this post was submitted on 07 Mar 2024
593 points (96.8% liked)

linuxmemes

21210 readers
143 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

  • Please report posts and comments that break these rules!

    founded 1 year ago
    MODERATORS
     
    top 50 comments
    sorted by: hot top controversial new old
    [–] [email protected] 30 points 8 months ago (3 children)

    I was thinking about this the other day. Windows 11 is starting to roll out on company laptops and I would love it if we had the choice to install Linux. But I think there are some challenges to that.

    Most large companies control what employees are allowed to install on their machines for security reasons. We wouldn't want any spyware or ransomware or any kind of malware getting installed inadvertently. Most places will use software allow lists through applications like the Software Center and use software detection programs to monitor if any non compliant software is installed.

    There's also permission management through group policies on Windows to manage which kind of user can do what on their system.

    Finally, I hate to say it, but most companies use the whole Microsoft Office 365 eco system with Microsoft One Drive and SharePoint. I know we can use the web version for some of the apps, but for practicality's sake, it's best to have an installed version. And the cloud sync feature of One Drive is also very important for automatically backing up important work. I doubt they would let that go.

    I would love to hear if anyone can offer solutions to these problems.

    [–] [email protected] 8 points 8 months ago (2 children)

    KDE had a policy editor back in v2.0... honesty I never really followed whether those features stuck around. But the simple version is to lock down write access to folders in $HOME, such as .config or similar. Linux already prevents most users from installing programs over the system directories without root, but I'm not sure if you can restrict new programs with +x in $HOME unless you write-lock the whole folder... Someone with more network admin experience probably knows this :)

    [–] [email protected] 4 points 8 months ago

    selinux or alternative is your friend here.

    [–] [email protected] 3 points 8 months ago

    Exactly. I once had a computer with Linux where I had no root access, but was able to install, or at least unzip or build, pretty much whatever I wanted in my $HOME directory. And I wonder if it isn't possible to installs Snaps or Flatpaks without root permission?

    [–] [email protected] 5 points 8 months ago

    Outlook owa pwa is 99%

    The rest of the apps sans access work 99% in wine.

    Google docs works great

    Run NixOS don't give em root or nix-shell. They can't install anything you don't allow.

    Put each users allows softlist into source control. Make the boxes cron and reconfigure on demand.

    Tailscale VPN.

    [–] [email protected] 4 points 8 months ago (1 children)

    Office 365 [...] i know we can use the web version

    tbf, this isn't the only software related problem. a lot of companies also use specially developed software that doesn't have a linux version because everyone in the company is using windows anyways and adding a different release target would likely add costs and consume more development time for those internal tools

    [–] [email protected] 3 points 8 months ago (1 children)

    I should've mentioned I've been practically only in IT companies. We never really had speciality software of any kind. In fact I could've done all of my work in Linux except for a couple of times where I had to develop in c# and .net wasn't ported to Linux yet.

    But the things I've mentioned were what was holding the company back from giving me a Linux machine.

    [–] [email protected] 2 points 8 months ago (1 children)

    tbf i am the other extreme: i work in a material science lab so we work almost exclusively with specialized/custom software

    [–] [email protected] 2 points 8 months ago (1 children)

    Oh yeah. That's even worse because sometimes the machines outlive the computers and software and then you're stuck maintaining a Windows 95 machine because the software was developed for that OS and the company has since came up with new machines with new software and they don't support your machine anymore.

    [–] [email protected] 2 points 8 months ago

    Depending on the company you work at you can actually still encounter testing equipment built during WW2 because "it still works"

    [–] [email protected] 25 points 8 months ago (1 children)

    $previous_job allowed us to pick. One of my coworkers had to replace his laptop, and I convinced him to try out Linux this time. I handed him the bootstrap script and he was back to working by the afternoon.

    Our CEO got wind of this and said as a matter of policy everyone is switching to Linux unless they have a good reason (needing excel for financial reports is a good reason). The two new hires who had been setting up their dev environment for over a week at that point were the trigger for this.

    [–] [email protected] 5 points 8 months ago

    keep spreading the good word!

    [–] [email protected] 21 points 8 months ago

    90% of my work is done in WSL anyways... I would much rather have KDE as my DE than Windows 11. Please Microsoft, if you love Linux so much now, port Office to it, and maybe my employer would be ok with it.

    [–] [email protected] 20 points 8 months ago (2 children)

    we not only allow it, we enforce it. windows not allowed in my company

    [–] [email protected] 13 points 8 months ago

    Same at my company.

    My favorite bit was when the Microsoft rep sent a PDF explaining how much the company would save from tech support to the CFO, bypassing the CTO they were communicating with.

    And the CFO shared the whole thing publicly for the entire company to laugh at.

    [–] [email protected] 17 points 8 months ago (1 children)

    We don't even have Firefox at work.

    Only options are Edge and Chrome.

