It might be my lemmy client but when I go to that link I just see a basic steam next fest post with a Linux picking section from a different user.

What am I missing?

If you don’t mind me asking, why did you choose Zorin? How do you hear about Zorin?

I’d recommend giving Niri a shot. It works quite well for me.

The AirVPN client works well on Linux. They provide really good Linux support. https://airvpn.org/linux/

Why is it ideology when it’s community focused code, and bigger picture when it’s corporate friendly code?

gnu/linux user space phones please hurry!

Will probably make the price go up. The whole reason why they do this crap is to get more money out of the consumer.

Yes you can. And the term Romanian isn’t the problem here.

Classic European flavored racism. Are you aware that you are promoting racism or not? I think mindfulness is key here. People should consider their own internal biases and adjust to help make a better world.

String recommend for learning the swipe motions. It takes a few min to learn but it’s free real-estate after that. And it’s faster. At least for me.

And the easy retort to that is that they don’t apply Chinese censorship globally. Only in China. Regional laws only apply regionally.

Exactly this. The people who designed secure boot and TPMs were not idiots. You can’t trick a properly set up TPM configured with secure boot in any realistic setup.

It won’t refuse to boot. It’s just that any automatic metric based decryption won’t work.

If you are using a TPM to automatically unlock luks and also manually removed the password backup before hand you could lose your data forever. That is true.

But if you kept the password based decryption stuff you could still manually unlock stuff. Just like secure boot was never there.

The difference would be that there could be no secure attestation that the kernel count trust/use without secure boot.

Like secure boot is really cool on Linux if you learn about it. Like sbctl alone is great for verifying backups and stuff.

I recommend reading through the arch wiki if you want to learn more. It covers a lot of stuff. https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot

It won’t brick your system forever??? You just turn it off in your bios. Then you have no secure boot. Just like it was never there.

If you don’t care about boot chain attacks it isn’t bad at all.

If you do care about boot chain attacks it’s bad because it allows someone to replace things like the efi binaries, grub, or your kernel with backdoor-ed versions and there would be no way to detect this from the running system.

Secure boot checks for this stuff. You can read more here:

https://access.redhat.com/articles/5254641

You can but then you don’t have secure boot.

Not really. Imagine they replace the ssh binary with a back doored version. Home directory encryption protects your data but not your system.

You need to let the scientists know this! I’m sure your insights will be very valuable to them.

You can if you want to. But I don’t think that is best practice. The idea of quadlets is the bring Linux norms to containers. You contain and manage all permissions for that container in that user.

I personally have completely separated users and selinux mls contexts for each container group (formerly docker compose file) and I manage them thusly. It’s more annoying but it substantially more secure.

This being said I think you can do it as root. I think this might work but I am not certain sudo systemctl --user -M theuser@ status myunit.service

Are you placing your service files in ~/.config/containers/systemd of the home dir of the user you want them to run as?

Here is a link: https://linuxconfig.org/how-to-run-podman-containers-under-systemd-with-quadlet