitasking.

So seeing that as well as telling him everything that can be done with a GUI can be done in CLI.

I saw the lightbulb lighting up. He gets it now. He understand the power of Linux.

That just made me smile all the way home.

Have you heard about the Embrace, Expand and Extinguish idealogy? lets think about it:

Javascript 5 (embrace) -> Typescript and Class syntax to Javascript 6 (extend) -> JS (extinguish) with WebASM.

Atom/Electron (embrace) -> Atom fork named "VSCode" (extend) -> Atom (extinguish) as it was developbed by Github company.

NodeJS (embrace) -> incompatible Node Windows fork with IE/Edge JS engine "Chakra" (extend) -> NodeJS (extinguish soon) with chaos of Typescript, Javascript 6 and Github.

"R" lang (embrace) -> incompatible SQL Server 2016 R lang extension (extend) -> R lang (extinguish soon).

Android -> CyanogenMod (embrace) -> CyanogenMod (extinguish) as M$ "sponsored" Cyanogen Inc to destroy CyanogenMod

Linux (prejudge) -> sponsors RedHat, Debian, SuSE, Alpine and Canonical/Ubuntu (embrace), forces unstable backdoored "systemd" -> Linux (extinguish soon)
Reusing the last image I did because I didnt wanted to make more OC stuff cos the few ++ gained arent worth it

! exactly dev

I'd ditched Windows and spent a while exploring the Linux ecosystem for content creation. And I have to say, it was not a nice experience.

As much as I respect the Linux mantra of "free as in freedom" and "you need to roll up your sleeves and figure out stuff on your own", it just isn't good enough for non-dev work. Sorry guys, but I need software that gets out of my way and at least does what it's supposed to do. I can't stand a horrible UI or delays and random crashes, which is exactly what happens with most things under Linux.

To replace my Windows workflow I used the following:
1. Windows -> elementaryOS (because Debian/Ubuntu repositories seem to have the best software support, and elementaryOS is the least horrible looking thing that supports that) and then Arch, because, well, Arch.
2. Blender + Maya -> Blender + Maya on Linux.
3. Reaper + FL Studio -> Ardour + LMMS.
4. Photoshop -> GIMP + Krita + Inkscape.
5. ZBrush -> nothing :(

As you can see, my use cases are pretty much all over the spectrum.

Firstly, installing and configuring stuff. A pleasure on Windows, an absolute pain on Linux. Everything just worked on Windows, I had to wrestle with library versions and patches and unstable audio layers (Linux audio just sucks, except for JACK) on Linux.

Out of these, Blender and Maya were the best experience. But even then, both would suffer from random crashes that just didn't happen on Windows.
Ardour is actually really nice when it works. Its use of JACK for routing makes it really really flexible, but it just isn't stable enough to depend on. LMMS is utter crap. I'm sorry, but I just hate the UI. Can't stand it.
GIMP, Krita, and Inkscape can't beat Photoshop, even when you consider them together. Adobe software workflow is just so much better and more intuitive.
Blender 3D sculpting is not bad, but it's nowhere as good as ZBrush.

Also, if you're a C++ dev like me, nothing beats Visual Studio 2017. Nothing. That IDE just blows everything else out of the water. Even VSCode. And it's not slow at all, it handled a fairly large project (PBRTv3) just fine on my Windows development VM. Yes, a VM.

So...I ditched Linux and went back to Windows, but I keep Linux as a VM for when I actually want to mess with Blender or Ardour. Or some dev stuff which Windows sucks at (which is becoming less frequent because of WSL).

Out of all the above, the only one I'd consider ready for production use would be Blender. Developers of open source software, please learn from Blender. Kickass UI and user friendly operation is extremely important, you can't make a random window with GTK buttons and text boxes and arcane config files and expect people to use it for serious work.

Also, Windows beats Linux hands down as an everyday OS. It's always been rock solid, if you take care of it properly (and that goes for any OS). Updates hardly take any time because I run it on a SSD. As for all the advertising and marketing bullshit, you can block a large amount of stuff. And for what can't be blocked, well, I just have to live with it, because the alternative is compromising on my creative output, which is too much for me.

I still run Linux on my server, though. And on my embedded devices (Pi, BeagleBone, etc.). It absolutely rocks there.

I realize that Linux software is not going to improve unless we do something about it, so I'll be contributing fixes and code (the joys of being a C++ dev, yay). Still, I feel that the platform and software as a whole is just not mature enough.

You know the worst thing about being a freelancer? You're expected to wear every fucking hat and you don't get normal hours.

Over the past few days I have been working with a client of a client attampting to fix his server. He's running CentOS on VMWare and somehow ended up breaking the system.

Upon inspection there was no way to fix his system remotely. It wouldn't even boot in recovery mode. So we've been attempting to recover his data so that we can reinstall CentOS and not have to start completely from scratch.

So for the past 3 days straight I have been remotely logging in to a Debian Live CD and manually sending folders to a FTP server of his. He has somewhere close to 30 sites on this server, and upwards of 1 million files in total.

Yesterday either the system freaked out or he did something, but the entire fucking system stopped responding which forced me to reboot it, reinsert the live CD, reinstall evertything, and re-mount his broken systems drives.

Here we are 3 days in, we're still not done, and I'm getting slightly pissy because if you don't know Linux well enough to fix this shit yourself, you shouldn't be acting as your own sysadmin for 30+ sites.

Also, backups are a thing right? VMWare also has snapshots. I know the extra storage isn't cheap, but it's a hell of a lot cheaper than paying soemone like me $35/hr to go and fix all of your shitty mistakes.

In fact I'm a sinful dev, so that I can't easily decide which one is worst. From indenting with tabs, or using nano instead of vim/emacs, to hardcoding database credentials on server, to many hacks and workarounds I use as actual "fixes" when the deadline is upon me and I've tried all I could. But it always led only to my own regret. For instance, my latest sin was that I prefered Debian over Arch and used proprietary graphic drivers to speed up my new setup. But ended up with a curse from St. Ignucius. (check my last rant)

But my worst sin probably goes to when I was "printf-debugging" some issue for a GSM controller on a raspberry pi. I forgot to remove one little print line and deployed the new "fixed" version. I didn't follow that project after that for like a month or so, when the client posted back the device and said that "it just doesn't work anymore". It seemed that raspbian didn't boot beacause the sd card was curroptted. I dd'ed through the card and I noticed that there are billions of lines of "DEBUG:: reading stream from 192.some.shitty.ip", took almost all over the 32G sdcard. Just as I suddenly remembered the cursed line I just added a month ago, I declared the sd card dead with no hesitation, dunce-commented the line (so the history would remember), implemented a time out for the thread containing it, setup a journald unit for my service and removed the redirection of process output to a log file, found a new sd card and installed everything again, and finally posted back the new "fix" to the client.

Moral: Never comfort yourself for the sins you have commited in the past kids, they certainly will come back to you. And also not to do any io especially write to a file on an SD card with ext fs, in a potentially infinite loop with no timeout.

P.S: I'd posted my last rant just before the new week rant last nigh. I really liked the St. Ignucius meme so decided to create a new one. He's very adorable :)

I've been thinking about how to answer this for a while, but I'll approach it from a different angle. The time I (nearly) lost faith in my dev future wasn't because of a technology, bad programming language or an external influence. It was *me*.

The first job I had after the PhD, I was (in the first couple of weeks) tasked with updating various packages on a live Redhat server. "No problem", I thought, "I've done this before many a time on Debian, easy as pie!"

Long story short, I ended up practically bricking the server because I mistyped and uninstalled something I shouldn't have, didn't understand a piece of configuration, then tried to bodge it back and cocked things up further. Couldn't even log in via SSH, the hosting company had to be called, a serial connection set up, etc.

To say I was mortified, embarrassed and had my pride dented would be a massive understatement. I seriously thought I'd get fired on the spot, and that I should perhaps change careers to something where I couldn't cock things up as much.

...but you can't think like that, otherwise the world leaves you behind. So I picked myself up, apologised profusely, took some relevant training, double checked everything I was doing on that server in future and got back to work. After a few months of "proving myself", it was then seen as nothing more than a rather amusing story, and I became a senior dev there a couple of years later.

It's impressive how much root can actually get you, that's debian running xfce on my lg g3 and chromium.

It's always nice to know that you can have a portable server etc. straight from your phone. I even used that kind of setup as a portable laptop some time ago and it worked quite well.

What things did you do via chrooted linux on android devices? would be interesting to know if somebody maybe is still using it as some kind of laptop as I did.

Last Monday I bought an iPhone as a little music player, and just to see how iOS works or doesn't work.. which arguments against Apple are valid, which aren't etc. And at a price point of €60 for a secondhand SE I figured, why not. And needless to say I've jailbroken it shortly after.

Initially setting up the iPhone when coming from fairly unrestricted Android ended up being quite a chore. I just wanted to use this thing as a music player, so how would you do it..?

Well you first have to set up the phone, iCloud account and whatnot, yada yada... Asks for an email address and flat out rejects your email address if it's got "apple" in it, catch-all email servers be damned I guess. So I chose ishit at my domain instead, much better. Address information for billing.. just bullshit that, give it some nulls. Phone number.. well I guess I could just give it a secondary SIM card's number.

So now the phone has been set up, more or less. To get music on it was quite a maze solving experience in its own right. There's some stuff about it on the Debian and Arch Wikis but it's fairly outdated. From the iPhone itself you can install VLC and use its app directory, which I'll get back to later. Then from e.g. Safari, download any music file.. which it downloads to iCloud.. Think Different I guess. Go to your iCloud and pull it into the iPhone for real this time. Now you can share the file to your VLC app, at which point it initializes a database for that particular app.

The databases / app storage can be considered equivalent to the /data directories for applications in Android, minus /sdcard. There is little to no shared storage between apps, most stuff works through sharing from one app to another.

Now you can connect the iPhone to your computer and see a mount point for your pictures, and one for your documents. In that documents mount point, there are directories for each app, which you can just drag files into. For some reason the AFC protocol just hangs up when you try to delete files from your computer however... Think Different?

Anyway, the music has been put on it. Such features, what a nugget! It's less bad than I thought, but still pretty fucked up.

At that point I was fairly dejected and that didn't get better with an update from iOS 14.1 to iOS 14.3. Turns out that Apple in its nannying galore now turns down the volume to 50% every half an hour or so, "for hearing safety" and "EU regulations" that don't exist. Saying that I was fuming and wanting to smack this piece of shit into the wall would be an understatement. And even among the iSheep, I found very few people that thought this is fine. Though despite all that, there were still some. I have no idea what it would take to make those people finally reconsider.. maybe Tim Cook himself shoving an iPhone up their ass, or maybe they'd be honored that Tim Cook noticed them even then... But I digress.

And then, then it really started to take off because I finally ended up jailbreaking the thing. Many people think that it's only third-party apps, but that is far from true. It is equivalent to rooting, and you do get access to a Unix root account by doing it. The way you do it is usually a bootkit, which in a desktop's ring model would be a negative ring. The access level is extremely high.

So you can root it, great. What use is that in a locked down system where there's nothing available..? Aha, that's where the next thing comes in, 2 actually. Cydia has an OpenSSH server in it, and it just binds to port 22 and supports all of OpenSSH's known goodness. All of it, I'm using ed25519 keys and a CA to log into my phone! Fuck yea boi, what a nugget! This is better than Android even! And it doesn't end there.. there's a second thing it has up its sleeve. This thing has an apt package manager in it, which is easily equivalent to what Termux offers, at the system level! You can install not just common CLI applications, but even graphical apps from Cydia over the network!

Without a jailbreak, I would say that iOS is pretty fucking terrible and if you care about modding, you shouldn't use it. But jailbroken, fufu.. this thing trades many blows with Android in the modding scene. I've said it before, but what a nugget!

