I thought I’ll make this thread for all of you out there who have questions but are afraid to ask them. This is your chance!
I’ll try my best to answer any questions here, but I hope others in the community will contribute too!
Mods, perhaps a weekly post like this would be beneficial? Lowering the bar to entry with some available support and helping to keep converts.
Yeah I was thinking the same. Perhaps make a sticky post about it once a week.
Agreed. @cypherpunks@lemmy.ml, I think this would be a great idea - making a weekly megathread for Linux questions, preferably also stickied for visibility.
Ok, I just stickied this post here, but I am not going to manage making a new one each week :)
I am an admin at lemmy.ml and was actually only added as a mod to this community so that my deletions would federate (because there was a bug where non-mod admin deletions weren’t federating a while ago). The other mods here are mostly inactive and most of the mod activity is by me and other admins.
Skimming your history here, you seem alright; would you like to be a mod of /c/linux@lemmy.ml ?
Please feel free to make me a mod too. I am not crazy active, but I think my modest contributions will help.
And I can make this kind of post on a biweekly or monthly basis :) I think weekly might be too often since the post frequency here isn’t crazy high
Ok, you and @d3Xt3r@lemmy.nz are both mods of /c/linux@lemmy.ml now. Thanks!
Why does it feel that Linux infighting is the main reason why it never takes off? It’s always “distro X sucks”, “installing from Y is stupid”, “any system running Z should burn”
There’s no infighting. It just feels that way because you picked an inferior distribution.
Linux generally has a higher (perceived?) technical barrier to entry so people who opt to go that route often have strong opinions on exactly what they want from it. Not to mention that technical discussions in general are often centered around decided what the “right” way to do a thing is. That said regardless of how the opinions are stated, options aren’t a bad thing.
This.
It is a ‘built-in’ social problem: Only people who care enough to switch to Linux do it, and this people are pre-selected to have strong opinions.
Exactly the same can be observed in all kind of alternative projects, for example alternative housing projects usually die because of infighting for everyone has their own definition of how it should work.
Linux users are often very passionate about the software they put on their computers, so they tend to argue about it. I think the customization and choices scares off a lot of beginners, I think the main reason is lack of compatibility with Windows software out of the box. People generally want to use software they are used to.
NixOS. I don’t get what it really is or does? It’s a Linux distribution but with ceavets or something
It’s a distribution completely centered around the Nix package manager. This basically allows you to program how your system should look using one programming language. If you want an identical system, just copy that file and you’re set.
I remember that thr kernel didn’t had performance flags set and used, making NixOS not a nice Gaming platform.
Is this true? Can I fix it for myself easily?
Easily? I’ve heard it’s really time consuming to get it exactly how you like it but the same could be said about a lot of distros.
Instead of installing packages through a package manager one at a time and configuring your system by digging into individual config files, NixOS has you write a single config file with all your settings and programs declared. This lets you more easily configure your system and have a completely reproducible system by just copying your nix files to another nixos machine and rebuilding.
It’s also an immutable distribution, so the base system files are only modified when rebuilding the whole system from your config, but during runtime it’s read only for security and stability.
I want to turn a Microsoft surface go 2 into a kali linux machine. I would appreciate any guidance pulling this off. I want use it for learning it security stuff, partly for work but mostly for curiosity. Occasionally I run across malware, trojans, and I want to look under the hood to see how they work. I’m assuming Kali is the best tool for the job and that Lemmy is the place to go for tooling around with tools.
Kali is a pentesting distro, it’s not designed for malware analysis. The distro you’d want to use for malware analysis is REMnux, but it’s mostly meant for static analysis. Static analysis is fine, but you may not be able to dig deep unless you’re familiar with decrypting code and using tools like Cutter, Ghidra, EDB etc for debugging. Naturally you’d also need intimate low-level coding experience, familiarity with assembly language and/or Win32 APIs (or whatever APIs the malware is using). So this isn’t an area a casual security researcher can just get into, without some low-level coding experience. But you can at least do some beginner-level analysis like analysing the PE headers and using some automated tools which employ signature-based detection, or you could analyse strings and URLs embedded in the malware; stuff like that.
Dynamic analysis is far more easier to get into and more “fun”, but the problem is of course, with most malware being made for Windows, Linux is kinda irrelevant in this scenario. But you could still run Linux as a VM host and run the malware inside a Windows VM. The problem with running malware in VMs though is that these days any half-decent malware would be VM/context aware and may evade detection, so for accurate results you’d really want to run the malware on a real machine, and use tools like procmon, IDA, wireshark etc for analysis. But again, decent malware may be able to evade tools like procmon, so it can get quite tricky depending on how clever your malware is. You’d normally employ a combination of both static and dynamic analysis.
Industry pros these days often use cloud-based analysis systems which can account for many such scenarios, such as Joe Sandbox, Any.Run, Cuckoo etc. These offer a mix of both VM and physical machine based analysis. You can use these services for free, but there are some limitations of course. If you’re doing this for furthering your career, then it’s worth getting a paid subscription to these services.
