Alien Pastures

My thoughts on Slackware, life and everything

Category: Software (Page 2 of 152)

Anubis is now guarding the git server

August 24, 2025 / / 11 Comments

I have had it with the onslaught of AI and indexing bots that keep my web servers in a constant state of near-crashes.
In particular git.slackware.nl is not handling the load well. It’s powered by cgit, and with tens of thousands of requests per hour to serve the details of git commits, cgit experiences a lot of segfaults. I already had to disable the download of compressed git-snapshot tarballs because all the “xz” processes that were running as a result of serving up “tar.xz” files were eating most of the server’s resources.

The filters that I had built into the Apache httpd server, as well as fail2ban taking care of the really obvious offenders, were not sufficient.

So. I have built a package for anubis, the self-proclaimed Web Application Firewall that protects web sites from AI scraping bots by challenging the visitor with a proof-of-work. This is essentially a calculation the client (a browser, or a web-scraping script) has to make before allowed entry. That calculation takes the shape of a small math problem that is expensive to compute, but easy to verify, like hashing a string with a given number of leading zeroes.
For scraping bots, the cost of these calculations will be big enough that they stop trying. Mere individuals like you and me, we will notice the Anubis loading page for a second and then it will stay out of our way as long as the cookie it places is valid.
Common Linux download programs like wget and curl are not affected by Anubis because it uses  a sensible set of defaults in its filtering behavior with the intention to not infuriate the humans accessing the site.

The anubis package that I built, will create an ‘anubis’ user and group when it is installed. It will also install a startup script in ‘/etc/rc.d/’ and a block is added to ‘/etc/rc.d/rc.local’ so that Anubis will start on every boot of the computer.

Anubis can run in multiple separate instances. A necessity because for each web site you want to protect you’ll have to run a separate instance, listening on a separate TCP port.

If there’s interest in the details of setting up Anubis on Slackware, let me know in the comments section below and then I’ll write up that documentation in a follow-up article.

If you experience issues accessing git.slackware.nl because of Anubis, also let me know below!

Cheers, Eric

A Slackware theme for your Grub

August 16, 2025 / / 12 Comments

Long ago, when all we had was 32bit Slackware and I was working on realizing the 64bit variant of Slackware, I created a ’64bit’ lilo bitmap with the Slackware  logo, to make it more obvious to your friends that your computer is booting 64bit Slackware and not some obscure other distro.

Lilo is getting a bit old in the tooth though. Mdern computers come with UEFI instead of good old BIOS, and that computer cannot boot on lilo. You’ll have to use elilo or grub instead.
Until now, Slackware supported elilo in the distro installer, but if you wanted to give your computer a Grub bootloader instead of elilo, you would have to do that manually right after the installation of Slackware is completed. Or you could swap out elilo for grub at any later time of course – it is not difficult.

Slackware-current is working its way toward making Grub the default bootloader. The process of installing or upgrading kernels is now automated to the level that if you have Grub installed as the bootloader, there’s nothing you need to do yourself: an initrd is generated based on your preferences (preferences can be written to the files /etc/default/grub , /etc/default/geninitrd and /etc/mkinitrd.conf), the grub bootmenu is refreshed and that’s it!

Recently I switched to Grub on this laptop which until then had been happily booting via elilo. As you may have seen, I use a nice graphical boot screen in liveslak and when I booted this laptop via Grub the first time, I was a bit disappointed by the text-only boot menu much like the boot experience I had with elilo.

But I like my liveslak boot screen!

So I set myself to finding out how I  could install and enable that same boot screen in regular Slackware.

The result is in the ZIP archive http://www.slackware.com/~alien/liveslak-grub2-theme.zip . Here’s how to use it to get a nice boot splash on your Slackware computer with Grub (the prior installation of Grub is something I leave to you):

  •  Extract the archive containing the Grub theme into directory /boot/grub/themes/
  • You will now have a new directory /boot/grub/themes/liveslak-grub2-theme – change its name to /boot/grub/themes/liveslak
  • In the file ‘/etc/default/grub‘ add or modify the following lines:
    GRUB_THEME=/boot/grub/themes/liveslak/theme.txt
    GRUB_FONT=/boot/grub/themes/liveslak/dejavusansmono12.pf2
    GRUB_GFXMODE=1024x768,800x600,640x480,auto
    GRUB_GFXPAYLOAD_LINUX=keep
  • Then run (as root) the command: update-grub
  • Now, reboot. You should be greeted by a Slackware logo and the Grub boot menu.

Let me know in the comments section what you think of this!

Cheers and enjoy the weekend, Eric

RFC: How to build my Wine package

June 29, 2025 / / 8 Comments

I have a question for you – hence the “Request For Comment” in this post’s title.

I have been compiling a Slackware package for the Wine emulator for a long time now. The 64bit wine package contains both the 64bit and the 32bit Wine binaries and libraries.  It therefore also requires that you made your 64bit Slackware into a multilib system.