!rant
So this is my desk.. really organized and clean as you can see.
Let's start from the left.
That naked motherboard you see is my enterprise grade server running Debian on an intel i3 something with 4GB of ram and a 500gb hdd.
Moving on to the right you can see some flutes (Notice the pink one).
Then there is my beloved laptop running Manjaro Linux with VS code open on a random script.
Following you'll see my BEAST tower pc with lovely RGB keyboard and mouse and another random project open.
And I guess that is it. Enjoy

Me: "I'll use my old laptop as a server to access via SSH to do my Docker Tests. I don't wanna use Keyboard and Screen. So, I'll set up Debian Server"

Also me: "Oh, full disk encryption with a preboot Login required. That's such a GOOD idea"

Introducing: Stupid me 🤗

In today's episode of kidding on SystemD, we have a surprise guest star appearance - Apache Foundation HTTPD server, or as we in the Debian ecosystem call it, the Apache webserver!

So, imagine a situation like this - Its friday afternoon, you have just migrated a bunch of web domains under a new, up to date, system. Everything works just fine, until... You try to generate SSL certificates from Lets Encrypt.

Such a mundane task, done more than a thousand times already... Yet... No matter what you do, nothing works. Apache just returns a HTTP status code 403 - Forbidden.

Of course, what many folk would think of first when it came to a 403 error is - Ooooh, a permission issue somewhere in the directory structure!

So you check it... And re-check it to make sure... And even switch over to the user the webserver runs under, yet... You can access the challenge just fine, what the hell!

So you go deeper... And enable the most verbose level of logging apache is capable of - Trace8. That tells you... Not a whole lot more... Apparently, the webserver was unable to find file specified? But... Its right there, you can see it!

So you go another step deeper and start tracing the process' system calls to see exactly where it calls stat/lstat on the file, and you see that it... Calls lstat and... It... Returns -1? What the hell#2!

So, you compile a custom binary that calls lstat on the first argument given and prints out everything it returns... And... It works fine!

Until now, I chose to omit one important detail that might have given away the issue to the more knowledgeable right away. Our webservers have the URL /.well-known/acme-challenge/, used for ACME challenges, aliased somewhere else on the filesystem - To /tmp/challenges.

See the issue already?

Some *bleep* over at the Debian Package Maintainer group decided that Apache could save very sensitive data into /tmp, so, it would be for the best if they changed something that worked for decades, and enabled a SystemD service unit option "PrivateTmp" for the webserver, by default.

What it does is that, anytime a process started with this option enabled writes to /tmp/*, the call gets hijacked or something, and actually makes the write to a private /tmp/something/tmp/ directory, where something... Appeared as a completely random name, with the "apache2.service" glued at the end.

That was also the only reason why I managed fix this issue - On the umpteenth time of checking the directory structure, I noticed a "systemd-private-foobarbas-apache2.service-cookie42" directory there... That contained nothing but a "tmp" directory with 777 as its permission, owned by the process' user and group.

Overriding that unit file option finally fixed the issue completely.

I have just one question - Why? Why change something that worked for decades? I understand that, in case you save something into /tmp, it may be read by 3rd parties or programs, but I am of the opinion that, if you did that, its only and only your fault if you wrote sensitive data into the temporary directory.

And as far as I am aware, by default, Apache does not actually write anything even remotely sensitive into /tmp, so...

Why. WHY!
I wasted 4 hours of my life debugging this! Only to find out its just another SystemD-enabled "feature" now!

And as much as I love kidding on SystemD, this time, I see it more as a fault of the package maintainers, because... I found no default apache2/httpd service file in the apache repo mirror... So...

So recently I installed Windows 7 on my thiccpad to get Hyperdimension Neptunia to run (yes 50GB wasted just to run a game)... And boy did I love the experience.

ThinkPads are business hardware, remember that. And it's been booting Debian rock solid since.. pretty much forever. There are no hardware issues here. Just saying.

With that out of the way I flashed Windows 7 Ultimate on a USB stick and attempted to boot it... Oh yay, first hurdle to overcome. It can't boot in UEFI mode. Move on Debian, you too shall boot in BIOS mode now! But okay, whatever right. So I set it to BIOS mode and shuffled Debian's partitions around a bit to be left with 3 partitions where Windows could stick in one more.

