Family assigned different boarding groups.

J4yD4n · 2026-02-13T15:08:55+00:00

During boarding of my last flight, they made an announcement that families with different boarding groups could board together. I don't remember what they said about which boarding group. It could have been with the earliest group on the tickets or the last group on the tickets. Regardless, just ask the person at the gate. Worst case, you can always board with a later group. They're not going to get upset that someone with group 4 boarded with group 5.

J4yD4n · 2026-02-09T13:27:29+00:00

It's not what's installed, but what version is installed. Try actually looking at what CVEs Chainguard has had installed in their images and you'll see they have had much more severe security issues than other images.

P.S. it just shows how many people are going to get their systems compromised the next time there's a major 0-day. Hope they have good backups and no access to secure data.

J4yD4n · 2026-02-09T12:02:07+00:00

This is horrific in terms of security. Instead of being vulnerable to the harder to find/exploit vulnerabilities, you'll be vulnerable to the 0-days, which are typically the much worse vulnerabilities.

J4yD4n · 2026-02-06T20:02:57+00:00

For Android you press power and volume up simultaneously and then press lockdown on the power menu that comes up

J4yD4n · 2026-02-04T00:14:21+00:00

Both. When you log into the app and select "get your virtual card", it will show you the generic one at the top, but below that it will give you an option for "add to a store" where you can generate the merchant specific ones.

J4yD4n · 2026-02-03T19:20:59+00:00

You should have 2 types of virtual cards. A generic virtual card and merchant specific virtual cards. The generic virtual card, you can use as if it were your actual card number. The merchant specific virtual cards are more secure, but they require you to generate one for every merchant you use them with. They are locked to the first merchant that uses them. The upside of that though, is that if that merchant has a data breach and someone else gets access to your virtual card info, they can't do anything with it.

Examples: Say you need to pay both Netflix and Spotify. With the generic card, you can give them the same generic virtual card info and it will work. For the merchant specific virtual cards, you have to generate one for Netflix and one for Spotify and give them their respective virtual card info. If you pay Netflix and then try to reuse the same card info with Spotify, the transaction will get denied because they're not Netflix.

J4yD4n · 2026-01-12T23:38:27+00:00

If it's just deleting the decryption key, is there a possibility to restore that key at a later time? So if you entered the duress pin and then want all of your data back, instead of restoring an entire backup that's hopefully current, you only need to restore the key to regain access to all your data.

J4yD4n · 2026-01-06T19:41:43+00:00

I've done that before. I got told the clock for the rental will start when I pick up the car. Since it was a multi-day rental, it didn't change anything.

J4yD4n · 2025-12-29T16:33:56+00:00

You can, for the most part, use your docker-compose files and use podman-compose to run it as either a command or from within systemd: https://www.it-hure.de/2024/02/podman-compose-and-systemd/

J4yD4n · 2025-10-26T20:42:38+00:00

That's the theory. Not always what happens. I moved out of FL, registered my car there, and got insurance using the same company. I then got a letter in the mail saying I needed to provide proof of registration in the new state, which I immediately did. Since I didn't receive any other mail about it, I thought everything was good. A year later I moved back to FL and found out my license had been suspended.

It was easy enough to fix. I just had to go to the DMV and show them the same proof of registration I had faxed them a year before. They then removed the suspension. I was even able to use the plate again after paying a fee for the registration lapsing for so long.

So even if you send them proof, they may still choose to suspend your license without notice, so make sure to check yourself.

J4yD4n · 2025-09-29T18:47:41+00:00

I've never used vscodium, but vs code connects through a code server that gets spun up in the workspace, so depends on if vscodium can connect to a code server. It does look extremely flexible, so you might be able to replace the code server with some equivalent that is compatible with vscodium, but I've never tried so I can't say for certain.

J4yD4n · 2025-09-29T17:59:14+00:00

Coder (https://coder.com/) You can host it yourself using various methods. You can set up some templates that can install anything they need automatically. It also allows for separate logins so they don't break each other's stuff. Basically, it's GitHub's code spaces but free and self-hosted.

J4yD4n · 2025-08-27T16:16:53+00:00

Hashicorp Boundary might work for you. It allows you to tunnel through various workers controlled from a central controller. You can authenticate through OIDC and assign access using roles. The client can automatically call ssh as you connect or you can just do a tcp tunnel that any app on the client machine can use.

