tal

I’m not familiar with Arch’s updating scheme, but I’d bet that it’s pretty similar to Red Hat’s and Debian’s. If you don’t complete an update, boot it up — even if it’s in a semi-broken state — and just start the update again. Even if the thing dies right in the middle of updating something boot-critical, so that it can’t boot, you can probably just use liveboot media, mount the drives in question, start a chrooted-to-your-regular-root-partition root shell, and restart the update.

Doing that and installing or reinstalling packages is a pretty potent tool to fix a system. It’s not absolutely impossible that you can manage to hork a system up badly enough to render it still unusable in that situation — I once wiped ld.so from a system, for example, and had to grab another copy and manually put it in place to get stuff dynamically-linked stuff like the package manager working again. But that’ll deal with the great majority of problems you could create.

I don’t know if there’s a term for them, but Bacula (and I think AMANDA might fall into this camp, but I haven’t looked at it in ages) are oriented more towards…“institutional” backup. Like, there’s a dedicated backup server, maybe dedicated offline media like tapes, the backup server needs to drive the backup, etc).

There are some things that rsnapshot, rdiff-backup, duplicity, and so forth won’t do.

• At least some of them (rdiff-backup, for one) won’t dedup files with different names. If a file is unchanged, it won’t use extra storage, but it won’t identify different identical files at different locations. This usually isn’t all that important for a single host, other than maybe if you rename files, but if you’re backing up many different hosts, as in an institutional setting, they likely files in common. They aren’t intended to back up multiple hosts to a single, shared repository.

• Pull-only. I think that it might be possible to run some of the above three in “pull” mode, where the backup server connects and gets the backup, but where they don’t have the ability to write to the backup server. This may be desirable if you’re concerned about a host being compromised, but not the backup server, since it means that an attacker can’t go dick with your backups. Think of those cybercriminals who encrypt data at a company and wipe other copies and then demand a ransom for an unlock key. But the “institutional” backup systems are going to be aimed at having the backup server drive all this, and have the backup server have access to log into the individual hosts and pull the backups over.

• Dedup for non-identical files. Note that restic can do this. While files might not be identical, they might share some common elements, and one might want to try to take advantage of that in backup storage.

• rdiff-backup and rsnapshot don’t do encryption (though duplicity does). If one intends to use storage not under one’s physical control (e.g. “cloud backup”), this might be a concern.

• No “full” backups. Some backup programs follow a scheme where one periodically does a backup that stores a full copy of the data, and then stores “incremental” backups from the last full backup. All rsnapshot, rdiff-backup, and duplicity are always-incremental, and are aimed at storing their backups on a single destination filesystem. A split between “full” and “incremental” is probably something you want if you’re using, say, tape storage and having backups that span multiple tapes, since it controls how many pieces of media you have to dig up to perform a restore.

• I don’t know how Bacula or AMANDA handle it, if at all, but if you have a DBMS like PostgreSQL or MySQL or the like, it may be constantly receiving writes. This means that you can’t get an atomic snapshot of the database, which is critical if you want to be reliably backing up the storage. I don’t know what the convention is here, but I’d guess either using filesystem-level atomic snapshot support (e.g. btrfs) or requiring the backup system to be aware of the DBMS and instructing it to suspend modification while it does the backup. rsnapshot, rdiff-backup, and duplicity aren’t going to do anything like that.

I’d agree that using the more-heavyweight, “institutional” backup programs can make sense for some use cases, like if you’re backing up many workstations or something.

Because every “file” in the snapshot is either a file or a hard link to an identical version of that file in another snapshot.) So this can be a problem if you store many snapshots of many files.

I think that you may be thinking of rsnapshot rather than rdiff-backup which has that behavior; both use rsync.

But I’m not sure why you’d be concerned about this behavior.

Are you worried about inode exhaustion on the destination filesystem?

slow

rsync is pretty fast, frankly. Once it’s run once, if you have -a or -t passed, it’ll synchronize mtimes. If the modification time and filesize matches, by default, rsync won’t look at a file further, so subsequent runs will be pretty fast. You can’t really beat that for speed unless you have some sort of monitoring system in place (like, filesystem-level support for identifying modifications).

Most Unix commands will show a short list of the most-helpful flags if you use --help or -h.

sed can do a bunch of things, but I overwhelmingly use it for a single operation in a pipeline: the s// operation. I think that that’s worth knowing.

sed 's/foo/bar/'  

will replace all the first text in each line matching the regex “foo” with “bar”.

