qmail cheats a bit because it's so simple, that most people end up using something with messy code on top. Not that I don't think it's a sound engineering decision but when comparing it's code cleanliness with other SMTP stacks it needs to be mentioned.
They're better than most C software of the era, but not better than qmail --- qmail has a better vulnerability record than Postfix does (perhaps because it does less, but that's beside the point).
Author here. Debugging dual boot is interesting, debugging virtualbox is not. And I was curious if I can get it running. I just was too lazy to figure it out, I found a more interesting problem to work on. In the end, I stayed in the native FreeBSD install, so there was no motivation to figure out the custom kernel in virtualbox (it is quite simple in bhyve, though)
It doesn't work yet with GELI as far as I know, so for encrypted root /boot still needs to be on a separate partition. There was some work to support encrypted /boot, I'm not sure where it stands now, but I'd be very surprised if it supported encrypted ZFS.
Yeah, I've not tried going to 11x yet as I'm not sure I can be bothered trying to deal with replacing the non-geli 'bootpool' I have on 10.x.. Sounds like a tricky process.
I'll probably just rebuild it instead of trying to upgrade.
I’m author of that gist (just noticed I have some comments there I need to reply to), still running the setup, now with FreeBSD 12-CURRENT. Tl;dr it generally works, still no wi-fi support. X works fine (running with drm-next-4.7 patches to get external thunderbolt display to work; vanilla kernel works fine with built-in and DVI display, gets confused by Thunderbolt display only). Gave up on pkg because I want to control my build flags, I’m using portmaster now and thinking about setting up poudriere on a bigger server. Feel free to ask if you have any particular questions.
I'm running two external screens (one thunderbolt, one via the hdmi port) on unpatched 10.3 without any issue on my mbp... I can use the laptop display at the same time also (usually don't -- but I have to close the lid before I start X otherwise it'll stay on) ....?
Is it just your model? It;s behind my desk but it's some cheapo thunderbolt->hdmi dongle made by "neeto" apparently, works well enough..
I think 10.3 has an older version of i915, this has worked on vanilla, but 11 has already Linux 3.7 or 3.8 DRM imported which breaks with thunderbolt display, and it was fixed in drm-next-4.7 patch (which is going to land on HEAD someday, but it might not be backported to 11).
Not necessarily, they might have just generated revokation certs which are separate (so that they can be used in case your private key is lost). Keeping a revokation cert would be a responsible thing to do, just in case something like this happens.
There are services (external, secondary to the published acts) that published a re-unified, highlighted version. I would imagine a repository that maintains a current unified text, with the "update acts" as commit messages (or even with the original PDFs somehow linked to the commits. I'm sure it can be implemented somehow in Git plumbing. Annotations, maybe?). I'd even pay for this kind of service - but probably not as much as lawyers who need it for their daily work pay for the existing equivalents.
Is this account actually maintained by Bundestag (or other actual piece of state administration), or is it just a mirror? Also, either German law is really mature and stable, or this repository is unmaintained: last commit oin master is Jan 2013.
I'd love to see such a repository for the acts in my country, by the way, but the official source is a PDF, and most of the published acts are actually patches to existing (already heavily "patched"), like "In the section II, item 13a, change words 'foo and bar' to 'foo, baz and quux'". This mess untangled into an actual, highlighted, unified text is an actual product, and lawyers happily pay the subscription. I imagine it is similar in other countries.
I'm the original creator of that repo. Keeping it up to date is unfortunately a time-consuming manual effort. Doing version control downstream is generally a nightmare because unraveling different law changes/typo fixes is complicated (yes, lot's of typos when humans consolidate laws by hand).
It's a financially independent (it has a "pro" version) non-profit owned by the department of justice and the faculty of law of the University of Oslo. It is an official source and as such laws published there are officially, legally published and it has been that way since 2001. Laws relevant to private citizens are available for free. It's pretty neat.
Edit: oops! I replied after reading the content in an 8 hours old tab, not noticing that the repo author had already explained it in a sibling post to this one.
-----------------------------------
From their README, it's just someone that converted the XML version published by the "Bundesministerium der Justiz und für Verbraucherschutz" (Ministry of Justice and for Customer Protection) which as they note is available at http://www.gesetze-im-internet.de/
About the Markdown version in GitHub: after a quick inspection, most diffs seem to be plain additions of content, presumably as it was converted to Markdown.
However, some diffs might have tracked changes in the laws, as this one: https://github.com/bundestag/gesetze/commit/3c1bada22f08b4e0...
I suspect the author ran the converter a few times and then abandoned it. In principle, it should be possible to keep updating it.
The improvement over the official XML version seems to be that with Markdown it's easier to get understandable diffs.
I'm not sure how they do it, but I guess that it wouldn't be extremely hard to have a small grammar to automatically convert the legalese patch into an actual git patch (most of the time, the sentences which wrap the editions are the sames).
If you have a text version, at least preprocessing and proposing changes could be doable (especially that as far as I know, formal French is quite uniform - but then, it's what I heard from others, all French I actually know comes from a Dexter's Laboratory episode). In Poland, though, the original acts are published as PDFs, and the text extraction itself needs assistance, if it's even possible without OCR: the international agreements that are side-by-side in multiple languages (Polish, other party, sometimes also English) are usually image scans saved as PDFs.
I don't think that beginning your question with "I cannot begin to imagine how fucktarded you'd need to be to do this" is going to encourage people to answer that question…
That aside, my approach with Linux/Docker is to have a "fat" host system that is open to the outside world, terminates SSL, load balances and proxies the containers' services (nginx), and provides global services are either shared between containers (Postfix smarthosting to Sendgrid, DNS cache, rsyslog), or services that can manage user/service isolation well enough on their own (PostgreSQL). Containers run mostly applications, or services that I need in multiple instances or versions.
I do containerize Redis, as it can't be safely shared across multiple services (no privilege isolation, too easy for one service to DoS the other with a blocking operation), but then I don't consider Redis to be a database – it's rather a "shared state server", kind of a more sophisticated memcached.
However, I understand the approach of CoreOS, which minimizes role of the host OS. In this model, host's only role is to support containers, and every other process needs to be containerized. From this point of view, Postgres is an application. This way, I can flexibly run multiple version of Postgres, try to upgrade it without needing to set up separate host service, and so on. Personally, I wouldn't feel comfortable with that, but I understand how it could be useful.
Regarding storage performance, database's data directory would need to be a volume anyway (to be able to upgrade database without trowing away the data). A volume is just a `mount --bind`, without any aufs layers, to any point of the filesystem, so it doesn't seem to me that i/o performance hit would be noticeable…
There's also a WordPress plugin called "Jetpack". Both are so different areas, that I don't think it matters much. If it happens that either project is actually bothered by mine and reaches out to me, I'll be happy to talk.
I've checked for name conflicts in related areas, in package repositories (FreeBSD ports, Debian's and Ubuntu's archives), major open source hosting services, and haven't found anything related. Let me know if I missed anything relevant.
I'm the team lead of the Jetpack plugin for WordPress. I've passed it upstream to our in-house counsel just for a cursory review should it conflict with trademark scope or something.
(What do I know, I'm a dev, not one of those lawyer-types)
(But as the Mozilla Jetpack thing existed before we did, and we both coexist, I'm not expecting a kerfluffle, but who knows -- I am not a Lawyer!)
Thanks for taking care of that! Please let me know if your legal team finds anything wrong. If you need to contact me, either open a GitHub issue on the repo, or email me (maciej at 3ofcoins dot net).