Installed, it asks for activation. Now my ThinkPad comes with a Windows 7 Pro license key, so fuck it let's just use that and Windows will be able to disable the features that are only available for Ultimate users, right? How convenient would that be, to have one ISO for all the half a dozen editions that each Windows release has? And have the system just disable (or since we're in the installer anyway, not install them in the first place) features depending on what key you used? Haha no, this is Microsoft! Developers developers developers DEVELOPERS!!! Oh and Zune, if anyone remembers that clusterfuck. Crackhead Microsoft.

But okay whatever, no activation then and I'll just fetch Windows Loader from my webserver afterwards to keygen my way through. Too bad you didn't accept that key Microsoft! Wouldn't that have been nice.

So finally booted into the installed system now, and behold finally we find something nice! Apparently Windows 7 Enterprise and Ultimate offer a native NFS driver. That's awesome! That way I don't have to adjust my file server at all. Just some fuckery with registry keys to get the UID and GID correct, but I'll forgive it for that. It's not exactly "native" to Windows after all. The fact that it even has a built-in driver for it is something I found pretty neat already.

Fast-forward a few hours and it's time to Re Boot.. drivers from Lenovo that required reboots and whatnot. Fire the system back up, and low and behold the network drive doesn't mount anymore. I've read that this is apparently due to Windows (not always but often) mounting the network drive before the network comes up. Absolutely brilliant! Move out shitstaind, have you seen this beauty of an init Mr. Poet?

But fuck it we can mount that manually after every single boot.. you know, convenient like that. C O P E.

With it now manually mounted, let's watch a movie! I've recently seen Pyro's review on The Platform and I absolutely loved it. The movie itself is quite good too. Open the directory on my file server and.. oh. Windows.. you just put db.thumb on it and db.thumb:encryptable. I shit you not, with the colon and everything. I thought that file names couldn't contain colons Windows! I thought that was illegal in NTFS. Why you doing this in NFS mate? And "encryptable", am I already infected with ransomware??? If it wasn't for the fact that that could also be disabled with something as easy as a registry key, I would've thought I contracted ransomware!

Oh and sound to go with that video, let's pair up some Bluetooth headphones with that Bluetooth driver I installed earlier! Except.. haha nope. Apparently you don't get that either.

Right so let's just navigate the system in its Aero glory... Gonna need to flick the mouse for that. Except it's excruciatingly slow, even the fastest speed is slower than what I'm used to on Linux.. and it's jerky as hell (Linux doesn't have any of that at higher speed). But hey it can compensate for that! Except that slows down the mouse even more. And occasionally the mouse driver gets fucked up too. Wanna scroll on Telegram messages in a chat where you're admin? Well fuck you mate, let me select all these messages for you and auto scroll at supersonic speeds! And God forbid that you press delete with that admin access of yours. Oh maybe I'll do it for you, helpful OS I am!

And the most saddening part of it all? I'd argue that Windows 7 is the best operating system that Microsoft ever released. Yeah. That's the best they could come up with. But at least it plays le games!

I've every been a Arch Linux fag. It's my main OS from 5 years. With a small parenthesis of two months of FreeBSD recently, I've used before Arch Kubuntu, Ubuntu, Fedora KDE, OpenSolaris (randomly), CentOs, plus a lot of others distro for tests.
But I've never tested Debian!
So I've installed it on my small server.

Oh... My... God.... It's fantastic. PACMAN >>> apt, but damn it's really stable and out of the box even if minimal. A very surprise. I think it can be my favorite remote Linux for a long time....

But a question rises. Why with a father like Debian... Ubuntu after the 11.04 is such a shame? The last I've tested is the 12.04 I think, but I've hated it, and I hate it even now. (Crash, driver not found, apt problem, very heavy repos and my internet sucks, UNITY, etc...)

Ubuntu, what happened to you ...? With Kubuntu 8 you were such a good guy...

Been sitting in this Chair for Well over 5 hours now trying to setup virtualization on this Debian Server.

EVERYTHING IS FUCKING OUTDATED.
NO PROPER DOCS.
NO NOTHING.

