Look at that, an OP who is just a prick.

Why? If you say to limit the spread of bacteria we have some studies that suggest it makes no difference at all

What a hot take. I bet you’re real fun at parties.

Some easy display rules, and a couple of plugins and it’s perfect.

It doesn’t matter. Put it in ~/foo/bar/Baz for all the shell cares.

If you don’t have root is it really a VPS?

Anyway, unpack the binaries to ~/local/usr/bin and add that to your PATH.

It’s not quite what you’ve asked for here, but as a Dev I’d be remiss if I didn’t shill for Gentoo.

It ticks your rolling release box, has fantastic docs, a huge package repository (and the community repo Guru), and by design enables almost infinite configurability and customisation. We also have a binary package repository now for popular architectures, so you can choose to avoid compiling if you don’t want to deviate from sane defaults (or only compile in cases where you do!)

On the hardware side, we have fantastic support for a number of architectures, I recently brought up a SPARC system and have some arch64 and riscv in the past.

Finally, even if you just decide to check the distro out, the process of installing, configuring, and maintaining a Linux system is outlined in detail within our handbook, and can provide a peek behind the scenes at what some other distros abstract; it’s a fantastic learning experience for those interested.

Finally, we have fantastic support through volunteers in official IRC channels and forums, as well as unofficial hubs like discord.

Hopefully I’ve planted a seed and you’ll check it out down the line. :)

Contrast that with CLI where if you forgot or don’t know any command there is little help or indicator of what’s available and what can be done without external help.

man would like to have words with your strawman.

No, this is egregious, even for Dan. Don’t feel bad. I called him out on the forums/article comments.

I’m looking at bringing Dillo back into Gentoo atm. I had to read 15k lines of code, and that’s just what’s different since the last release…

I’m a huge proponent of Gentoo Linux as a learning experience. It’s a great way to learn how the components of a system work together and the distro enables an amazing amount of configurability for your system.

Even following a handbook install in a VM can be a good experience if you’re interested.

I once spent a month automating the production of repositories for each kernel version supported on our HPC and rested every step exhaustively in isolation.

When I was satisfied I ran it with root permissions and hosed the VMs it was running on because a recursive chmod evaluated to /.

Oops.

Pipewire is great .

Write out syslogs to disk or better yet mirror to grayling or something, there might be valuable information right before the reboot.

I’ve also had weirdness where the CPU/iGPU was just faulty and the IME would halt the system. That took weeks to diagnose.

Definitely reach out to support!

Could you elaborate?

TL;DR don’t worry (for now) - it only impacts rpm and deb builds and impacted releases only really made it into OpenSuSe tumbleweed - if you’re running bleeding edge maybe you need to worry a little.

A laymans explanation about what happens is that the malicious package uses an indirect linkage (via systemd) to openssh and overrides a crypto function which either:

• allows access to the system to a particular key
• allows remote code execution with a particular key

Or both!

I have secondhand info that privately the reverse engineering is more advanced, but nobody wants to lead with bad info.

As for what you should do? Unless you’re running an rpm or deb based distro and you have version 5.6.0 or 5.6.1 of xz-utils installed, not much. If you are, well, that comes down to your threat model and paranoia level: either upgrade (downgrade) the package to a non-vulnerable version or dust off and nuke the site from orbit; it’s the only way to be sure.

I use Traefik for all of my containerised services. It’s fantastic.

At least weekly.

This link might be useful in quickly getting a binhost configured while following a standard handbook install.

https://wiki.gentoo.org/wiki/Gentoo_Binary_Host_Quickstart

You don’t need to, we have official binary package hosts if you choose to use them.