Stories
Slash Boxes
Comments

SoylentNews is people

Log In

Log In

Create Account  |  Retrieve Password


Bots before Bros, SoylentNews!

Posted by aristarchus on Thursday June 04 2020, @07:19AM (#5486)
31 Comments
Digital Liberty

Would be nice, if a Soylentil submits a submission, that that Soylentil might be credited with that submission, before some boot-licking scum-sucking lime lizard of a bot, that came across the same thing. Unless we (meaning, Eds) were trying to reduce the aristarchus visability on the the SN at large, in a form of passive aggressive censorship? Tell me it ain't so, Joe, tell me it ain't!
(Again, nessesary reference for uneducated non-boomers: Kid said this to "Shoeless Joe Jackson", after it was alleged that the White Sox had thrown the "World Series" in 1919. )

Tell me it ain't so, bytram! And the ball master TMB? Tell me it ain't so! And also tell me the Precedent did not just tear gas Episcopalian priests, holding a vigil for peace?

Soylent News has be infested, for quite some time, by fascists whom I will not name, and fellow travellers, like janrinok. Now is the time when you will burn, because if you dare to use force against innocent people, or attempt to censor aristarchus, it will come back upon you, big time. #Freearistarchus!!

Upstart can go dis-compile itself.
 

Cracks

Posted by c0lo on Thursday June 04 2020, @06:24AM (#5485)
107 Comments
Topics

James Mattis: Trump's former defence secretary denounces president

Former US Defence Secretary James Mattis has denounced President Donald Trump, accusing him of stoking division and abusing his authority.

In rare public comments, Mr Mattis said the president had sought to "divide" the American people and had failed to provide "mature leadership".

He said he was "angry and appalled" by Mr Trump's handling of recent unrest.

In response, the president described Mr Mattis as an "overrated general" and said he was glad he had left the post.

Pentagon chief [Mark Esper] opposes Trump threat to deploy military at protests

Trump has threatened to invoke the 1807 Insurrection Act that would allow him to deploy troops on city streets, against the wishes of state and city authorities. The president said he would use the law if local authorities failed “to defend the life and property of their residents”.

Esper categorically opposed using the act on Wednesday.

“I say this not only as secretary of defence, but also as a former soldier, and a former member of the national guard, the option to use active-duty forces in a law enforcement role should only be used as a matter of last resort, and only in the most urgent and dire of situations,” the defence secretary said. “We are not in one of those situations now. I do not support invoking the Insurrection Act.”

Esper has been supportive of Trump and has avoided contradicting him until now. But there is reported to be mounting unease about senior officers about the politicisation of the armed forces, and concern over Esper’s own actions.

“Esper has directly challenged Trump,” Thomas Wright, director of the centre on the United States and Europe on the Brookings Institution, said on Twitter. “Trump hates being boxed in. If he fires Esper, it could set in motion a crisis that may lead to a wider revolt within the GOP.”

(most of the dictators were goners once not even the military would support them. Trump may consider himself lucky to not managing yet to evolve into a dictator)

---

(edit: June 4, 2020)

Trump’s Bible photo op splits white evangelical loyalists into two camps

On Monday when Donald Trump raised overhead a Bible – the Sword of the Spirit, to believers – he unwittingly cleaved his loyal Christian supporters into two camps.
...
The Rev Johnnie Moore, president of the Congress of Christian Leaders, described Trump in shepherd-like terms on Twitter:

“I will never forget seeing @POTUS @realDonaldTrump slowly & in-total-command walk from the @WhiteHouse across Lafayette Square to St. John’s Church defying those who aim to derail our national healing by spreading fear, hate & anarchy. After just saying, ‘I will keep you safe.’”
...
“Pelting people with rubber bullets and spraying them with teargas for peacefully protesting is morally wrong,” said Russell Moore, president of the Ethics & Religious Liberty Commission of the Southern Baptist Convention. “What we need right now is moral leadership – from all of us, in the churches, in the police departments, in the courts, and in the White House. The Bible tells us so. So do our own consciences.”
...
The staunchest of evangelicals, 90-year-old televangelist Pat Robertson, split from Trump on Tuesday.

He told his television viewers of the president: “He said, ‘I’m ready to send in military troops if the nation’s governors don’t act to quell the violence that has rocked American cities.’ A matter of fact, he spoke of them as being jerks. You just don’t do that, Mr President. It isn’t cool!”

