You must log in or register to comment.
It kind of makes it hard to trust this distro when they fuck up the most basic things so often and frequently.
Not just with their web hosting. I’ve had so many updates break random crap it’s not even funny. Recently, a random update I did not approve suddenly had kwallet not working. A core piece of a DE they provide a bundled version for. I had to start kwalletd myself every time I wanted to use it.
It didn’t start that way on the fresh install. I didn’t do anything myself except reboot. Then suddenly my scripts that nab from the keystore are failing and asking me for passwords and what a mess.
That’s just a more recent example. I remember having quite a few random issues on update in the past, though the only other one I explicitly remember is the DE suddenly failing to start. Like, at all. Luckily I had a recent timeshift backup saved elsewhere, restored, and ignored the update notifications for a long while…
Yeah Manjaro either needs to figure their shit out or everybody should stop using it.
I tried it out like 5 years ago. A month after using it a random update broke the DE.
Right then and there I wrote off the whole distro and haven’t touched it since.
I don’t know why people are even using it all these years later.
Wow. How does this happen when letsencrypt exists? Or certbot?
More importantly… How does this happen again?
There is a significant amount of infrastructure that does not support cert bot out there.
That being said they are using LE but looks like the renew failed.
https://www.ssllabs.com/ssltest/analyze.html?d=manjaro.org&s=116.203.91.91&latest=
Uhm. “A significant amount of infrastructure”? Uhhhm. Put a reverse proxy in front of your webserver? Problem solved? Or use log analyzers? With alerts?
There is literally no excuse.
I think he’s referring to certain enterprise switches and other networking gear that has basically zero support for automation.
For me personally, I would be replacing that equipment but some businesses would rather pay a few hundred bucks every year + manpower to replace the certs than a few thousand once to replace the equipment.
…you don’t need your networking gear to support this in any way
Yeah, this is about 5 layers above that in the OSI model
The only network you’re likely to use that actually follows the OSI model is the CAN bus inside a car. And that’s starting to get replaced by DoIP, which uses the IP model (link layer, internet layer, transport layer, application layer, note the lack of session & presentation layers and combination of the physical & data-link layers into the link layer).
I am trying to figure out how my little non interesting domains have kept certified for decades now without lapsing, while they can’t seem to keep it together even after a failure.
Hard to imagine that they are so big that people simply forgot to get notices or manage the certs after it has happened so many times before.
There is a significant amount of infrastructure that does not support cert bot out there.
Then there should be a significant amount of infrastructure behind something like caddy.
I’m not aware of any web server that’s still maintained and has wide adoption (so no web servers written by a teenager in Haskell to just fuck around and figure out how web servers work) that doesn’t support the ACME protocol. I highly doubt Manjaro doesn’t use something mainline like nginx.
The renew failing should’ve sent someone a warning that manual intervention is required. This happens from time to time but the fact this went longer than a few minutes unfortunately says a lot about the project.
There is a significant amount of infrastructure that does not support cert bot out there.
Skill issue
*again again
At this point is more of a tradition…
Let’s Encrypt’s free and automatic certificate management has been around since November 16th, 2015, by the way.
Let’s Encrypt has also started offering 7 day certs for people who are confident that they spent more than 5 minutes to setup their cert management lol.
And who owns the root certificate?
You don’t own the root certificate even when you aren’t using Let’s Encrypt, unless you self sign or want to become a certificate authority. Am I missing something? Is there some controversy about Let’s Encrypt I’m unaware of?
I just mean they own it, I know that you can’t decrypt encrypted messages with root certificate, but you can abuse it in the case of being man in the middle. Of course I don’t think that let’s encrypt are doing that, but there other entities that would really enjoy having that toolset for hundred of millions of services that rely on let’s encrypt.
And if you look at the ones who sponsor Lets encrypt, I don’t think that any of them would bat an eye (except for EFF) if for instance the pedophile chief decided that they need to change leadership. Or hey, we NSA also have access to the credentials to the root certificate.
