In-reply-to » PSA: setpriv on Linux supports Landlock.

@movq@www.uninformativ.de That’s really cool! I wanted to experiment with Landlock in tt as well. But other than just thinking about it, nothing really happened.

Depending on the available Landlock ABI version your kernel supports, you might even restrict connect(…) calls to ports 80, 443 and maybe whatever else has been configured in the subscription list.

​ Read More
In-reply-to » PSA: setpriv on Linux supports Landlock.

@prologic@twtxt.net Yeah, it’s not a strong sandbox in jenny’s case, it could still read my SSH private key (in case of an exploit of some sort). But I still like it.

I think my main takeaway is this: Knowing that technologies like Landlock/pledge/unveil exist and knowing that they are very easy to use, will probably nudge me into writing software differently in the future.

jenny was never meant to be sandboxed, so it can’t make great use of it. Future software might be different.

(And this is finally a strong argument for static linking.)

​ Read More
In-reply-to » This extension was turned off because it is no longer supported

Looks like here’s something wrong with Markdown parsing. πŸ€” The original twt looks like this:

>This extension was turned off because it is no longer supported

Thanks Google.
This browser was uninstalled because it absolutely sucks!

So only the first line should be a quote.

​ Read More

This extension was turned off because it is no longer supported

Thanks Google.
This browser was uninstalled because it absolutely sucks!

​ Read More
In-reply-to » PSA: setpriv on Linux supports Landlock.

Another example:

$ setpriv \
    --landlock-access fs \
    --landlock-rule path-beneath:execute,read-file:/bin/ls-static \
    --landlock-rule path-beneath:read-dir:/tmp \
    /bin/ls-static /tmp/tmp/xorg.atom

The first argument --landlock-access fs says that nothing is allowed.

--landlock-rule path-beneath:execute,read-file:/bin/ls-static says that reading and executing that file is allowed. It’s a statically linked ls program (not GNU ls).

--landlock-rule path-beneath:read-dir:/tmp says that reading the /tmp directory and everything below it is allowed.

The output of the ls-static program is this line:

─rw─r──r────x 3000 200 07-12 09:19 22'491 β”‚ /tmp/tmp/xorg.atom

It was able to read the directory, see the file, do stat() on it and everything, the little x indicates that getting xattrs also worked.

3000 and 200 are user name and group name – they are shown as numeric, because the program does not have access to /etc/passwd and /etc/group.

Adding --landlock-rule path-beneath:read-file:/etc/passwd, for example, allows resolving users and yields this:

─rw─r──r────x cathy 200 07-12 09:19 22'491 β”‚ /tmp/tmp/xorg.atom

​ Read More

PSA: setpriv on Linux supports Landlock.

If this twt goes through, then restricting the filesystem so that jenny can only write to ~/Mail/twt, ~/www/twtxt.txt, ~/.jenny-cache, and /tmp works.

​ Read More
In-reply-to » Something happened with the frame rate of terminal emulators lately. It looks like there’s a trend to run at a high framerate now? I’m not sure exactly. This can be seen in VTE-based terminals like my xiate or XTerm on Wayland. foot and st, on the other hand, are fine.

st tries not to redraw immediately after new data arrives:

https://git.suckless.org/st/file/x.c.html#l1984

The exact timings are configurable.

This is the PR that changed the timing in VTE recently (2023):

https://gitlab.gnome.org/GNOME/vte/-/issues/2678

There is a long discussion. It’s not a trivial problem, especially not in the context of GTK and multiple competing terminal widgets. st dodges all these issues (for various reasons).

​ Read More

Something happened with the frame rate of terminal emulators lately. It looks like there’s a trend to run at a high framerate now? I’m not sure exactly. This can be seen in VTE-based terminals like my xiate or XTerm on Wayland. foot and st, on the other hand, are fine.

My shell prompt and cursor look like this:

$ β–ˆ

When I keep Enter pressed, I expect to see several lines like so:

$
$
$
$
$
$
$ β–ˆ

With the affected terminal emulators, the lines actually show up in the following sequence. First, we have the original line:

$ β–ˆ

Pressing Enter yields this as the next frame:

$
β–ˆ

And then eventually this:

$
$ β–ˆ

In other words, you can see the cursor jumping around very quickly, all the time.

Another example: Vim actually shows which key you just pressed in the bottom right corner. Keeping j pressed to scroll through a file means I get to see a j flashing rapidly now.

(I have no idea yet, why exactly XTerm in X11 is fine but flickering in Wayland.)