Right. Crackpot sheeple who need authority to feel safe and pastors that play for cool. And... that's the social segment that might determine the political faith of USoA? Because...

Trump can’t afford to lose evangelicals, even by the handful. A record 81% of white evangelicals voted for him in 2016, and he only narrowly won the presidency, sometimes by just a few thousand votes in crucial areas. His gesture with the Bible outside St John’s was meant to shore up that support, reminding his base of a tacit agreement.
...
So while evangelicals lifted Trump to power by voting together, they may prove his undoing if a contingent breaks away. In which case his campaign might shudder to hear of evangelical believers like Anthony Kidd in Daphne, Alabama.

During the week Kidd works at a salvage yard, and on weekends he does audio work during church services. He’s conservative.

“The past few years he has done things that are good for Christians, I’ll grant that,” he said. But when he saw Trump lift the Bible outside St John’s, he said, “It made me want to throw up a little bit.”

Visceral reaction, Kidd, also known as "feeling of guts". Good to see propaganda didn't wash common-sense away.

"Deplorables" vs "lowlife and losers"

Posted by c0lo on Wednesday June 03 2020, @01:22PM (#5483)
20 Comments
Topics

@realDonaldTrump tweets: NYC, CALL UP THE NATIONAL GUARD. The lowlifes and losers are ripping you apart. Act fast! Don’t make the same horrible and deadly mistake you made with the Nursing Homes!!!

1:10 AM · Jun 3, 2020·Twitter for iPhone

Do the Americans like being pissed on by their politiheads?
Enough to follow their example and piss one onto the other?

Reaching the mad emperor stage

Posted by c0lo on Tuesday June 02 2020, @01:52PM (#5479)
103 Comments
Topics

Trump has reached the 'mad emperor' stage, and it's terrifying to behold

He incites violence from the safety of a bunker, then orders peaceful people tear-gassed for the sake of a surreal photo op

Writing from a Birmingham jail, Martin Luther King Jr famously told his anxious fellow clergymen that his non-violent protests would force those in power to negotiate for racial justice. “The time is always ripe to do right,” he wrote.

On an early summer evening, two generations later, Donald Trump walked out of the White House, where he’d been hiding in a bunker. Military police had just fired teargas and flash grenades at peaceful protesters to clear his path, so that he could wave a bible in front of a boarded church.

For Trump, the time is always ripe to throw kerosene on his own dumpster fire.

'Nixon on steroids': Trump's military move is a high-risk election bid

Washington: St John's Episcopal Church - just a block from the White House - is known as the "church of presidents". Since its first service in 1816, every US president has worshipped there. But never has this sacred place been the site of a presidential visit as shocking and surreal as Donald Trump's on Monday (Tuesday AEST).

At 6.45pm on a balmy evening in Washington, Trump appeared in the Rose Garden of the White House to give his first major statement since angry protests broke out across the country following the death of George Floyd in Minneapolis. As Trump spoke, military police used tear gas and rubber bullets to forcibly clear hundreds of protesters from nearby Lafayette Square.

It was unclear why the officers took such speedy and confrontational action: the afternoon protests had been peaceful and a curfew ordered by Washington's mayor had not yet come into effect. Then the President strolled out from the White House, crossed the square and stood in front of the church, which had suffered fire damage during the previous night's protests. Posing for cameras, Trump brandished a bible like a victorious sportsman clutching a championship trophy. Then he headed straight back to the White House.

People struggled to believe it. Had the President of the United States really forcibly dispersed a peaceful protest so he could stage a photo op? Yes, he had.

When Police View Citizens as Enemies

The thin blue line looks like it’s ready to invade a foreign nation.
...
Militarization can escalate already tense situations. Protests in Ferguson, Missouri, after the 2014 killing of Michael Brown escalated dramatically on their second day, when police showed up in Humvees, wearing camouflage, and carrying M4s.
...
The state of Minnesota’s “urban warfare” rhetoric is the inevitable consequence of this decades-long militarization of American police departments, Arthur Rizer, a policing expert at the center-right R Street Institute, told me late Saturday.

