Suramya's Blog : Welcome to my crazy life…

March 11, 2023

Thoughts about a list explaining how Linux users are characterized by these properties

Filed under: Linux/Unix Related,My Thoughts — Suramya @ 10:44 PM

It is always amusing to me when I read these lists that claim to characterize people, in this case while I was researching about companies acquired by Microsoft I ended up at Rational Wiki: OS Wars section where there is a section that claims that “Linux users are characterized by the following properties: I found it amusing so I am going to list them out here with my comments and thoughts about each of them.

An unhealthy desire to recompile the kernel at every opportunity.

[ST] Compiling a kernel was something that we had to do in Linux back in early 2000’s, but even then I never really had to compile the kernel to get things to work. I did do it to understand the process, but was never forced to do so. In fact I can’t remember the last time I had to compile the kernel on my system.

A disdain for newcomers who don’t know how to recompile the kernel.
Constantly rebuilding their machines because a kernel recompile failed.

[ST] Since I never had to compile it, I don’t expect others to do so. If you want to do it then its your prerogative but I don’t care one way or another.

Thinking those who don’t compile on their own computers or don’t use shell scripts and terminals on a daily basis are not real Linux users.

[ST] Unfortunately, there are idiots who think this, and attempt to gatekeep others and put them down just because they don’t use the ‘proper tools’/command line etc. I did write about this earlier: Stop hating on people because they don’t use the same tools as you because everyone has a different way of working and what works for you might not work for them and vice-versa. For example, I really dislike video tutorials and prefer text but I know plenty of folks who like video because it shows them what to do instead of having them imagine it. There is no one true way…

Constantly having incidents reported for not being in the sudoers file, but not being sure who they’re being reported to.

[ST] I don’t have incidents being reported constantly but did have to look up where the incidents are reported, which as expected was in the log files that an admin/root can audit.

Believing vowels are over rated, especially when it comes to naming important programs you expect to use every day.

[ST] Nope. I like my program names to be descriptive and really dislike SMS talk.

Cursing at Mac users for the number of shiny devices they can connect their computers to.

[ST] Again a nope. I can connect more things to my Linux machine and have them work off the bat than I could on a Mac. Sure some of the software is more polished on a Mac but from a connectivity perspective my Linux machine can connect to pretty much anything (sometimes a bit of tinkering might be required).

Either cursing that they need root, or cursing because they ran something as root that they really shouldn’t have.

[ST] Had this issue only when I was first starting out. After a little while things become automatic, if I run a root command as a non-root user, I just have to prepend sudo to it (or copy it to the root terminal). Accidentally running a command as root on the other hand is a much bigger issue. Haven’t done it in a while now but it is something to be careful of. I set the prompt to let me know what machine I am connected to and as what user so it makes it easier to spot if you are in the wrong window.

Believing a windowing system is a very clever way of having lots of command lines on screen at the same time. Like screen only less clever.

[ST] I really don’t get people who think like this and unfortunately there are folks who are like this. They think they are cleverer than everyone else and love putting others down.

Arguing with each other over which distribution to use.
Arguing with BSD users over their OS of choice.

[ST] This is a fight that I still see every once in a while but things have calmed down quite a bit from the earlier days where a question about which is the best distribution would ignite a flame war.

Arguing over whether to use a GUI or command line.

A lot of people think that using a command line makes you superior to other users, I think that you should use whatever works best for you at that point in time for the task you are doing. For example, if I am editing a video or sorting images I will prefer to use a GUI but for other tasks I prefer using the commandline. At the end of the day the idea is to get the work done, not argue about what is the best interface to do the work in.

Arguing about whether Emacs or vi is better. (Obviously vi is way better. No question. Unless you’re Richard Stallman or another member of the Church of Emacs.)

[ST] I prefer vi because it is installed by default on all Linux systems so if I ever have to recover from a crashed system I have an editor that I can use to edit files. Emacs is fine but I prefer vi / Notepad++ / kwrite for general editing.

Arguing about which language is the best for writing scripts (essentially the modern-day equivalent of the Tcl Wars between Tcl and GNU Guile’s implementation of Scheme).