FUCK THIS IM GOING TO SLEP

Why does noone implement autoupdater, especialy on linux side? Is there a reason i dont get? Sure, most system stuff is better in apt, but if i install servers, i do not want to wait for these stupid linux release timings! If it were hard, id understand. But most of this is possible with something like GitHub API and 20 Minutes of time. I mean, yeah backwards compatibility and what not, but then handle that internaly.

Example: I use dnsmasq on a raspberry pi. RPI is running raspbian. Raspian is debian 8. Debian 8 has a version of dnsmasq with a pretty annoying bug, which prevents me from using dnssec, as i cant open any cloudflare pages. Why, o why isnt this updated at MY will? Then, if it isnt, why is it so impossible hard to compile this myself, no docs for that, no binaries, NOTHING? Dear server devs, please add atleast basic autoupdate functionality without having to rely on the base os.

Or, give me easily deployable binaries, if you cant write something integrated.

Looking through /var/log/syslog to see why the server became unresponsive and nothing stands out!

I JUST CAN NOT UPDATE THAT ONE SERVER TO DEBIAN 9

- it has no /dev/sda but a /dev/ploopXXXXX which is mounted as / but I can't see it
- uname says it's Linux 2.6.32-042stab126.2 and it says Debian some lines later in the ssh login
- there is no boot loader (I can't find it)
- lsb_release tells me it's running Debian 9.6 stretch, I put stretch into the apt sources
- in /boot there are 2 different versions: 3.16.0-7-amd64 and 4.9.0-8-amd64
- and I do not have physical access to it

WHAT THE FUCK AM I SUPPOSED TO DO?!

I wanted to install OpenVPN on it but that Linux Version doesn't support the Tunnel Interface /dev/net/tun

Ffs, I just spent the whole weekend setting up our new storage server. Moved it into the rack. Entered the UEFI to enable idrac. And BAM! The uefi decided to load it’s own raid config over the raid controller.

Raid controller bios doesn’t let me load it’s own config after that. So I have to reset the controller and setup raid, os and the whole shot again.

To make it even better. Debian doesn’t load the firmware for the broadcom chip, since it’s a non-free driver. Making me have to do lots of manual config after the install just to get it on the internet.

I wish I could’ve just bought a new server instead of working with this shit.
I would’ve used FreeBSD with ZFS, but our server only has 8GB ram, and I need about 120GB extra to work smoothly with all the storage.

It’s just a pita working with this. One step forward, ten steps back.

Only took 20 minutes to setup a Debian vm and get the satisfactory game server running in docker. And most of that was waiting. I feel so smart 🤓 compared to even just last year when I was googling basic commands linux commands

Today i chartered new realms for me.

I created a new hyper-v vm on the company windows servers and added a 5th instance to it, but instead of running another windows server i installed an ubuntu 18.04 (cause i am a bit familiar with debian from my raspberry pi)

we have two servers, one which runs the 4 vms and a replica. I first had the new vm on the main server but it occured me to move it instead to the unusued replica machine. That kinda worked..i did a planned failover but the main server isnt configured to be the replica..and even when activating that it didnt work. This is weird.

For the moment i ignored that and proceeded to install nginx, mariadb and php 7.2..basically the lemp stack. I managed to setup nginx and a static ip adress for the machine (which was different from how i remembered it to do (in 18.04 its not done with the network conf but a yaml file).

in the end i added two different virtual servers, one for actual use and one for dev stuff (with phpmyadmin running for instance), listening on port 80 and some random other port.

as a test i brought a mediawiki onto the Port 80 server and it worked.

on monday i have to figure out how to implement the wildcard certificate i have for our company domain (internal dns simply routes intranet.company.com to the local server vm)

i am mighty proud cause all my experience with linux was with a raspberry pi so far and i am fairly certain i did it right and without shortcuts this time. (unlike my raspberry experience)

just wanted to share

(i also sweated a lot of blood when editing the hyper v settings as i did not set up the server in the first place)

((i also installed xrdp and a mate desktop, but i am less proud of that, but sometimes seeing folders graphically helps me))

After 4 1/2 hours of testing I have redeployed my postgresql database from Windows to Debian Server. I can now access my database and deploy webapps from any computer, anywhere, anytime.