Coming back to Kali Linux - it’s not something you’d want to install permanently on physical machine, as its meant to be an ephemeral thing - you spin it up, do your pentesting, and then wipe it. So most folks would use it inside a VM, or run Kali from a Live USB without installing it.
There are also alternatives to Kali, such as ParrotSec and BlackArch, but really from a pentesting toolbox point of view, there’s not much of a difference between them, and it doesn’t really matter (unless you’re a Linux nerd and like the flexibility Arch offers). Most industry folks use Kali mainly, so might as well just stick to it if you want to build up familiarity in terms of your career.
As for your Surface Go - you could install a normal daily-driver Linux distro on your Surface if you really want to, and then run Kali under KVM - which is personally how I’d do it. Running Linux on Linux (KVM) is pretty convenient has a very low performance overhead. You can also employ technologies like ballooning and KSM to save RAM, if your system has low RAM.
Thank you for such an amazing response. You’ve given me so many great threads to pull on. I’m going to have a great time diving into all this. Sincere thank you.
How do I enable DNS over HTTPS or DNS over TLS for all connections in NetworkManager in Debian 12?
It is easy to configure custom DNS servers for all connections via a new .conf file in /etc/NetworkManager/conf.d with a servers=8.8.8.8 entry in the [global-dns-domain-*] section.
How can I configure NetworkManager to use DNS over HTTPS or DNS over TLS via a conf file?
NetworkManager doesn’t support DoH, DoT or other recent protocols like DoQ and DoH3. You’ll need to set up a local DNS resolver / proxy which can handle those protocols. You could use dnsproxy for this. Once you set it up, you can just use “127.0.0.1” as your DNS server in NetworkManager.
Btw, if possible I’d recommend sticking to DoH3 (DNS-over-HTTP/3) or DoQ (DNS-over-QUIC) - they perform better than DoT and vanilla DoH, and are more reliable as well.
Thanks a lot for your answer! :-)
Why do programs install somewhere instead of asking me where to?
EDIT: Thank you all, well explained.
Someone already gave an answer, but the reason it’s done that way is because on Linux, generally programs don’t install themselves - a package manager installs them. Windows (outside of the windows store) just trusts programs to install themselves, and include their own uninstaller.
you install program A, it needs and installs libpotato then later you install program B that depends on libfries, and libfries depends on libpotato, however since you already have libpotato installed, only program B and libfries are installed The intelligence behind this is called a package manager
In windows when you install something, it usually installs itself as a standalone thing and complains/reaks when dependencies are not met - e.g having to install Visual C++ 2005-202x for games, JRE for java programs etc
instead of making you install everything that you need to run something complex, the package manager does this for you and keep tracks of where files are
and each package manager/distribution has an idea of where some files be stored
Because Linux and the programs themselves expect specific files to be placed in specific places, rather than bunch of files in a single program directory like you have in Windows or (hidden) MacOS.
If you compile programs yourself you can choose to put things in different places. Some software is also built to be more self contained, like the Linux binaries of Firefox.
Actually, windows puts 95% of it files in a single directory, and sometimes you get a surprise DLL in your \system[32] folder.
Is there a way to remove having to enter my password for everything?
Wake computer from Screensaver? Password.
Install something? Password.
Updates (biggest one. Updates should in my opinion just work without, because being up to date is important for security reasons)? Password.I understand sudo needs a password,but all the other stuff I just want off. The frequency is rediculous. I don’t ever leave my house with my computer, and I don’t want to enter a password for my wife everytime she wants to use it.
I understand sudo needs a password,but all the other stuff I just want off.
Sudo doesn’t need a password, in fact I have it configured not to on the computers that don’t leave the house. To do this open
/etc/sudoers
file (or some file inside/etc/sudoers.d/
) and add a line like:nibodhika ALL=(ALL:ALL) NOPASSWD:ALL
You probably already have a similar one, either for your user or for a certain group (usually wheel), just need to add the
NOPASSWD
part.As for the other parts you can configure the computer to not lock the screen (just turn it off) and for updates it depends on distro/DE but having passwordless sudo allows you to update via the terminal without password (although it should be possible to configure the GUI to work passwordless too)
I understand sudo needs a password
You can configure sudo to not need a password for certain commands. Unfortunately the syntax and documentation for that is not easily readable. Doas which can be installed and used along side sudo is easier.
For software updates you can go for unattended-upgrades though if you turn off your computer when it is upgrading software you may have to fix the broken pieces.
Question about moving from Ubuntu to Debian - Package updates and security updates…
On Ubuntu, I seem to get notifications almost every week about new package updates. (Through the apt UI)
On Debian, I don’t see this.
I can run
apt update
andapt upgrade
On Ubuntu, I see this pull a bunch of package data from various package repo URLs.