[ST] I have no idea about the TCL wars and don’t really care what language you use for writing scripts. I have written scripts in Bash, Perl and Python for the automation and scripting I had to do and the language was chosen based on 1) What I was trying to do and how complicated the logic was 2) If I was trying to learn a new language the script was written in that language.

Complaining that we’re calling it Linux and not GNU/Linux.
Interjecting for a moment to explain why it’s actually GNU/Linux
Complaining that we’re calling it Open Source and not Free Software.

[ST] Complaining about the fact that someone calls it Linux and not GNU/Linux is just annoying and doesn’t make you look knowledgeable it makes you annoying. Technically they are correct but Linux is the expected usage and no, I am not about to start calling it GNU Linux just because some idiot thinks I should do so.

Constantly complaining about virtually all sorts of random, obscure problems such as their computer randomly shutting itself off at 9 pm on Mondays.

[ST] This is not just Linux users, any person who is a power user will face these kinds of issues and will ask around on how to fix them. General users will just get the helpdesk to come fix their systems for them.

Complaining that this list is not indexed from 0.

No, I don’t number my lists from 0. Just because Arrays are indexed from 0 doesn’t mean that I have to number everything starting from 0. However, I do prefer that the ground floor (1st floor in the US) be called the 0th Floor (or G Floor) instead of 1st floor like they do in the US because that’s how they do it in the rest of the world.

Believing that time started on January 1970.

🙂 No comments 🙂

Being able to understand this list.

Ha ha… I think any person actively working with computers like a sysadmin/programmer would understand this list.

I think the list should be updated but it did make me smile so I guess that is a win 🙂

– Suramya

February 21, 2023

Fixing problems with nvidia-driver on Debian Unstable after latest upgrade

Filed under: Computer Software,Linux/Unix Related,Tech Related — Suramya @ 10:54 PM

Earlier today I ran my periodic update of my main desktop that is running Debian Unstable. The upgrade finished successfully and since a new kernel was released with this update I restarted the system to ensure that all files/services etc are running the same version. After the reboot the GUI refused to start and I thought the problem could be because of a NVIDIA kernel module issue so I tried to reboot to an older kernel but that didn’t work either. Then I tried running apt-get dist-upgrade again which gave me the following error:

root@StarKnight:~# apt-get dist-upgrade 
Reading package lists...
Building dependency tree...
Reading state information...
You might want to run 'apt --fix-broken install' to correct these.
The following packages have unmet dependencies:
 nvidia-driver : Depends: nvidia-kernel-dkms (= 525.85.12-1) but 515.86.01-1 is installed or
                          nvidia-kernel-525.85.12 or
                          nvidia-open-kernel-525.85.12 or
                          nvidia-open-kernel-525.85.12
E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).

So I ran the apt –fix-broken install command as recommended and that failed as well with another set of errors:

root@StarKnight:/var/log# apt --fix-broken install
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Correcting dependencies... Done
0 upgraded, 0 newly installed, 0 to remove and 13 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
dpkg: dependency problems prevent configuration of nvidia-driver:
 nvidia-driver depends on nvidia-kernel-dkms (= 525.85.12-1) | nvidia-kernel-525.85.12 | nvidia-open-kernel-525.85.12 | nvidia-open-kernel-525.85.12; however:
  Version of nvidia-kernel-dkms on system is 515.86.01-1.
  Package nvidia-kernel-525.85.12 is not installed.
  Package nvidia-open-kernel-525.85.12 is not installed.
  Package nvidia-open-kernel-525.85.12 is not installed.

dpkg: error processing package nvidia-driver (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 nvidia-driver
E: Sub-process /usr/bin/dpkg returned an error code (1)

Looking at the logs, I didn’t see any major errors but I did see the following message:

2023-02-21T19:48:27.668268+05:30 StarKnight kernel: [    3.379006] NVRM: loading NVIDIA UNIX x86_64 Kernel Module  515.86.01  Wed Oct 26 09:12:38 UTC 2022
2023-02-21T19:48:27.668286+05:30 StarKnight kernel: [    4.821755] NVRM: API mismatch: the client has the version 525.85.12, but
2023-02-21T19:48:27.668287+05:30 StarKnight kernel: [    4.821755] NVRM: this kernel module has the version 515.86.01.  Please
2023-02-21T19:48:27.668287+05:30 StarKnight kernel: [    4.821755] NVRM: make sure that this kernel module and all NVIDIA driver
2023-02-21T19:48:27.668288+05:30 StarKnight kernel: [    4.821755] NVRM: components have the same version.

