Apparently ~6000 people on the Market ~~Place~~Square of protesting against Nazis. The place is very small because it’s the medieval part of this city – surrounded by old timber-framed buildings. It was almost impossible to move.

Not too shabby considering that major cities all over the country had demonstrations going too today. Some, like the one in Munich, had to be cancelled early. Too many people showed up.

Home Flight Sim Tour 2.0 (YouTube)
This is version 2 of my home flight sim tour.#flightsimulator #msfs2020 #xplane11

🔖 This is as DIY as it gets: Home Flight Sim Tour 2.0

YT suggested this one to me and I absolutely love it. A whole cockpit on a budget made from cardboard: https://www.youtube.com/watch?v=09GdiFmaHq0

It’s for civil aviation, unlike my own, and features some very neat ideas – like the fans in the ceiling, or [non functional] “fuses”, for more immersion. It always impresses me how far dedication and skill go.

The Expanse: A Telltale Series by TelltaleTelltale (The Expanse: A Telltale Series – Telltale Games)
Experience the exciting universe of The Expanse like never before in Telltale’s latest adventure, The Expanse: A Telltale Series. Follow Cara Gee, who reprises her role as Camina Drummer, and explore the dangerous and uncharted edges of The Belt aboard the The Artemis. From scavenging wrecked ships in a zero-g environment, to surviving a mutiny, to combating fearsome pirates, you make the difficult choices and reveal Camina Drummer’s resolve in this latest Telltale adventure.
⭐⭐⭐⭐⭐

There are rumours that I “just checked” if this game works at all and finished it 6.5h later in one sitting. I can neither confirm nor deny that. I’m also very sleepy today.

I got this Telltale-game to my birthday and decided to give it a go yesterday. Didn’t expect much and was already kinda annoyed when the starter suggested it requires a gamepad controller (turns out it doesn’t – it can be played with a mouse too). So I got my good old sturdy Steam Controller from next room, jacked it in and… watched it crash. To be fair: I was starting it on Linux, and this game is not made for this. So I checked briefly with the ProtonDB and switched the version from Experimental back to Proton 8.0.

Smooth sailing from here. Game started without a hitch, the controller was recognized, the provided Steam layout worked perfectly fine and it did not crash once until I finished the game hours later. It would also seamless switch to mouse input when this was touched but I decided to keep playing with the controller.

The graphics are nothing to write home about. Sound and music feel immediately like home though, as my wife put it (we’re both fans of the books and show). There are some puzzles but nothing too complicated and – thankfully – sparse. Same for some quick actions that require to hammer a certain button in time (without penalizing hitting a wrong button too). The Zero-G walks are amazing and gave my brain something to chew on when the ceiling suddenly became the new floor.

I won’t talk about the story itself, but I did like that it shows percentages of how other players decided in key situations after each chapter. Kinda interesting to know that there are other outcomes and that also makes me want to play it again. There are plot twists, backstories that may be uncovered, drama, tension, violence, love and death (yes yes, it is a telltale game :D).

Can recommend. Get it and don’t forget to change the air filters 🤓

So… in laws had an issue with their web radio “not connecting to the net”. WiFi was always spotty in that location but now it stopped completely.

Turns out that thing retrieves a channel list from grundig dot vtuner dot com and while the general vtuner website still works the server for does time out.

Apparently the model in question is no longer supported as well. Didn’t dig further. In laws decided to buy a newer model.

In other words: Repeating the same mistake again. Cloud 💩

Twitiverse by Matthias PfefferleMatthias Pfefferle (notiz.blog)
Jack Dorsey, CEO von Twitter, hat vorgestern einen spannenden Thread auf Twitter veröffentlicht: Twitter is funding a small independent team of up to five open source architects, engineers, and designers to develop an open and decentralized standard for social media. The goal is for Twitter to ulti...

Heh, the idea of Twitiverse didn’t age well eh? 4 years later:

Threads implements ActivityPub. X: Hold my beer.

A person holding a bunch of SSDs like a hand of cards in a poker game.

Once in a while I get a degraded pool. Replacing such a disk and starting the resilver process is usually very easy but there are some caveats when it comes to the of , which is usually the rootfs of the Proxmox system itself. So when a disk dies and gets swapped by a helping hand in the data centre I usually end up with a system that doesn’t boot. Linux really doesn’t like a degraded as rootfs and chances are that it was the new empty disk, that was searched for a bootloader by the BIOS/EFI.

