Yep. But,
sudo tee /usr/local/bin/nvim <<EOF
#!/bin/sh
flatpak run io.neovim.nvim "$@"
EOF
chmod +x /usr/local/bin/nvim
(I haven’t tested this, that I use similar code for a different program)
It sure would be nice if flatpak bundled some functionality to do this for you, though.
@oldfart@lemm.ee
I think its biggest weakness is also its biggest strength: isolation. Sometimes desktop integration doesn’t work quite right. For instance, the 1password browser extension can’t integrate with the desktop app when you use flatpak firefox.
I keep seeing this criticism, but flatpak provides a run command on its cli that works just fine. It is a little clunky though.
Glad to hear it!
Well, that’s your problem. sub?id is what defines which uids and gids are available to a user for purposes of making user namespaces. It’s strange that those files don’t already exist; useradd should create them automatically. What distro are you using?
Regardless, you can create those files yourself. Here’s a line from subuid my machine: administrator:100000:65536. The first field is the username (you can also use a uid), the second is the starting uid for the block of uids, and the third field is the number of uids in that block. So uids from 100000-165535 (inclusive) are allocated to the user administrator.
See https://www.man7.org/linux/man-pages/man7/user_namespaces.7.html and https://man7.org/linux/man-pages/man5/subuid.5.html for more details.
What’s in /etc/subuid and /etc/subgid?
I’m sorry, it’s just that I can’t imagine you live in the same world I do. Maybe it’s different for you, I saw you said you live in a socialist country so you may not be aware that in capitalist countries most people hate their jobs. It’s so woven into the fabric of our society I’m shocked someone wouldn’t know that. It’s the subject of jokes:
Oh, you hate your job? Why didn’t you say so? There’s a support group for that. It’s called EVERYBODY, and they meet at the bar.
– Drew Carey
Monday, the start of the work week, is generally loathed. There’s an acronym: TGIF, thank god it’s friday, the end of the workweek. Polls show 40% of people think their jobs make no meaningful contribution to society:
YouGov, a data-analytics firm, polled British people, in 2015, about whether they thought that their jobs made a meaningful contribution to the world. Thirty-seven per cent said no, and thirteen per cent were unsure—a high proportion, but one that was echoed elsewhere. (In the functional and well-adjusted Netherlands, forty per cent of respondents believed their jobs had no reason to exist.)
https://www.newyorker.com/books/under-review/the-bull*removed*-job-boom
Anyway, I guess I’ll go back to my “religious cult,” where we separate people into good and bad categories. For instance, one way we could do that is to say that other people are in a religious cult because they separate people into good and bad categories, hence they are bad people.
I have to admit, this reply has dumbfounded me. Well done.
Yeah, what I said is an exaggeration. A tiny portion of the population will never have to do a day of work in their lives because they’re bankrolled by daddy. Other people will have free time because of the efforts of the labor movement. Some people are lucky to have jobs they like. But, unless you’re super rich, the threat is always there. Capitalists are working hard to roll back labor rights. You could lose your job. You’re always a few bad days away from needing to take a removed job so you can eat.
People in capitalist economies do not contribute out of free will. They contribute so they won’t starve.
https://murena.com/ (no affiliation, do not own one)
sheeple
c’mon man
It’s time to write free software and defend rapists, and I’m all out of programming talent
Weird shot at the Arch wiki, which is truly great. I turn to it regularly despite not using Arch.
Short answer: go ahead and install whichever Linux distro you like on Hyper-V and go from there.
Longer answers:
Linux works fine on VMs. There aren’t really any caveats. Hyper-V should be fine. It’s been a while since I used it but I remember thinking it was OK. I preferred it to Virtualbox; I think the Virtualbox drivers made some stuff flaky on my machine, but YMMV. I ended up shelling out for VMWare which I’d used at work. Some distros offer cloud images that are tailored for running as VMs, but unless you’re running a cluster with a lot of VMs I don’t think there’s any advantage, any distro will work. There aren’t any significant differences running Linux on a VM from running it on a physical machine.
As to which OS to use for a host, the commonly understood strengths & weaknesses of each OS apply the same as they do in other domains. Windows has better desktop hardware support, Linux tends to be more power-user friendly, etc. It depends on your priorities which you choose. Maybe the biggest factor is that Windows has Hyper-V, whereas Linux has Xen, KVM, and qemu. Either platform can use Virtualbox or VMWare.