Something being free is not always the best option, when it comes to security. And it’s not impossible that such a large entity can become compromised through pressure, especially when they live on support from private organizations, who have time and time again, shown that they are not trust worthy and would choose to do unethical thing, if that benefits them.
I’m a little confused why you view this as an issue because in the alternative, manually installing certificates instead of using Let’s Encrypt’s tool, you still wouldn’t own the root certificate.
This is at least the third time, how do they even manage to fail that
At least the sixth time even. Four cases are documented here and another one was just three months ago. This last link points to reddit, but there a manjaro maintainer also explains why it keeps happening:
Politics within the project are the issue.
The fix for these issues have been build for about a year already. But those who have access to stuff like DNS and hosting are currently incapable of making any agreement on any topic preventing trivial fixes such as this from being implemented.
Well shit… It looks like they were on a good run too.
Why don’t people just use Arch directly instead of using derivatives? Well… I can understand using something like CachyOS as it has a different kernel with optimisations but Manjaro feels very irrelevant. If you just want Arch Linux with simple installation, just use the
archinstallscript. Regardless of which derivative you use, Arch based distros are going to be heavy maintenance than something like Bazzite, Mint or Ubuntu.I used Manjaro for a few years before switching to Arch. Manjaro finds a nice sweespot for “Arch but also nice”. Furthermore, Arch has gotten much more user friendly in the last 5 years or so. Back in late 2010s, Manjaro was adding a lot of value on top of Arch.
What really bothered me about Manjaro was the “forum cops” they employ, who are super aggressive to newcomers and unhelpful. It was not a nice experience to seek help. Say what you will about Arch people, they are at least helpful.
I finally switched to Arch when I got my new machine. I recommend the same.
Just to add to the 2010s bit, I tried Arch in like… 2015 I think it would’ve been. I followed the wiki to the letter. It was not my first Linux install, I’d been experimenting with a lot of distros for five years by then. I could not get it to work. To be fair, I still haven’t tried Arch in 2026, I use CachyOS, but I think back then Manjaro was really the only thing providing that type of experience. Everyone holds the Arch wiki on a pedestal because it’s so useful, but the install guide and state of Arch back in 2015 simply wasn’t what it is today. I haven’t ever used Manjaro so I can’t really speak for it, but that’s just sort of my guess as someone who had difficulty with Arch from that era. Luckily we have CachyOS, EndeavorOS, and, presumably, a better install process on vanilla Arch now.
My thinking process years ago was:
I had Debian and was not satisfied with the fact that I had to wait ages for updates of stuff like KDE Plasma. I wanted something with shorter update intervals.
I decided against Ubuntu because of the company behind it.
I decided against Mint, because it’s on level 3 in the derivate tree, so more places where something can go wrong.
Then I found Manjaro and liked it from the beginning. Very easy to install (no script necessary), awesome custom Plasma theme, short update intervals, …
Arch can be scary. I wanted a reliable, easy OS for private use and I knew, I get that with Manjaro. With Arch, I was not sure whether I might FCK something up.
from what ive heard of manjaro, they do less testing on new packages than arch. also, nothing on arch ever broke my pc except for the clock, which was probably because i configured it wrong (didn’t use archinstall).
only time an update has ever done anything bad was like a week ago when plasma 6.6 launched and the login freezed the pc, but that was on cachyos, not main arch.
I think, I haven’t had any mentionable problem with Manjaro over multiple years.
Arch derivatives that don’t do anything to the core packages or the root system seem very pointless to me. Because you can setup Vanilla Arch to be exactly like that derivative if you wanted to since Arch being a DIY distro. Arch based derivatives create unnecessary fragmentation in already fragmented Linux world. Arch itself is targeted for intermediate to advanced users to build a system from base.
It makes sense to make derivatives from Debian or Fedora because they have a lot of stuff packed in them for them to be user friendly and work out-of-the-box experience — then derivatives can add from or reduce from to make a distro designed for a specific use which can take much longer time than if the user did it by themselves since those parent distros are usually targeted for non tech enthusiasts.