Searching on the web didn’t give me a solution but since I am running the Debian Unstable branch it is expected that once in a while things might break and sometimes they break quite spectacularly… So I started experimenting and tried removing and reinstalling the nvidia-driver but that was failing as well because the package was expecting nvidia-kernel-dkms version 525.85.12 but we had 515.86.01-1 installed.

root@StarKnight:~# apt-get install nvidia-driver
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  nvidia-driver
0 upgraded, 1 newly installed, 0 to remove and 14 not upgraded.
Need to get 0 B/494 kB of archives.
After this operation, 1,398 kB of additional disk space will be used.
Selecting previously unselected package nvidia-driver.
(Reading database ... 439287 files and directories currently installed.)
Preparing to unpack .../nvidia-driver_525.85.12-1_amd64.deb ...
Unpacking nvidia-driver (525.85.12-1) ...
dpkg: dependency problems prevent configuration of nvidia-driver:
 nvidia-driver depends on nvidia-kernel-dkms (= 525.85.12-1) | nvidia-kernel-525.85.12 | nvidia-open-kernel-525.85.12 | nvidia-open-kernel-525.85.12; however:
  Version of nvidia-kernel-dkms on system is 515.86.01-1.
  Package nvidia-kernel-525.85.12 is not installed.
  Package nvidia-open-kernel-525.85.12 is not installed.
  Package nvidia-open-kernel-525.85.12 is not installed.

Now I had a couple of options, first was to wait for a couple of days (if I am lucky) for someone to upload the correct versions of the packages to the channel. The second option was to remove the package and installed the Open Source version of the Nvidia driver. I didn’t want to do that because that package is a memory hog and doesn’t work that well either. The last option was to try to manually install the older version (525.85.12) of the nvidia-kernel-dkms package and this is what I decided to go with, a search on the Debian Packages site gave me the .deb file for nvidia-kernel-dkms and firmware-nvidia-gsp (a dependency for the dkms package). I downloaded both the packages and installed them using the following command:

root@StarKnight:/home/suramya/Media/Downloads# dpkg -i firmware-nvidia-gsp_525.85.12-1_amd64.deb 
root@StarKnight:/home/suramya/Media/Downloads# dpkg -i nvidia-kernel-dkms_525.85.12-1_amd64.deb 

Once the packages were successfully downgraded I rebooted the system and the GUI came up without issues post the reboot.

Moral of the story is that you need to be prepared to have to troubleshoot your setup if you are running Debian Unstable or Debian Testing on your system. If you don’t want to do that then you should stick to Debian Stable which is rock solid or one of the other distributions such as Ubuntu or Linux Mint etc.

– Suramya

February 20, 2023

Fixing SSL error 61 on Citrix Workspace on Debian

Was trying to connect to a Citrix Workspace and kept getting the following error “You have not chosen to trust “Entrust Root Certification Authority – XX”, the issuer of the security certificate (SSL error 61)“. I have hit this error in the past and had fixed it but couldn’t find my notes from how I had fixed it back then, so I had to resort to searching on the web based on vague memories of how I had fixed. After a bit of effort I found two solutions that people had suggested:

Solution 1:

Create a symbolic link pointing the /opt/Citrix/ICAClient/keystore/cacerts directory to /usr/share/ca-certificates/mozilla/ , using the command below as root:

mv /opt/Citrix/ICAClient/keystore/cacerts /opt/Citrix/ICAClient/keystore/cacerts.bak
ln -s /usr/share/ca-certificates/mozilla/ /opt/Citrix/ICAClient/keystore/cacerts 

Unfortunately, this didn’t resolve the problem for me.

Solution 2:

The second solution people recommended was to link /opt/Citrix/ICAClient/keystore/cacerts directory to the /etc/ssl/certs/ directory, using the command below as root:

mv /opt/Citrix/ICAClient/keystore/cacerts /opt/Citrix/ICAClient/keystore/cacerts.bak
ln -s /etc/ssl/certs/ /opt/Citrix/ICAClient/keystore/cacerts 

After I linked the directory to /etc/ssl/certs things immediately started working without errors. This time I am blogging about it so that the next time I don’t waste time trying to find the solution.

– Suramya

December 21, 2022

“Linux is a meme and only autistic people use it” brainstorm from an anonymous coward

Filed under: Humor,Linux/Unix Related,My Thoughts — Suramya @ 8:28 PM

It is funny how people will make up stuff to explain why Linux (or any other OS) is difficult and why the person making the pronouncements can’t get it to do what they want it to do. Recently, the screenshot below came up in my feed and it made me laugh. As per the author only autistic people use Linux and everyone else “has just fallen for the meme”.


Linux is only for Autistic People

I have been using Linux almost full time since 2001 and am definitely not autistic. I can’t identify trains by their sounds and instead of not being able to talk to girls, according to some I sometimes talk too much. I have no interest in learning the names of the cast for any TV show and as far as I can tell I am leading a pretty normal life.

The genius who penned this (and I am of half a mind that this is just someone trolling Linux users) doesn’t seem to know that it is used to power 96.3% of the world’s top web servers and Android is based on Linux as well. It is the world’s 3rd most popular OS (after Windows and Mac) and while it has its own quirks it def doesn’t need you to know the in’s and out of the computer in order to use it. In fact in my experience, it is easier to install Linux and have a functional setup than it is to install Windows as Windows requires a lot of extra stuff to be installed in order to be productive while in Linux most of that is already pre-installed or built-in.

This was good for a laugh so I wanted to share it here.

– Suramya

November 15, 2022

Extracting Firefox Sites visited for archiving

Filed under: Computer Software,Linux/Unix Related,Tech Related — Suramya @ 3:01 AM

I have been using Firefox since it first version (0.1) launched back in 2003. At that time it was called Phoenix but had to change its name due to a trademark claim from Phoenix Technologies to Firebird which was then renamed to Firefox. Over the years I have upgraded in place so I had assumed that all my Browser History etc was still safely stored in the browser. A little while ago I realized that this wasn’t the case as there is a history page limit defined under the about:config. The property is called

places.history.expiration.transient_current_max_pages: 137249

and on my system it is configured for 137249 entries. This was a disappointment as I wanted to save an archive of the sites I have visited over the years so I started looking at how to export the history from Firefox from the command line so that I can save it in another location as part of my regular backup. I knew that the history is stored in a SQLite database so I looked at the contents of the DB using a SQLite viewer. The DB was simple enough to understand but I didn’t want to recreate the wheel so I searched on Google to see if anyone else has already written the queries to extract the data and found this Reddit post that gave the command to extract the data into a file.

I tried the command out and it worked perfectly with just one small hitch. The command would not run unless I shutdown Firefox as the DB file was locked by FF. This was a big issue as it meant that I would have to close the browser every time the backup ran which is not feasible as the backup process needs to be as transparent and seamless as possible.

Another search for the solution pointed me to this site that explained how to connect to a locked DB in Read Only mode. Which was exactly what I needed, so I took the code from there and merged it with the previous version and came up with the following command:

sqlite3 'file:places.sqlite?immutable=1' "SELECT strftime('%d.%m.%Y %H:%M:%S', visit_date/1000000, 'unixepoch', 'localtime'),
                                                   url FROM moz_places, moz_historyvisits WHERE moz_places.id = moz_historyvisits.place_id ORDER BY visit_date;" > dump.out 

this command gives us an output that looks like:

28.12.2020 12:30:52|http://maps.google.com/
28.12.2020 12:30:52|http://maps.google.com/maps
...
...
14.11.2022 04:37:17|https://www.google.com/?gfe_rd=cr&ei=sPvqVZ_oOefI8AeNwZbYDQ&gws_rd=ssl,cr&fg=1

Once the file is created, I back it up with my other files as part of the nightly backup process on my system. In the next phase I am thinking about dumping this data into a PostgreSQL DB so that I can put a UI in front of it that will allow me to browse/search through the file. But for now this is sufficient as the data is being backed up.