P2V and V2P are definitely things. Searching for them online will return tools that will do this. Linux should be rather straightforward to transfer even without a specialized tool, assuming you aren’t using a distro (or distro variant) that is specially built for VMs. dd should work like a charm. It should be possible to do invert the host and guest.
If that sounds like a whole lot of nothing it’s because that’s kind of the way it is with VMs. They just work.
Ok, so I did some testing locally.
Assuming podman is running as user user, which has a primary group gid 1000, the default /etc/subgid will look like:
...
user:100000:65536
...
Running podman run --rm -it busybox cat /proc/self/gid_map with this /etc/subgid the output is going to look like:
0 1000 1
1 100000 65536
Which means that if you bind mount a volume in and create a file with gid 0, it will have gid 1000 on the host. Subsequent gids will map to 100000,100001, etc. The group video, which should be gid 44, will map to 100043. So one option you have would be to add 100043 (or whatever gid 44 gets mapped to, if your /etc/subgid is different) to the acl of /dev/dri/cardX. Then if your plex user has group video in the container, you should be golden. No need to even have --group-add=keep-groups. Even the user running podman wouldn’t need to be in group video on the host.
This is probably what you should do, because the following will change the behavior of every other container the user runs. But since I spent time hunting it down, I’m going to post the rest of this anyway:
As it stands, your container will only have access to the mapped gids above. If you want to get group 44 in your container to map to group 44 on the host, some trickery will be necessary. First, you will have to change /etc/subgid from the above to
...
user:44:1
user:100000:65535
...
Changing the count on the second line (65536->65535) isn’t strictly necessary, but in my testing podman did not like having uneven numbers of gids and uids. Also, the order doesn’t matter, you could switch the order of the lines, but podman is always going to interpret it in the order of the host gids. Finally, I had to reboot for the change here to register. There’s probably a way to do it otherwise, but logging out & back in didn’t do it, and neither did systemctl daemon-reload, so ¯\_(ツ)_/¯
After this change, podman run --rm -it busybox cat /proc/self/gid_map will output something like:
0 1000 1
1 44 1
2 100000 65535
Ok, so now we have access to the host’s group 44, but it’s mapped to the container’s group 1. That’s not very useful, since gid 1 is traditionally the daemon group, which is used for other stuff. So here’s where --gidmap enters the picture and it gets confusing. With rootless podman, --gidmap does not take the format {container-id}:{host-id}:{count}. It takes the format {final-id}:{initial-id}:{count}. So if we want to map to the host’s id 44, we actually need to map to id 1, which then gets mapped to 44. So here’s the command:
podman run --gidmap 0:0:1 --gidmap 44:1:1 --gidmap 1:2:43 --gidmap 45:45:65492 --rm -it busybox cat /proc/self/gid_map
Which then should output:
0 0 1
44 1 1
1 2 43
45 45 65492
Makes perfect sense, right? Well, it does make sense, but it’s (at least to me) confusing. What podman does is create a second, nested user namespace, and uses that to make the map. So nested 0 maps to initial 0 which maps to host 1000. Nested 44 maps to initial 1 which maps to host 44. Nested 1 maps to initial 2 which maps to host 100000. Nested 45 maps to initial 45 which maps to host 100044. And so on. So now you should be able to do
rm -f fake-dri; touch fake-dri; chgrp video fake-dri; chmod 660 fake-dri
podman run --gidmap 0:0:1 --gidmap 44:1:1 --gidmap 1:2:43 --gidmap 45:45:65492 --mount type=bind,src=$(pwd)/fake-dri,dst=/dev/dri --rm -it busybox sh -c 'echo I can write to /dev/dri > /dev/dri'
cat fake-dri
And it should output I can write to /dev/dri. I didn’t actually test it with plex, but if the issue really is permissions on /dev/dri/cardX, this should work.
You might need to also add --gidmap=n:{video_gid}:1, otherwise the host video group won’t have a matching group in the container’s user namespace. n can be any number you pick, so long as it doesn’t clash with an existing gid in the container. Unsure if --group-add=keep-groups does this already. You can check /proc/self/gid_map to see what is already being mapped.
Of course the container user will need group n (from the gidmap flag above) either as primary or in the supplementary groups.
[edit: I wrote this at 3am on my phone, and I misunderstood how the --gidmap flag works. This code won’t work, but I think the diagnosis is correct: there’s no mapping from the host’s video group to the container’s user namespace, see my other comment in reply to OP]
Don’t go to https://massgrave.dev/ and follow the instructions there, that would be copyright infringement and would deprive an already insanely wealthy corporation of some funds.