​ Read More

The WM_CLASS Property is used on X11 to assign rules to certain windows, e.g. β€œthis is a GIMP window, it should appear on workspace number 16.” It consists of two fields, name and class.

Wayland (or rather, the XDG shell protocol – core Wayland knows nothing about this) only has a single field called app_id.

When you run X11 programs under Wayland, you use XWayland, which is baked into most compositors. Then you have to deal with all three fields.

Some compositors map name to app_id, others map class to app_id, and even others directly expose the original name and class.

Apparently, there is no consensus.

​ Read More

We covered quite some ground in the two and a half hours today. The weather was nice, mostly cloudy and just 23Β°C. That’s also why we decided to take a longer tour. We saw four deer in the wild, three of which I managed to just ban on film, quality could be better, though. My camera produced a hell lot of defocused photos this time. Not sure what’s going on with the autofocus. https://lyse.isobeef.org/waldspaziergang-2025-07-10/

When the sun came out, colors were just beautiful:

Image

​ Read More
In-reply-to » Been spending a lot of time researching campers as I want to / plan to upgrade our current Camper Trailoer (forward fold) Stoney Creek XL-FF6 to a slightly larger Hybrid Camper/Caravan with ensuite, internal kitchenette, external full hitchen, pop-top roof and twin bunks.

@prologic@twtxt.net @bender@twtxt.net That’s what I thought as well, sounds way too expensive to me. But I have no idea what the prices are over here. Probably also astronomical. Campers sit around most of the time, one really would need to use them a lot to justify spending so much money on them.

But yeah, each to their own (expensive) hobbies. :-) I, for example, burn my money on tools that I don’t reallyβ„’ need. :-P

​ Read More
In-reply-to » Been spending a lot of time researching campers as I want to / plan to upgrade our current Camper Trailoer (forward fold) Stoney Creek XL-FF6 to a slightly larger Hybrid Camper/Caravan with ensuite, internal kitchenette, external full hitchen, pop-top roof and twin bunks.

@prologic@twtxt.net well, the ones down there (on your list) are pretty minimal, basic even. Yet, their pricing is super high (number wise, haven’t checked the equivalent from AUD to USD).

​ Read More
In-reply-to » hey! i asked this a while ago but i have to ask again -- is anyone willing to offer space on their yarn pod to my friend? i would love to invite her to my own but she's unable to access my site for personal reasons. she's really interested in seeing what yarn is about so if anyone is willing and able, let me know!

@kat@yarn.girlonthemoon.xyz Ok πŸ‘Œ

​ Read More

i made a new tumblr account to interact with fandom last week. while using the site today i got logged out and when i logged back in i was told my account was terminated. mullenweg will pay for this

​ Read More
In-reply-to » hey! i asked this a while ago but i have to ask again -- is anyone willing to offer space on their yarn pod to my friend? i would love to invite her to my own but she's unable to access my site for personal reasons. she's really interested in seeing what yarn is about so if anyone is willing and able, let me know!

@prologic@twtxt.net i’ll email you!

​ Read More
In-reply-to » This aggressive auto-logout on my bank’s website …

@movq@www.uninformativ.de I’d love to have a Python script pushing my local CSV, too. But that’s never gonna fly, not in a thousand years. I can’t imagine that ever becoming reasonably stable without having to fix everything after the reverse-engineered API changes again.

​ Read More
In-reply-to » QEMU on Wayland unusable, because it can’t grab the mouse … I’ll add it to my TODO list and investigate/report it eventually.

… but you can’t set SDL_VIDEODRIVER=wayland globally, because that breaks Wine again …

​ Read More
In-reply-to » QEMU on Wayland unusable, because it can’t grab the mouse … I’ll add it to my TODO list and investigate/report it eventually.

… okay, the SDL backend works if you also set SDL_VIDEODRIVER=wayland.

​ Read More
In-reply-to » @movq Yeah, luckily, there is the suckless project. I couldn't live without dmenu!

@lyse@lyse.isobeef.org dmenu is a great example.

There have been several attempts at porting dmenu from X11 to Wayland. Well, not exactly β€œporting” it, more like rewriting it from scratch. Turns out: It’s not that easy.

dmenu is super fast and reliable. None of the Wayland rewrites are (at least none of the popular ones that I know of). They are either bloated and/or slow.

It takes a lot of discipline and restraint to write simple software and not blow up the codebase. This is much harder than people think. It’s a form of art, really.