It's 2:30 AM in the morning. I am exhausted but fulfilled.

I've been developping some software so an entire debian OS gets bootstrapped and installed with all the desired software with the help of puppetlabs software...i need to prepare a server that can handle virtualization and be fast at it. So all the goodies a decent server needs, the apt, caching, networking, firewall, everything checks out... I want to test kvm virtualization... Doesn't work. Wtf? Spend a decent amount of time figuring out what the hell is wrong... I finally dzcide to think 'what if my buddy accidentally gave me a bad mobo'...

$ grep -e (vmx|ssm) /proc/cpuinfo

Nothing...

I feel so stupid to not check the mobo virtualization capabilities.

Life is to take decisions. Which u prefer
Google vs Shodan vs 🦆 🦆 go
Angular vs vue vs react vs other
Gnome vs unity vs KDE
Atom vs vscode vs sublime or other
iOS vs android vs other
Natives bs ionic vs react native vs xamarin vs flutter
Gmail iCloud or outlook or proton mail
Camel, pascal ,snake case
C# or Java or python
Sql or not sql
Debian , fedora ,linux mint or kali
Server side rendering or client side
Aws vs gcloud vs Azure vs ibm cloud
Firefox vs chrome vs safari
Free without privacy or ads or paid without ads or privacy
Nintendo vs pc vs ps4 or xbox
WhatsApp or telegram or other
Sleep at night or not

Coment your favorite

I have being working on a project with server side using PHP. My dev environment is XAMPP on Debian. PHP is 7.3.10. So.... no MCrypt. Documents said that a new kid called Sodium is in town but php said he doesn’t know this guy...

I have no encryption library...

I got a very low power Netbook lately for basically no money.

I thought about using it for some server monitoring / server access via ssh console.

Which Linux distros would you recommend for such a use case. Tried Something like core-os and Debian(lxde) yet but wasn't very satisfied with both options. Both could not display the battery capacity and Debian didn't detect the Intel WiFi.

The Netbook has 512mb of ram which should be fine for a lightweight gui and more than enough for a ssh connection 😅

Thanks a lot for the recommendations :)

WTF debian? no mysql server or client in your package lists?

Ah i see, its just not stable enough...
#

What linux OS would you recommend for a little home server/nas? I guess I want something debian based but CentOS is also apparently good

WSL GUI... WHY?!?!
I have an assistant(no better defined title) in Myanmar who we've ruined from ever being a "normal" 21yr old Burmese kid again... First non-android computer experience was remote access to our local RHEL server; He's gonna be a dev... being a blank slate, started him primarily on CLI.

Yesterday he tells me wsl stopped working and he can't figure out why. I ofc asked what the last thing(s) he did was... simple wget. I tunnel in, check processes... one of the catch-all wsl ones had hulked out.

Despite very limited abilty to trace whatever was going on, I found what I thought may be responsible. Quickest way to know, kill it...

Whatever will we do without GUI for wsl debian?!?!?

Seriously... the wsl Deb culled things like systemd for simplicity... but arrives loaded with numerous GUI functionalities. I reeeeeallly want to know what advanced practical applications are coming from this

Hey guys, what is your least favorite flavor of Linux for desktop use?
For me it's Debian because everything is so outdated but that's my choice for server use.

Can i get some stats? Currently running windhoos, definitely gonna swap to linux but still not sure what distro, my server runs debian 8 and console wise its quite neat. Whats your favorite distro and why?

Relatively often the OpenLDAP server (slapd) behaves a bit strange.

While it is little bit slow (I didn't do a benchmark but Active Directory seemed to be a bit faster but has other quirks is Windows only) with a small amount of users it's fine. slapd is the reference implementation of the LDAP protocol and I didn't expect it to be much better.

Some years ago slapd migrated to a different configuration style - instead of a configuration file and a required restart after every change made, it now uses an additional database for "live" configuration which also allows the deployment of multiple servers with the same configuration (I guess this is nice for larger setups). Many documentations online do not reflect the new configuration and so using the new configuration style requires some knowledge of LDAP itself.
It is possible to revert to the old file based method but the possibility might be removed by any future version - and restarts may take a little bit longer. So I guess, don't do that?

