Thomas’ Lab Notes

Stuff worth not forgetting

Manual Firefox Install on Debian

Install downloaded archive

Download and unpack archive under /opt. Note: top level directory in archive is firefox, does not contain version.

Creating a GNOME launcher

From https://wiki.debian.org/Firefox:

/usr/share/applications/firefox.desktop
1
2
3
4
5
6
7
8
9
10
11
12
13
14
[Desktop Entry]
Name=Firefox ''Your version''
Comment=Web Browser
GenericName=Web Browser
X-GNOME-FullName=Firefox ''Your version'' Web Browser
Exec=/path/to/firefox/firefox %u
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=/path/to/firefox/browser/chrome/icons/default/default128.png
Categories=Network;WebBrowser;
MimeType=text/html;text/xml;application/xhtml+xml;application/xml;application/vnd.mozilla.xul+xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;
StartupWMClass=Firefox
StartupNotify=true

Setting it as default

See previous post.

Debian Setup for Personal Laptop

Setup redone after complete loss of trusty seven years old hard drive due to mechanical failure. Replaced with SSD, whole system reinstalled with fresh Debian 9.6.0.

Packages installation

apt upgrade

packages: zsh mutt git subversion whois gnumeric net-tools traceroute apt-file

packages de dépôts tiers : virtualbox

package de source non-free : firmware-iwlwifi

À la main : firefox Lastpass Lastpass binary component (binaire à copier et JSON à générer dans ~/.mozilla)

Driver Nvidia

Pour fonctionnement correct de l’accélération 3D dans VirtualBox (pour Fusion 360)

linux-headers-$(uname -r|sed ’s/[^-]-[^-]-//‘) nvidia-driver depuis le dépôt stretch-backports

Dans xorg.conf, override manuel DPI 100x100 (défaut 143x144 : fontes trop grandes)

Customize

ln -s Téléchargements ftp

Gnome-terminal: palette prédéfinie blanc sur noir

Apparence/fenêtres focus follows mouse

chsh zsh

checkout scripts, ln -s .zshrc

xmodmap multi_key

firefox setup sync middlemouse.contentLoadURL <- true

HPLIP Won’t Print

Symptom

Printing to HP MFP1217nfw fails with “Filter failed”. No useful information in CUPS logs even at LogLevel debug. Message found in /var/log/daemon.log:

Jul 31 13:03:10 malaussene hpcups[3083]: common/utils.c 130: validate_plugin_version() Plugin version[3.14.6] mismatch with HPLIP version[3.16.11]
Jul 31 13:03:10 malaussene hpcups[3083]: common/utils.c 157: Plugin version is not matching

Probable cause

Upgrade of HPLIP Debian packages without corresponding (manual) update of the proprietary/binary plugin.

Fix

Upgrading the plugin using:

# hp-plugin

proved effective.

Add Collation to Postgres Post-initdb

Note: this is for old Postgres installs that lack the pg_import_system_collations function.

We need to operate as user so that the new collation has the proper ownership. We connect to template1, because by default we can’t connect to template0.

$ sudo -u postgres psql -d template1

Now allow ourselves to connect to template0

template1=# UPDATE pg_database SET datallowconn = TRUE WHERE datname = 'template0';
template1=# \c template0

Create collation in the proper schema (pg_catalog). Quote collation name to preserve capitalization.

template0=# CREATE COLLATION pg_catalog."en_US" (LOCALE='en_US.utf8');

Now reset datallowconn to FALSE.

template0=# UPDATE pg_database SET datallowconn = FALSE WHERE datname = 'template0';

Now any database created from the template0 template will inherit the new collation.

IPv6 and Netgraph Ethernet Pseudo-interface

On a NanoBSD firewall, I want to have a separate MAC address on one of the Ethernet interfaces to act as the outer endpoint for IPv6 traffic. This is achieved using a Netgraph eiface:

/etc/rc.local
1
2
3
4
5
6
7
8
9
kldload ng_ether
ngctl mkpeer sis0: bridge lower link0
ngctl name sis0:lower sis0bridge
ngctl connect sis0: sis0bridge: upper link1
ngctl mkpeer sis0bridge: eiface link2 ether
ngctl msg sis0: setpromisc 1
ngctl msg sis0: setautosrc 0

ifconfig ngeth0 link 06:00:00:00:00:06

Note that this does not include an ifconfig call to set the interface’s IPv6 address: this is done by devd, which calls the boot scripts’ ifconfig routine when the interface comes up. Thus I have the following line in /etc/rc.conf:

