LINUX Unplugged - 643: The Sunday Soapbox
Episode Date: December 1, 2025We pull on a few loose threads from recent episodes, and some of them unravel into way more than we expected.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized V...PN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. CrowdHealth: Discover a Better Way to Pay for Healthcare with Crowdfunded Memberships. Join CrowdHealth to get started today for $99 for your first three months using UNPLUGGED.Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:💥 Gets Sats Quick and Easy with Strike📻 LINUX Unplugged on Fountain.FMLUP's Great Holiday Homelab FormLUP's Great Holiday Homelab Old Fart Form (markdown)Jellyswarrm — Bring all your Jellyfin servers togetherLiveTV support · Issue #9 · LLukas22/Jellyswarrmpangolin — Identity-Aware Tunneled Reverse Proxy Server with Dashboard UI.Pangolin | Secure Access PlatformNixOS Search - Options - PangolinYoutarr — Self-hosted web app that automates downloading, organizing, and scheduling YouTube channel content with support for Plex, Kodi, Emby and JellyfinAdd ability to set subfolder for manual downloads · Issue #287 · DialmasterOrg/YoutarrDawarich — Your favorite self-hostable alternative to Google Timeline (Google Location History)dawarich CHANGELOG.mdCVE-2025-40090 | Ubuntu — Since commit 305853cce3794 ksmbd_session_rpc_method() attempts to lock sess->rpc_lock. This causes hung connections / tasks when a client attempts to open a named pipe.SMB3 & KSMBD See Performance Improvements With Linux 6.18 — KSMBD also now adds a max IP connections parameter to optionally limit the maximum number of connections permitted per IP address.ksmbd vulnerability research · Doyensec's Blogksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3)ksmbd - Exploiting CVE-2025-37947 (3/3)doyensec's KSMBD-CVE-2025-37947 PoCGrapheneOS bails on OVHcloud over France's privacy stanceGrapheneOS exits France — what it means for encryptionFrance's Encryption War Escalates: GrapheneOS Exodus Signals Dangerous Precedent for Open Source Privacy TechSeems like the GrapheneOS phone collab may be with Motorolla.Rust For Linux Kernel Co-Maintainer Formally Steps DownBcachefs Ousted from Mainline Kernel: The Move to DKMS and What It MeansRed Hat Introduces Project Hummingbird for “Zero-CVE” StrategiesRichard Hipp - Git: Just Say No - YouTube2011 SouthEast LinuxFest - Richard Hipp - Fossilize Your Code - YouTubePick: Gopher64 — Highly compatible N64 emulator.Gopher64 — simple64's official and spiritual successor - Libretro — It’s made by the same developer(s). Unlike simple64 however, it’s not based entirely on Mupen64Plus. And it’s aiming for a more LowSpec hardware overhang.Install Gopher64 on Linux | Flathub
Transcript
Discussion (0)
Hello, friends, and welcome back to your weekly Linux talk show.
My name is Chris.
My name is Wes.
And my name is Brian.
Hello, the gentleman.
Well, coming up on this week's of the show, we're going to stop the clock a little bit.
Pull a few loose threads from recent episodes.
and, well, some of them may unravel
into something that we didn't expect.
But the idea is to catch up on a few things
and then round out the show
with some great boosts, some picks, and a lot more.
So before we get there, let's do a little business
and say time-appropriate greetings to our virtual lug.
Hello, Mumble Root.
Hey, hey, nice on.
Hello, and hello, all you up there in the quiet,
listening and everybody out there on the streams,
thank you for being here this morning.
And a big good morning to our friends
over at Defined Networking.
Go check out Managed Nebula
at Defined.net slash unplug.
They've taken the Nebula project
and they've made it easy for anyone to use.
When you go to Defined.net slash unplugged,
you can sign up for 100 devices for free,
no credit card required
and try out the world's most robust
industry-leading mesh network.
One of the things that I've learned over the years
is that when I'm building my infrastructure,
I want something that will last a long time.
And when you really wrap your head around how useful a mesh network is, I mean, it's next level.
It will completely change the way you do networking for the better.
And so when you start to really think that way, you also start thinking long term.
And what I love about Nebula is absolutely everything is self-hostable.
It's not just sort of like a secondary thing that they kind of have available.
It's how they build the product.
It started that way back in 2017 from the very get-go to protect Slack.
They had to build it ready to go.
And now they've made it easy for anyone to use.
And at any point you want to self-host the infrastructure, you can.
So support the show and get started by going to defined.net slash unplugged.
Redefine your VPN experience today.
Defined.net slash unplugged.
So I want to make sure that we remind everybody that we want your submissions.
We've got a nice batch.
We don't need thousands, but I'd like to have some more.
Because just around the corner, it's something special for the holidays.
It's the great holiday home lab.
It is that magical time of year.
Hopefully your servers are humming.
Someone out there's NAS is running in a cardboard box, no doubt.
We want to see it all from the best home labs to the worst.
Send them in.
It's our great holiday home lab.
The first ever go to Linuxunplug.com slash holiday,
where we will redirect you to a Google form.
If you don't want to use the Google form, you can make our jobs harder by going to
Linuxunplug.com slash old fart, and then you can figure out how to take that and put
into an email with links to stuff and make it work good because it doesn't work good.
I don't know if I'm even going to have the time.
I'm just telling you.
But that's Linuxunplug.com slash old fart.
Submit some photos, short descriptions, your hardware list.
Tell us what your Home Lab actually does.
We're going to have some awards to give away the Grand Rack Award, the Silver Sudo Award,
the Best Effort Award, and then the LUP Rescue Mission.
for the home lab that really needs it.
And we may even make an episode of that one in the future.
So we'll be scoring them on functionality, design,
ingenuity, efficiency, documentation, personality, effort.
We've had some other suggestions we may be incorporating.
So the entries are open right now.
Get your homelab in.
It doesn't have to be a killer,
although you're welcome to show off a killer.
And later in December,
we'll be kicking off the great home lab.
What do you call it?
I guess voting, no results?
I guess it's the results.
It's the results show.
The award show, I don't know.
HomeLab review.
We are giving away some awards.
So I guess it's technically going to be an award show.
I don't know if we'll call it that.
That doesn't matter.
What matters is don't be a procrastinator.
Go to Linuxunplug.com slash holiday, get them in.
So that way we can all have a magical home lab holiday thing.
It's going to be a lot of fun.
I can't wait to see people send in.
Yeah, think about it.
Some people will be away from their home labs at the holidays.
So this maybe will help them feel like their home.
Your web.
So, you know, one of the challenges of doing a weekly show is finding time to stop and talk about stuff we've already talked about.
Because you're always kind of moving forward.
And sometimes we cover something and our thoughts change on it.
We use it for a while or a project changes or has updates.
And that's really just one example.
Probably I could give you hundreds.
And it's something I wish we could do more often because there is going to be some recency bias when we do this sort of thing.
So it would be nice we could do a little more often.
but as we kind of in the holiday season,
thought this would be a good time to look at some of our leftovers.
And I want to touch on something that came up recently on the show.
I came up with a really fun way to spin up an engroc tunnel on demand.
And then Wes comes along and says,
why don't you try Jelly Swarm instead?
And I thought, hmm, okay.
The Jelly Swarm, if you don't remember,
brings all your jellyfin servers together in one proxy interface.
You can have multiple jellyfin servers on private networks,
and then depending on how you make that,
networking work, you can
kind of watch them all from one place.
And that was essentially what I was trying to accomplish.
So I do have an old VPS
that I say sort of an orbit around Lady Jubes
and that is already on my
mesh network. So that just made sense because
it can already talk, that server can already talk to the Jellyfin
server. Problem solved. And it has a public IP.
So I
quite easily installed Jelly Swarm
on this VPS. You probably
just Docker container or something. Yeah. Yeah.
Really quick because it's an old Ubuntu LTS
system. And boy,
that's it man it's like it because i already was on my mesh network i just gave it the IP of
my jellyfin server and the credentials i love the way it does the mapping for user logins and accounts
and it works so great that i'm just totally going to rip out that endrock tunnel for jellyfin
you're not going to make it like turn on your swarm or something what i'm going to do is uh i'm
going to use that endgrock setup or maybe another setup i'll come back to for next cloud
and utar which i'll talk about in a moment
but I might just leave my swarm on all the time.
I might just leave it on all the time.
All right.
I think I like it.
I'm thinking about that.
I'm a wee bit sad because you were so proud of that NGROC setup.
And then Wes just came along and was like, well, here you go.
It's already solved for you.
And it's even better.
It is better.
It's a jellyfin specific solution.
And in my opinion, if you're comfortable setting this kind of thing up, it more than answers the Plex sharing problem.
It's, to me, it's a solved problem now.
So that's really nice.
But I do think there is use for network tunnels.
I still think there is.
Yeah, definitely, of course.
Sweepie posted, I was yelling Pangolin at my screen hearing you talk about the NGROC for jellyfin access.
Panglin supports a variety of off methods, including temporary share links that you could drop right in your setup.
And it's an identity-aware, tunneled reverse proxy server that comes with a dashboard UI.
You can do self-hosted version, and it has a reverse proxy server with identity and context-aware access controls, designed to easily expose.
and protect applications running anywhere.
It can act as a central hub
that connects isolated networks,
even those behind restrictive firewalls,
through encrypted tunnels,
enabling easy access to remote services
without opening ports or requiring a VPN.
I am, I was aware of this project,
but kind of like Engrock, I'd never really used it.
And so for some reason, I just didn't,
it didn't come to mind.
But I kind of, I kind of wonder.
Well, you are only kind of using.
Yes.
Right, let's like set up.
up an authenticated identity aware project specifically to only use a temporary access part
of it, maybe?
I was wanting your take on this.
Do you think this is overkill?
But I mean, it depends because depending on how much friction there is, that might not actually
be a bad thing at all.
And you might find, as usual, with good software, that you like other aspects of it,
or you want to use it to expose more, you know, maybe you expose more of your things if they're
all put behind, you know, 2FA'd proper authentication.
I do like that it's AGPL3.
and you can self-host it.
Yeah, it is a neat project.
I've only played with it,
a dabble, like, set it up as a test one time,
but I know a lot of people do seem to like it.
Well, Swippy Sir does.
He was screaming at it.
We got multiple folks writing in about Pangolin,
both in The Matrix and across a few channels.
And I saw it his package for NixOS with some options.
Well, now you don't have an excuse.
If you could just turn it on with a quick option.
Here's what I'm going to use my incorrect tunnel for,
or maybe Pangolin.
I do think it would be, sorry.
Oh, no,
Oh, go ahead.
I do think it would be informative, maybe, to set it up and just see what the actual swap out from NGROC to Pangolin would be like as a potential way to evaluate, like, oh, what do you like about it?
Yeah, my first impressions was...
Even if you throw it all away.
It was a lot.
It was my first impression.
It was a lot.
I do like...
So it has a dashboard where you can toggle tunnels on and off and stuff like that and see those days.
But I'm already achieving that same thing with Home Assistant, which is already a workflow I already use and my family uses.
I imagine I could probably do the same thing with Pangolin.
Probably tied in Home Assistant, no problem.
But I sort of solved for that problem already.
You don't really need a dashboard.
Yeah.
I don't know.
All right.
So here's what I will be using a tunnel for.
Not for me, actually, but for the wife.
And this is an app pick that we had that was on my radar.
Wanted to try it more.
West found it.
And the audience wrote and said, this is really good.
And I'm like, okay, this week I'm going to try Utah.
It, as you might recall, is a self-hosted web app that automates downloading,
and organizing and scheduling YouTube channel content.
All a flat pinch, or pinch flat, sorry.
But a couple of things I like a little bit better.
It's a lot better at one-off video downloads.
That's killer for what my wife wanted.
So this is a common scenario that happens a few times a week.
It's not horrible, but it's a few times a week.
I get a telegram from the wife that says,
hey, so-and-so said we should really check out this video.
Can you grab it for us?
And again, no problem.
It's a problem.
I'll go get it.
And I've been doing that for you.
years. And then this comes along. And I'm like, oh, wait a minute. If I combine this with
the NGROC tunnel, she can just plug the URL in at work. And then when she gets home,
they're all queued up on the jellyfin server, ready to go. And we don't have to watch them
over YouTube, over our crappy LTE connection at the moment. I love that. You're like outsourcing your
main purpose at home. I mean, I've thought about this so much over the years, both for myself and
for, you know, past partners. Like, I think at one point I had a basic CGI form that would just run
YTLB end up into like a Dropbox
or I've thought about a web interface
you could load in videos that would just
sort of get mixed into a live stream
that you constantly Chromecasted
but now that everything just integrates with JellyFund
I mean that's the way to go
So what's really great is
and I hadn't played with this before
we talked about this as a pick
is it has integrated sponsor block
and so that's really nice
I don't go crazy with that
but as
somebody who's
made videos in audio for a long time.
I hate the double intro
where they tell you what they're going to
where they tell you what they're going to tell you. Then they do an intro
and then they tell you what they're going to tell you again.
Oh my God, it drives me crazy. It's such a waste of time.
So like Sponsor Block lets you skip intros and stuff like that.
I'm all about that. I don't need to see their $75 motion graphics
that they paid for it for their YouTube channel.
Every single time. With their music they think is super great and all of that.
So it just lets me skip all of that integrated.
But then the other thing that's really fantastic, I'm not a Plex user, but it will still download metadata information and NFO and thumbnails and whatnot and save them in a format jellyfin just immediately ingest.
So when she sits down and pulls up jellyfin, it looks like all the other videos and it sits right nicely next to our pinch flat videos, which I'm using pinch flat to download channels as they post.
Like this channel every time they post, I'm downloading that video.
I'm using U-TAR, which you could use it that way.
You could, so you could just use one tool to do both.
Right.
You already had Pinch-Lad.
I'm using U-Tar for the one-off downloads.
I love that.
And then I have to go to a specific spot on the file system,
so I know those are all U-TAR downloads.
Gets classified the right way.
And it also, I've discovered now it handles really well
at recovering failed downloads.
I had a download bail on me,
and that's worked nice.
The WebUI works good on the wife's phone.
It works good on our laptop.
So this is a winner app.
I can tell already it's going to be in a category of winners.
Now, there are a couple of things I'd love to see.
It'd be nice if you could have it download channels on the regular like I use Pinchflat.
So every time a channel posts a video, every time Jupiter Broadcasting has a video, it automatically downloads.
It'd be nice if those could go to one place and my manual one-off downloads could go to a totally different location.
Optional, but it'd be nice.
Currently, it's all going to one spot.
You only have one place to target it.
Yeah, and if you download a channel,
it creates a sub-director for that channel,
but if you download a one-off,
it doesn't create a sub-directory for just that video.
They're just in the root,
and it's just not how I do my jellyfin.
I'd like to have a cleaner jellyfin.
But I do love it for those one-off downloads,
and that's sort of a small gripe.
Since I'm using Pinch Flat to manage the channels,
it's not really an issue for me.
But setting sub-folders for manual downloads would be great.
I did see issue 287 on the project,
Actually, somebody already flagged that.
Nice.
I'm like, I'll just go give this a plus one.
Give it the old plus one.
But man, a couple of winners.
And then before I'm done with my holiday leftovers for you, boys, I got to give a huge mention to, I think, one of the MVP's of this year.
We covered it multiple times on the podcast.
But we called the Big D D D Dyrich.
It is a self-hostable alternative to Google timeline for your location history.
and it's very comprehensive.
They have a standalone app for iOS.
You can integrate it with things like Own Tracks.
If you have Home Assistant,
there's an integration
where Home Assistant can collect your location
and then send it to Derwich.
And it's been our constant companion.
I'm running it still since we talked about it
the first time on the show.
It was the back end to our Texas tracker.
It powered our Texas tracker.
And there have been many releases
since we deployed.
I was shocked.
So we deployed version 2.8.
And they're on like version 3.6 now.
Oh, that's exciting.
Zero.
Yeah, yeah.
It's massive, massive improvements since we first talked about it on the show.
I mean, lots of refactoring little components.
So like some of the subsystems that process subtas run a lot more efficient.
Cleanup of the UI in general.
Just a little bit of, you know, fixing a bug here.
Polish.
Performance issue there.
Right, exactly.
A lot of that.
So that all aside, there's a few things.
things that really stood out to me.
In the dot 29 release that came out
a little bit after we deployed,
they greatly improved the data export.
So you can move data between instances.
So if you want to export from one Derowich
instance and set up a new one, you can just move your data
and all your history comes. That's great. That seems perfect
for us. Yep. Really nice. We will definitely
be using that. And then in the next version,
well, a couple of versions later, actually version 3.30.31.
They call this the search
release. They introduced a new search feature
that allows you to search for all the places you've traveled.
Oh, that's killer.
That is obviously needed.
Here's a big one for me.
A little bit later, version 0.34, released on October 10th, 2025.
This is the family release.
This release, we are introducing family features
that allow users to create family groups, invite members,
and share location data.
Family owners can manage members, control sharing settings,
and ensure secure access to shared information.
Location sharing is optional and can be enabled or disabled
by each member individually.
Users can only join
one family at a time, location sharing settings can be set to share location for one, six, 12,
or 24 hours, or permanently.
And they're available for self-hosted instances that will be available when they have a cloud
version in the future.
The family members layer is enabled on the maps, too, so you can see where your member
markers are and turn them on and off on that layer.
Right, because before it had users, but they were all kind of separate, right?
It was more of just like a multiplexed kind of use the service.
We each at our own map, basically.
And we combined it on our own by just pulling from the APA.
Oh, wow.
That's nice.
is. And also for those of you that maybe switch to graphing OS from iOS, maybe you've been looking for a good find my replacement. This could be it. I use homeless system for that, but this could be even better. You've got a nice web UI now. That's massive. So that was on the 10th of October. And they've had some study releases since then. They just had a release a couple of days ago. And so I did the right thing and updated my private instance.
this morning before the show.
Probably not even,
probably just skipping right
from wherever you were at
to the latest release.
I went from,
well, thankfully,
thankfully I was just
one release after a breaking change.
So if I was one release older,
I would have had to do
some Docker Composer
refactoring and I would have to switch
from one database to Redis.
I don't know what the previous database was,
but there was a database
software migration to a totally
different software.
I would have to do all of that.
But I just missed that and I went
and I skimmed it.
I have the change log linked in the show notes
if you're in a similar position listener.
And I went through it and I skimmed.
I'm like, holy crap, this is, oh, man, this is so good.
Oh, I got to do it.
I can't not have this.
And you couldn't even, because you hadn't updated you,
you couldn't even do the export beforehand.
No, nope, I just yellowed in.
But it worked.
It was a big download.
It was almost 600 megabytes of layers.
I guess it's not horrible, but on LTE, it was painful.
And rebooted the sucker, came right back up, still talking to home assistant, still getting my location.
It's fabulous.
Love having this because I've been driving around a bit for kids sports events and stuff like that.
And so just going to different places.
And so now pulling that up on the map, I'm like, oh, yeah, I went over there last week.
I forgot about that.
I never go over there.
So that's been fun.
Yeah, the pros of the old Google location tracking, but without all the creepy downsides.
Yeah, it is.
And when you set up a new family member, it gives you a QR.
If they're on iOS, they make it really easy because they have a dedicated location tracking app for iOS.
And so you can hear your family member, scan this QR code.
It sets up the iOS Derwich tracking app, and it looks really straightforward.
And even if you're on Android, there's a dozen easy ways, including just using Home Assistant.
Just do that.
Just use Home Assistant.
Just do that.
You only have one thing tracking your location.
Massive, massive recommendation.
So that's a little bit of my holiday leftovers.
I mean, I could go on for the whole episode.
We've really found some bangers this year.
But maybe I don't know.
Maybe you've got something for...
You got a holiday leftover for us, West Payne,
for the class to share.
You know, something to chat about.
Yeah.
I actually...
I have something I want to work through a question.
Okay.
Or maybe how to frame,
how to view something happening in the kernel,
because I'm not entirely sure how I feel.
Oh, boy.
And I don't know if this is a year of vindication
or a year of Chris was right.
Oh, I like it already.
Yeah, I thought you might.
I thought you might.
So it turns out it's been a bit of a busy year for our friend KSMBT.
Oh, the Samba server that got built into the Linux kernel by Samsung.
Yeah, that's right.
One of your favorite parts of the Linux kernel.
Yep, yep.
Yep, we can't have Big CashFS, but we've got a Samba server built into our kernel and what could go wrong.
Yeah, how many commits do you think that thing sees in a year?
Oh, that's a great question, Wes.
I don't even think I've ever considered that.
I mean, the years and over, so I've been looking at 225.
But, you know.
In a whole year?
Yeah.
In a whole year?
Oh.
I mean, you think it'd be mostly done.
So I'm going to say less than a thousand.
Oh, yeah.
Yeah.
It was more than I thought at 194.
Well, I was going to say 100, but then I thought, well, then I thought you were going to get me with.
They've had a whole bunch of security issues, so they've had to do a whole bunch of commits or something.
I was going to guess 10 because I figured they weren't doing anything.
Doing nothing?
It is kind of that.
Oh, okay.
Because 91 of the, no, sorry, 41 of those match on a grep for something like fix, leak, crash, overflow, use after free, recursive locking and RPC handle, let's see here, fix possible ref count leak, fix possible memory leak, fix race condition. There's just a whole bunch of those. It's not all bad, though, right? So just a bit of history. KASMBD came out in 2021.
Right, right.
We were doing Linux action news at the time.
And then somewhere like late 2020, maybe it was early 2023, I think it was Colonel 6.6.
It got marked as no longer experimental, marked, quote unquote, stable.
Okay.
So another part of this story, I think, is what does it mean to be in the kernel in terms of like the contract for the user and what to expect out of something?
Between even, you know, even after post-experimental status, right?
There's one kind of version where you want to have access to stuff so that you get to make the call.
around do I want to use that software?
And ButterFS is another one of these things, right?
We've seen Enterprise distros not ship it, Red Hat particular.
Red Hat does not ship KSMPD.
They specifically said they were going to take a conservative approach and not enable it.
Okay.
But maybe we feel differently about those two choices, which, I mean, makes sense.
Huh.
So this, to me, too, this is a great question because I think in the broader context,
there's been a lot of controversy around Rust
and a lot of drama and social brigating
and there has of course been the B-Cash-F-S situation
and there is this situation.
These are all oddities to me.
And they all seem, I think the core thing that you're getting to
is they all seem to maybe have a different standard
being applied to them.
And that's really hitting me at this moment is,
like they really tolerated a lot of shenanigans from Rust
and including Linus yelling at some long-time committers to STFU.
And that this Samba server is in this kernel so that way
a few hundred thousand million Samsung devices can have faster file transfer?
So that's where it's interesting.
So it does continue to see development as we've seen.
Just coming in 618, which maybe is out today,
there's improved session, sharing, connection, lookup performance.
They're also adding a new max IP connections,
parameter to better control, like rate limiting, essentially, improved socket creation,
a bunch of nice improvements.
At the beginning of the year, I guess some users were pulling around enabling this thing
on Trunas, now that that's Linux under the hood.
And they were seeing some pretty impressive improvement specifically for on the right side,
also for latency in terms of just like if you're doing like a lot of small operations on files
or a lot of metadata, file creation, that kind of thing.
And I guess it was adopted by OpenWRT.
So there are some sort of embedded use cases.
Another aspect KSMBD has is SMBD direct, which is essentially RDMA.
And so you can set it up between Linux and like two Linux boxes, say on a trusted network with KSMBD enabled.
You don't have to bother the CPU to offload from memory over the network at super fast line rate.
So there are some places where maybe it makes sense.
I guess so.
I guess what it says to me is that it sounds like we have a major bond.
bottleneck issue on Linux for things that have to run in user space.
And if there's such a performance difference between running and kernel versus running in
user space talking to the kernel, perhaps we should address whatever that issue is.
But then the other thing that strikes me is it's kind of not apples and oranges comparison
because if you first looked at WireGard, when it first shipped, and you compared WireGard
to the Go user space versions of WireGard, WireGard and the kernel was way faster and
way more performant.
But then over the years, operations like Thalescale and others worked at optimizing the user space binaries, and now the performance is very comparable and in some use cases better in the user space version.
But they're comparing it against a version where they haven't really optimized for that situation to a hyper optimized version in the kernel that's like a slim down version of Samba that doesn't feature everything.
It is, you're right.
It definitely doesn't feature everything.
Like it doesn't do a lot of the active directory stuff, right?
so it's not really suitable for that kind of role.
Interestingly, I think they were already working on it.
But when KSMMD came out,
Samba actually went ahead and implemented a bunch of,
like the user, the regular Samba distribution,
implemented a bunch of work to take on IOU ring.
So there are cases where, like, in some of that early testing.
See, that makes sense to me, though.
Yeah, they were getting like 10x throughput.
Because that's a generic facility provided by the kernel
for these types of things.
That seems like the better route to go than just shoehorning in
a samba server because samsung wants it right i mean again there are some limitations in terms
of just you know overhead as well as like you're probably not there are just some shorter paths
available and less context switching if you do for sure yeah so why not put firefox in the kernel
really why don't we put nFS in the kernel should we put ftp in the kernel yes probably yeah like
i mean where do we draw the line because yes obviously putting things
in the kernel makes them a little bit faster, especially when it comes to using subsystems like
disk and network. But you could say that about everything. Like, why not put Hyperland in the
kernel? Let's put Wayland in the kernel. Let's put effing everything in the kernel. I mean,
hell, let's do it. Let's see what happens because I don't see the logic. Okay. So you're already
on this side. But this year also saw. And so this is where I think I do have some questions.
So there's one narrative here that says all of the reasons that we thought this architecture was
bad idea in 2021 are kind of playing out here.
We're going to see this coming.
Yeah.
But I mentioned there was like 194 commits.
91 of those are from Stephen Metzmacher, who was a longtime Samba dev, who was working
in the colonel before this, but including doing some of the work to get the IOU ring support.
But it seems like the Samba world has sort of accepted that this is there.
And I'm wondering if we're seeing this flurry of activity, does that also maybe mean that
There's enough folks that are finding it valuable that it makes sense to invest in making this more secure and robust.
It's like at the beginning of the year, the security firm, uh, doyensek announced that they were going to start looking into KSMBD.
And then just now, like in October, they've been doing some more write-ups.
And they actually produced a really nice, well, the GitHub linked for one of the CVEs this year, like a really nice reproducer with all the code open, even a little script to run a QEMUVM for you to like start running it.
Wow.
Yeah.
So that sort of says, okay, one version is just we want to show how bad this is and it's a terrible idea.
Another version is folks are using this.
We should make it robust.
And maybe now we're in a place where it can be more robust and sufficiently tested to not be a horrible hole.
I think there's a detail in there.
And that detail is they've built it and it is faster.
So of course we're going to use it.
Right.
That's the thing.
If you do this, it's going to.
going to end up having users. And then we're going to have to keep it. That's why you don't
build it and put it in the kernel in the first place, because it is faster. It is better for
things like small arm devices, routers, things like that, obviously. And of course,
vendors want to be able to sell you a plastic box that does Wi-Fi and has a USB port on
it so you can have a NAS. Yeah. And so for that, we all have to walk around with a kernel
that has Samba, unless your distro provider takes it out. Now, I think,
think if they hadn't built it, we wouldn't be, I mean, this, of course, like, why not put, I mean, again, I go back to this, but if we put cups, again, if we put cups in the kernel, it would be faster. And what would happen over time, it would take a few years is more people would start using it. And then the question becomes, well, what happens to traditional cups? Samba is a project that has a 20 plus year massive legacy. And I think they're probably safe because of the complicated nature of a lot of Samba setups and the features that they need.
But if you put something else in the kernel like this, it would probably cannibalize the main project.
So, just for a little more flavor as well, you may remember, but earlier this year, there was a Linux kernel Zero Day discovered using ChatGPT.
Yeah, right.
That was for KSMBD.
Oh, my, really.
Of course, that's, of course.
There was also, there was a couple of remote takeover bugs where you did have to be, you did have to have valid user credentials.
But like when you were signing off, you could trigger a race condition that let you.
you run arbitrary code in the kernel.
There was a very easy denial of service bug,
so it's a little less, you know,
it's not taking over your box,
but it is taking you off the network called KSMBD drain,
or KSMB drain, say that five times,
which was a trivial, unauthenticated attack.
You basically just did the TCP,
the start of a TCP conversation,
and then just disappeared,
and that the kernel would never free the resources
that it set up, assuming you were trying to talk to its KSMBD samba server.
That's a good one.
So then, and of course,
Because it's in the kernel, you don't have the normal sort of like out-of-memory or special handling, right?
That's kernel memory that it gets to eat up there.
Yeah, your user space out-of-memory killers, not doing anything about that.
And then probably the worst was this one that DoyenSec found this really great reproducer for,
which would be 37947, which got a 10 on the CVSS score because it allowed a regular,
authenticated user with simple file-write access to reliably and deterministically without needing to win a race condition
bypass all the modern kernel stuff, KSLR, all that, and become rude.
So it is also, I think, as folks in our matrix rumors suggesting, if you are, I think you're right,
if you put this in there, people are going to use it.