“You create this world where you’re not just militarizing the police—you equip the police like soldiers, you train the police like soldiers. Why are you surprised when they act like soldiers?” Rizer, a former police officer and soldier, said. “The mission of the police is to protect and serve. But the premise of the soldier is to engage the enemy in close combat and destroy them. When you blur those lines together with statements like that … It’s an absolute breakdown of civil society.”
...
But yesterday, as police pepper-sprayed a congresswoman, drove into a crowd, and fired rubber bullets and tear gas at protesters and journalists alike, it was clear that some police officers were approaching these situations like soldiers, and treating citizens as enemies.

Trump threatens to use military to end riots and lawlessness

'Words of a dictator': Trump's threat to deploy military raises spectre of fascism

“When fascism comes to America, it will be wrapped in the flag and carrying a cross,” goes an oft-quoted line of uncertain origin.

On Monday evening, Donald Trump, with four US flags behind him, threatened to send in the military against the American people, then crossed the road to pose for a photo outside a historic church while clutching an upside-down Bible.

Interesting SpaceX Chromium / JS UI on Dragon 2

Posted by DannyB on Monday June 01 2020, @09:01PM (#5472)
1 Comment
Code

Several interesting links here.

1. https://space.stackexchange.com/questions/9243/what-computer-and-software-is-used-by-the-falcon-9/

2. https://www.reddit.com/r/IAmA/comments/1853ap/we_are_spacex_software_engineers_we_launch/

3. https://news.ycombinator.com/item?id=23368109

There are things you would expect to see, and things you would knot expect.

A few teasers:

SpaceX uses an Actor-Judge system to provide triple redundancy to its rockets and spacecraft. The Falcon 9 has 3 dual core x86 processors running an instance of linux on each core. The flight software is written in C/C++ and runs in the x86 environment. For each calculation/decision [ . . . . ]

I would like to know: tabs or spaces?

They do use some interesting software on Dragon 2. They use Chromium and JavaScript for the Dragon 2 flight interface. The actual flight computers still run on C++.

Source: Discussion with various SpaceX engineers at GDC 2015/2016

NASA finally managed to get their worm logo back after aliens had found it insensitive and pejorative.

The current riots were predictable and long overdue

Posted by exaeta on Monday June 01 2020, @02:05PM (#5468)
193 Comments
News

Current riots and civil disturbances are a long overdue predictable consequence of "qualified immunity" and other branches of the Suprme Court's "sovereign immunity" bullshit. Sovereign Immunity must be eliminated so people can fight the government in courtrooms with lawyers instead of on the streets with torches by burning down police buildings.

Soveriegn Immunity is bullshit made-up by the Supreme Court, it's time to overrule this 200 year old mistake and change the interpretation of the 11th amendment to the competing view, that it restricts diversity jurisdiction of federal courts instead of endorsing sovereign immunity. Sovereign immunity was tolerable when you could still sue government officers for breaking the law, but the recent invention of qualified immunity has made it intolerable.

Or, you know, let the USA burn to the ground as I know it will if nothing is done. I'm usually right in the end.

Update:

Justin Amash is introducing legislation to end qualified immunity. Support this bill!
https://twitter.com/justinamash/status/1267267244029083648

Update 3:
Congressional democrats are dodging the real problem, qualified immunity, and trying to only remove the protection for police officers. We need to remove it for ALL government officials, not just police officers. Police officers are not the only ones who abuse authority.

Trump signs Executive Order on Preventing Online Censorship

Posted by Arik on Thursday May 28 2020, @10:12PM (#5456)
214 Comments
Code
Let's dissect this.

Sås = https://www.whitehouse.gov/presidential-actions/executive-order-preventing-online-censorship/

Executive Order on Preventing Online Censorship
INFRASTRUCTURE & TECHNOLOGY

  Issued on: May 28, 2020

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:

Section 1.  Policy.  Free speech is the bedrock of American democracy.  Our Founding Fathers protected this sacred right with the First Amendment to the Constitution.  The freedom to express and debate ideas is the foundation for all of our rights as a free people.

In a country that has long cherished the freedom of expression, we cannot allow a limited number of online platforms to hand pick the speech that Americans may access and convey on the internet.  This practice is fundamentally un-American and anti-democratic.  When large, powerful social media companies censor opinions with which they disagree, they exercise a dangerous power.  They cease functioning as passive bulletin boards, and ought to be viewed and treated as content creators.