/etc/rc.conf
1
ifconfig_ngeth0_ipv6="inet6 fe80::6/64"

If instead of this line I have an explicit ifconfig in /etc/rc.local then there is a race condition between rc.local and devd. If devd runs last, the boot scripts won’t see any IPv6 address configured for the newly created interface in /etc/rc.conf, and they will set ifdisabled on it (blocking all IPv6 traffic, and marking the configured link local address as “tentative”). If devd runs first, the problem is dormant, because setting the link local address clears ifdisabled as a side effect.

Linux on Dell Precision 7520

Three years after the M4800, it’s time to upgrade again. Let’s start with debian-9.2.1-amd64-netinst.iso.

Booting it up

My new laptop came with an OEM Windows 10 preinstalled. I wanted to keep it just in case, but it turns out that:

  • since I want BitLocker, SecureBoot needs to be enabled
  • Ubuntu supports SecureBoot, but Debian does not
  • since I want LVM+encryption, I need to use Debian

So I’m ditching the pre-installed Windows (I’ll make a VirtualBox VM later on if I really need it).

Installation

System install is pretty uneventful, except for the fact that the trackpad is apparently not working within the installer. I was able to install on LVM with encryption as desired. I was happy to find MATE as one of the desktop options.

Post-install customization

X11

Keyboard and trackpad setup appear to work just fine out of the box (including for GDM).

The default driver appears to work just fine with the embedded LCD display, but is unable to handle my two external DP monitors (see below).

Nvidia driver

I am using this laptop on a docking station with two DisplayPort monitors. This works only if the builtin Intel GPU is disabled, and the add-on Nvidia GPU only is enabled.

Using the nvidia (non-free) driver

To install the nVidia driver:

  • make sure installed kernel headers (linux-headers) match kernel (linux-image), otherwise DKMS won’t build.
  • install nvidia-driver (note: this will build a kernel module, so requires a working compiler)
  • install nvidia-xconfig
  • run nvidia-xconfig --query-gpu-info by hand and make note of PCI BusID
  • run nvidia-xconfig --busid=PCI:x:x:x to generate xorg.conf

BIOS setup

To disable the built-in Intel GPU:

  • Video -> Switchable graphics -> uncheck Enable Switchable Graphics

(I have also checked Graphics Special Mode, not sure whether this is needed).

Desktop environment

  • Set focus-follows-mouse
  • Set keyboard shortcut for lock screen to Win+L
  • Set MATE terminal to white-on-black

Disable GNOME Keyring SSH agent:

1
2
3
4
5
6
7
8
9
10
$ gsettings get org.mate.session gnome-compat-startup
['smproxy', 'keyring']
$ gsettings set org.mate.session gnome-compat-startup "['smproxy']"
$ gsettings get org.mate.session gnome-compat-startup
['smproxy']

$ mate-session-properties
# uncheck SSH Key Agent and maybe others.
# This will create a copy of /etc/xdg/autostart/gnome-keyring-ssh.desktop
# in ~/.config/autostart, with appropriate settings to turn it off.

Sudo configuration

Add myself to group sudo.

APT sources

In /etc/apt/sources.list: add contrib and non-free.

Wifi drivers

The Intel wireless drivers require non-free binary components, see https://wiki.debian.org/fr/iwlwifi

Packages

firmware-iwlwifo vim rsync net-tools pcscd apt-transport-https openvpn binutils ltrace strace scdaemon

Hipchat

Hipchat is linked against Qt libraries that assume OpenSSL 1.0, but Debian provides 1.1.

Work around:

1
2
3
# apt-get install libssl1.0.2
# ln -s /usr/lib/x86_64-linux-gnu/libssl.so.1.0.2 /opt/HipChat4/lib/libssl.so
# ln -s /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.2 /opt/HipChat4/lib/libcrypto.so

(Note: the Atlassian web site gives incomplete instructions – they do not mention libcrypto).

Chaging Default Browser for GNOME on Debian

Problem position

I have chromium and firefox-esr installed. I want gvfs-open to default to the latter when opening a web URL.

Alternatives

There are /etc/alternatives entries for x-www-browser and gnome-www-browser that can be manually edited using

# update-alternatives --config gnome-www-browser
# update-alternatives --config x-www-browser

Unsuprisingly, this won’t have the desired effect. Life would be too simple…

GNOME MIME

The default browser for GNOME applications is determined using gvfs-mime. Per-user overrides can be specified in ~/.local/share/applications/mimeapps.list. System-wide defaults are generated by update-desktop-database and stored in /usr/share/applications/mimeinfo.cache.

Quoting https://wiki.debian.org/MIME:

The mimeinfo.cache is basically a raw reverse cache for the .desktop information. There is no way to define priorities in it. To be able to specify default applications, a mimeapps.list file (previously named defaults.list up to debian 5) must be created. It can be system-wide (in /usr/share/applications or a subdirectory) or user-specific (in $HOME/.local/share/applications).

And indeed the fix was to reorder the list from mimeinfo.cache, and create the following file:

/usr/share/applications/mimeapps.list
1
2
3
[Default Applications]
x-scheme-handler/http=firefox-esr.desktop;chromium.desktop;google-chrome.desktop;
x-scheme-handler/https=firefox-esr.desktop;chromium.desktop;google-chrome.desktop;

HP Laserjet M1217nfw Setup With CUPS on FreeBSD 10

This is an entry level network-connected multi function printer. It does not have a built-in Postscript interpreter. Instead, it receives raster data through a proprietary network protocol implemented as a closed source binary plugin to the CUPS filtering system.

In addition to CUPS, the following ports must be installed:

  • print/hplip
  • print/hplip-plugin

Once this is done, the printer can be added to CUPS. The standard socket connection options cannot be used. Instead, the “HPLIP” transport must be selected. The printer URI must be set manually from the output of hp-makeuri <IP-address>. (The plugin requires an URI starting with “hp:”, and will reject any other device URI with an error message saying “Error: This module is designed to work with HP Printers only”).

GDM Keyboard Layout Revisited

So, I wanted to upgrade Firefox on my FreeBSD 10 workstation, and this in turn caused some supporting libraries to be upgraded, and this broke all sorts of things again.

Initially gdm just segfaulted. After more manual upgrades, it turned out to work again, except that GDM had lost all localization, and in particular got the wrong keymap for the login screen.

It appears that gdm_lang is no longer honored (despite still being mentioned in /usr/local/etc/rc.d/gdm): you now need to set gdm’s locale in /usr/local/etc/gdm/locale.conf. Also note that unlike other user-editable configuration files, this one is overwritten each time gdm is reinstalled.

Setting Up GRUB/GPT/LVM

Notes on setting up a machine to use GPT partitioning, LVM for all filesystems (including root), and GRUB2 to boot.

Starting with a vanilla Debian 7.8 setup. Here we assume that /dev/sdb is the disk that will ultimately contain the system.

GPT setup

(parted) mklabel gpt
(parted) mkpart primary 2048s 4095s                                       
(parted) set 1 bios_grub on                                               
(parted) name 1 "BIOS Boot Partition"                                     
(parted) mkpart primary 4096s 100%                                        
(parted) set 2 lvm on                                                     
(parted) name 2 "LVM"

Do we want a swap partition there??? If we don’t provision one now, we’ll have to swap to an LVM LV.

LVM setup

pvcreate /dev/sdb1
# Format given disk for LVM

vgcreate tank /dev/sdb2
# Create a volume group with that disk as the underlying storage

lvcreate -n rootfs -L 10G tank
lvcreate -n home -l 100%FREE tank

Filesystem

mkfs.ext4 /dev/mapper/tank-rootfs
mkfs.ext4 /dev/mapper/tank-home
mount -t ext4 /dev/mapper/tank-rootfs /mnt

Set up root filesystem (including /boot subdirectory) in /mnt.

Make sure that /etc/fstab on tank-rootfs points to the proper root fs.

GRUB2

for i in /dev /dev/pts /proc /sys /run; do mount -B $i /mnt$i; done
chroot /mnt
rm -f /boot/grub/device.map
grub-mkconfig -o /boot/grub/grub.cfg
grub-install /dev/sdb