And if you're going to use it, there's going to be problems.
So probably this is really screaming out for restification, if anything in the kernel is, right?
Yeah, maybe, maybe.
You know, all I have to say about it.
Chris was right.
Who could have seen it coming?
Next time, just ask Chris first.
Well, thank you.
That was quite cathartic.
I appreciate that, Wes.
That was a nice holiday gift you gave me.
You know, I picked that topic, actually hoping that the story was going to go the other way.
Really?
And I would get to have a like, look at how great KSMBD is doing.
But, you know.
Oh, that's so good.
Well, Brentley, you know, one of the things that we've talked on and off over the years.
That's been years now, if you guys can believe it, is our adventures with Graphene OS.
We're still rocking pixel sevens all around.
with the Giraffine OS on there,
which just recently got a new update.
Yeah, things are bolder, it seems.
Yeah, I like it.
At first, I didn't like it
because my lock screen UI changed.
My clock changed.
It feels snappier to me.
Yeah.
Like consistently snappier.
And there's a couple of nights
I forgot to put it on the charger,
and I got it, and it was like 10% less.
Oh.
That's nice, too.
And that's with, you know, radios on and stuff.
So I'm feeling really good
about it, but GrafinoS has had some challenges recently, and I think that's Brent's holiday
leftovers for us. Oh, yeah. Not the nice news, maybe you want to hear, but this week,
GrafinoS basically withdrew from France, like the entire country. They were hosting some things
over at OVH, but French law enforcement basically continue to target encrypted communications
in the country. And the first time the authorities have
directly threatened an open source project.
So this is kind of big news for, I think, open source in general, if it has to do with
encryption protocols, which previously they have basically targeted businesses who are doing
encrypted communications and targeting criminals specifically.
But this is just an open source project generally.
So the French authorities have sent an internal message to police forces labeling all
Google Pixel phones with Graphene OS as inherently suspicious?
Oh, what?
Not what you want to see.
I've got to take my iPhone to France now.
Wait a minute, you have an iPhone?
No, you love to borrow yours.
I was going to borrow yours.
I'm sure I got a couple.
Yeah.
So this week, French media outlet La Parisienne published articles characterizing
Graphene OS as a tool enabling criminal activity.
And that kind of kicked off all of this.
suspicion and sort of looking into the project a little closer.
So French cybercrime prosecutor Johanna Brose stated that authorities would basically pursue
legal action against platforms of criminal organization ties if they refuse cooperation.
That was the quote.
Yeah.
And this, what stands out here for me is that refuse cooperation.
I think they're trying to get information on criminal and organization.
that are using some of these platforms.
And considering, you know, Graphene OS has a pretty strong stand on not doing that,
there's suspicion that this is basically an ask for a backdoor,
which makes you wonder which other encrypted services that are way more popular than Graphene OS
actually said yes, because if they're going after a little project like this,
then, I don't know, you've got to start to question things.
I got bits and pieces from the project.
It sounded like they also, the government might have worked in coordination with some friendly media over there to write some bad headlines about thieves using Graphene OS kind of at just the right time or criminals.
I don't know about thieves, but criminals, kind of coordinated there.
And so they commented a little bit on that and how just really they disappointed they were in the media coverage.
But just take a moment to appreciate they had to migrate all of their infrastructure on OVH.
quickly.
Yeah, that sucks.
That's no one's idea.
You know it's serious if you're...
And it takes away from more work
just on the actual project test.
That's just the thing, right?
Is you know it's serious
if they had to hit pause
on the project work to do this migration.
It looks like most of their communication.
So Massadon, Discourse, and Matrix servers
are moved to Toronto.
So over here in Canada.
So good to know that my old-year country is a little trusted.
I noticed.
Yeah, not the French-Canada.
close but not too close
So maybe not a bad time to consider
like a little extra donation to draft you if you're a partial.
A great point.
They also moved a couple other things.
Website infrastructure is now in Germany.
DNS services, it looks like they've migrated to Vulture
and buy VM.
And it looks here like cryptographic credentials.
They're rotating it based on just a security progression.
So some interesting maybe changes
in how they run some of the infrastructure
as well to avoid this kind of thing in the future.
They did confirm that there were no, like, credentials from user data or critical security
infrastructure that was stored in France.
So most of the core security features are basically unaffected.
Thank goodness, really.
Yeah, it sounds like an abundance of caution on some of this stuff, but, I mean, that's
sort of the game.
Which is what you'd expect from the project, yeah, and we're grateful for.
Yeah, very much so.
It is interesting to see them have to kind of implement an action plan here to see what they have
to do in the face of some pressure.
And I think we'd probably all three agree.
It seems like they're making the right moves, hard moves, but the right moves here.
Yeah, this got me thinking of a couple topics.
One is, you know, if you remember Telegram founder Pavel Dura, if he was arrested in France as well.
Was that a couple of years ago, 2024?
So that was maybe...
I think that's still ongoing.
Yeah, it was maybe a hint of what was going to come.
And I'm not up on that situation, but I remember.
that feeling like a red flag and okay that's telegram but now we've got a huge red flag for open source
projects as well it also seems like chat control in europe is moving forward in a way that is
following these kind of themes so i know we're talking about france currently but there are a bunch
of other countries who are trying to push these kind of eyes into encrypted communications a
bit more. So it makes me a little somber thinking about some of these freedoms, especially in a
place that is known for having a little bit more encouragement towards freedoms and freedom of
choice and all that to be pushing in this direction. It doesn't make you, boy, sad, because
it feels like graphene has had many different types of challenges in the last few months.
We see this for sure. And also, you know, the changes to the end.
Android open source releases for them.
So they got both technical challenges and some, you know,
governmental social challenges here, too.
Indeed.
I think it might be open source that has the line of defense on these backdoor
legislations.
I don't see how you effectively mandate it into free software that's made all
around the world.
And developers that get coerced, I mean, this isn't legal advice,
But you have to wonder if some of them wouldn't consider a public resignation and then get a VPN that just puts them in a different country and join the product under a new synonym or a new fake identity and, you know, call themselves America Joe or something.
And, you know, I think that's taken already.
Bob the builder.
Yeah.
But you know what I, you know, there's like there's really no way they can stop free software from being developed.
And a lot of the people that build these tools, especially these privacy tools in free software.
and open source are doing it from a path of advocacy
and a source of passion.
And they're not as likely to be swayed by this stuff.
They'll just stop.
And then over time, because they're compelled,
they'll find a new way to contribute.
And we have the power of cloning and forking.
And often, luckily, you know,
sizable and diverse communities all over the world
and from different communities with different local laws
or, you know, rules on the ground and expectations
and cultures, which can be a benefit in times like these.
I think there will be challenges for some developers.
I mean, there's going to be some developers that really feel the pressure and the heat if this stuff proceeds.
And I think that is going to be a challenging time for open source.
But I think ultimately, free software and open source are able to respond to this threat in a way that commercial software simply as unable to.
Their legal structure as a business is going to force them to comply.
Yeah, it's a very different thing.
You know, they come knocking on your door and you have a legal entity that makes it very easy for them to demand compliance.
And Grafino is trying to hold that line right here.
see it happening in real time.
And I'm really grateful for the hard work they're put in to make that happen.
And I've made this point before on the show, but the people that know about these tools and know about free software versus people that just grab, you know, whatever commercial app, their friends link them, it's going to be a, there's going to be a big delta between the people that have privacy and the people that don't.
Yeah, two different worlds.
But I was kind of happy to see that the speculation consensus is coming to a perhaps hardware vendor for Graphene OS's new project.
So they're looking for devices beyond pixels.
They have reportedly been working with a hardware vendor, a quote-unquote major hardware vendor that would be updating their hardware to meet the security requirements of the Graphene OS project, including like the secure enclave type stuff.
And there's been a lot of speculation.
One-plus was thrown out there, but everybody, all of them kind of been knocked down by various members of the project, except for my original dream.
And I thought this was impossible.
But the community consensus, if there was a polymarket for this, Motorola would be in the win right now.
Oh, Motorola.
That would be great.
I would love a Motorola phone again.
I used to love my Motorola devices.
And it's because of all the requirements, it's kind of everything from timeline to price to the fact that they also said the vendor makes a tablet that's already in the market.
it, just all of these different kind of things that line up with pointing at Motorola.
And the takeaway being that potentially there could be a Grafino-West device,
a dedicated, hardware-made Motorola device that you buy that comes with Grafino-S on it
or you flash with Grafino-S on it, whatever it might be.
Oh, boy.
I would love to see that.
Motorola makes some great phones.
Are you saying Chris was right?
I feel like you're kind of rubbing that in your face here again.
No, no, no, because this is just.
Speculation, we don't know.
Ah, so the jingo must wait.
I'd be curious, so we know it's not One Plus.
We've eliminated the Fairphone.
I thought there was a third phone we eliminated from the lineup too recently in the members feed.
But I can't remember what it was.
I think it was Samsung devices.
Yeah, we ruled those out.
I mean, it could be.
And I'd be curious if listeners, you have a wishcast of who the hardware vendor would be.
that you can either buy or easily flash Graphene OS on.
If you could get an OEM phone,
something you could buy yourself
or recommend to friends and family too
because, oh, boy, wouldn't that be a game changer?
That would be.
You could just tell, you know.
Easy answer. Yes.
So who would be your hardware vendor of choice?
I feel like Jeff says Sony.
Sony, he's been saying that for years, right, Jeff?
Maybe.
Boost in and tell us who you'd like to see
as a hardware vendor for GrapheneOS.
I'm saying Motorola.
OnePassword.com.
slash unplug. That's the number one password and then unplugged, and that's all lowercase.
