lucaswerkmeister

[Service]
# change user for worker processes
CapabilityBoundingSet=CAP_SETUID CAP_SETGID
# bind to ports 143 and 993
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
# fchown() /var/run/dovecot/login
CapabilityBoundingSet=CAP_CHOWN
# bind to /var/spool/postfix/private/dovecot{-auth}
CapabilityBoundingSet=CAP_DAC_OVERRIDE
# chroot to /var/run/dovecot/empty

lucaswerkmeister

From 14d01236fdd0f7869096db4376ed6c4f2fd95199 Mon Sep 17 00:00:00 2001
From: Lucas Werkmeister <[email protected]>
Date: Mon, 10 Jul 2017 00:26:34 +0200
Subject: [PATCH] Add SpamAssassin configuration
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Debian ships services for SpamAssassin, but they’re so weak (short unit
file for spamassassin, unmigrated SysV service for spamass-milter) that

lucaswerkmeister

From 75e82fef397e402bf2c49b8c99e6066f976475b6 Mon Sep 17 00:00:00 2001
From: Lucas Werkmeister <[email protected]>
Date: Sat, 8 Jul 2017 17:41:48 +0200
Subject: [PATCH] Add dehydrated config
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

dehydrated (formerly known as letsencrypt.sh) is a simple ACME client.
This commit adds the default Debian configuration for it, as well as

lucaswerkmeister

#defaultView:Map

PREFIX lgdo: <http://linkedgeodata.org/ontology/>
PREFIX geom: <http://geovocab.org/geometry#>
PREFIX ogc: <http://www.opengis.net/ont/geosparql#>
PREFIX bif: <bif:>

SELECT ?subway ?geometry (SAMPLE(?label) AS ?label) ?layer WHERE {
  SERVICE <http://linkedgeodata.org/sparql> {
    ?railwayThing a lgdo:RailwayThing;

lucaswerkmeister

GNU Emacs Info Mode Cheat Sheet

• n: Next node.
• p: Previous node.
• u: Parent node.
• l: Last node (e. g. go back after following a hyperlink).
• r: Opposite of l.
• Tab: Move to next hyperlink.
• S-Tab: Move to previous hyperlink.

lucaswerkmeister

How to undo M-x global-set-key M-x ignore:

1. Press F10 to open the menu. (Your terminal emulator might capture that key to open its own menu instead. You’ll have to find a way around that.)
2. Navigate to the Buffers menu (3× right arrow key).
3. Select the *scratch* buffer.
4. In the *scratch* buffer, enter the following command:

(global-set-key "\M-x" 'execute-extended-command)

lucaswerkmeister

[Service]
ProtectSystem=full
ProtectHome=yes
CapabilityBoundingSet=CAP_SYS_ADMIN
PrivateTmp=yes
PrivateDevices=yes
PrivateNetwork=yes
MountFlags=private
SystemCallFilter=~mount umount2 mkdir mkdirat creat mknod unlink unlinkat chmod rename rmdir
SystemCallArchitectures=native

lucaswerkmeister

# /etc/systemd/system/opendkim.service
[Unit]
Description=OpenDKIM email sender authentication system
Documentation=man:opendkim(8) man:opendkim.conf(5) http://www.opendkim.org/
After=network.target nss-lookup.target

[Service]
RuntimeDirectory=opendkim
Type=forking
PIDFile=/run/opendkim/opendkim.pid

lucaswerkmeister

#!/bin/bash

# source: https://www.gnupg.org/documentation/manuals/gpgme/Hash-Algorithms.html
digests=(
    nil
    MD5
    SHA1
    RMD160
    MD2
    TIGER

lucaswerkmeister

Introducing ceylond and cformat

Good ``timeofday`` everyone! It is with great pleasure that I announce the release of four new Ceylon modules, grouped together as the [ceylond] project, as well as a companion program, [cformat]. This email introduces the motivation behind them, how they work, and what they do in detail.

TL;DR