/usr used to be the user home directory on Unix…well most of them. I think Solaris/SunOS has always been /export/home as I recall.

You need SPF, DKIM, DMARC with a RUA set up to an email that doesn’t bounce. That’s pretty much it. I’ve been running email servers a long time and actually set up email from a new domain/IP a couple of years ago as well.

This is true. If you have DMARC and your RUA set up (with a working email (or one that doesn’t bounce at least)) along with SPF and DKIM, Google and MS will accept your mail. The only time it won’t at that point is if your IP is in the same /24 as a known spammer but so long as the spam stops, you’ll fall off the list. Some of the common spamlists allow you to request your IP be removed by request and I can only recall one list that almost nobody uses that makes you pay for the removal though there may be more I don’t recall.

It does represent freedom.

Kent can fork the kernel if he wants with all the fixes he wants in it and distribute it as he sees fit. This particular instance of the kernel (which happens to be original – the upstream), Linus has to balance allowing some fixes other developers want to include versus a ‘minor’ release of the kernel during this cycle (because it is a minor version release, not a major one). Kent could then also stop other developers from contributing to his fork but then those people could just fork his kernel fork and do what they want.

You as a user are free to use any of them. You’re even free to take Kent’s PRs right now with everything done in the kernel at this point, compile it and run it yourself if you want. You could even market it as something and sell it all if you want for a profit if you can get the customers. You’re free to do all of that. You can do it right now if you want.

Here’s how to delete the SBAT policy that the Windows Update applies.

It updates Secure Boot in the BIOS, so you could completely remove Windows but the Secure Boot update would still be in the BIOS and affect the boot loader.

There are a couple of OEMs like System76 and Starlabs that sell laptops with Linux on them, provide tech support for customers and so on.

And no, installing most distros aren’t hard. You just click the buttons to proceed and fill out the username and password box, select your time zone and select your wi-fi network if you’re using wifi.

You can do manual partitioning but why would you if you don’t know what you’re doing?

Installing software in the GUI is as easy as installing software from the Microsoft Store. Just search or look around and when you see something you want, just click the Install button.

deleted by creator

I get the sentiment but defense in depth is a methodology to live by in IT and auto updating via the Internet is not a good risk to take in general. For example, should Crowdstrike just disappear one day, your entire infrastructure shouldn’t be at enormous risk nor should critical services. Even if it’s your anti-virus, a virus or ransomware shouldn’t be able to easily propagate through the enterprise. If it did, then it is doubtful something like Crowdstrike is going to be able to update and suddenly reverse course. If it can then you’re just lucky that the ransomware that made it through didn’t do anything in defense of itself (disconnecting from the network, blocking CIDRs like Crowdsource’s update servers, blocking processes, whatever) and frankly you can still update those clients anyway from your own AV update server which is a product you’d be using if you aren’t allowing updates from the Internet in order to roll them out in dev first, phasing and/or schedules from your own infrastructure.

Crowdstrike is just another lesson in that.

What I usually do is set next boot to BIOS so I have time to get into the console and do whatever.

Also instead of using a browser, I prefer to connect vmware Workstation to vCenter so all the consoles insta open in their own tabs in the workspace.

Similar thing happened to the idiot CEO of Lifelock that used to advertise his actual social security number everywhere.

Needing to use command line for some things that should be a right click, not supporting right click, ambiguities galore when looking at a package repository, odd defaults in packages that one really wouldn’t expect to have to check (e.g. Selecting RDP connection in a Remote app, but it defaults the security to something other than RDP?)

Sounds like you’re using a GNOME Desktop. You should give KDE Plasma a try instead. KDE Plasma basically gives you a Windows-esq experience without trying to install something like GNOME extensions.

For a regular user there’s not much point into going into the command-line anymore.

there’s problems like Libre Office devs …

Sure but there’s also alternatives. LibreOffice doesn’t try to emulate Microsoft Office and they never really have. They won’t even try to be compatible with MS Office but rather they do with OOXML which Microsoft created for other Office suites to be compatible with it but then just never supported it very well. Some alternatives do however. WPS Office is perhaps the most popular alternative for this that does try to be compatible with MS Office and emulate its feel and features but ONLYOFFICE is also a contender.