I was able to get my browsing history going back to 2012 by restoring the oldest Firefox backup that I have on the system and then extracting the data from it. I still have some DVD’s with even older backups so when I get some time I will restore and extract the data from there as well.

Well this is all for now. Will write more later.

– Suramya

October 7, 2022

I am now a CEH (Certified Ethical Hacker)

Filed under: Computer Security,Linux/Unix Related,My Life — Suramya @ 6:23 PM

Gave my CEH (Certified Ethical Hacker) exam on 3rd Oct and have successfully cleared it.


Certification Number Certification Name Issue Date Expiry Date
ECC8907421563 Certified Ethical Hacker October 3, 2022 October 02, 2025

The exam was interesting and required a bit of memorization but over all not bad. I do wish they allow us to access the books or use the tools on the computer. I have a hard time remembering the parameters for commands and there were a few questions in there about what parameter would you use to do x. Normally I would do a man command before running it but here I had to remember the commands so it was a bit more annoying and required some extra effort to memorize, other than that the questions were great and required a lot of thinking and knowing the system.

Well this is all for now, will write more later.

– Suramya

October 4, 2022

Workaround for VPN Unlimited connection issues with latest Debian

VPN’s are a great way to ensure that your communication remains private when using a pubic internet connection such as when you are connected to an Airport or Coffee shop Wifi. Plus they are good for getting access when a site is blocked where you are, for example in India VideoLan.org the main site for VLC Media player has been blocked for a while. I primarily use VPN Unlimited on all my systems as I have a lifetime subscription though I also have other VPN’s that I use sometimes.

Unfortunately, the native VPN Unlimited application for Linux has stopped working a while ago due to a compatibility issue with SSL. When I upgraded to the latest version of Debian back in July 2022 it suddenly stopped working with the following error message:

vpn-unlimited: symbol lookup error: /lib/libvpnu_private_sdk.so.1: undefined symbol: EVP_CIPHER_block_size

Reinstalling the software didn’t resolve the issue and neither did a search on the internet help. When I reached out to support they told me that Debian 11 wasn’t yet supported and they didn’t have an ETA for the new version to be released. They did recommend that I manually create & download an openvpn config from their site that would allow me to connect to the VPN manually using OpenVPN instead of the App. Unfortunately, the config generated didn’t work either as it would fail to connect with the following error message in the logs:

Sep 21 02:56:55 StarKnight NetworkManager[1123]:  [1663709215.0845]vpn[0x559d7fc46900,833a72d8-a08a-474e-a854-c926cd6c694a,"VPN Unlimited"]: starting openvpn
Sep 21 02:56:55 StarKnight NetworkManager[1123]:  [1663709215.0847] audit: op="connection-activate" uuid="833a72d8-a08a-474e-a854-c926cd6c694a" name="VPN Unlimited" pid=2829 uid=1000 result="success"
Sep 21 02:56:55 StarKnight kded5[2780]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: 2
Sep 21 02:56:55 StarKnight kded5[2780]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: 3
Sep 21 02:56:55 StarKnight NetworkManager[233850]: 2022-09-21 02:56:55 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless
"allow-compression yes" is also set.
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: OpenVPN 2.6_git x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: library versions: OpenSSL 3.0.5 5 Jul 2022, LZO 2.10
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: OpenSSL: error:0A00018E:SSL routines::ca md too weak
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: Cannot load certificate file /home/suramya/.local/share/networkmanagement/certificates/E87E7A7D6DA16A89C7B4565273D3A792_hk_openvpn/cert.crt
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: Exiting due to fatal error
Sep 21 02:56:55 StarKnight NetworkManager[1123]:  [1663709215.1095] vpn[0x559d7fc46900,833a72d8-a08a-474e-a854-c926cd6c694a,"VPN Unlimited"]: dbus: failure: connect-failed (1)
Sep 21 02:56:55 StarKnight NetworkManager[1123]:  [1663709215.1095] vpn[0x559d7fc46900,833a72d8-a08a-474e-a854-c926cd6c694a,"VPN Unlimited"]: dbus: failure: connect-failed (1)