Go take the first steps to better security for your team by securing credentials and protecting
every application, even the unmanaged one. So go learn more. You need to go to onepassword.com
slash unplugged. This is a real challenge. There's a lot of assets to manage. I mean, you have
hardware, all the different devices from mobile to desktop to laptops and more. But there's also
identities, of course, and there's applications. And there's more and more of those all the time.
that just spin up that you might not even know about.
It's a lot.
It creates a mountain of security risk,
and you can conquer that mountain of security risk
with one-password extended access management.
It's a big problem.
Lots of people report.
This is their biggest challenge in IT,
just a SaaS sprawl, you could say,
which creates shadow IT,
account services you might not even know
your users are using.
And it's not hard to see why the users get more work done.
I remember this when both Dropbox and SlackRoll
out. It was a big user-up adoption, and it created friction between IT and the users. That's something
that OnePassword extended access management really smooths out. And one of the ways you are empowered
is with Trellica. Trellica by One Password can discover and secure all your apps, managed or not.
That means you're going to get an inventory of every app in use at your company. Trellica has
pre-populated app profiles, like SaaS, so you can get idea of the SaaS risks, you can get an
idea of who has access to what, if there's redundancies. You can really optimize your spend
with tools like that, but probably most importantly, you can enforce best security practices
across every app your employees use. You can actually manage the shadow IT. You can securely
onboard and off-board employees, and you can make sure you're meeting compliance goals.
Trellica by OnePass provides a complete solution for SaaS access governance. It's just one of the
ways that extended access management helps team strengthen compliance and security.
So go check it out and support the show.
You go to OnePassword.com slash unplug.
You know about their award-winning password manager.
It's trusted by millions of users.
This goes way beyond just passwords.
One-Password extended access management.
It's powerful and it gives you a complete oversight of the sprawling landscape of SaaS
apps, whether your company knows about them or not.
That's a big deal.
Go learn more, support the show.
go to the number one password.com slash unplug.
That's one password.
Dot com slash unplugged.
You're going to change the way you look at managing IT.
And it's a great way to support the show.
Go take the first steps to better security for your team
by securing credentials and protecting every application.
Even the unmanaged shadow IT.
Onepassword.com slash unplugged.
That's one password.com slash unplugged.
Well, I'd like to continue on the theme of sort of a bumpy year for the kernel, because I feel like there's a lot more than what you've been talking about so far in this episode.
What do you got here, Chris?
I guess it kind of has been a bit of a grab bag year, right?
Because we've gotten a lot of nice releases, a couple of bangers, and there's some in the works right now.
But I was reviewing the members' version of the show to look for stories that we should probably catch the main show up on.
Because a lot of times we'll cover a story to see, before we really know if it's fully developed, we'll start tracking it in the bootleg version of the show for the members.
And then when it kind of develops, we'll bring it into the show.
But we just really haven't had a time to catch up on this stuff.
So I want to go back in time a piece to episode 590, gentlemen.
And this is where we started seeing potentially some issues with B-Cash-F.S in the kernel.
And this is actually the first flare-up before.
where we're at now, there was a code of conduct situation because the S word was used.
All right, well, why we got spicy Wes, it looks like that Kent overstreet, the lead developer
of B-Cash-FS is facing repercussions for violating the Linux kernel's code of contact, as determined
by the Code of Conduct Committee, and committees reviewed some communications that involved Kent
and another individual, and as a result, their determination is that they're rejecting his
poll requests for B-Cash-FS for the Linux 6.13 development cycle.
I think really, right, it's any.
He just can't be part of 613, basically.
Yeah.
The decision does not remove B-Cash-FS from the mainline kernel or preclude future
submissions, but leaves the acceptance of his work for 614 and beyond uncertain for
now.
Overstreet acknowledged the issue and issued a partial apology for the incident.
I don't know about partial.
So I think it's a dispute of the apology was done in private and the COC wants the
apology done in public.
Well, and I think there's also, Kent is, it seems like he's intentionally not doing so
because he'd like to raise, make it into a larger conversation.
And that ultimately was resolved and his patches were resumed being accepted to the Linux kernel.
And then while we were, I think, in Austin, we were, I think we were in Texas.
So we might sound a little different.
Yeah, most of the time major stuff goes down.
Yeah, we were on the road.
Yeah, actually it's true.
Yeah, I was looking at the clips.
So we're in the, so this is to kind of set the context.
This is the pre-show before.
We're going to actually record the main show from Austin,
and we're kind of just finding the news out as we're setting up.
Okay, Wes.
This is the story I think that I've been the most disappointed to see while we've been on the road.
And I know you've been following what's going on with B-Cash-FS.
Last time we talked about B-Cash-FS,
there was a back-and-forth between Linus and Kent because Kent was trying to add
what you could consider to be a new feature during what should only be a bug fix merge window.
there was a back and forth in an argument between Linus and Kent that just kind of
ended and really went nowhere after that and then we have a new story where it seemed
positive at first because it seemed Linus was pulling in all of the patches including that
new disaster recovery tool the journal rewind into the 616 branch but and it sounds like maybe
we have bad news as maybe as it gets actually that Linus might not include B-Cash-FS
at all analytics 617.
So what are we missing?
What's going on here?
Nothing's final yet.
We really don't know.
In some sense, there's like not much of a story beyond watching the 616 develop.
There's been some, even the subsequent polls after this story came out.
But as a follow-up to the discussion around the journal Rewind, well, there's some debate right
there if you even want to call it a feature or not, but around the journal Rewind feature.
and then I guess there's been going on some private maintainer mailing list threads that we don't get to see
where Linus and Kent have been having more discussions and I think there's kind of, well, there's a lot going on as usual.
I think from Kent's perspective, part of it is like he sees a slightly different definition of what counts as a feature or not for file systems in particular in this case because it wasn't like adding some new thing the file system can do.
So it wasn't a feature in that sense.
it was more of a feature in terms of like the strict code sense,
but this was entirely targeted around some like recovery stuff
to try and get users data back as quickly as possible
by putting it into the RC instead of waiting another three months
to get it in the next kernel.
So it's sort of the letter of the law
versus the spirit of the law.
Like Kent was trying to go by the spirit of the law,
hey, this thing's an experimental file system.
It's not a new feature of the file system,
but it's exposing that feature and it's for users
that are in trouble right now.
and Linus is saying yes but it's net new code you're not just fixing existing code this is net new code and that's not allowed so it's law versus spirit in a sense yes and you know Kent was making the points which i think are true and some other maintainers have agreed on that you know it's not like that kind of concession or you know bend of the rules doesn't happen i think maybe a big part of the problem here right is that i'm not sure Kent appreciated the extent that he was kind of still under review and being tested and
in a sense to like how well can you play by the rules?
And I don't think maybe he appreciates the extent that like
there has not been enough trust gained between the parties
to be able to bend that rules, right?
That happens like after the trust happens
and there just hasn't been enough of that, I think.
And they're both kind of pretty frustrated like Kent is working really hard
and trying to support users and frustrated that like,
you know, he's spending a ton of time not on feature development
but on like bug fixes.
and talking with people online and in Reddit threads and, you know, in IRC and all over the place trying to provide support and, you know, finish all of the edge cases.
And so it's naturally frustrating when you feel opposed for that.
And of course, Linus wants to not have B CashFS be a constant thorn in his side and distract him for maintaining the rest of the kernel.
And you can kind of argue, like, are there elements maybe of things we've observed around maybe the larger maintainers, not especially having a super strong focus on file systems?
I think you could maybe make some arguments around there.
And there's a debate maybe, which we've also had in the past around,
was this upstreamed too soon?
Also, what's the definition of experimental?
So all of those things are being drug up in this.
And it's not really clear exactly where things are land,
but it does sound like D-KMS,
maybe some limited per-distrial kernel builds
are possibilities in the future
if it takes a stint out of the main line.
Yeah, yeah.
Yeah. I mean, I really, really hate to hear that it might go out of the main line. And I do want to underscore a point you quickly touched on. But I'll wait. Brent, what is your first reaction?
Well, I'm trying to think of if this situation has ever happened before, like a project being included in the kernel and then within a year being removed again. I don't think that has occurred in the past. Can you guys think of anything? I try to research it. I can't think of a single thing.
that has been added to the kernel
with like, you know,
oh, we think this is ready enough
to be added to the kernel
and then kind of backtracked from there.
So this would be a unique situation.
Yeah, you definitely see things deprecated
maybe as they're no longer developed or supported.
It's like it's been in the kernel
for 20 years or 10 years
and we'll take it out because no one's using it.
Yeah, yeah.
You see it more often with drivers too
when a driver's broken.
You'll see that and they won't include
it in the next cycle for a bit
while that driver's getting fixed.
Yeah, no, nothing comes to mind.
mind. No. Nothing like a, nothing like a software thing like this, like a wire guard or a, yeah.
You know, and so here's the thing that Wes touched on that I just, I want to focus on for a second because it is, I think everybody knows my, my main issue with all of this is the kernel developers are, are great people, but they live in their own world with their own uses and they don't appreciate how pathetically behind.
and non-competitive Linux is with its default file systems.
If you go by the world of Extended 4,
which is the predominant file system that ships with most Linux distributions,
including the big Red Hat distribution,
it's a joke.
Compared to NTFS or APFS, it's pathetic.
And Apple in particular has managed to lap us.
We've been talking about this for so long that they have now lapped us with this,
and they have better file systems on their internet phone
than we do on our supercomputers.
And it's pathetic, and it makes Linux look old.
And it's an entire ginormous, incredibly large sector
of the tech industry is simply solving storage
using all kinds of hacked-together solutions
because Linux doesn't solve this inherently at the platform level.
and so we have to throw tens and tens of thousands of dollars
at stupid boxes that run hacked together Linux kernels
with patched up file systems
to provide support that Linux should be able to offer out of the box.
It's embarrassing and it's gone on way too long.
And if this was a product made by a company,
whoever's in charge of that company,
should have been fired over this
because what pays the bills for Linux is the server software.