That’ll already handle a lot of cases, but a few other helpful sub-uses:

sed 's/foo/bar/g'  

will replace all text matching regex “foo” with “bar”, even if there are more than one per line

sed 's/\([0-9a-f]*\)/0x\1/g  

will take the text inside the backslash-escaped parens and put that matched text back in the replacement text, where one has ‘\1’. In the above example, that’s finding all hexadecimal strings and prefixing them with ‘0x’

If you want to match a literal “/”, the easiest way to do it is to just use a different separator; if you use something other than a “/” as separator after the “s”, sed will expect that later in the expression too, like this:

sed 's%/%SLASH%g  

will replace all instances of a “/” in the text with “SLASH”.

I would generally argue that rsync is not a backup solution.

Yeah, if you want to use rsync specifically for backups, you’re probably better-off using something like rdiff-backup, which makes use of rsync to generate backups and store them efficiently, and drive it from something like backupninja, which will run the task periodically and notify you if it fails.

rsync: one-way synchronization

unison: bidirectional synchronization

git: synchronization of text files with good interactive merging.

rdiff-backup: rsync-based backups. I used to use this and moved to restic, as the backupninja target for rdiff-backup has kind of fallen into disrepair.

That doesn’t mean “don’t use rsync”. I mean, rsync’s a fine tool. It’s just…not really a backup program on its own.

OOMs happen because your system is out of memory.

You asked how to know which process is responsible. There is no correct answer to which process is “wrong” in using more memory — all one can say is that processes are in aggregate asking for too much memory. The kernel tries to “blame” a process and will kill it, as you’ve seen, to let your system continue to function, but ultimately, you may know better than it which is acting in a way you don’t want.

It should log something to the kernel log when it OOM kills something.

It may be that you simply don’t have enough memory to do what you want to do. You could take a glance in top (sort by memory usage with shift-M). You might be able to get by by adding more paging (swap) space. You can do this with a paging file if it’s problematic to create a paging partition.

EDIT: I don’t know if there’s a way to get a dump of processes that are using memory at exactly the instant of the OOM, but if you want to get an idea of what memory usage looks at at that time, you can certainly do something like leave a top -o %MEM -b >log.txt process running to get a snapshot every two seconds of process memory use. top will print a timestamp at the top of each entry, and between the timestamped OOM entry in the kernel log and the timestamped dump, you should be able to look at what’s using memory.

There are also various other packages for logging resource usage that provide less information, but also don’t use so much space, if you want to view historical resource usage. sysstat is what I usually use, with the sar command to view logged data, though that’s very elderly. Things like that won’t dump a list of all processes, but they will let you know if, over a given period of time, a server is running low on available memory.

What’s the big deal with POSIX? Why are ppl constantly discussing what is and isn’t posix compliant?

The short version: it’s a least-common-denominator standard that spans multiple Unix and Unix-like systems, so if you write to it, your software can fairly-trivially run on various systems.

https://en.wikipedia.org/wiki/POSIX

Windows has some level of Microsoft-provided Posix support, which is what the post is alluding to. I am fairly confident that it doesn’t have full Posix compliance. Cygwin, a separate, non-Microsoft, open-source effort, might qualify.

kagis

Okay, apparently it does confirm to a portion of the Posix standard:

https://en.wikipedia.org/wiki/Microsoft_POSIX_subsystem

The subsystem only implements the POSIX.1 standard – also known as IEEE Std 1003.1-1990 or ISO/IEC 9945-1:1990 – primarily covering the kernel and C library programming interfaces which allowed a program written for other POSIX.1-compliant operating systems to be compiled and run under Windows NT. The Windows NT POSIX subsystem did not provide the interactive user environment parts of POSIX, originally standardized as POSIX.2. That is, Windows NT did not provide a POSIX shell nor any Unix commands out of the box, except for pax. The NT POSIX subsystem also did not provide any of the POSIX extensions that postdated the creation of Windows NT 3.1, such as those for POSIX Threads or POSIX IPC.

Yeah, I saw, but it’s an interesting topic.

Is your concern compromise of your data or loss of the server?

My guess is that most burglaries don’t wind up with people trying to make use of the data on computers.

As to loss, I mean, do an off-site backup of stuff that you can’t handle losing and in the unlikely case that it gets stolen, be prepared to replace hardware.

If you just want to keep the hardware out of sight and create a minimal barrier, you can get locking, ventillated racks. I don’t know how cost-effective that is; I’d think that that might cost more than the expected value of the loss from theft. If a computer costs $1000 and you have a 1% chance of it being stolen, you should not spend more than $10 on prevention in terms of reducing cost of hardware loss, even if that method is 100% effective.