The growth of online platforms in recent years raises important questions about applying the ideals of the First Amendment to modern communications technology.  Today, many Americans follow the news, stay in touch with friends and family, and share their views on current events through social media and other online platforms.  As a result, these platforms function in many ways as a 21st century equivalent of the public square.

Twitter, Facebook, Instagram, and YouTube wield immense, if not unprecedented, power to shape the interpretation of public events; to censor, delete, or disappear information; and to control what people see or do not see.

As President, I have made clear my commitment to free and open debate on the internet. Such debate is just as important online as it is in our universities, our town halls, and our homes.  It is essential to sustaining our democracy.

Online platforms are engaging in selective censorship that is harming our national discourse.  Tens of thousands of Americans have reported, among other troubling behaviors, online platforms “flagging” content as inappropriate, even though it does not violate any stated terms of service; making unannounced and unexplained changes to company policies that have the effect of disfavoring certain viewpoints; and deleting content and entire accounts with no warning, no rationale, and no recourse.

Twitter now selectively decides to place a warning label on certain tweets in a manner that clearly reflects political bias.  As has been reported, Twitter seems never to have placed such a label on another politician’s tweet.  As recently as last week, Representative Adam Schiff was continuing to mislead his followers by peddling the long-disproved Russian Collusion Hoax, and Twitter did not flag those tweets.  Unsurprisingly, its officer in charge of so-called ‘Site Integrity’ has flaunted his political bias in his own tweets.

At the same time online platforms are invoking inconsistent, irrational, and groundless justifications to censor or otherwise restrict Americans’ speech here at home, several online platforms are profiting from and promoting the aggression and disinformation spread by foreign governments like China.  One United States company, for example, created a search engine for the Chinese Communist Party that would have blacklisted searches for “human rights,” hid data unfavorable to the Chinese Communist Party, and tracked users determined appropriate for surveillance.  It also established research partnerships in China that provide direct benefits to the Chinese military.  Other companies have accepted advertisements paid for by the Chinese government that spread false information about China’s mass imprisonment of religious minorities, thereby enabling these abuses of human rights.  They have also amplified China’s propaganda abroad, including by allowing Chinese government officials to use their platforms to spread misinformation regarding the origins of the COVID-19 pandemic, and to undermine pro-democracy protests in Hong Kong.

As a Nation, we must foster and protect diverse viewpoints in today’s digital communications environment where all Americans can and should have a voice.  We must seek transparency and accountability from online platforms, and encourage standards and tools to protect and preserve the integrity and openness of American discourse and freedom of expression.

Sec. 2.  Protections Against Online Censorship.  (a)  It is the policy of the United States to foster clear ground rules promoting free and open debate on the internet.  Prominent among the ground rules governing that debate is the immunity from liability created by section 230(c) of the Communications Decency Act (section 230(c)).  47 U.S.C. 230(c).  It is the policy of the United States that the scope of that immunity should be clarified: the immunity should not extend beyond its text and purpose to provide protection for those who purport to provide users a forum for free and open speech, but in reality use their power over a vital means of communication to engage in deceptive or pretextual actions stifling free and open debate by censoring certain viewpoints.

Section 230(c) was designed to address early court decisions holding that, if an online platform restricted access to some content posted by others, it would thereby become a “publisher” of all the content posted on its site for purposes of torts such as defamation.  As the title of section 230(c) makes clear, the provision provides limited liability “protection” to a provider of an interactive computer service (such as an online platform) that engages in “‘Good Samaritan’ blocking” of harmful content.  In particular, the Congress sought to provide protections for online platforms that attempted to protect minors from harmful content and intended to ensure that such providers would not be discouraged from taking down harmful material.  The provision was also intended to further the express vision of the Congress that the internet is a “forum for a true diversity of political discourse.”  47 U.S.C. 230(a)(3).  The limited protections provided by the statute should be construed with these purposes in mind.

