Ugh, that would complicate things. If that’s the case, all I can say is that’s really negligent (and goes into what I originally said about lack of stable ABI really ruining Rust for me — technically I said static linking but that’s really the core issue)

Yes, that is true. And yet, there are C++ LGPL libraries which as you say do in principle have the same problem. It should be safe if you’re careful about not using generics in the library’s public interface, or at least only generic code that is essentially just stubs calling the real logic. (I haven’t actually tried this myself tbh.)

In general any kind of inlined code is always a problem when doing this, even C can have this with macros, or “static final” integer constants in Java.

I should have definitely mentioned this and Rust’s ABI stability though, yeah. As for that, keeping the same compiler version is generally not a problem since all of them are available.

There are two ways of using library code in an executable program: dynamically linked libraries – also shared libraries – (these are DLL files on Windows, so files on Linux, dylib files on Mac), and statically linking libraries, which are embedded into the program executable at build time (specifically the link step which is generally the last).

Dynamically linked libraries just store a reference to the library file name, and when the program is run, the dynamic linker searches for these library files on disk and loads them into the program memory, whereas as I already said above statically linked libraries already are part of the program executable code so nothing special has to be done there at runtime.

This has nothing to do with bin packages inherently, which usually use at least a couple dynamically linked libraries anyway (libc at least). In fact every Rust program dynamically links to libc by default as at least glibc is impossible afaik to statically link. Some of them ship dynamic libraries along with the program binary (you see this a lot with Qt since it is pretty hard to link statically), some of them link their dependencies statically, some just expect the system to have certain versions of shared libraries available.

The special thing about Rust is that it really does not want you to output dynamically linked Rust libraries and link them to Rust programs, at least if they’re not inside the same project, since it does not have a stable interface for Rust code to Rust code calls (and a couple other reasons). This means you cannot ship a Rust shared library as a system package that programs in other packages can link against, like you can with for example C or Swift languages. Every dependency has to be built inside the same project the final executable is also in.

library code licensed under it must be able to be replaced.

Does this mean you need to be able to make a reproducible build? Or need to be able to swap code for something else? Wouldn’t that inherently break a program?

It does not mean you need to make a reproducable build, it just means users must be able to modify the LGPL licensed parts. For example, the library loads a file from a specific path that you want to change, you must be able to change that path by editing the library source code. This is trivial if it’s a shared library since you can just build your own where the path is changed and tell the dynamic linker to load that instead of the original, but with a closed-source statically linked binary you cannot easily change it if it does not provide the object files. These are essentially mostly final compiled code produced from source code files but not yet linked together into an executable, and significantly the LGPL parts are isolated files which can be swapped out with your own and then linked together again.

Doing this does not inherently break a program as long as the interface of the library (like function names, parameter types, general behavior of the code) stays compatible with the original one shipped with the program.

FWIW static linking is also fine with LGPL (see my comment).

Specifically for libraries licensed as LGPL, a lot of the time with Rust I hear the justification that it forces anything using it to also be (L)GPL, because Rust always links libraries statically¹ into the final binary and therefore does not meet the requirement of the LGPL that library code licensed under it must be able to be replaced.

This is absolutely not the case however, precompiled binaries can just ship all the object files it is linked from along with it so users can replace the object files of the LGPL library with their own custom version, or just the source code for open-source software, which also meets the requirement of course.

¹ something I could rant about for hours as this is lowkey one of the two things that ruins Rust for me but I digress

Kanidm has LDAP support but it’s read-only. You should prefer OAuth though since LDAP is locked to password login.

It solves encrypted RCS being a Google extension. Hooray for standards.

Hell yeah

It’s Apple’s API for hardware-accelerated machine learning. Their new devices have specialized ML hardware so it’s actually feasible to run on mobile devices. Probably what they also use for Apple Intelligence. https://developer.apple.com/documentation/coreml

It probably uses Apple’s CoreML. Not sure if Android has an equivalent API.

INWX has been great so far, have been with them for about 6 years at this point. Also had good experiences with their customer support.

Same, but I generally only use all lowercase in IMs/other short form text media (so, not here), and when I’m writing German I do capitalize nouns. I’ve always had auto capitalization off since before I started this too since I’m used to pressing shift on the computer.

Me too, but it’s now a subscription only. I wouldn’t recommend it to people who didn’t already buy the original.

I use borgbackup, with daily backup to borgbase.

At some point I want to set up a distributed file system between multiple locations as both a backup target and also a network share with automatic snapshots or some other undelete mechanism, but I still need to get the hardware for that and the current setup works well

True. I knew I should have left that as “NFS 4” because someone would comment this. From what I’ve read (never used it), NFS 3 is very different to 4 and also just kind of not worth using, especially just for Windows, since it has no security at all.

Please just use Kerberos instead of fiddling with uids. It’s the only sane way to get NFS access controls and user mapping. Works on both Linux and macOS (but there’s no NFS on Windows anyway).

I’d say you can run the Kerberos KDC on the NAS but if Synology has some locked down special OS you’ll need another machine for that (edit: but you say you have other servers already so that shouldn’t be a problem).

Unfortunately SMB is so screwed that you can’t reuse ordinary Kerberos for authentication there, which is unfortunate if you want to have both that and NFS. I’ve yet to look into whether Samba AD can be used for both.

This seems super overcomplicated. What I would do is put all the subdomains on the public DNS, let HTTP(S) through the firewall for the respective hosts, deny everything from outside of your local network on the http server that isn’t under the HTTP challenge path and then run the HTTP challenge as you would for a public site.

Then you can get certs, everyone outside trying to access will get 403, and inside the network you can access as normal.

Of course you’ll have to trust your http server’s ACL for that, but I’m just going to assume servers like nginx (which I use) have a reliable implementation.

Are you talking about these? They don’t look like they have a PCIe slot…

In any case, the specifications say

Form factor Low-profile 119.65 x 68.9 x 17.24 mm (Without bracket 119.65 x 68.9 x 12 mm)

It would need a PCIe slot, not a SATA connection. But I assume it doesn’t have that either then.

I have the QNAP TL-D800S. It’s an 8 bay DAS but there is also a 4 bay variant. Works well for me. It uses SFF cables to connect to the PC and comes with the appropriate PCIe card which seems more robust to me than anything USB for this.