Wikipedia: Mantrap (snare)

Mantraps that use deadly force are illegal in the United States, and in notable tort law cases the trespasser has successfully sued the property owner for damages caused by the mantrap. There is also the possibility that such traps could endanger emergency service personnel such as firefighters who must forcefully enter such buildings during emergencies. As noted in the important American court case of Katko v. Briney, “the law has always placed a higher value upon human safety than upon mere rights of property”.[5]

EDIT: I’d add that I don’t know about the “life always takes precedence over property” statement; Texas has pretty permissive use of deadly force in defense of property. However, I don’t think that anywhere in the US permits traps that make use of deadly force.

You might want to list the platform you want to use it on. I’m assuming that you’re wanting to access this on a smartphone of some sort?

Mulvad apparently uses Wireguard. Is there an Android Wireguard client that supports multiple VPNs?

If GRUB is having problems too, not just Linux, I’d be inclined to blame hardware of some sort. Do you have another stick of NVMe that you can swap in, see if that makes the issue magically go away? Maybe run off a USB drive, see what happens?

Maybe less likely, but that processor is a 14th gen Intel desktop processor, one of the models affected by the voltage degradation problems. I burned up both a 13th gen and 14th gen processor myself. Looked like a variety of random errors, often related to memory, eventually not even managing to get through boot unless I disabled all but one of my cores. Might look into that. I assume that there’s a potentially-affected serial number range list somewhere.

And you can run memtest86 to bang on the memory and CPU, see if anything comes up. If it runs into errors, then it probably isn’t the NVMe at fault.

I’d also bet against the CMOS battery, if the pre-reboot logs were off by 10 days.

The CMOS battery is used to maintain the clock when the PC is powered off. But he has a discrepancy between current time and pre-reboot logs. He shouldn’t see that if the clock only got messed up during the power loss.

I’d think that the time was off by 10 days prior to power loss.

I don’t know why it’d be off by 10 days. I don’t know uptime of the system, but that seems like an implausible amount of drift for a PC RTC, from what I see online as lilely RTC drift.

It might be that somehow, the system was set up to use some other time source, and that was off.

It looks like chrony is using the Debian NTP pool at boot, though, and I donpt know why it’d change.

Can DHCP serve an NTP server, maybe?

kagis

This says that it can, and at least when the comment was written, 12 years ago, Linux used it.

https://superuser.com/questions/656695/which-clients-accept-dhcp-option-42-to-configure-their-ntp-servers

The ISC DHCP client (which is used in almost any Linux distribution) and its variants accept the NTP field. There isn’t another well known/universal client that accepts this value.

If I have to guess about why OSX nor Windows supports this option, I would say is due the various flaws that the base DHCP protocol has, like no Authentification Method, since mal intentioned DHCP servers could change your systems clocks, etc. Also, there aren’t lots of DHCP clients out there (I only know Windows and ISC-based clients), so that leave little (or no) options where to pick.

Maybe OS X allows you to install another DHCP client, Windows isn’t so easy, but you could be sure that Linux does.

My Debian trixie system has the ISC DHCP client installed in 2025, so might still be a factor. Maybe a consumer broadband router on your network was configured to tell the Proxmox box to use it as a NTP server or something? I mean, bit of a long shot, but nothing else that would change the NTP time source immediately comes to mind, unless you changed NTP config and didn’t restart chrony, and the power loss did it.

I don’t think that the grid frequency is used for PC timekeeping. You have internal timekeeping circuits. AC power stops at the PSU, and I don’t think that there’s any cable over which a time protocol flows from the PSU to the motherboard.

I’m sure that you could use MetaPost to procedurally generate a frame, then merge them into an animation.

A newer, similar language is Asymptote, and it looks like it has animation support.

I’m not going to watch the video — I like most context in text rather than video form — but while I will very well believe that:

• It’s possible to optimize LLMs to make smaller models more effective than they are today. It would be very surprising if they were already optimal, given that the field is immature.

• It’s possible to do a series of smaller, specialized models and keep models not-relevant to the current context unloaded from VRAM — I believe that the “splitting into smaller specialized networks” approach is referred to as Mixture of Experts. This should improve memory efficiency for many problems.

…this is countered by the fact that once you free up resources, I also suspect that you can then go use those now-available resources to improve the model by shoveling more data into the model. And while there might be diminishing returns, I very much doubt that there is a hard cap on which one can get better results by throwing more knowledge at a problem.

I’m not totally sure I follow.

If you’re playing to whatever sound device you want, but it’s not coming out the output you want (e.g. headphones and/or speakers and you want the other), the mixer program you use probably has an option to select the output. I haven’t used plasma-pa, but with pavucontrol, it’s in the “Output Devices” tab. For each device, there’s a “Port” drop down.