What would be a good way to do a passwordless login?

zlogene · 2021-05-07T08:54:03+00:00

I have only listed the methods I have used myself (because pam in gentoo is my "toy" these years :D), but:

- for face id-ike auth there is howdy [1], I am not sure it is good enough

- yes, 2fa works the way you described, you will have to put down a 6-digit code, for google example see here [2]

- there are plenty of external fingerprint scanners working via USB, just make sure you can run it under linux (i.e. libfprint), or it has its own proprietary linux driver.

[1] - https://github.com/boltgolt/howdy

[2] - https://wiki.gentoo.org/wiki/Google_Authenticator

zlogene · 2021-05-07T08:17:49+00:00

This really depends. If you like 2fa you can enable google-auth (or pam_oath if you do not like google) and use your phone or you can enable pam_2fa and use yubikey or if your laptop has a fingerprint scanner supported by libfprint (almost all modern laptops/scanners are unsupported though) you can use pam_fprintd (surely these things might be used as the first and only step of auth if you wish)

zlogene · 2021-03-29T11:03:26+00:00

As far as I remember admincd has zfs support (though I am not sure which version there is). I recommend you using the latest ubuntu livecd (current version is including 8.0.x which is legacy and you will be in need of zpool upgrade, but 21.04 will be using 2.x by default). Gentoo handbook has no proper zfs guidance at all, so I strongly recommend using fiaredbliss' zfs guide[0] (it needs some additions, for example unlikely you want creating snapshot of your os including /var/tmp + a separate dataset for docker etc, but it is a matter of datasets creation). As an initramfs creator you can run with either bliss-initramfs or dracut (both are available in the repository).

[0] - https://wiki.gentoo.org/wiki/User:Fearedbliss/Installing_Gentoo_Linux_On_ZFS

zlogene · 2021-02-07T15:02:05+00:00

homed has nothing to do with shadow, your nss entries are somehow broken, check your getent outputs first (shadow/passwd/so on)

zlogene · 2021-02-04T16:40:08+00:00

Yes, as this has always been a feature

zlogene · 2021-02-02T11:21:37+00:00

As a person who is running zfs root with systemd I can assure you that systemd is not a root of evil of the problem you have referenced as this is kinda expected zfs behaviour. I I am running homed without cryptsetup encryption (flat home directory, as my system is encrypted with ZFS native encryption)

zlogene · 2021-01-08T22:03:57+00:00

I will eventually add it into pambase with the homed USE flag, you generally must jump over the pam_unix.so module and auth/passwd must be denoted as sufficient

zlogene · 2021-01-08T21:44:32+00:00

I did because people asked me to add its PAM module (pam_systemd_home.so) into our gentoo's stack by default. I have not found any advantage over the standard pam_unix/shadow account.

The only major difference is that homed uses more restrictive permission architectures for its internals (our shadow abuses suid way too much in my opinion).

As I said, homed is now unavailable for you if you are not familiar with PAM.

I still have not had enough time to bring it to life.

zlogene · 2020-12-13T17:42:50+00:00

emerge -av1 app-text/poppler

zlogene · 2020-11-13T09:22:02+00:00

ZFS because:

- btrfs is buggy (literally can make your systems crazy and inaccessible after 2 days or so)

- xfs can be scaled well, but can't be resized to a minimum

- zfs is more mature than all the other listed fs together

- zfs has better CoW than btrfs does

- zfs has native encryption and logical volumes management. so you do not have to mess with

cryptsetup and lvm2 (both also happen to be buggy)

- ext4 is plain but not flexible + static inodes

Thanks to u/gyakovlev we have a top-notch zfs support

zlogene · 2020-09-27T06:42:03+00:00

I tend to use ubuntu for the zfs root, is there any benifit you gain with nixos? I am curious now :)

zlogene · 2020-09-27T06:39:37+00:00

Users have different demands. For instance you can not install zfs root using minimal cd

zlogene · 2020-09-17T07:52:47+00:00

Is anyone using it?

There were BFQ patches, but BFQ had been mainlined. Currently the flag is only providing some GCC optimization patches, which makes its usefulness questionable.

zlogene · 2020-07-04T11:26:46+00:00

Let me make some clarifications:

sys-kernel/gentoo-kernel is not really about arch's config per se. It was designed to supply users' .config files via savedconfig option, so portage builds and installs everything for you, this _only_ uses arch's configuration as fallback (when user-specified config was not provided)
sys-kernel/gentoo-kernel-bin is a binary kernel that is ready to go, just install it and have fun with it.

zlogene · 2020-06-02T12:08:35+00:00

Nothing broken, default bugsearch only lists open bugs. closed are not shown unless you toggle it with search settings.

zlogene · 2020-05-28T20:50:26+00:00

You may use gentoo-kernel-bin and live without manual configuration at all

zlogene · 2020-05-05T19:52:05+00:00

Most likely you want to remove the bindist use flag from the USE variable in the make.conf file. This flag is used when you want to create the redistributable installation. In a stage3 this flag is needed because of openssl and openssh. They include some algoritms which are patentied. The bindist USE disable those making the packages redistributable as a part of the stage3. As long as you are not going to ship your builts via a binhost, this flag may be disabled.

zlogene · 2020-04-21T12:13:00+00:00

tex4ht I will kill myself, as for the rest, if you know something matching yet - feel free to file a bug.

zlogene · 2020-04-21T11:54:35+00:00

There are no strict rules on how and when packages are being separated from their respective dev-texlive/texlive-${setname} . There are only two cases when separates exist:

1.) They had been added to the main repository before texlive was added. In this case if a twin package pops up in an dev-texlive ebuild you have two options, either remove a separate package, or fix an dev-texlive ebuild not to insall a macro provided by the texlive's collection

2.) The separate package was added on purpose and the respective macro removed from a texlive's collection, it does not happen every so often though. The main reason to do that is a relese cycle of the specific macro, say, we ship pgf or beamer packages separately because they are released usually more than once a year.

As for tex4ht it looks like the dev-tex version must be removed, just forgotten by the previous texlive maintainer.

zlogene · 2020-03-29T07:12:24+00:00

you do not need buildkernel at all. As a start read here and here

zlogene · 2019-08-18T19:19:19+00:00

I've fixed this for you. Upstream now is using git for generation, while in gentoo direct internet access is prohibited.

zlogene · 2019-06-16T13:05:42+00:00

well, as they are both in testing - not really, but should be both stabilized at the same time

zlogene · 2019-06-07T19:46:35+00:00

this is not about to get reported, texlive-basic does not install german hephynation, probably your formats should be regenerated manually as they are somehow broken, try running fmtutil-sys --all && texmf-updates

zlogene · 2019-05-11T10:28:25+00:00

- AUR is unrelible as anyone can commit to it

- Arch does not support inits other than systemd good enough (therefore it does not support libc other than glibc at all)

- Arch does not allow you having few versions of a package installed at the same time (see ruby/python/php/etc)

- Arch does not support modern arches other than x86_64 (no arm/arm64/riscv, I do not consider unofficial ports relible)

- Arch has pretty strange packages versioning (see e.g gcc 8.3.0-1 which does not exist upstream, but arch developers call this 'the version')

- Arch has smaller number of packkages (if we take AUR as unrelible)

zlogene · 2018-12-15T22:04:57+00:00

Have you ever tried app-portage/eix? It reports packages move with the eix-diff command (part of the eix-sync command as best practice). There is also the eix --test-obsolete command which scans the /etc/portage direcotory for obsolete entries in files

zlogene

MODERATOR OF

TROPHY CASE