It's not you using it on your laptop. It's not your Steam Deck. It's people running it in the servers. And this is an absolutely critical and necessary feature for a server platform. And the kernel developers do not get it. And ZFS ain't it, chief, because it is not GPL. I don't care how great it is. I don't care how mature it is. I don't care how wide the support is. It cannot be baked into the kernel. You have to have something that can be baked
the kernel or else the platform technically does not have the feature.
B-cash-F-S is it because we've all trashed the butter-fs brand, so it ain't
going to be butter-fs.
B-cash-fs is it.
I think that's something that's, you know, important to add here.
There's just that there is that backdrop, and it doesn't always get commented on,
but I think Kent feels it, right?
Like, Kent has a sense of urgency.
Some of that may be his own self-pressure or pressure from users, like the colonel community
is not obligated by that.
But you can appreciate how Kent wants to push really hard on not losing data and helping users get data because we're living in a world where Butterfess just didn't get trusted.
And so I can see how Kent maybe feels a bit of a catch-22 in terms of like trying to go a whole hog on maintaining the reputation of his file system.
But then, you know, having the Linux community maybe push back and be like, yeah, well, these people should be building their own kernels.
All right, back to present time.
Of course, some time has passed,
and the sting of it being removed from the kernel has lessened,
I think, as we see sort of a workable solution get developed.
Yeah, I mean, development continues.
The DKMS path so far is marching ahead.
We'll see.
I mean, it's still somewhat early days, right?
Like, if 618 comes out today, then it'll be the first kernel that really doesn't have B-Cash at all.
And folks, you know, folks that move slow on kernels and file system.
So I think we'll see a bit before we know, see everything all switched over to DKMS, but it's coming.
So this is sort of a make-good because this entire thread has been a long, ongoing story.
So we just wanted to get you updated on it.
Brent, do you have any thoughts before we sort of do the final piece of the story?
I think it's more of a question.
And my question just, you know, reliving that moment back then is considering it's been pulled from the colonel, what are the chances it might be back?
You know, we back then, I think, was thinking this is maybe a temporary pullout until they figure things out and they'll try again.
But I'm not so sure anymore.
It's a good question.
I think only a few people could probably answer that.
And Linus might be one of them.
Yeah, I think I wouldn't set my timeline to anything short.
than a few years.
Yeah, I don't know.
But you're true.
I have no special insight.
So last bit of this thread from the bootleg version of the show.
This was the moment we documented where the actual removal process finally happened.
So we go back to episode 635.
We also got an update on the status of B-Cash-FS in the Linux kernel.
And I guess it's a necessary step.
Yeah.
I mean, I think that's pretty much the consensus.
Linus wrote, B-Cash-F-S was marked externally maintained in 617,
but the code remained to make the transition smoother.
It's now a D-KMS module, making the in-Kernel code stale,
so we're removing it to avoid any version confusion.
And with that, 117,000 lines are removed from the kernel tree.
B-Cash-FS users should now use the DKMS kernel modules.
Wow.
We did get some news on the DKMS kernel modules as well, and overall, it's pretty good news.
Yeah.
Kent came out with an official announcement as of Linux 17 and BcashFS tools, which are the
user land side, version 131.5, BcashFS is switching to distributing as a DKMS module.
That means a normal make and make install of BcashFS tools will also install the kernel module
sources, which on a system with a normally functioning DKMS will then be built and available as
like any other kernel module. And of course, generally this will all be handled by our distribution
or packaging or, you know, whatever. And he went on to kind of go into, well, one, big thank you
because a lot of folks have seemingly stepped up to help with this new packaging side of the project.
So that's great to see. That is, yeah. He also touches on he's going to be providing for now
a nightly release. Well, he'll have two channels, I should say. One is called nightly, and one is called
release. The nightlies, as you expect, right? But the release channel, it's the latest tagged
release. It has code that has been deemed stable. And Kent has been really good about
communicating this, too. So not only is there, you know, obviously community discussions
about this, but Kent is directly posting on his Patreon blog, sort of just status updates
for everybody so they know where things are at. He did mention also that they are looking
eventually post-experimental status being dropped to have in a real stable release channel as well.
little leg behind and just get sort of backboards. So that's coming. We're not there yet.
For those LTS-type folks. Right now, NixOS and Arch get what's labeled first-tier support.
They're providing apt packages for Debian and Ubuntu, so you can get those added. And they're
also looking at getting B-Cache of S-Tools back into Debian proper. So TBD on that. Fadora has long
had a well-supported B-Cash-F-S tools package. And Kent shouts out a friend of our show Neil Gampa on
that, so that's great. Hey, Milo. The one caveat, though, now is since B-Cash-Afts
isn't in the kernel, B-Cash-F-S tools.
The package itself can no longer be supplied as part of the main Fedora distribution
due to a policy in Fedora about how to treat kernel modules, I guess.
So instead, there's now a copper available for that.
But it sounds like otherwise it's sort of, you know, a long, a well-tested package.
And if you're on Nix or Arch, you're pretty much going to get first-tier support.
Yep.
That's what it's what to expect.
Okay.
Well, I mean, works for us.
Yeah, I think they're not sure yet on the status in OpenSuse.
That's ongoing.
Okay.
And he has some more notes about Slackware and a few other distros in the
post if you're curious for more deeds there.
So D-KMS Lifestyle, it is for us.
That's right.
Okay, well, I thought, let's do one more, one more clip from the bootleg that sort of puts
a cap on this, and that is Linus himself.
He was at an event, and he was doing a Q&A with Dirk, and they don't directly say the name,
but some of these issues come up.
Like, also this year, we've had a lot of Rust maintainers quit.
In fact, I believe now we're just down to one Rust for Linux project leader
as the sole maintainer for the code while there's a couple of Rust reviewers.
So the Rust folks have had a rough year.
There's been this issue with B-CashFS.
And so Linus takes a moment to reflect on it.
And this was just a couple of weeks ago.
Yeah, we had, this year was a bit tumultuous.
We had a lot of disagreements to the point where part of the,
of the kernel was made external just to avoid a lot of friction.
To be fair, that was not the first time it happens.
But it's been a while.
We've had pieces of the kernel that were not being used or had serious enough issues
that we had to excise from the kernel.
It's rare.
In 35 years, it's happened only a handful of times.
So it's not an enjoyable experience.
experience, but at the same time I feel that we've been able to deal with it fairly well.
Any big project were literally thousands of people.
We have every single release, we have over a thousand people involved, and that's every
two months, right?
You will have personal disagreements, you will have professional disagreements, you will
have friction, and that's all part of life.
I think we're mostly one big happy family.
I think I would more describe it as a very mature group of people
who have figured out how to work with each other.
But, yeah, I'll go with a happy family.
That's, I think, his way of saying, you know,
it wasn't necessarily easy on him either, the whole process.
This story isn't over yet.
But that is our coverage so far as it was in the bootleg
that hadn't made it in the main show.
Do you have any follow-up thoughts or any?
Oh, did you want to underscore it does seem like we liver,
look in just now and the last update to the B-Cash-F-S tools repo was like 14 minutes ago.
And I have continued to see Kent out there engaging with the community, providing support.
I think things have just been a little quiet because we're in a stabilization period.
Kent is known for listening to the show on occasion.
So if you have any production systems out there or home lab systems or whatever you want to call it,
that are running B-Cash-FS in the enterprise or on your own laptop, let us know.
send us a contact or send us a boost and that might be useful in a future episode so send those in now I was just looking at the chat room there and you know our buddy hybrid sarcasm big supporter of the show awesome member of our community he says in here Chris rants are the only reason one needs to become a member and so it is the black Friday cyber Monday season and we do have a promo code promo code bootleg which takes I think 15%
off a membership if you would like to sign up.
And I will, just for you, hybrid, I will play a rant that actually ends with a little bit
of an update from this week.
So this is from LUP 625's pre-show.
It all comes down to the damn enterprise distros.
It's all because of the damn enterprise distros.
Because these things lock us into these 10 years.
year windows of time where something that crops up can be an issue in this world, right? These
problems are only problems for small windows of time if you regularly update your system. And God
forbid, maybe you even have an immutable box with the applications and the data separately and you just
continuously update the immutable base and you update the applications as the business need
require or compliance requires. God forbid you go that route. Because if you did, then these
problems are like a problem for 15 minutes and then you just deploy the patch and all that
these conversations should be keeping that in perspective is these problems are problems for small
periods of time and then are fixed and something that doesn't do something can do something later
because we can add functionality and features to the software and update it but if you're running
some crazy esoteric business fork of Linux and your world doesn't update that doesn't mean the
rest of us are living that. And I think that has to be included in the conversation because it's
looked at, I think we all go through this default bias filter of, well, they're enterprise systems
in the 10-year update cycle. So, you know, if you have a problem and a vulnerability in this
library, then it could be an issue for tens of thousands of systems that don't update. Yeah,
well, they're doing it wrong. And we shouldn't, I don't know why we bend over backwards to enable
a way to deliver Linux that is not compatible with the way Linux is developed. And not only is
it incompatible the way Linux and features are developed and distributed, but it's not great
for security. And the issue holding us back is an application vendor compatibility. Well, the vendor
requires that we run this on Sousa Linux or requires we use REL. You're the customer. Tell them
every year. We want this in a container. We want this in a VM, whatever it takes. And then we can
start the process of rolling out updates as required. And it doesn't have to be this big thing. It
can just be the way the system works, right? It can just be the way iOS and Android have solved
this problem and we don't see it become a huge issue. And like when I see what the trickle-down
culture of that is, is this sort of, I don't need to update my view. I don't need to reassess
my stance because, you know, it's probably valid for a decade. And it breeds this
laziness and this anti-intellectual approach to understanding how the software is developed and how
it works. And then it creates this culture of bashing these things like IOU ring or Butter
F.S or B-Cash-F-S or whatever the next thing is. And it's based on these outdated or misinformed
assumptions that really I think stem from Enterprise Linux.
