Hacker News new | comments | show | ask | jobs | submit | elehack's comments login

Sakai is an open source offering that seems to be pretty good. At Texas State we use a (heavily customized, I believe) instance of it as the standard e-learning platform, and it's quite a bit better than Moodle in most respects.

-----


I've been teaching databases this semester, and PostgreSQL's full-text search capabilities have been wonderful for allowing my students to build search into their projects without needing to learn additional tech (we're using PostgreSQL as our database anyway).

-----


Jails are a FreeBSD thing. OpenBSD doesn't have them so far as I know.

-----


sysjail is available for OpenBSD.

>It provides a similar function as FreeBSD's jail(8) utility while being significantly more flexible. The package provides jail(1), a drop-in replacement of FreeBSD's jail(8)

http://sysjail.bsd.lv/

-----


sysjail is not safe for jail-like use. Sysjail'ed processes can do Bad Things by exploiting concurrency races in the syscall interception layer.

Relevant paper: http://www.watson.org/~robert/2007woot/2007usenixwoot-exploi...

-----


This paper is from 2007, is it still not fixed?

-----


It's my understanding that it's not fixable without some help from the kernel. The fundamental problem is that a program can race ahead of a userspace syscall policy enforcement framework (i.e. sysjail) by trapping to the kernel directly. The authors identify several ways this can be exploited to gain privileged information or invoke syscalls the OS allows but the framework tries to prevent.

-----


Did some quick googling. Yes apperently as of 2009 it was unfixed. Seems the problem is with systrace over arching architecure OR how the kernel works with systrace.

Learned something new today thanks :)

-----


I read this book in college and was captivated. Not terribly long, but fascinating for learning how the insides of our tools work (or could work better).

-----


> A big one for me is keyboard input: at one point, I could use the Super key for whatever I liked, and I could easily set the right Alt key to be a Compose key. Now, there is no reclaiming the Super key from hard-coded shortcuts (Unity is even worse about this!), and the Compose key is outright missing from the keyboard settings menu.

Compose key is moved. To a non-obvious spot (if you're used to its historic location).

Settings → Keyboard → Shortcuts, the ‘Typing’ section. There's ‘Compose key’, which lets you set the compose key.

It's also in a more traditional form in Gnome Tweak Tool.

-----


> Settings → Keyboard → Shortcuts, the ‘Typing’ section

Thank you!

> a non-obvious spot

No kidding; the Compose key being an actual key, it really belongs with the rest of the keyboard mapping settings. I guess since they removed that section altogether, they had to stick it somewhere.

> It's also in a more traditional form in Gnome Tweak Tool.

Not anywhere I can see, but that's not a big deal.

-----


> However, in my mind it has made several awesome things possible. My boot time got dramatically shorter when I adopted it thanks to parallelization. Besides, daemons have now simple and robust service definitions. Sys V had become a mess!

Writing daemon startup files was somehting I always dreaded, and never really did well.

Before systemd, if I needed to run services I'd try to use daemontools (for auto-restart, and logging), but then I had two service-starting services running my system. Upstart had some of the features, but was still finicky (and the versions I had available didn't consistently have good service supervision support).

systemd just fix that.

Also, with systemd, for the first time I feel like I'm really using Linux, not just a random *Nix that has adequate drivers.

-----


so you're saying without systemd linux isnt linux.

-----


Not quite.

I'm saying that systemd makes the Linux kernel's feature set and capabilities visibly usable from user-space. For (nearly) the first time, it feels like it matters that I'm using Linux.

Linux is still Linux without systemd, it just doesn't provide as much benefit (aside from device support and compatibility) over, say, FreeBSD without software that takes advantage of its feature set.

-----


What stopped you from using Linux-specific features before systemd? They were accessible from userspace well before systemd came along.

-----


The lack of documented software that used them to enable useful (to me) functionality.

I was using some of them, such as kvm for my virtualization and lvm for disk management. But systemd still had a substantial 'oh, wow, Linux lets process management be this easy and powerful?' factor, showing me something new that I hadn't seen in my use of any other system (FreeBSD, OpenBSD, Windows, a touch of Mac).

-----


the documentation directory of the kernel source is actually pretty nice. theres a bunch of utilities for things like cgroups, namespaces, etc. they're not well known but they work perfectly fine.

I suspect its not well known because there was no commercial, marketing drive behind them. Nowadays at least one of these seems to be needed to even gain visibility. People don't go search what's cool/good where it is. They wait for HN or some other news website to tell them

Just like the regular news really. Turns out it doesn't work all that great.

-----


Setting up and running services like the OS does, but as non-root user, is kind of a big deal for my use case.

Perhaps I'm ignorant and this was always possible.

-----


systemd makes Linux not Unix.

-----


There are so many things that make GNU/Linux not UNIX...

-----


IIRC, the gpg-agent is sadly not that capable or intelligent. In theory, it should be usable for this.

In practice, I believe the agent actually just retrieves the passphrase and hands it to the requesting program, which is then responsible for actually working with the private key. So it doesn't keep your keys safely out of the hands of 'normal' programs, even though it seems like it should. Although it is somewhat confusing, and gpg-agent seems to mediate access to smartcards.

Protocol docs here: https://www.gnupg.org/documentation/manuals/gnupg/Agent-Prot...

The ssh-agent, on the other hand, does keep the key material out of the ssh client executable.

-----


> The research project was partly funded by NSF grants, so does that mean the public have the right to see all work related to the project?

For better or worse, no. NSF funding brings requirements for data sharing, but does not automatically trigger code availability.

-----


If it accidentally worked due to bugs/spec violations in the old OS, but is nonconformant in broken ways?

-----


FF uses fallback. Chrome and other WebKit-based browsers, however, do not.

-----


Anyone know a good reason why not? This seems like a great answer to the issue.

(I suppose you may get web page layouts "jumping" if the downloaded font had very different spacing to the fallback font. EDIT: Ah, just learnt this is called FOUT. http://www.paulirish.com/2009/fighting-the-font-face-fout/ Still, I'd personally prefer FOUT to being unable to read the page.)

-----

More

Applications are open for YC Summer 2016

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: