Are you installing needed libraries?

For example, the installer runs because it doesn’t need any, but then your app needs say VCRedist 2010, and so won’t until run until you add the vcrun2010 extra library with Winetricks or the menu in Bottles.

It’s not really because it fell over. It’s because it wasn’t supposed to fall over. Consumable launch materials don’t contend with this because failure to return is a success. This is a failure. This must be learned from and fought against/prevented going forward.

Since you mention setup instead of any manual install screwery, I’d say root(uid 0) is still very real, you just didn’t setup any login for it. Every time you sudo (substitute-user-do), you(probably uid 1000) are running that command as root instead of you. In fact, just sudo -i and you are now “logged in” as root.

Edit: Missed the context. Should still be useful info but you probably are not accidentally remoting into an account you never setup the login for.

Raspbian is sometimes a compromise between security and usability, because it is designed to go into the hands of new users. It also used to ship with a default “pi/rasberry” login hardcoded and IIRC permitted root password login over ssh. Things experience users change or turn off, but needs to start friendly for the rest, you know?

By doing this, they can take a step in the right direction by separating the root and login user, without becoming annoying asking for a password frequently as a newbie copies and pastes tutorial commands all week.

And as I said it’s unlikely, even very unlikely, but just not impossible. Everything comes with a risk, I just believe it’s up to you, not me, what risks mean in your environment. Might be you’d like to have the convenience on the home dev server, but rather have as much security as possible on a public facing one.

Or maybe you’d like to get really dialed in and only allow specific commands to be run without a password, so you can be quick and convenient about rebooting but lock down the rest. Up to you, really, that’s the power of Linux.

In Debian, you will want to modify your /etc/sudoers file to have the NOPASSWD directive.

So where you find something like this in that file:

%sudo ALL=(ALL:ALL) ALL

Make it like this:

%sudo ALL=(ALL:ALL) NOPASSWD:ALL

In this example, powers are given to the sudo %group, yours might just say pi or something else the user fits into.

Also, please note that while this is convenient, it does mean anyone with access to your shell has a quick escalation to root privileges. Some program you run has a shell escape vulnerability and gets a shell without a password, this means they also get root without one too. Unlikely to happen, sure, but I believe one should make informed decisions.

Now would be a good time to look for a .com you like, or one of the more common TLDs. And register it at Namecheap, Porkbun, or Cloudflare. (Cloudflare is cheapest but all-eggs-in-one-basket is a concern for some.)

Sadly, all the cheap or fun TLDs have a habit of being blocked wholesale, either because the cheap ones are overused by bad actors or because corporate IT just blacklists “abnormal” TLDs (or only whitelists the old ones?) because it’s “easy security”.

Notably, XYZ also does that 1.111B initiative, selling numbered domains for 99¢, further feeding the affordability for bad actors and justifying a flat out sinkhole of the entire TLD.

I got a three character XYZ to use as a personal link shortener. Half the people I used it with said it was blocked at school or work. My longer COM poses no issue.

Is there a list anywhere of this and other settings and features that could/should certainly be changed to better Firefox privacy?

Other than that I’m not sure I’m really going to jump ship. I think I’m getting too old for the “clunkiness” that comes with trying to use third party/self hosted alternatives to replace features that ultimately break the privacy angle, or to add them to barebones privacy focused browsers. Containers and profile/bookmark syncing, for example. But if there’s a list of switches I can flip to turn off the most egregious things, that would be good for today.

Plug it into a monitor or TV and keep an eye on the console.

I have an older NUC that will not cooperate with certain brands of NVMe drive under PVE…the issue sounds like yours where it would work for an arbitrary amount of time before crashing the file system, attempting to remount read-only and rendering the system inert and unable to handle changes like plugging a monitor in later, yet it would still be “on”.

I recommend Dockge over Portainer if you want a web admin panel. https://github.com/louislam/dockge

It’s basically docker compose in a website, and you can just decide one day to turn it off and use the compose files directly. No proprietary databases or other weirdness.

That or they do prescription inserts, or just sell you the computer and you get other glasses that do, like Viture https://www.viture.com/

As someone with video glasses like those included here, it might be a step forward but it has a lot of room for improvement before it will survive mass market.

For starters, unlike a screen, these glasses must be tailored to your eyesight. If you wear prescription, you will need to fit double glasses or have some ability for the video ones to be prescription. And a huge problem in the market right now is pupil distance, or eye spacing/head size. Mass market wants one-size-fits all, but that means those outside the designed size will have difficulty using them if they can at all.

These are problems currently experienced with the current market like Rokid, XReal, and Viture.

And then of course there’s power, if we keep to 1080p we’ll need more computing power and battery than a Steam Deck screen, which some handhelds might be able to accommodate, maybe more so depending on the weight and shape trades of the new style. But so far it might be disappointing, especially if it has the appearance of a huge screen and still needs to low-res upscale/FSR to meet performance.

Just my thoughts. Still cool, but no confidence in it as a winner yet.