And I felt like Red Hat must have been.
been listening because this week they introduced Project Hummingbird to accelerate cloud
native development and quote zero CVE strategies.
So I think what this really is is you could think of it as a version of their UBI images,
but instead of being based on REL, they're based on Fedora.
And I think maybe even like the rawhide version of Fedora.
So these are coming in with like super hot patches.
They call it the zero CV status, meaning red hat hummingbird images are shipped free of known vulnerabilities.
The functionality testing already completed confirming that their images are also genuinely useful and stable.
Genuinely useful and stable, Wes.
Yeah, I think that's their way of saying we're testing these well.
But the phrasing is a bit odd.
They do also seem to focus on them being very like application specific, right?
So like languages and runtime, so like dot net or containers ready to go for Java or.
They're running Node apps as well as stuff like MariaDB or Postgres, EngineX, Caddy, that kind of thing.
So maybe more focused than like some of the general UBI stuff.
Right.
Love to see it.
Don't know what kind of adoption UBI is getting or what kind of adoption Project Hummingbird will get.
They include a lot of things companies like.
So they have minimal releases and they have hardened versions.
They have a total bill of materials in there enabling, quote, users to verify contents.
Yeah, that's what I was going to call out was.
maybe trying to compete with some things like chain guard or similar that are offering.
Like, here's a tiny image.
It does one thing.
And also here's the list of everything in it and exactly where we got it.
Yeah.
You can just get it from us.
You can just get it from us.
I do like that Fedora gets a proper call out in here, right?
So they say, again, I said this part, Project Hummingbird is built on the open source development process
originating from Fedora Linux components.
And then they go on to say, and they didn't need to save this part,
Fedora Linux serves as the upstream source for Red Hat Enterprise Linux development.
I just, every time we just sort of, you know, cement that a little bit more into the REL culture, right?
We just, Fedora is a vital part of REL.
We're putting it in this press release.
Yes.
I like that.
I like that a lot.
Probably not something I'm going to use, but it is interesting to see when I have a caricature in my mind of these enterprise Linux distros that I was ranting about in that clip from forever ago, it's these rail systems that haven't been upgraded in three releases because of the difficulty of it.
which is what I spent a lot of my early years fixing
with systems that were three or more releases behind consistently.
I do think, like, putting it on my dev hat,
if I were at a company that was in this kind of environment,
this would seem like a pretty nice,
a nice offering that I'd be able to pull in from.
Look at them go, look at them go.
So you're missing some content if you're not a member,
and it is a great way to just put your support on autopilot.
There's also an ad-free version of the feed,
if the bootleg isn't for you.
Just use the promo code bootleg when you check out.
You'll get like, I think it's like 15% off the membership.
I think a party or the unplugged core membership.
You can go to jupiter.
Party for the whole network and get all the bootleg feeds
or Linuxunplug.com slash membership for just this here show.
Join crowdhealth.com and use the promo code unplugged.
It is open enrollment time, the season where the health insurance companies
are going to hope you'll just sign up again for overpriced premiums.
And confusing fine print.
It never seems to work in your favor, and the prices just seems to get worse all the time.
It's horrible.
I had a tough call to make, especially as a small business owner, what direction I was going to go.
My wife also owns her own small business.
And we looked at all the options.
We tried the traditional routes.
It wasn't working for us.
I was so grateful over three years ago when I found CrowdHealth.
I think it's time to stop playing the health insurance game.
You can join CrowdHealth.
It's a community of people funding each other's medical bills directly.
No middleman, no networks, no nonsense.
but don't just take my word for it.
Go trust yourself and go take control of your future with crowd health.
It's a health care alternative for people who make their own decisions.
Health insurance is, it's really stressful.
It's confusing and you never really get what you want.
And when you see the prices, you wonder what's ever going to stop this train.
Well, this is how we take the power back.
And it's incredible how well it works.
And they have a beautiful app that makes it really simple, straightforward.
Of course, they have a website too.
Chat, customer supports all right there.
really great leadership team. I've talked to the CEO. I've talked to people around there.
Just casually and, of course, through the course of doing business with them now for the ads.
And I'm really impressed. And not only do I like what I've seen over the last three years,
but I like the momentum. I feel like I've picked a winner here. I think it's something
you should really check out because it works well for me. It works well for my wife and I.
And you can get health care for under $100. You get access to a team of health bill negotiators,
low-cost prescriptions, lab testing tools,
as well as a database of low-cost, high-quality doctors
that get vetted by crowd help.
It's an insurance alternative.
And if something major happens, you pay the first $500,
then the crowd steps in to fund the rest.
It's really the way it should work now.
And, of course, you'll join the crowd.
It's a group of members just like you
who want to help pay for each other's unexpected medical events.
You'll be impressed of how well it works, too.
The system is betting out there,
that you're just going to keep buying the same overpriced insurance.
And man, are they just making a boatload of money?
And it gets so complicated now.
And if these subsidies expire, prices are going to go sky high.
If you join CrowdHealth and use our promo code unplugged,
you can get started for $99 for your first three months.
That's fantastic.
So far, CrowdHealth members have saved over $40 million in health care expenses
because they just refuse to overpay for health care.
Now, crowd health is not insurance.
You should opt out and take your power back.
This is how we win.
This is how we change.
at join crowdhealth.com promo code unplug.
Take your power back and come join the crowd with me.
I think you're going to be really impressed.
Join crowdhealth.com and use the promo code unplugged.
And you will get your first three months for $99, which is incredible.
Use the promo code unplugged at join crowdhealth.com.
Unraid.net slash unplugged.
You want to build your own dream server.
Well, Unraid 7.2 makes it easier than ever.
Go unleash your hardware.
Now, with a fully responsive web GUI, UnRade now works beautifully across all your devices.
You can set there and build your favorite application stack from your couch if you want.
I think what you're really going to like, too, if you do the ZFS thing,
is it also adds ZFSRade Z expansion support.
That means you can now grow your ZFS without having to start over.
Man, that's great to see.
And for those that maybe have a spare USB or external hard drive,
Unraid 7.2 introduces support for extended 2,34, and NTFS as well as extended fat.
And so if you've got Grandpa's photos like I do on an old NTFS drive, somebody gave you,
you can just now, instead of having to build that Windows box or try to load that NTFS driver on your Linux desktop,
just plug it into your UnRate.
There's also a new API.
It's officially here, it's real, it's beautiful, people are building stuff on top of it, and it's open source.
Fully integrated, it gives you secure programmable access to system data for building.
dashboards, automations, or, you know, your own external apps.
It even supports external authentication via ODIC, or OIDC, as you called.
It's massive.
I mean, 7.2's already had well over 25,000 downloads, lots of applications coming out.
You can get a free 30-day trial and support the show when you go to unrayed.net slash
unplugged.
It's the OS that grows with your skills, and 7.2 introduces the new Unraid API, and it's
chef's kiss.
Check it out, support the show, and get a free thing.
30-day trial. Unrayed.net
slash unplugged.
Well, we've got a baller boost this week from someone dear to my heart, A-A-A-Rone.
A-A-A-Ron sent in 96,670 sats across three boosts.
A-ho!
Hey, Rich L'A-Lastah!
Where is A-A-Ron right now?
Coming in, we're going to be doing a big lift for this episode.
Thank you, A-A-A-Ron.
Here with the baller-old.
for sure. I heard a while back mention of Talos OS and intrigued me. I haven't had a chance to play with
it until now. Anita rose for a dev Kubernetes cluster, so I figured I would give it a try. It's stupid,
easy how Talos makes it. What was originally a week's worth of effort was done in like five minutes.
I'll be playing around more with it, but very happy so far. And as always, love that show. Thanks for all you do.
Yeah, keep their experience reports coming. Talas does look quite good.
course ARA had some other ideas. Here's a little extra for the holidays. I think a home lab
special is a great idea and I'll be submitting mine as soon as I can. Maybe you can include an award
for the longest running server. Ooh, uptime you mean like an uptime award? I also slash oldest
kernel. Is it, you know, you can do uptime but you can also do like the longest age of initial, you know, deployment?
I wonder how many people out there could beat fake nails, which has got to be, we've been having, we've had it running for a decade, but it was used when we bought it and it had been in production for three or four years when we bought it.
So that server is probably 13 or 14 years old.
And amazingly, power was cut to it twice last night as the circuit blew and just picks right back out.
Oh, the circuit blow. Chris, that's really strange that that would happen.
Because I used the microwave.
Oh.
So, yeah.
The studio's got some original weird wiring.
The studio itself, we redid the wiring in this room.
Out in the rest of the place.
You don't want to know.
Yeah.
You could build it fast.
You could build it cheap or you can build it right.
And they picked two.
So it is what it is.
Bob the Nut comes in with 4,000 sets.
Hey, it's Bob.
Hey, Bob.
I guess it's, I think it's Bob.
I think I know him.
I think I know which Bob this is.
Bob says
Cheers
Well, cheers to you
Boost
Thank you very much
Well look who it is guys
It's chlorophora
Chloraflora
Am I getting it
Chlorah
Chlorra
He comes in with a row of ducks
2,22 sats
Looks like I really need to change my nickname
It might have something to do with what just happened
I don't know
Yeah, maybe
You know I apologize
It's a deficiency of mine
I'm definitely I'm going to nail it though one of these days
it's definitely I'm going to get better about it it's going to happen anything
if you don't nail it you're going to start collecting some adversaries
yeah our adversaries yeah something like that
Monty comes in with 4,44 sets
things are looking up for old McDuck
yeah double ducks
Gadzooks I run a very similar switch for external access
to what Chris just set up
mine skips the N-Groch and incorporates something I picked up from you guys
which is tunneling a reverse proxy over a mesh network.
I have a VPS that runs caddy,
and it proxies any service I want publicly available over tail scale.
