That’s only a tiny, tiny piece of it. If you want to know more: https://grapheneos.org/features

All phones have a BFU (before first unlock) state, and GrapheneOS doesn’t require a passphrase unless you’ve set one, otherwise it’s your PIN. Fingerprint unlock is disabled until after BFU though, so it requires essentially using a backup PIN even if you always use your fingerprint, at least for first unlock.

To add to the security of the PIN and to prevent reading screen smudges you can enable an option so that the digits on the PIN pad are randomized each time it loads.

Graphene also supports fully isolated user accounts. Applications running in one profile can not even discover the existence of the other profiles*. There is a way to forward notifications from user containers but is disabled by default. Each account, when inactive, is encrypted independently of the system drives and the key is generated at user login with the entry of a password and overwritten in memory upon logout.

*If you enable the notification forwarding, a hostile application running on the primary account could deduce that there is at least one other user profile on the phone by analyzing the notifications.

ou’re Try just running findmnt, the type may be ntfs instead of ntfs-3g. The -t switch is saying to filter and only show ‘ntfs-3g’ mounts and it maybe called something else in your environment. The list will be a bit longer but you should be able to find the listing, it’ll be the directory where your drive is mounted.

I then unmounted Samsung and ran sudo mount -t ntfs-3g -o uid=1000,gid=1000,rw /dev/disk/by-label/Samsung /mnt/Samsung

Did Emby work after this? You said you had to remount, what did you use to do that?

If you can get Emby to work, you can then look at findmnt to see how the working directory is mounted (which options/etc) and then you can update your fstab to have those options so that it will mount on startup.

I’m guessing I could also open fstab and change it manually but I’m not quite there yet haha.

Now’s a good time!

Editing the fstab is the ‘correct’ Linux way of doing things, the GUIs can be convenient but they can also prevent you from learning how the system works (so when it later breaks, you have no idea where to start).

fstab is just a text file, there are 6 fields: <file system/device> <directory where the device will be mounted> <filesystem type> <options> <dump> <pass>. The way it tells the fields apart is through white space(a tab or space character).

/dev/sda1  (any amount of spaces or tabs)  /home/external-drive   options,seperated,by,comma    0(old way of marking a drive to be backed up)   2(fsck check order, 1 for your root directory, 2 for everything else, 0 if you don't want disk checking like for a swap device)

If you’re worried about breaking anything you can just make a backup:

sudo cp /etc/fstab /etc/fstab.bak

If you break something, just restore it:

sudo cp /etc/fstab.bak /etc/fstab

That’s good, the micro plastics were getting kind of bland by themselves… a dash of cadmium and mercury gas out to really spice things up.

Future generations are going to have such heavy metal poisoning that they won’t be able to rub 2 neurons together.

League of Legends is the toxicity honeypot of the gaming community, it draws in all of the people who have the ‘I’m a video game athlete and better than you because of it’-vibe and keeps them away from positive communities (Deeprock Galactic, I’m looking at you).

That fstab entry is correct (assuming the by-label path is valid), you could change auto to ntfs-3g but it is likely detecting the correct type so that isn’t needed.

If you can put it in the ‘not working’ and also in the ‘working’ state you can compare how it is mounted with

findmnt -t ntfs-3g

That’ll show the options that the mounts are currently using, a quick thing that you can try unmounting and remounting

sudo umount /mnt/Samsung
sudo mount /mnt/Samsung

That should mount it with the options in the fstab file, you can confirm with the findmnt command.

If not, that doesn’t work try umounting and then mounting with the options set explicitly:

sudo mount -t ntfs-3g -o uid=1000,gid=1000,rw /dev/disk/by-label/Samsung /mnt/Samsung

and see if they show in findmnt.

EDIT 2: Spoke too soon. After a reboot they were ro for Emby again. I added rw to the drive options and it worked again. But after another reboot, no go again. Turns out after each reboot unmounting then remounting works. Not sure if there’s a way to make this work. Maybe they mount too soon? I dunno, but for now it’s functional.

You shouldn’t need to remount if you added the options, they should be in the fstab file now so they’ll be applied at every reboot. If it isn’t doing that check the fstab file

cat /etc/fstab

To see what the relevant entry says. The options block is the block of text just before the two numbers at the end of the file.

Clear Key is an excellent example of usability completely neutering security.

Your drive encryption keys (FVEK) are protected by the VMK which is then encrypted and written to the drive on suspend and then the key that was used to encrypt it is also written to the drive in plaintext.

It’s like a lock that comes with a key that’s chained to it, completely worthless but they can say, like Microsoft here, that it is technically locked.