The necessary steps are explained in detail in the “Proxmox VE Administration Guide” under “Changing a failed bootable device” but since I’ll forget this in 10 minutes again I’m writing this up here now so I can find it later via search engines again (this happened!)

So here is the check-list:

  • [ ] Boot a rescue system (out of scope, depends on data centre)
  • [ ] Get ZFS support working (out of scope, depends on data centre / rescue system (yes, a Proxmox Install ISO can be used too!))
  • [ ] Copy partition table from working disk to new disk so we get the same partition layout
  • [ ] Randomize GUIDs for the copied partition layout (having the same partition IDs will confuse the system _a lot_)
  • [ ] Remove degraded disk partition from the rpool
  • [ ] Add new disk _partition_ to the rpool (default is partition 3 for Proxmox)
  • [ ] Reinstall grub / bootloader and/or EFI stuff (default is partition 1+2 for Proxmox)
  • [ ] Don’t bitch to Beko because copying everything here blindly without using the own brain and adjusting to the own situation didn’t work and all data was lost – you break it: you keep the pieces.

sgdisk can be used to replicate the partition table and to get some new IDs:

sgdisk /dev/oldbutgooddisk_n1 -R /dev/shinynewdisk_n1
sgdisk -G /dev/shinynewdisk_n1

Next is replacing the degraded disk in the pool. This can be done in an easy way or the hard way. Chances are that the pool has to be imported first though so changes can be made. This probably needs the “force” Parameter, because the pool was last mounted from another system:

zpool import -f -d /dev/oldbutgooddisk_n1p3
zpool status

This worked with some luck and now the identifiers used by ZFS can be noted from the NAME column. This info is needed to replace the broken|degraded disk partition with the newly created one.

zpool replace -f rpool oldandbrokendisk_n1p3 /dev/shinynewdisk_n1p3
zpool status

This should now show the new disk, where the old and broken disk used to be, and a resilvering process as state. For some reasons this sometimes fails so there is also a hard way. YMMV:

zpool offline rpool oldandbrokendisk_n1p3
zpool detach rpool oldandbrokendisk_n1p3
zpool status -P rpool
zpool attach rpool /dev/oldbutgooddisk_n1p3 /dev/shinynewdisk_n1p3
zpool status

Are we there yet? No. The bootloader has to be installed on shinynewdisk too and the boot partition has to be mirrored as well (it’s outside of rpool). Luckily Proxmox comes with a neat tool for this so this doesn’t have to be done manually alas it is only available on a Proxmox system and not from a generic rescue system. Time to chroot. With ZFS though (pool has to be imported first – see above!):

mkdir /mnt/rpool
# !! Do not forget to change mountpoint back to "/" later!!
zfs set mountpoint=/mnt/rpool rpool/ROOT/pve-1
mount -t proc proc /mnt/rpool/proc
mount -t sysfs sys /mnt/rpool/sys
mount -o bind /dev /mnt/rpool/dev
mount -o bind /run /mnt/rpool/run
chroot /mnt/rpool

The proxmox-boot-tool can now be accessed inside the chrooted environment and the bootloader and boot partition can be written with this again but it’s command is depending on whether it’s status reports GRUB or EFI. The boot|EFI partition is number 2 on a default Proxmox install:

proxmox-boot-tool status
proxmox-boot-tool format /dev/shinynewdisk_n1p2
# With GRUB:
proxmox-boot-tool init /dev/shinynewdisk_n1p2 grub
# Without GRUB:
proxmox-boot-tool init /dev/shinynewdisk_n1p2
exit

It may make sense to check the “Proxmox VE Administration Guide” on this when unsure. The important chapter is “Setting up a new partition for use as synced ESP”. Status will also complain about a missing configured partition ID. That’s from the failed disk that was removed. The offending line may be removed from the suggested configuration file but that warning may as well be ignored. blkid may be used to check on existing IDs.

Are we there yet? NO! The ZFS mountpoint has to be adjusted again, after exiting the chroot environment, or the next boot will fail. For this everything has to be unmounted in reverse order and the pool exported:

zfs set mountpoint=/ rpool/ROOT/pve-1
zpool export -a

Now it’s time for ~~thoughts and prayers~~ a reboot. Good luck future me!

