this post was submitted on 21 Aug 2024
283 points (98.0% liked)

Linux

48338 readers
441 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

tell me the most ass over backward shit you do to keep your system chugging?
here's mine:
sway struggles with my dual monitors, when my screen powers off and back on it causes sway to crash.
system service 'switch-to-tty1.service'

[Unit]
Description=Switch to tty1 on resume
After=suspend.target

[Service]
Type=simple
ExecStart=/usr/local/bin/switch-to-tty1.sh

[Install]
WantedBy=suspend.target

'switch-to-tty1.service' executes '/usr/local/bin/switch-to-tty1.sh' and send user to tty1

#!/bin/bash
# Switch to tty1
chvt 1

.bashrc login from tty1 then kicks user to tty2 and logs out tty1.

if [[ "$(tty)" == "/dev/tty1" ]]; then
    chvt 2
    logout
fi

also tty2 is blocked from keyboard inputs (Alt+Ctrl+F2) so its a somewhat secure lock-screen which on sway lock-screen aren't great.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 14 points 3 months ago (1 children)

Some years ago, I had a client with a really fucked up set of requirements:

  • Must run Gentoo Linux. (No, I don't know why. But it was written into the project specs and everybody who had to sign off did.)
  • Must use LUKS for FDE.
  • Login (loosely interpreted as "booting up") must have MFA.

This was during the days when booting into a LUKS encrypted Gentoo install involved copy-and-pasting a shell script out of the Gentoo wiki and adding it to the initrd. I want to say late 2006 or early 2007.

I remember creating a /boot partition, a tiny little LUKS partition (512 megs, at most) after it, and the rest of the drive was the LUKS encrypted root partition. The encrypted root partition had a randomly generated keyfile as its unlocker; it was symmetrically encrypted using gnupg and a passphrase before being stored in the tiny partition. The tiny partition had a passphrase to unlock it. gnupg was in the initrd. I think the workflow went something like this:

  • System boots up.
  • Script in the initrd prompted the user for the passphrase for the tiny LUKS partition. (first authentication step)
  • User entered passphrase.
  • Script in the initrd unlocked the tiny partition and prompted the user for the passphrase to decrypt the root partition's keyfile stored therein.
  • User entered the symmetric passphrase for keyfile. (second authentication step_
  • Script used the passphrase to decrypt the keyfile to stdout, piped into an evocation of cryptsetup to unlock the root partition.
  • /dev/mapper/root mounted, /boot mounted, boot process continued.
  • User logged into the box.

I don't miss those days.

[–] [email protected] 1 points 3 months ago (1 children)

@drwho @squid_slime

Wow, that sounds like quite the adventure!! I can’t imagine juggling all those steps just to boot up the system....

[–] [email protected] 1 points 3 months ago (1 children)

Huge pain in the ass to set up, but from the user's end of things it was pretty easy to do.

[–] [email protected] 1 points 3 months ago

@drwho It's amazing how much work can go on behind the scenes to make things smooth and simple for the user....