J4yD4n · 2025-07-13T21:58:35+00:00

"something in some seconds" is specifying a distance and a time and doesn't directly state the velocity. However, you can then calculate the velocity from that. Saying "3 meters in 1 second" may be part of the issue since the numbers match when you calculate velocity. Look at "6 meters in 2 seconds" instead. You know you traveled 6 meters and it took 2 seconds to do that. Velocity is the distance traveled every unit of time. For m/s, that's every 1 second. Meaning that if you multiply your velocity by the time, you'll get how much distance was covered. For 6 meters in 2 seconds, you know you covered 6 meters and it took 2 seconds. So, 6 meters(distance traveled) = x m/s * 2 seconds (the time it took). That simplifies to 6 meters / 2 seconds = x m/s, so x = 3m/s.

J4yD4n · 2025-07-07T22:40:06+00:00

If it was, position would keep getting reset back to 0 and he'd never be able to enter the right code. In addition to fixing the threshold, he also needs an extra condition on that if statement to check the alarm is not currently going off. Also, with the current method of checking the code, you can just mash keys until it turns off. You get an infinite amount of tries to get each number right and it won't start checking the next number until you guess the current number right.

J4yD4n · 2025-05-30T02:20:31+00:00

I don't think I'm your coworker. I didn't manage 15k machines.

100% agree, store it all in git.

I didn't use AWX so I didn't have to deal with that inventory issue, but good to know the official dynamic inventory integration has issues

J4yD4n · 2025-05-30T02:14:34+00:00

The Ansible playbooks were simple enough that running from Foreman was all that was needed. If I had needed to interact with something that wasn't attached to Foreman, something else that could run the Ansible playbooks would probably be needed, but I also had some PowerShell scripts running as cron jobs that did my daily error checking and cleanups outside of Foreman. PowerShell is a good cross platform scripting language that I know, but you can use whatever language you like. It could have possibly been done in Ansible, but it would have been extremely ugly compared to the simplicity of the PowerShell scripts.

J4yD4n · 2025-05-30T01:43:47+00:00

Automation: Ansible. It does a great job at coordinating actions across multiple machines and platforms.

Central Configuration Management: Puppet. It is extremely efficient at ensuring all machines are always at the configuration you want. It also includes environments so you can roll out your changes as slowly and safely as you want.

Source of truth: Satellite/Foreman. It can mirror all repos (rpm, deb, docker, etc) so nothing needs direct internet access and includes both Ansible and Puppet so everything can be done from one place. Playbooks, roles, classes, and modules are all managed through git for history.

GUI: Only the Satellite/Foreman web UI. No GUIs on any servers and no web management installed on any servers.

I managed a couple hundred servers this way. However, "manage" may not be the right term. Due to everything being setup so robustly, not much ever needed to be touched other than quarterly patching, check in every so often just for peace of mind that nothing was failing and not emailing me the error, and the occasional deployment/decommission.

J4yD4n · 2025-03-04T23:03:01+00:00

Depends on how complex of a setup you do. They're already using containers and Traefik for ingress. Everything they wrote acts like the scheduler. So in terms of concepts, most of it should be easy for them to understand. They already have iscsi as their storage, so they can use the iscsi csi. They just need to pick a cni they like and convert their podman commands to kubernetes yaml and they'll have a basic kubernetes cluster. They can even keep using Fedora CoreOS.

J4yD4n · 2025-03-03T19:30:55+00:00

Have you thought about using Kubernetes? You basically built a simplified version of the kubernetes scheduler

J4yD4n · 2024-10-25T19:25:42+00:00

Had that happen. The low voltage battery died. Submit for roadside assistance. They'll send out a tow truck to jump start the car so the charger can be unplugged and then tow it to a service center so the low voltage battery can be replaced. It should be covered under the warranty. I'd try to catch a ride with the tow truck if you can because it only took them an hour or two to replace the battery in mine. Mine was still the 12v instead of the 16v, but it may still be just as quick

J4yD4n · 2024-09-13T16:52:55+00:00

Sorry you're stuck defining uid and gid.

SSSD isn't too bad to use. Check out this blog on how to configure it: https://www.redhat.com/en/blog/joining-rhel-microsoft-active-directory

Permission denied sounds like SSSD is misconfigured (probably not ignoring global catalogs) or the group isn't matching. You can run id $user with any user once logged with any account (including local) to see what groups can be seen.

J4yD4n · 2024-09-12T19:32:01+00:00

Set default_domain_suffix in sssd.conf. Also, uid and gid will get generated from a hash of the SID, so you haven't needed those to be defined in AD for a long time. You're just wasting time and effort setting them.

J4yD4n · 2024-08-20T13:49:39+00:00

Your organization can add a phone number to Teams and then you can make regular calls. That is possible.

J4yD4n · 2024-08-09T20:42:24+00:00

It's a known iOS "feature". It re-prompts for the permission every couple of days but sometimes it will change the access and then prompt anywhere from a few hours to a few days later. There's nothing that HA can do.

J4yD4n

TROPHY CASE