So didn’t show my GPU on when started via . I have an and all the (#ROCr / ) stuff installed. It only listed the iGPU by Intel on startup:

[---] OpenCL: Intel GPU 0: Intel(R) UHD Graphics 630 (driver version 23.35.27191.9, device version OpenCL 3.0 NEO, 25561MB, 2556>
[---] libc:  version 2.37

This works however fine when I run boinc manually as user (or clinfo for the matter), and not via systemctl start boinc-client, so I guessed it’s some permission issue. journalctl had the context I was looking for and threw this in the middle of the boinc-client startup:

audit[305157]: AVC avc:  denied  { read write } for  pid=305157 comm="boinc" name="kfd" dev="devtmpfs" ino=532 scontext=system_u:system_r:boinc_t:s0 tcontext=system_u:object_r:hsa_device_t:s0 tclass=chr_file permissive=0

This is SELinux’s charming way of telling me that it blocked read and write access to /dev/kfd (the main compute interface shared by all GPUs, according to the ROCm manual) for the boinc process. Nice. So what most users do now is grumble and disable SELinux, which is kinda a bad idea. The more advanced user does this and calls it a day:

sudo ausearch -c 'boinc' --raw | audit2allow -M boinc
sudo semodule -i boinc.pp

This basically prepares an override policy based on any rejected boinc activity that looks in my case like this:

module boinc 1.0;

require {
	type hsa_device_t;
	type random_device_t;
	type boinc_t;
	class chr_file { ioctl map open read write };
}

#============= boinc_t ==============
allow boinc_t hsa_device_t:chr_file { ioctl map open read write };
allow boinc_t random_device_t:chr_file write;

Not today though. It left me befuddled with the following output:

libsemanage.semanage_direct_install_info: Overriding boinc module at lower priority 100 with module at priority 400.
Failed to resolve typeattributeset statement at /var/lib/selinux/targeted/tmp/modules/400/boinc/cil:3
Failed to resolve AST
semodule:  Failed!

…and I have no idea why. I also found nothing on Google Search. So to not be DenverCoder9 (https://xkcd.com/979/) in the future here is what I found out so far:

sudo cat /var/lib/selinux/targeted/tmp/modules/400/boinc/cil | bunzip2 
(typeattributeset cil_gen_require hsa_device_t)
(typeattributeset cil_gen_require random_device_t)
(typeattributeset cil_gen_require boinc_t)
(allow boinc_t hsa_device_t (chr_file (ioctl map open read write)))
(allow boinc_t random_device_t (chr_file (write)))

Apparently it can’t resolve the required typeattributeset boinc_t – which is kinda odd as it exists (see sudo semodule -X 100 --cil -E boinc and the resulting cil file). Frankly this is where SELinux lost me too. I found the man page for boinc_selinux, which is not really known on my Fedora system here, so I may be missing something. It suggests to enable permissive mode for boinc_t (instead of dropping SELinux altogether):

Note: semanage permissive -a boinc_t

can be used to make the process type boinc_t permissive. Permissive process types are not denied access by SELinux. AVC messages will still be generated.

https://linux.die.net/man/8/boinc_selinux

And sure enough on the next restart my AMD GPU became available:

[---] OpenCL: AMD/ATI GPU 0: AMD Radeon RX 6700 XT (driver version 3558.0 (HSA1.1,LC), device version OpenCL 2.0, 12272MB, 12272>
[---] OpenCL: Intel GPU 0: Intel(R) UHD Graphics 630 (driver version 23.35.27191.9, device version OpenCL 3.0 NEO, 25561MB, 2556>
[---] libc:  version 2.37

Happy numbers crunching. Mebbe some fix for SELinux crosses my path in the future so I can update this with the proper solution.

It’s that time of the year again. It’s _cold_ outside and I sit at my PC anyway so let’s crunch some numbers to heat up the place:

> Dez 04 11:31:35 morpheus boinc[20347]: 04-Dec-2023 11:31:35 [World Community Grid] Requesting new tasks for CPU
> Dez 04 11:31:37 morpheus boinc[20347]: 04-Dec-2023 11:31:37 [World Community Grid] Scheduler request failed: HTTP service unavailable

Or not. AGAIN? FFS, how long has this migration been going?

Feels like nothing changed compared to last year.

* DNS works: dig +short scheduler.worldcommunitygrid.org > 199.241.167.118
* HTTP works: curl https://scheduler.worldcommunitygrid.org/boinc/wcg_cgi/fcgi
* The WCG server? Not so much:

<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>

Guess I have to look for another project. My patience run dry like the task list.