Because you can setup Vanilla Arch to be exactly like that derivative
There’s the difference, you don’t have to set the derivative up.
“Why do people buy a car if they can make one themselves” type of argument. I’m a little shocked someone can walk so close to the point and not get it. It’s practically stabbing them in their face.
More like the manufacturer has stated that this car is meant to be built by the user themselves so they can understand it and maintain it by themselves, but then the user outsources it to a car builder who thinks one specific way of doing things is better (nothing wrong with it) instead and they slap their own branding on it. Then if the car breaks down due to a part incompatibility, the user doesn’t know what shit to do.
Sure, but the user knowing how to fix something or not wasn’t the problem or related to anything you said. It’s that you said they seem pointless to you and went on to describe their exact point of existence.
To be very clear, I’m not trying to make an argument for or against Arch derivatives, I just thought it was funny that you said they’re pointless because you can customize them when people use them specifically because they don’t want to bother with doing those customizations themselves.
I would consider using Endeavor OS because I just want something that can do basic work once it’s installed (I use CachyOS which is also an Arch derivative, but it modifies core packages which is different from what you’re talking about). Manjaro has separate criticisms, I’m not saying it’s “good.” I’m just saying it shouldn’t be surprising that someone wants to use Arch and wants customization on a bleeding edge, rolling release, but wants a system that isn’t quite so minimal once they’re done installing.
(I should try to install Arch to a VM or something and use this archinstall script. Because if it works as well as everyone says then my opinion might be different.)
I mean I get it. I am not an Arch elitist or something. Manjaro is doing something nobel. But it just goes against Arch’s philosophy of building and maintaining your own system and being responsible for it. That’s why I don’t see the point of Manjaro other than beginners saying “I use Arch btw”.
i wouldn’t call myself a Linux newbie, and I use CachyOS out of necessity (I have an ASUS laptop), and I’m perfectly content to introduce myself as way too lazy to do it the “proper” Arch way. Maybe someday.
Yeah I did mention in my above comments that derivatives like CachyOS makes sense because they fundamentally change how your computer operates. I just don’t feel the same way with Manjaro that’s all.
Yeah, I’m not defending Manjaro, they are too sloppy for me to do that. Rather EndeavourOS and CachyOS and similar which either give you a working Arch install with minimal effort or add something that may be of value to Arch. That said, the Manjaro distro itself is pretty good, especially if you swap the unstable repos which mirror the Arch ones. Kind of defeats the point of Manjaro though.
Back in 2015 for gaming PC: Steam and Nvidia driver updates via package manager, Xfce (used it before on multiple laptops), promise to be more stable than vanilla arch.
Systemd will auto renew an LE cert.
With how it’s going, Will systemd also eventually be able to occasionally remind my Asian ass that I am a failure?
I thought that’s what your parents are for?
Have a look at systemd timers 🤣🤣
What?
AGAIN?!
Oh no, first lemmynsfw.com and now this
wait what happened to lemmynsfw
As posted at this new instance which appears to be trying to fill the void (heh) left by lemmyNSFW:
Xaeg/Yay was the owner of LemmyNSFW, and he had access to and paid for the domain, server, and everything else related to the site. He has been AWOL for about 6 months now, and suddenly this month, the server and the domain stopped being paid for. I have no access to the server to get the database.
Because of this LemmyNSFW as it was, and all the content on it, much to my dismay, seems to have died.
If they were in the US then they might be in 🧊 custody
Damn. Fuck ice. In general, not for potentially being related to this.
it’s no more more
I wouldn’t know, never visited the place 🤐
To be fair it’s about to get even worse with the much smaller max validity periods.
Either that or they actually automate it
I doubt it considering this is like the third time already
i think the number is higher than 3
Third time?
This is the ninth time. Including certs for their repos and forums.
Is it so difficult to setup a Caddy with auto ssl?
unauthorized end-to-end encryption.