​ Read More
In-reply-to » This aggressive auto-logout on my bank’s website …

@lyse@lyse.isobeef.org I do my timetracking in a little Python script, locally. Every now and then, I push the data to our actual service. Problem solved – but it’s a completely unpopular approach, they all want to use the web site. I don’t get it. Then, of course, when it’s down, shit hits the fan. (Luckily, our timetracking software is neither developed nor run by us anymore. It’s a silly cloud service, but the upside is that I’m not responsible anymore. 🀷)

Some of our oldschool devs tried to roll out local timetracking once, about 15 years ago. I don’t remember anymore why they failed …

This is developed inhouse, I’m just so glad that we’re not a software engineering company. Oh wait. How embarrassing.

Oh to be anonymous on the internet. That must be nice. πŸ˜…

​ Read More
In-reply-to » QEMU on Wayland unusable, because it can’t grab the mouse … I’ll add it to my TODO list and investigate/report it eventually.

… but the SDL backend is broken as well, albeit differently …

​ Read More
In-reply-to » This aggressive auto-logout on my bank’s website …

@movq@www.uninformativ.de Yeah, it’s a shitshow. MS overconfirms all my prejudices constantly.

Ignoring e-mail after lunch works great, though. :-)

Our timetracking is offline for over a week because of reasons. The responsible bunglers are falling by the skin of their teeth: https://lyse.isobeef.org/tmp/timetracking.png

  1. The error message neither includes the timeframe nor a link to an announcement article.
  2. The HTML page needs to download JS in order to display the fucking error message.
  3. Proper HTTP status codes are clearly only for big losers.
  4. Despite being down, heaps of resources are still fetched.

I find it really fascinating how one can screw up on so many levels. This is developed inhouse, I’m just so glad that we’re not a software engineering company. Oh wait. How embarrassing.

​ Read More
In-reply-to » The lack of suckless-like simple, hackable software these days is appalling.

@movq@www.uninformativ.de This is a really good example of β€œsimplicity” but achieves the intent and goals πŸ‘Œ

(Now, I don’t know if your screen reader can work with this. Let me know if it doesn’t.)

I don’t use a screen reader fortunately (actually they’re pretty garbage). So all good πŸ‘ (I juse use full-screen zoom).

​ Read More
In-reply-to » The lack of suckless-like simple, hackable software these days is appalling.

@prologic@twtxt.net Yeah, this really could use a proper definition or a β€œmanifest”. πŸ˜… Many of these ideas are not very wide spread. And I haven’t come across similar projects in all these years.

Let’s take the farbfeld image format as an example again. I think this captures the β€œspirit” quite well, because this isn’t even about code.

This is the entire farbfeld spec:

farbfeld is a lossless image format which is easy to parse, pipe and compress. It has the following format:

╔════════╀═════════════════════════════════════════════════════════╗
β•‘ Bytes  β”‚ Description                                             β•‘
╠════════β•ͺ═════════════════════════════════════════════════════════╣
β•‘ 8      β”‚ "farbfeld" magic value                                  β•‘
β•Ÿβ”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β•’
β•‘ 4      β”‚ 32-Bit BE unsigned integer (width)                      β•‘
β•Ÿβ”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β•’
β•‘ 4      β”‚ 32-Bit BE unsigned integer (height)                     β•‘
β•Ÿβ”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β•’
β•‘ [2222] β”‚ 4x16-Bit BE unsigned integers [RGBA] / pixel, row-major β•‘
β•šβ•β•β•β•β•β•β•β•β•§β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•

The RGB-data should be sRGB for best interoperability and not alpha-premultiplied.

(Now, I don’t know if your screen reader can work with this. Let me know if it doesn’t.)

I think these are some of the properties worth mentioning:

  • The spec is extremely short. You can read this in under a minute and fully understand it. That alone is gold.
  • There are no β€œknobs”: It’s just a single version, it’s not like there’s also an 8-bit color depth version and one for 16-bit and one for extra large images and one that supports layers and so on. This makes it much easier to implement a fully compliant program.
  • Despite being so simple, it’s useful. I’ve used it in various programs, like my window manager, my status bars, some toy programs like β€œtuxeyes” (an Xeyes variant), or Advent of Code.
  • The format does not include compression because it doesn’t need to. Just use something like bzip2 to get file sizes similar to PNG.
  • It doesn’t cover every use case under the sun, but it does cover the most important ones (imho). They have discussed using something other than RGBA and decided it’s not worth the trouble.
  • They refrained from adding extra baggage like metadata. It would have needlessly complicated things.

​ Read More
In-reply-to » The lack of suckless-like simple, hackable software these days is appalling.

For example, I reckon software should treat stdout and stderr with care and never output logs or other such garbage to stdout that cannot possibly be useful in a UNIX pipeline πŸ˜…

​ Read More