In particular, subparagraph (c)(2) expressly addresses protections from “civil liability” and specifies that an interactive computer service provider may not be made liable “on account of” its decision in “good faith” to restrict access to content that it considers to be “obscene, lewd, lascivious, filthy, excessively violent, harassing or otherwise objectionable.”  It is the policy of the United States to ensure that, to the maximum extent permissible under the law, this provision is not distorted to provide liability protection for online platforms that — far from acting in “good faith” to remove objectionable content — instead engage in deceptive or pretextual actions (often contrary to their stated terms of service) to stifle viewpoints with which they disagree.  Section 230 was not intended to allow a handful of companies to grow into titans controlling vital avenues for our national discourse under the guise of promoting open forums for debate, and then to provide those behemoths blanket immunity when they use their power to censor content and silence viewpoints that they dislike.  When an interactive computer service provider removes or restricts access to content and its actions do not meet the criteria of subparagraph (c)(2)(A), it is engaged in editorial conduct.  It is the policy of the United States that such a provider should properly lose the limited liability shield of subparagraph (c)(2)(A) and be exposed to liability like any traditional editor and publisher that is not an online provider.

(b)  To advance the policy described in subsection (a) of this section, all executive departments and agencies should ensure that their application of section 230(c) properly reflects the narrow purpose of the section and take all appropriate actions in this regard.  In addition, within 60 days of the date of this order, the Secretary of Commerce (Secretary), in consultation with the Attorney General, and acting through the National Telecommunications and Information Administration (NTIA), shall file a petition for rulemaking with the Federal Communications Commission (FCC) requesting that the FCC expeditiously propose regulations to clarify:

(i) the interaction between subparagraphs (c)(1) and (c)(2) of section 230, in particular to clarify and determine the circumstances under which a provider of an interactive computer service that restricts access to content in a manner not specifically protected by subparagraph (c)(2)(A) may also not be able to claim protection under subparagraph (c)(1), which merely states that a provider shall not be treated as a publisher or speaker for making third-party content available and does not address the provider’s responsibility for its own editorial decisions;

(ii)  the conditions under which an action restricting access to or availability of material is not “taken in good faith” within the meaning of subparagraph (c)(2)(A) of section 230, particularly whether actions can be “taken in good faith” if they are:

(A)  deceptive, pretextual, or inconsistent with a provider’s terms of service; or

(B)  taken after failing to provide adequate notice, reasoned explanation, or a meaningful opportunity to be heard; and

(iii)  any other proposed regulations that the NTIA concludes may be appropriate to advance the policy described in subsection (a) of this section.

Sec. 3.  Protecting Federal Taxpayer Dollars from Financing Online Platforms That Restrict Free Speech.  (a)  The head of each executive department and agency (agency) shall review its agency’s Federal spending on advertising and marketing paid to online platforms.  Such review shall include the amount of money spent, the online platforms that receive Federal dollars, and the statutory authorities available to restrict their receipt of advertising dollars.

(b)  Within 30 days of the date of this order, the head of each agency shall report its findings to the Director of the Office of Management and Budget.

(c)  The Department of Justice shall review the viewpoint-based speech restrictions imposed by each online platform identified in the report described in subsection (b) of this section and assess whether any online platforms are problematic vehicles for government speech due to viewpoint discrimination, deception to consumers, or other bad practices.

Sec. 4.  Federal Review of Unfair or Deceptive Acts or Practices.  (a)  It is the policy of the United States that large online platforms, such as Twitter and Facebook, as the critical means of promoting the free flow of speech and ideas today, should not restrict protected speech.  The Supreme Court has noted that social media sites, as the modern public square, “can provide perhaps the most powerful mechanisms available to a private citizen to make his or her voice heard.”  Packingham v. North Carolina, 137 S. Ct. 1730, 1737 (2017).  Communication through these channels has become important for meaningful participation in American democracy, including to petition elected leaders.  These sites are providing an important forum to the public for others to engage in free expression and debate.  Cf. PruneYard Shopping Center v. Robins, 447 U.S. 74, 85-89 (1980).

(b)  In May of 2019, the White House launched a Tech Bias Reporting tool to allow Americans to report incidents of online censorship.  In just weeks, the White House received over 16,000 complaints of online platforms censoring or otherwise taking action against users based on their political viewpoints.  The White House will submit such complaints received to the Department of Justice and the Federal Trade Commission (FTC).

(c)  The FTC shall consider taking action, as appropriate and consistent with applicable law, to prohibit unfair or deceptive acts or practices in or affecting commerce, pursuant to section 45 of title 15, United States Code.  Such unfair or deceptive acts or practice may include practices by entities covered by section 230 that restrict speech in ways that do not align with those entities’ public representations about those practices.