At the very bottom of caddy file, I import,
looks like he's got an Etsy caddy secure and then a dot caddy folder.
Nice.
In that secure subder, I have files such as Secureervices.caddy.
Okay.
Then in Home Assistant,
I have a switch that triggers the shell command to rename that file to secure services.
Flip the switch off, and it names it back to disabled.
That's a clever way to do it.
There's so many ways to do that.
And then Monty continues with a plus one to config confessions round three.
I really like hearing about unique ways.
People approach solving problems through declarative configs.
Well, thank you, Monty, and I love hearing your setup there.
That's a great way to do it.
And, yeah, if you've got the VPS and you got a little Engine Xfoo under your belt,
10 minute job, just get it on your mesh network.
go to town. I mean, in a way, that Jelly Swarm is doing some of that for me, only it's
on top of it, it's layering over that interface to combine the jellyfin servers and do
the user ID mapping and have the UI. So it's doing a bit more than just the EngineX bit.
Thank you, sir. Appreciate it. Gene Bean comes in with 8,922 Sats.
Chris is time to get on the home manager train. Whoop, whoop, oh boy. You know, I feel like
Team being coming in with the truth.
Oh, man.
I feel like there's just no stopping this.
I can feel the home manager train.
He says, it is a simple way to do so many of the things that you try to do,
and it enables a lot of, like, mixing type stuff on Ubuntu and the like.
You know, like your studio machines.
Also, plus one for Config Confessions Part 3.
I'm catching up on episodes after falling behind and totally missed round two.
If it's practical for round three, give us a month notice along with concrete deadlines so we can help staving off.
Staving off procrastination.
These are some quality tips.
Well, Gene, this is why we're giving you a heads up about the Home Lab challenge, right?
We're trying to give you a heads up, but there's only so much time for the holidays.
But we could, like maybe set a date that's a few months out, you know, for the next one.
This round's been great, he says.
He also wants to know whatever became a Steam OS getting released as a general distro.
Yeah, what did become of that?
Their answer when you ask Valve now is, well, we've done a lot of work to make it work on many AMD devices, so give it a shot.
Okay.
Thanks.
Yeah, okay.
Yeah.
Also, plus one, a listener, Alex's comment about the ATL being ripe for a live show.
ATL?
Atlante.
Oh, yeah.
All right.
I like that.
I like that a lot.
So Ham G comes in with 2,000 cents.
Coming in hot with the boost.
Okay, about Git, my semi-hot take is that Git is poorly designed,
and even in computer science, very few people actually use it efficiently because of this.
Teaching people Git is a fool's errand.
Whoa!
I use Fossil for my Nix configs and mirror them to GitHub.
See the talk by Fossil and sequel-like creator Richard HIP on YouTube for more.
Huh.
I hate building PCs.
Coming in hot.
What do you think?
Is it a waste of time?
I can't agree.
I don't know if I'll go that strong, but I do.
think wanting improvement is good and fossil and some other stuff like the Jiu-Jitsu tool.
There are some promising better tools than Gats.
So I don't think it's, you know, it may be a local optimum.
It's definitely not a global optimum.
All right.
I don't take that.
Well, hybrid sarcasm boosted in 15,000 sets.
Make it so.
Boy, they are doing a lot with mayo these days.
Hybrid says, Piu-Pew, boosting to remind everyone that the boosties are right around the
corner, get your baller boosts in to boost your chances of winning a free year of the
Jupiter Party membership.
Yeah, Hybrid is going to gift the Jupiter Party membership to somebody who is our Boosties
winner.
And if you already have one, then he can give it to somebody else or you can as well.
That's going to be great.
And we really appreciate that.
Hybrid, you're a good guy.
You know what?
He's a good guy, right?
Yeah, real good guy.
He's a real good guy.
No, he's a great guy.
Real good guy.
Real good guy.
Morris comes in with 5,000 sats.
Danger zone.
Jelly Swarm solves a problem I didn't know I had.
Yeah, I agree, right?
It was so great.
Danger Zone.
Have some sats?
Nobody says there?
What's he saying there, Wes?
You look like you have an idea.
No, uh, signal?
Sigma.
Cigna Sats.
Yeah.
I'm going to go with that.
Thank you, Morris.
Yeah, Jelly Swarm, Wes came in clutch on that one.
I mean, I'm glad I had a chance to build my whole tunnel thing because I can use it for a couple
other things, but boy, oh boy, I was off on the wrong track on that one.
Well, I've just been, I'm just so excited to see more and more stuff being built on
Jellyfin like that.
You know, like it's been calling out kind of for various tools like that.
The last year has been really good for things building around Jellyfin.
And I think it's going to be a matter of time before our friends in our circle that still
have Plex will probably give Jellyfin another look because there's just so many great apps
around them.
Thank you everybody who supported this episode with a boost.
It's a value for value production and that means if you get some value out of the show,
we'd really like it if you set it back our way. There's several ways to do it, and one of them
is a boost, and we had 23 of you streamed sats as you listened. You collect, dula, stacked
for us 33,724 sats. Not our strongest showing ever, but, you know, it's there. It's there,
and we appreciate it. So you can say that about it. And then, of course, when it comes to our total
this week, we stacked 172,522 sats.
Thank you, everyone who boosted in, Fountain.fm, is making some big leaps forward on the
interface and some of the features. So if you haven't checked,
it out for a while. Now's a great time, and it makes it easier to boost than ever. There is a
completely self-hosted route with things like AlbiHub, and there's a plethora of great podcast
apps over at new podcast apps.com. Head on over there. See if one fits your needs. Support the show
with a boost. And of course, a big thank you to our members who put their support on
autopilot. Shows like this, they're not going to last long term without audience support, right?
It's a niche audience that we make the podcast for.
And that is you.
Thank you for your support.
Before we get out of here, we're going to leave you with a couple of picks.
Well, A pick with a couple of links.
And, Wes, you're speaking to my heart with an old school emulator this week.
And I honestly haven't had a lot of experience, not good experience at least, with the Nintendo 64 emulators.
So you're bringing to the class today, Gopher 64.
Tell me about it.
Yeah, I was chatting with my bro.
We both, like, yeah, love this era of gaming as well.
And I guess he was trying out a few different emulators, had a problem with some of them, and had found simple 64, which was supposed to be like a very compatible, widely compatible emulator.
So I took a look at that, just wanted to go check out.
if it was open source, could I find it?
And I noticed it was archived, and it said, go check out, go for 64.
I don't know about Simple 64, but GoFer 64 when I went in search,
it immediately popped up with Linux support.
So I was super pleased to see that.
And then I looked a little closer, and it's also a GPL Rust app.
Oh, that's great.
V3, yeah.
So it's GPL3 built and Rust, but also very cool for this type of thing,
is it has a NetPlay server as well.
Yeah, it seems like it's pretty widely compatible so far.
It's targeting, like, not crazy high specs needed to be able to play.
They've got a Docker composer, really Podman, really.
Look at the Podman.
It's Podman.
Podman, you pull this container and you get a little discoverable land server for running different games on.
Yeah, and then it is also published as a flat pack, so pretty easy to get started and play.
I was able to test out just playing a few ROMs and worked no problem.
That's great.
Now, this is, I think, is a nice in-between
because what I'm using, and I've talked about it before on the show,
is ROMM.
Yes.
That's a web app that has a bunch of different emulators baked in,
but they're not top-grade emulators.
Like, the N-64 one's not great.
The Super Nintendo one's fine, so I'm happy about that.
So this is really nice, especially with that NetPlay capability.
It's got Xbox-style controllers with, like, a default mapping for those,
so those should work pretty much out of the box.
Hmm, go for 64.
I'd like also if anybody out there has any of their favorite, favorite classic game emulators, let me know.
I'm always, I was just this weekend, I was playing with my little RX, whatever it is, handheld game device.
Oh, right, yes.
I just, every now that I'm in a mood for a classic game.
And you know, boost in which ROMs you're playing.
Of course.
Now, Wes, before we go, we got some pro tips for people.
And actually, it's great to see more and more apps.
They're supporting this now.
Yeah, the magic of the podcast namespace from podcasting 2.0.
Yeah, we got transcripts and cloud chapters.
And it's podcast, I think, podcast, what is it, PocketCass,
and Apple Podcasts have just recently added that stuff.
Of course, all the podcasting 2-0 apps is.
Well, of course, yeah, they are ahead of the game.
But, yeah, you know.
It's spreading.
More and more of your regular old podcasting clients are implementing some,
maybe not all, maybe not as much as what, but some.
And, like, you know, once you have the namespace in your RSS feed,
it makes it even easier to start using more of those features.
And when you switch to a new app or when your app, your legacy app, gets these features,
we have been putting transcripts and chapters in since episode 600.
So you're going to get a massive back catalog now of weeks and weeks of this stuff,
which is going to be fun, I think, when we find different ways to use it.
So that's available to you.
And then probably the biggest resource is going to be our website.
We'll have links to everything we talked about, the projects we made,
mentioned, all of that stuff, is linked over at Linuxunplug.com slash 643.
That's where you're also going to find our contact page, our membership stuff, all of that.
And of course, there's only a couple of more live streams left this year.
See you next week.
Same bad time, same bad station.
So we would love to have you join us live.
We'd do it on a Sunday.
We call it a Tuesday on a Sunday.
It's our special thing.
We start at 10 a.m. Pacific, 1 p.m. Eastern over at jb.b.live.
or you can put it in your audio streamer of choice at jbblive.fm.
We have a mumboroom that's going during all of that.
I loveblood gets together before and after the show and hangs out with us.
You could also join that mumbo room yourself.
It's available to anyone.
And all the resources you might want over at Linuxunplugged.com.
Thank you so much for joining us on this week's episode of your unplug program.
And we will see you right back here next Tuesday.
As in Sunday.
Hey!
Hey!
Thank you.