Just a heads up, if you use an AMD GPU, the drivers are built into the Linux kernel itself by AMD engineers (and others helping/supporting/contributing to the kernel like themselves). So you don’t even have drivers to install, unless you’re one of the 10 people that want to use AMD GPUs for Machine Learning. Then you’d do a quick install of AMD PRO (those are proprietary so that’s why they aren’t built into the kernel).

To be fair, I find that people with a Computer Science degree are pretty much just like most other users except that they need more privileged access somewhere because they are usually software developers or somewhere in that orbit. A Computer Science degree does not prepare someone to be a sysadmin. That doesn’t mean they can’t be an excellent one but it certainly isn’t because of their degree path.

I don’t know, I like using Fleet Commander with FreeIPA (where it stores the profile). You just spin up the template VM for whatever like-clients on the network you want to make default profiles for and make the changes, shut it down, checkbox the changes (the configurations and stuff) that you approve and let it apply the profiles across the network. Easier than depending on Puppet or Ansible playbooks IMO.

I have had issues with SSSD as well though and it had to do with Kerberos tickets but I can’t remember what I did to fix it. We’d have to manually use kinit on each machine when it’d basically fall off the realm. I want to say it was a DNS issue but it was so long ago, I just don’t remember.

We used to use Centrify for Linux and Solaris and it was easy using Access Manager to basically handle AD users and computers with Active Directory and had some GPO support (you could push config writes with GPOs for example and organize it all via OUs for example) but it would get a little wonky between trusts in the forest sometimes (in regards to zone management in Centrify) and they kept getting more expensive. Maybe they’ve fixed that stuff now but it was really simple to use and you could basically manage a lot through the AD and create group profiles in the Access Manager. I think the last straw was wanting to force us to license the entire suite regardless of whether we were using it or not. Personally, I never liked it because it wouldn’t use SSSD or kclient/nsswitch and if some service tried to join the realm/domain, it’d join using the same computer accounts and basically break the account since Centrify used its own client, so you’d specifically need to join the computer accounts via Centrify as a different name. It wasn’t detrimental or anything – just annoying that it was a problem at all. Also, sometimes the user cache database saved in specific users’ appdata that use Access Manager would corrupt from time to time and you’d need to manually delete it to use Access Manager. I’d hope they fixed that by now too though.

All and all, I’m not saying Active Directory isn’t an excellent product because it is and I’m not saying that there is a 1:1 solution for Linux but I’m saying it that in my experience it isn’t terrible either with FreeIPA and products you can use with it. I definitely hated other 389 solutions prior to FreeIPA though.

For Linux user management you can just use an LDAP solution like FreeIPA. You can even tailor sudoer rules based on security groups, so like you can allow someone to reboot the server but not actually make configuration changes to system config files and what-not. It’ll also handle CA and PKI with smart card support and of course DNS. It has a web interface as well.

Here is the post in question. Same comments and everything but the OP post was removed from the screenshot.

First couple of lines from the post:

TL;DR Sorry if this is wrong group. GIMP = Epic POS. Do not use. Please recommend a decent alternative. Don’t waste your time with GIMP help because I am done.

To be fair it looks like it was posted in r/gimp and we don’t know what the OP actually said in the text. In my experience, usually, when something like this happens, they usually heavily criticize something and call it ‘garbage’ or something similar.

It’d be like going into any passionate community about something and calling it trash, then being ‘shocked’ that there’s a bunch of responses belittling them. This isn’t a FOSS specific problem. Go into r/windows or even r/techsupport and trash it while comparing it to anything else like MacOS, Linux, *BSD, whatever and you’ll get a bunch of toxic responses. This would also be mostly true of any other non-computer hobbyist communities surrounding a specific brand or product.

When I would see someone ranting “I’d switch to Linux but the community is toxic” in somewhere like PCMasterRace, I’d ask “Can you link to the post?” and if they did it was so common that they straight up trashed Linux in whatever distro community that they posted to that I don’t recall a single instance of it simply being “Hey I have this problem. What do I do?” and there being nothing from the OP trashing it in responses or the original post.

I’m not sure if it will become the same as the federated community gains popularity and you have more regular user-type people posting in those niche/passionate/whatever communities more regularly.