(d)  For large online platforms that are vast arenas for public debate, including the social media platform Twitter, the FTC shall also, consistent with its legal authority, consider whether complaints allege violations of law that implicate the policies set forth in section 4(a) of this order.  The FTC shall consider developing a report describing such complaints and making the report publicly available, consistent with applicable law.

Sec. 5.  State Review of Unfair or Deceptive Acts or Practices and Anti-Discrimination Laws.  (a)  The Attorney General shall establish a working group regarding the potential enforcement of State statutes that prohibit online platforms from engaging in unfair or deceptive acts or practices.  The working group shall also develop model legislation for consideration by legislatures in States where existing statutes do not protect Americans from such unfair and deceptive acts and practices. The working group shall invite State Attorneys General for discussion and consultation, as appropriate and consistent with applicable law.

(b) Complaints described in section 4(b) of this order will be shared with the working group, consistent with applicable law. The working group shall also collect publicly available information regarding the following:

(i) increased scrutiny of users based on the other users they choose to follow, or their interactions with other users;

(ii) algorithms to suppress content or users based on indications of political alignment or viewpoint;

(iii) differential policies allowing for otherwise impermissible behavior, when committed by accounts associated with the Chinese Communist Party or other anti-democratic associations or governments;

(iv) reliance on third-party entities, including contractors, media organizations, and individuals, with indicia of bias to review content; and

(v) acts that limit the ability of users with particular viewpoints to earn money on the platform compared with other users similarly situated.

Sec. 6.  Legislation.  The Attorney General shall develop a proposal for Federal legislation that would be useful to promote the policy objectives of this order.

Sec. 7.  Definition.  For purposes of this order, the term “online platform” means any website or application that allows users to create and share content or engage in social networking, or any general search engine.

Sec. 8.  General Provisions. (a)  Nothing in this order shall be construed to impair or otherwise affect:

(i)    the authority granted by law to an executive department or agency, or the head thereof; or

(ii)   the functions of the Director of the Office of Management and Budget relating to budgetary, administrative, or legislative proposals.

(b)  This order shall be implemented consistent with applicable law and subject to the availability of appropriations.

(c)  This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.

To quickly get a cop's knee off a guy's neck

Posted by fustakrakich on Thursday May 28 2020, @03:43PM (#5454)
11 Comments
Rehash

Just play the national anthem real loud. If he doesn't stand up, kick him off the precinct football team.

Removing GELI encryption from ZFS partitions

Posted by DECbot on Tuesday May 26 2020, @11:54PM (#5447)
5 Comments
OS

So, a little background. I have a FreeBSD fileserver in the basement used for running Samba and as a Minecraft server for the kids (and a bit for myself). This was built back in the "systemd will destroy all the Debian derivatives" era, and thus how it ended up on a BSD instead of an OS I'm more familiar with, like Ubuntu, Debian, or Slackware (my preferences, in that order, at that time). Also, at the time of building the server, ZFS was just starting to really to peculate through the news aggregators and pique my interest. All of this info affected my choices and I ended up replacing the aging Via C7 (x86) Ubuntu Samba server running reiserfs partitions on mdadmin (mirror) on lvm containers. The new system featured four, GELI encrypted, 1-TB drives sporting ZFS Z2 made possible by FreeBSD 10 or 11 if I can remember correctly. The system works great, but there are a few detractors.

  1. I don't really know BSD.
  2. GELI, as configured on my system, requires keyboard input to unlock disks
  3. Updates suck

On the first point, BSD and Linux are very similar. You can go from one to another and have an idea of what you're doing on the terminal, but they are more different than say RHEL and Debian. If you had to compare it to languages, Linux is like Spanish and BSD is like Portuguese. Much of the roots are the same, but the differences are greater than the regional dialects of British English to American English. This often leaves you in a position where you think you know what you are doing only to find out that you don't.
 