On Debian, I only see this pulling package data from two or three repo URLs at debian.org
Mainly I am concerned about security updates and bug fixes. Do I need to manually add other repo sources to the apt config files? Or does debian update those repos regularly?
Debian favors stability over anything else so the packages are thoroughly tested before release and then only upgraded for security issues, until the next release 2 years later when everything gets an update.
Ubuntu favors releasing more recent package versions constantly throughout the period between major releases.
You can install packages on Debian from the backports repo if you occasionally need an package to be a more recent version.
Another option is to install apps from Flatpak. The apps in Flatpak have their own separate dependency system and can be used on any distro.
If neither of these works for you and you find yourself constantly wishing packages were newer you may want to consider a different distro.
Some people switch their Debian from stable to testing to get similar updates to Ubuntu. You can try that but please understand you may experience the occasional issues.
Be wary of adding external repos (that don’t point to debian. org) because they can mess with the package dependencies and prevent you from upgrading to the next version when it comes out. (This also applies to Ubuntu.)
I wonder, if you are asking two different questions:
- Why don’t you receive notifications about updated packages?
- Two: Security and bugfixes
For 1. it depends which desktop environment you use, Gnome/KDE have this update notifications out of the box, for other DEs (Xfce, LXDE, etc.) you might need to enable this with the installation of synaptic or similar.
For 2. Debian stable does not ship bugfixes but Debian stable ships security fixes. I highly recommend to subscribe to Debians Security mailing list, especially for security fixes concerning browsers and other stuff.
Edit: I have enabled automatic updates and I still receive regular notifications via Gnome Software, at least once per week.
They’re updated regularly. Take a look at your etc/apt/sources on both. Debian has everything coming from their servers, Ubuntu has a bunch more.
If you’re going Ubuntu -> Debian be prepared to switch to testing or enable some packages from testing or even use an alternate install method for some software (yt-dlp).
Are you using Ubuntu Long Term Release or not ?
- I’m subscribed to Ubuntu and Debian announcements via email, and I see much more often Linux kernel updates for Ubuntu than for Debian. It makes me wonder whether the Debian kernel is slimmed down, and that Ubuntu is focused on Enterprises with their kernel.
What’s the difference between /bin and /usr/bin and /usr/local/bin from an architectural point of view? And how does sbin relate to this?
Is there an Android emulator that you can actually game on? I’ve tried a number of them (Android x86, Genymotion, Waydroid), but none of them can install a multitude of games from the Google Play store. The one thing keeping me on Windows is Android emulation (I like having one or two idle games running at any given time).
Waydroid works, but there’s three main things you need to get things going to replicate a typical Android device:
- OpenGapps: For GApps/Play Store. You’ll also need to register your device to get an Android ID.
- Magisk: Mainly to pass SafetyNet / Play Integrity basic checks.
- libndk / libhoudini: For ARM > x86 translation. libndk works better on AMD.
- Widevine: (optional) L3 DRM for things that need it, eg Netflix
There are some automated scripts that can set this all up. I used this one in the past with some success.
Also, stay away from nVidia. From what I recall, it just doesn’t work, or there are other issues like crashes. But if you’re serious about Linux in general, then ditching nVidia is generally a good idea.
Finally, games that use anti-cheat can be a hit-or-miss (like Genshin Impact, which crashed when I last tried it). But that’s something that you may face on any emulator, I mean, any decent anti-cheat system would detect the usage of emulators.
On Android, when an app needs something like camera or location or whatever, you have to give it permission. Why isn’t there something like this on Linux desktop? Or at least not by default when you install something through package manager.
Android apps are sandboxed by default while packages on Linux run with the users permission.
There is already something like this with Flatpak since it also sandboxes every installed program and only grants requested permissions.
OP. Gotta say that this thread is a brilliant idea!
What is the system32 equivalent in linux
/bin, since that will include any basic programs (bash, ls, cd, etc.).
I installed Debian today. I’m terrified to do anything. Is there a single button backup/restore I can depend on when I ultimately fuck this up?
timeshift is pretty good, but bootable btrfs snapshots are even better
How can I hide a pinned post without blocking the poster? It bothers me having this at the top of my list all the time, like some reminder on my phone I can’t ack and make go away.
Most third-party Lemmy clients should support this. For instance, if you’re on Sync, you can just swipe it hide the post (assuming you’ve configured it that way).
I’m sorry I don’t know of any way to do that :( does it appear even when you’re browsing your main feed??
No, just at the top of the Linux community. I sort on New by default, looking for anything new Linux related… it’s been slow news in there of late. I’ll check if Voyager supports a method of doing it. Another user suggested Sync client. I’m usually on my desktop browser, though.
Thanks for checking. :)
I just unpinned the post. I figured there may be others bothered by this, and plus its been enough weeks at this point. Thanks for voicing this to me :)
Shoot, I’m sorry. Thank you for doing that for me (and us, if there happen to be others). I do feel bad you felt forced to do that, though. :( I should just accept it is how it is until Lemmy devs a way. I’m sorry.