For a while now, Wine can be built in another way than I have been doing it traditionally. The “WoW64” build aka “Windows on Windows64” allows you to run 32bit Windows binaries on a pure 64bit Slackware Linux OS, no multilib required.
Caveats of a switch to a WoW64 build of Wine for Slackware:

  • The WoW64 build does not support 16bit Windows binaries.
  • You may have to re-create your 32bit Wine prefixes.
    Meaning, the Windows programs which you already have installed on your computer have been written to what’s called a “Wine prefix”, basically a subdirectory in your homedirectory (the default location is ~/.wine/).
    Usually you would not bother with the concept of the Wine prefix, but it allows you to isolate various Windows programs from each other. Suppose you need to install additional Windows libraries via tools like winetricks (the same script is called ‘protontricks‘ if you use Valve’s Proton instead of Wine). but the DLL requirements are conflicting between Windows programs. Then you install each program into its own Wine prefix.
    Bottomline: it may cost you some one-time work to get your programs going again.
  • There’s some reports about performance regressions in Wine 9.x under WoW64 for 32bit Windows programs that invoke OpenGL calls directly. I can not confirm that this has been addressed in Wine 10.x
  • Valve’s Steam gaming platform still requires multilib on your computer.

Therefore I would like to hear your opinion about whether or not to switch from traditional multilib Wine to the new WoW64 Wine.
With “you” I mean actual users of my Wine packages. I am not interested in random replies.

Let me know below!
Eric

Migrating my infrastructure

June 19, 2025 / / 24 Comments

Roughly the last 12 months have been really hard on my server infrastructure – the servers that I rent and which host sites like slackware.nl, docs.slackware.com, download.liveslak.org, git.slackware.nl and several more.
An un-ending DDoS attack mostly by IP addresses from Chinese origin that keep requesting to download Slackware ISO files, many per second, effectively saturating bandwidth. Combine that with a massive onslaught of AI bots that roam the Internet scraping web content to feed to their LLM models. I have been mitigating these attacks and annoyances using web access control (because blocking all of China on IP level probably is exactly what the Chinese government is trying to achieve here: making sure that Chinese folks lose access to free and open source software).  Eventually these were also killing the Apache httpd daemon because that is where the access control is happening.
I am sure you’ve experienced that: when downloading an ISO from slackware.nl or running a “slackpkg upgrade-all” with slackware.nl as the package mirror, connections are aborted randomly.

So I had to make a decision: to deal with this in some way and improve the user experience for the average Slacker.

I have begun migrating my services away from the single physical host (and its hot standby) which has been running all these services sofar. They are being spread onto multiple (also more performant) new hosts.

Completed so far:

In progress; migrating slackware.nl, download.liveslak.org, git.slackware.nl, git.liveslak.org to a third server. Basically this affects all the mirror data that users want to download.
This part is actually more complex  and time-consuming due to the use of MSQL databases that need to be migrated as well (slakfinder for instance), multiple cron jobs to keep data in sync and backed-up and just a lot of data to shuffle around.

I aim to actually switch the various domains and hostnames to their new IP addresses somewhere in the next week. Expect a (hopefully) short downtime for the services mentioned above. If you get “file not found” errors or web sites go missing, just be patient and wait half an hour. If things take a concerning turn, leave your comments below this article and point me to the things that broke without me seeing it.

I hope to have informed you properly and timely 🙂

Cheers Eric

LibreWolf is now in my Slackware repository

April 28, 2025 / / 14 Comments

Resulting from a request in one of my other blog pages, I have added a Slackware (15.0 and -current, 32bit as well as 64bit) package for LibreWolf.

The LibreWolf version number “137.0.21” is a combination of the version of Firefox on which the release is based, and the release iteration of the LibreWolf developer community.

LibreWolf is a custom and independent fork of the Mozilla Firefox browser, with the primary goals of privacy, security and user freedom.

The LibreWolf browser implements sane defaults for increased protection against tracking and fingerprinting techniques, and adds security improvements compared to its Firefox upstream codebase. All telemetry, data collection and other annoyances that come with the Firefox browser have been disabled or removed altogether.
By default, DRM is disabled as well because Digital Rights Management is considered restrictive towards consumers of digital media. You can however enable DRM in the browser settings if you want to watch DRM-protected video content for instance.

One thing to be aware of if you start using LibreWolf is that by default, your cookies and browsing history are deleted every time you close the browser. This behavior can be disabled in the browser settings.

Firefox Sync is disabled by default in Librewolf – again for the sake of protecting your privacy, but this too can be enabled in the browser’s settings.

LibreWolf is on par with other browsers like Brave and Tor Browser when it comes to the level of privacy protection they offer to you, the user. Another comparison: Brave browser is based on Chromium whereas Tor Browser, like LibreWolf, is a fork of Firefox.

I hope that this additional choice of browser in Slackware offers some benefit to you. Note that my package contains natively compiled Slackware binaries. There’s also a LibreWolf entry on SlackBuilds.org but that one merely re-packages a binary AppImage, not specifically built on (or for) Slackware.

Let me know if I missed some feature or functionality when configuring and building the source code. You can find the packages in my repository or any of its mirrors:

Enjoy! Eric

« Older posts Newer posts »

© 2026 Alien Pastures

Theme by Anders NorenUp ↑