Second, GELI is a lot like LUKS on Linux. It works and I generally don't have to think about it. My issue is my specific configuration. As a dumb noob, during the installer I opted to install root on my ZFS partiton, that was encrypted by GELI. All of that should be great, right? I have LUKS encrypted ZFS on root on the laptop, and it works like a champ. Rhetorical question, how could this be bad? I can ZFS snapshot my OS as I do updates, I have block checksums, and it is all encrypted at rest. Well, the problem is boot. Anytime this system is rebooted, GELI requires keyboard input from the keyboard physically attached to the machine. So that requires running down to the basement, plugging in a keyboard, and unlocking the drives so /boot can have a / to boot into. Regrettably, when I'm traveling, that sometimes requires a flight back home too. Now, I'm told that if I'm willing to make a two line edit to the source code, I can make GELI accept input from the serial console which would fix the remote input issue, That would require me to recompile the source, install it on a "foreign" OS, and then setup a tty link to some other box just for the purpose to inputting a password a few times a year the box gets rebooted. Knowing myself and the other projects I do around the house, I was not going to find the time to make that happen when the alternative is just a visit to the basement.
 
Thirdly, updates suck. For the first four years, there weren't any real issues. Every few months, I would open up the FreeBSD handbook in a browser window and walk through the upgrade process. This is where BSD is not Linux. There is the core OS updates, the package updates, and the ports updates. All three handled differently. And if your package updater happens to see applications from your ports and decides to update them, things break. I guess I was fortunate for the most part, but the last round of updates obliterated my minecraft-server install causing the most unpleasant misfortune to my children. Fortunately I had backed up the world, so the builds were saved, but the player data never did fair correct after that causing weird game breakage.
 
There's a few other issues, like things I wanted to play with on this server like VMs, NextCloud, wiki server (for documenting things like configurations, home appliances, etc), and experimenting. Sure, these things exists in FreeBSD's packages and ports, but I'm not as comfortable working with those as I would in a Debian or it's derivatives like Ubuntu or Devuan.
 
What is the culmination of all of this? It was time to fix things. One, it was time to move the OS off of the encrypted drives. I don't want to travel to the basement to let the computer boot. Unlocking the drives with my precious data should be possible via ssh. Booting the OS should be done unattended. This is how it should have been in the beginning, but on a tight budget and not having to experience this before, it wasn't considered. Two new SSDs were procured to house the OS, and the spinning rust (now upgraded to 3TB disks) would only house the data. ZFS on the root is fine, but encryption is reserved for the data. This setup would also afford some more flexibility for trying new OSes. If I wanted to try it on Devuan, or on Ubuntu 20.04 with Wireguard and ZFS in the kernel, it is possible without jeopardizing my data. However, there is one complication to this: GELI. Just like how LUKS is only available for Linux, GELI is only for BSD. That is what leads me to this Journal, stripping GELI encryption from partitions used for ZFS.
 
The first point, you have to have root on the OS and the second, you have to be able to unlock the GELI encryption. I can't help you if you lost your GELI keys/password. Here's the process of what is going to happen. Each drive is removed from the zpool, removed from GELI, and then reattached to the zpool. The process is much the same to replacing a failed disk from a zpool. Here we go.
 
Removing the decrypted drive
Get the layout of the zpool. We'll start with disk 0, where the encrypted zfs partition is on p4.

me@system% zpool status
    pool: zroot
  state: ONLINE
status: Some supported features are not enabled on the pool. The pool can
        still be used, but some features are unavailable.
action: Enable all features using 'zpool upgrade'. Once this is done,
        the pool may no longer be accessible by software that does not support
        the features. See zpool-features(7) for details.
    scan: resilvered 776G in 0 days 02:15:09 with 0 errors on Tue May 26 16:47:15 2020
config:

        NAME STATE READ WRITE CKSUM
        zroot ONLINE 0 0 0
            raidz2-0 ONLINE 0 0 0
                ada0p4.eli ONLINE 0 0 0
                ada1p4.eli ONLINE 0 0 0
                ada2p4.eli ONLINE 0 0 0
                ada3p4.eli ONLINE 0 0 0

errors: No known data errors

We can see the four disk decrypted partitions attached. Note the ".eli" after each disk? GELI takes the encrypted /dev/ada0p4 and provides decrypted link to the device at /dev/ada0p4.eli which ZFS is using for its zpool. Let's start with disk 0 and remove that from the zpool.

me@system# zpool offline zroot ada0p4.eli

Now that the disk is offline, we can tell GELI to stop decrypting it which destroys the /dev/ata0p4.eli device.

me@system# geli detatch ada0p4.eli

After that is done, we reattach the disk to the zpool. Note this time it is the partition directly, and not the decrypted volume. This command requires the zpool you are working with, the old device and the new device.