However, I think I got it set. I added uid=1000,gid=1000 to the end of the options string and Emby now has control.

Yup, that’ll do it.

Now I just gotta look into why that worked haha.

Adding uid=1000,gid=1000 tells the NTFS mount driver “Present every file on this NTFS volume as if it is owned by UID 1000 and GID 1000.” The account running Emby is probably just your user account (guessing) so this did what you were trying to do with chown. Chown won’t work without the ‘permissions’ option and a usermapping file to translate linux IDs to the SID’s that NTFS uses, probably way more configuration than you need.

You should try to get off of NTFS ASAP. It’ll be fine for media storage but some things (pc games, esp) really hate running off of NTFS. I know how unwieldy it is to shift the data around, but it will save you a lot of headaches going forward.

Next, I have ntfs-3g installed and plan to run mount -t ntfs3 /dev/sdxY /mnt though I think I either need to create a drivename folder in /mnt or add mount -t ntfs3 /dev/sdxY /mnt/DRIVENAME the drive name to the end and it’ll create it maybe?

mount -m -t ntfs-3g /dev/sdx /mnt/mountname

Will create /mountname in /mnt and then mount the device on the created directory.

Instead of doing that you could just edit the fstab file and change the fileystem type to ntfs-3g(the package may be just ntfs on CachyOS so ymmv). Although, I suspect this is already done since you’re able to access and read the drive.

You may need to add -o permissions so that standard Linux permissions are applied (TFM: https://linux.die.net/man/8/ntfs-3g), alternatively you can add ‘permissions’ to your current fstab entries, then remount the drives.

ex:

/dev/sda1                             /mnt/windowsdrive           ntfs-3g            permissions,rw     0 0

I can now access my drives, so I began setting up my server. No problem this time! Emby sees the directories and scans them. Finally! However even though I can rw on the drives, Emby sees them as read only. Bummer.

How is Emby installed? In a container or are you running it on bare metal?

When you say it sees them as read only, what indicates this? A log? A GUI element?

So you read a bunch of articles detailing exactly how they plan on using AI and they have specifically said that they’re not using it for vibe coding.

And your conclusion after reading all of this is that they’re going to be using it for vibe coding.

It seems like you’re doing some vibe reading

Rsyslog comes standard on most linux distros, yes. It didn’t get that way because the development team are idiots who don’t know what they’re doing.

So, on one hand we have the developers of a piece of software used by a majority of Linux users saying that, after 2 years of evaluation and testing, that these tools are useful and effective and on the other hand we have random social media people who’s only knowledge on the topic is that they know AI is bad and therefore this cannot be anything but bad.

I’m sure that is great for battery life

Between the update happening and you running the script all of the re-enabled telemetry grabs all of your logs and uploads them.

You wouldn’t even make it through login after the update reboot before this happens.

You cannot remove this telemetry and also receive updates. This is by design.

I’d switch to Windows but I don’t want to use an OS that requires digging through shady online instructions and running random power shell scripts in order to stop it from spying on me until the next update.

I disabled telemetry on Linux(Arch, btw) by not installing enshittified corporate spyware masquerading as an operating system.

Are there any open-source tools that allow me to disable telemetry for Adobe,

Ocular/Scribus

Windows, Microsoft

Linux, Linux Foundation

NVIDIA, AMD

The drivers don’t have telemetry, it’s the software that comes with it.

On Linux you can just install the driver from your package manager without the need for any third party applications.

GitHub Desktop,

https://git-scm.com/downloads/guis?os=linux

Docker Desktop,

docker + https://wiki.archlinux.org/title/Docker#Front-ends

VS Code

VS Codium, open source VS Code.

nvim if you want your (programming) life changed

and other applications?

https://aur.archlinux.org/

I, like the other commenters here, am not privy to the 2 years of evaluation and experimentation.

However, I won’t let that stop me from condemning this in no uncertain terms because AI bad and that’s more correct than any amount of “observational data” or “experimental evidence”.

We may not be users of the software, contributors to the project or were even aware of what rsyslog is prior to seeing this announcement but as people who are chronically outraged we have valid concerns about this development which will ruin the software that we only recently discovered existed.

It does lead to some interesting sentences when combined with other kernel terms:

Generally killing the parent also kills the child.

Once you’ve leveled up and had Arch Linux installed for 1 years (in Unix time) you’ll be sent a jar of Ovaltine and the secret decoder ring which reveals the secrets.

˙suɐʍɐpɐd ǝlʇʇᴉl ʞɔnl pooפ