To access the configuration over the network (only using the command line on the server to edit the configuration is sometimes a bit... annoying) an additional internal user has to be created in the configuration database (while working on the local machine as root you are authenticated over a unix domain socket). I mean, I had to creat an administration user during the installation of the service but apparently this only for the main database...

The password in the configuration can be hashed as usual - but strangely it does only accept hashes of some passwords (a hashed version of "123456" is accepted but not hashes of different password, I mean what the...?) so I have to use a single plaintext password... (secure password hashing works for normal user and normal admin accounts).

But even worse are the default logging options: By default (atleast on Debian) the log level is set to DEBUG. Additionally if slapd detects optimization opportunities it writes them to the logs - at least once per connection, if not per query. Together with an application that did alot of connections and queries (this was not intendet and got fixed later) THIS RESULTED IN 32 GB LOG FILES IN ≤ 24 HOURS! - enough to fill up the disk and to crash other services (lessons learned: add more monitoring, monitoring, and monitoring and /var/log should be an extra partition). I mean logging optimization hints is certainly nice - it runs faster now (again, I did not do any benchmarks) - but ther verbosity was way too high.

The worst parts are the error messages: When entering a query string with a syntax errors, slapd returns the error code 80 without any additional text - the documentation reveals SO MUCH BETTER meaning: "other error", THIS IS SO HELPFULL... In the end I was able to find the reason why the input was rejected but in my experience the most error messages are little bit more precise.

How is your experience with upgrading from Debian 8 to Debian 9? Want to update my homeserver but I really don't want to screw it up. Especially with the switch from MySQL to MariaDB

! rant, I hope😗

To anybody with MySQL/Mariadb experience, how different are these two as I need to pick one for a database application I'm building.

Also, and God will I sound like an amature for asking, is it best practice to debug and deploy the SQL database on an actual hosted server or to just do it on the client PC? I have both and I want to work with whichever one will give me less of a headache.😣

Any feedback would be helpful! The server is Debian and the client is Arch Linux.

I think I'll clearn and update my Server this weekend (since it's still on Debian 8).Wish me luck or dig my grave.

P.s.: Tips/suggestions/experiences are also very appreciated

I need to have a hosting company upgrade the Debian OS install on a VPS. But I also need to know things like what MySQL or Perl modules were added to the server by other admins prior to me outside the /home directory. I don't have any documentation on it at all. If I don't preserve custom stuff like that, it could result in a dead website. Anyone got any tricks for figuring out what was added and when?

Hello folks, have a question, I can't decide if I should install windows 7 (super stable Windows btw) or a Linux distribution (debian or Ubuntu 14), I've always been a Windows guy and was thinking of switching to Linux on my new free dos laptop and wanted to have a hand on Linux, but please I don't want that Windows/Linux fight I just need real advice. Some friends told me to get Windows 7 and a VM Linux just for practice, I also thought about having a dual boot Windows Linux server , I think it would be the best config for me.. so..?

It is currently 5:30 AM, I've been trying to upgrade a server by one single major OS release for the last 3.5 hours. All major apps were no issue, except one.

Redmine.

That thing runs on Ruby.

Ruby, as it turns out, doesn't really like the way Debian handles package management.

And now, I have Redmine that, even if I completely uninstall / reinstall, won't start

I went down several rabbit holes, trying to operatively find what the issue is. But I never got to the key issue.

Fuck ruby. Fuck Redmine. Fuck nothing-saying error messages. Fuck bundle. Fuck gem. Fuck it all.

I'm redirecting the Redmine domain onto the server backup I've made. Upgrading that thing is a nightmare.

Maybe now I can finally go to bed...

Is it possible to install TeamViewer/AnyDesk on a Debian Server (there is no Display attached to it so it has no real Desktop)?

I installed KDE and xrdp on it and that worked, the problem is that TeamViewer and also AnyDesk have a problem because they both can't find/use the fake RDP Desktop. Well and RDP is just so fucking slow...

So if anyone has some experience in this, I'd appreciate some help.