me@system# zpool replace zroot ada0p4.eli ada0p4

This triggers ZFS to resilver the zpool. If you have large drives, this will take some time. For me, it was half a workday or the first installment of the Lord of the Rings if work is a foreign concept. You can use zpool status to check in on the process.

me@system% zpool status
    pool: zroot
  state: DEGRADED
status: One or more devices is currently being resilvered. The pool will
                continue to function, possibly in a degraded state.
action: Wait for the resilver to complete.
    scan: resilver in progress since Tue May 26 16:59:15 2020
                3.13T scanned at 617M/s, 2.40T issued at 473M/s, 3.13T total
                594G resilvered, 76.61% done, 0 days 00:27:03 to go
config:

                NAME STATE READ WRITE CKSUM
                zroot DEGRADED 0 0 0
                    raidz2-0 DEGRADED 0 0 0
                        replacing-0 OFFLINE 0 0 0
                            11670088260588674329 OFFLINE 0 0 0 was /dev/ada0p4.eli
                            ada0p4 ONLINE 0 0 0
                        ada1p4.eli ONLINE 0 0 0
                        ada2p4.eli ONLINE 0 0 0
                        ada3p4.eli ONLINE 0 0 0

errors: No known data errors

While this is going on, you might as well modify the boot loader to keep GELI from trying to unlock the disk on boot. So load /boot/loader.conf in your editor of choice and change geli_ada0p4_keyfile0_load="YES" to "NO" to keep GELI from touching it at boot.

me@system# vim /boot/loader.conf
geli_ada0p4_keyfile0_load="NO"
geli_ada0p4_keyfile0_type="ada0p4:geli_keyfile0"
geli_ada0p4_keyfile0_name="/boot/encryption.key"
geli_ada1p4_keyfile0_load="YES"
geli_ada1p4_keyfile0_type="ada1p4:geli_keyfile0"
geli_ada1p4_keyfile0_name="/boot/encryption.key"
geli_ada2p4_keyfile0_load="YES"
geli_ada2p4_keyfile0_type="ada2p4:geli_keyfile0"
geli_ada2p4_keyfile0_name="/boot/encryption.key"
geli_ada3p4_keyfile0_load="YES"
geli_ada3p4_keyfile0_type="ada3p4:geli_keyfile0"
geli_ada3p4_keyfile0_name="/boot/encryption.key"
aesni_load="YES"
geom_eli_load="YES"
geom_eli_passphrase_prompt="YES"
vfs.root.mountfrom="zfs:zroot/ROOT/default"
kern.geom.label.gptid.enable="0"
zpool_cache_load="YES"
zpool_cache_type="/boot/zfs/zpool.cache"
zpool_cache_name="/boot/zfs/zpool.cache"
zfs_load="YES"

After the resilver finished, I rebooted the system to make sure it all came back just fine. Now I'm on my third disk and it looks very promising. When it's done, I'll give an update here.
 
***UPDATE: 2020-05-27 04:45am***
The process is complete an the zpool is good. GELI still asks for a password at boot, but no partitions are getting unlocked and the *.efi devices are not getting created. It is likely a simple edit of the /boot/loader.conf file to make that disappear completely. The "geom_eli_passphrase_prompt="YES"" looks very promising to give me the results I desire, but I'm not likely to boot into BSD much more anyway, so I'm not certain I will spend time on it. The new focus is systemd+wireguard in kernel+zfs in kernel or the alternate sysv.init+dkms module zfs+maybe an older kernel without wireguard. These are the questions. The end result is a Samba server sporting zfs, and a minecraft server, and maybe NextCloud and/or Plex as well. Any thoughts?

PineTab Linux Tablet + Optional RTL-SDR Expansion Module

Posted by takyon on Monday May 25 2020, @05:23PM (#5443)
11 Comments
Hardware

PineTab Linux Tablet will have an Optional RTL-SDR Expansion Module

What's interesting about the PineTab is that they are advertising that they are working on expansion options, with one expansion module being an RTL-SDR. It seems that the expansion module will allow cards to be inserted internally, keeping everything tidy on the outside. Apart from the RTL-SDR, they will also offer LoRa, LTE (with GPS) and sata SSD add on cards.

May Update: PineTab Pre-Orders, PinePhone Qi Charging & More!