    [–] [email protected] 8 points 8 months ago (2 children)

    Blame their DoH for killing FF deployment in the enterprise. Companies don't like not being in charge of their DNS traffic. DoT is better from corporate POV as that can all be blocked or redirected based on the port, not so much DoH which uses the same port as normal web traffic.

    [–] [email protected] 13 points 8 months ago (1 children)

    Those are definitely acronyms.

    [–] [email protected] 4 points 8 months ago

    Nah, companies can just disable DOH if they want using GPOs.

    https://github.com/mozilla/policy-templates/blob/v5.8/docs/index.md

    [–] [email protected] 14 points 8 months ago (1 children)

    I don't have windows allowed on my job, thanks god

    [–] [email protected] 6 points 8 months ago* (last edited 8 months ago) (1 children)

    The build team will not allow a single line of Windows code to infect their pipelines

    load more comments (1 replies)
    [–] [email protected] 10 points 8 months ago (7 children)

    It's simple, cost. Supporting multiple DE's is expensive. And provides little or no benefit to the company.

    It may work at a small company with tech savvy users (like the ones commenting here). But ultimately at a normal large business, is nothing but a hassle that at best makes a few employees happy.

    [–] [email protected] 4 points 8 months ago (1 children)

    Cisco now supports developers running Linux feiw

    [–] [email protected] 9 points 8 months ago

    Yes because developers don't call tech support when they've accidentally deleted the Outlook icon from their desktop.

    load more comments (6 replies)
    [–] [email protected] 10 points 8 months ago

    I'm glad that I've never had to rely on windows at work. It's been linux all the way even when it still had a lot of rough edges.

    It was still way ahead of WfW or 95 though.

    [–] [email protected] 9 points 8 months ago

    Our software is officially supported on Windows and Linux. For some reason our chief product uses a Mac, so we support that unofficially. It can be quite a hassle to keep our code compatible on those platforms and Build Bot often gets angry when I open a pull request, but boy is it nice to be able to use whatever OS I like for development!

    [–] [email protected] 8 points 8 months ago (1 children)

    My current employer is a first for me:

    • engineering essentially have to use Macs. Windows is accepted but not supported
    • all products are built and hosted on Linux, both cloud and on-prem
    [–] [email protected] 3 points 8 months ago

    Workstations/laptops at my current job in order of popularity: nixos, arch, macos. Windows is around 2%.

    [–] [email protected] 6 points 8 months ago

    I work with data management / data brokering at a university. I am not allowed to have a Linux machine. I have to use a virtual environment.

    [–] [email protected] 5 points 8 months ago

    My employer allows Linux - only a customized version of Fedora that's preconfigured to handle our environment, including certificates (802.1x, browser client certs, etc) with automated renewal, endpoint management software, deployment of settings using Chef, etc.

    We have a few internal apps built using React Native though, which is only available on Windows and MacOS. There's been some Github repos trying to port React Native to Linux but nothing that's production-quality yet.

    [–] [email protected] 5 points 8 months ago (1 children)

    It's funny working at a company that doesn't allow Linux on a workstation, but is also actively developing and deploying tons of Linux-based products...

    I think the real reason is that their MDM cant lock down a Linux machine the way it locks down a Windows or Mac machine...

    [–] [email protected] 2 points 8 months ago

    We added a second disk and installed Linux on an encrypted partition. BIOS was not locked so we could dual boot.

    When we return the machines we remove the disk.

    [–] [email protected] 4 points 8 months ago

    My solution is to host a virtual machine with my dev workstation, and use Windows or Mac for business admin stuff like email, slack, etc.

    [–] [email protected] 4 points 8 months ago

    I've had Linux 3 jobs in a row so I've been lucky that way, it usually helps to match production so that's a good argument for it.

    [–] [email protected] 4 points 8 months ago

    The company i work with allow any OS to be installed. With a caveat, because we are heavily invested in the Windows eco system using office 365 and Microsoft Dynamics Nav and sql server, Ms AD. With that said, if you use that software for more than 50% of your work time we recommend Windows. But otherwise it is still the employees choice and if you are completely comfortable running windows in a VM, go for it. IT won't give you endless support if you have too many issues with your VM. If we loose to much time and you are not proficient enough in macOS or Linux then we just give you a windows machine.

    [–] [email protected] 1 points 8 months ago (1 children)

    I’m still surprised people still use the term sysadmin.

    [–] [email protected] 4 points 8 months ago (5 children)
    [–] [email protected] 10 points 8 months ago
    [–] [email protected] 4 points 8 months ago

    I miss the term sys admin.

    Now it’s always something like β€œdevops scrum hardware master” or some bullshit.

    [–] [email protected] 3 points 8 months ago
    [–] [email protected] 2 points 8 months ago

    SRE is what all the cool kids are saying these days

    load more comments (1 replies)
    load more comments
    view more: next β€Ί