It drives me bonkers.

And, unfortunately, when I mention this issue I’m am frequently assured that I am mistaken and that there can be no issue. (paraphrasing).

It’s a real problem - I live Firefox (with its standards compliance) but people didn’t adhere. And here we are.

As per Apple’s wishes, I imagine.

Note that if you want actual virtualization then perhaps Proxmox (not sure if it manages multiple hypervisors - I haven’t obtained something to test it on yet). Portainer is best for Docker management (it, and it’s client agents, run as docker containers themselves. Don’t forget to enable web sockets if proxying.

Give portainer a try. It’s actually pretty good for getting a birdseye view, and let’s you manage more than one docker server.

It’s not perfect of course.

Given how unenforceable this is (a sin of omission or source from another jurisdiction is all that’s needed to skirt), will we be seeing a formalized ‘certificate of authenticity’ demanded by people to highlight things that are not AI?

(Maybe NFT will find find its utility? I don’t know…)

Unfortunately no luck here. Same issue even when setting --unshare-all flag. I suspect I need to try a different approach.

It’s not the flatpak that’s the issue, it’s all the other stuff surrounding it that I need to contain. Much easy, potentially, if they are all in the same environment.

Thank you! I just read that and assumed audio wouldn’t. I don’t have warm fuzzies about this.

That said, I’ll give it a go.

Thanks - this gives me a few leads.

I know that I’m not getting a full sandbox - that’s ok. Ultimately I’m trying to get bottles running in the hopes of getting a semi-contained environment for me to test out yabridge and getting reaper to load the vsts without crashing. (Reaper is the easy part, the plugins not so much…)

A modicum of isolation here (even if not complete) will help me figure things out. Obviously, if I need different kernel/flags the host will get it too.

If I unshare-devsys, will that disable audio? (I’m still trying to get a clear picture of what’s shared and what isn’t with distrobox/podman (with docker, it feels a bit more straightforward, but I’m not sure docker would be the right choice here…)

It is.

I expect you can seal this off with pfblockerng.

The big issue is that they might start putting a checkpoint in place wherein the application (roku device) will not proceed unless it gets an expected response token from a call to an ad service. At that point we’re at their mercy.

They could even run under their own VPN and hook up the ads on their side… Ugh…

I’m really enjoying Fedora (just switched from Ubuntu and previously Debian). More current than Debian, doesn’t have Ubuntu’s canonical baggage, and more stable than Arch (nothing wrong with Arch, it’s just more bleeding edge than I want for anything other than experimenting. YMMV. And Arch documentation is fantastic - I use it to help unravel issues/find solutions on other distros after a bit of translation and sanity checks).

Fedora is well inside the Gnome camp but it’s basically unaltered so you feel freer to tweak and make it your own. (you can obviously run any environment you want).

Not sure if Red Hat’s nonsense will infect Fedora down the road but I can switch it up if I feel like it later. (for a server, I’d just do Debian or possibly Ubuntu.)

Unfortunately, my main machine remains Windows with WSL. Too many things (of what I need) just won’t run on Linux…

Pfblockerng on pfsense is very powerful.

So much for my fibre connection…

Well the missing socks have to get sent somewhere… /s

What could possibly go wrong…?

(FWIW - I am referring to the potential for misuse at scale)

I’m waffling between that or just setting up a bare git repo. Am prepping a VM or two to explore the pros/cons of each approach and to dive into the implications.

It’s funny - this project idea seems to free bubbling up everywhere this past week. I’m sure I’m seeing the consequences of search algorithms, but on Lemmy, it’s nice to see what is a definite and pleasant coincidence.

That is the next item on my to-do list. I’ve already installed my own gitea container to run at home. Yes, I could use a public repo (set private) but I wanted I learn how to do this and besides, I wanted to cast a wider net for which files to store but not worry about inadvertently publishing something with passwords embedded…

This is the only suitable comment.

Can you not just backup the pg txn logs (with periodic full backups, purged in accordance with your needs?). That’s a much safer way to approach DBs anyway.

(exclude the online db files from your file system replication)