After a little more back and forth with the support team (which was extremely responsive and quick) which in turn reached out to their developers we identified the issue with the OpenVPN config. The fix for this will be deployed to all their servers by the end of this month. In the mean time I was given a workaround that resolved the issue for me. To fix the issue add this line to your OVPN file under the VPN section:

tls-cipher=DEFAULT:@SECLEVEL=0 

More information on this is available in the OpenVPN forum. Keep in mind that this is not a really secure configuration and if you are working on something really top secret you should use another VPN till the issue is actually fixed instead of this workaround as it is not secure.

However, just wanted to share this here for others who might be having this same issue. Hope this helps.

– Suramya

October 3, 2022

Debian to allow non-free firmware in its default installer

Filed under: Linux/Unix Related,My Thoughts,Tech Related — Suramya @ 10:19 AM

One of the problems preventing new users from using Debian is that if your hardware is not supported by an Open (‘free’) driver/firmware then the system doesn’t install any and then it is a painful process to download and install the driver, especially if it is for the Wireless card. In earlier laptops you could always connect via a network cable to install the drivers but the newer systems don’t come with a LAN connection (which I think sucks BTW) so installing Debian on those systems is a pain.

Debian leadership has been debating on how to fix this over the past few months and there was a vote to decide Debian would handle non-free firmware going forward. Now the voting has completed and the verdict is in, Debian has decided that the Debian Official Installer Media can include firmware that is otherwise not part of the Debian system. The non-free firmware would be automatically installed and activated when the installer determines that it is needed for the OS to function. The setup would notify the user in such cases and provide instructions on how to disable the changes if required.

The Debian Project also makes the following statement:

We will include non-free firmware packages from the “non-free-firmware” section of the Debian archive on our official media (installer images and live images). The included firmware binaries will normally be enabled by default where the system determines that they are required, but where possible we will include ways for users to disable this at boot (boot menu option, kernel command line etc.).

When the installer/live system is running we will provide information to the user about what firmware has been loaded (both free and non-free), and we will also store that information on the target system such that users will be able to find it later. Where non-free firmware is found to be necessary, the target system will also be configured to use the non-free-firmware component by default in the apt sources.list file. Our users should receive security updates and important fixes to firmware binaries just like any other installed software.

We will publish these images as official Debian media, replacing the current media sets that do not include non-free firmware packages.

This is a great choice and will allow the installer to work pretty seamlessly for most users. I know there are purists who will be shouting and screaming that this is not the ‘true way for free software‘ but they will be a minority for the most part. Installers need to be simple, while allowing power users more granular control of the process. This change removes a major barrier in the adoption of Debian and makes the lives of millions of system administrators a lot easier.

Source: Slashdot: Debian Considers Changing How It Handles Non-Free Firmware
More details at: Debian Choose A Reasonable, Common Sense Solution To Dealing With Non-Free Firmware

– Suramya

October 2, 2022

Upgrading Debian Unstable – How to avoid obvious problems

Filed under: Computer Tips,Linux/Unix Related,Tech Related — Suramya @ 11:59 PM

If you are using Debian Unstable there is a possibility that your system might not work correctly after an upgrade, because as the name states it is an ‘unstable’ distribution that might have bugs. I use it because Debian Stable has older versions of the software available and I want to the latest versions if possible. Plus I don’t mind tinkering with the system if things break so that helps as well. Over the years I have found some easy ways to prevent the most obvious problems when upgrading and I will share them here.

First option is to upgrade the system regularly. You can decide what the frequency of the upgrade is but do it regularly. I upgrade twice a month and that ensures that the system has the latest updates and we are not so far out of sync that we need to download a ton of files for the upgrade. This is very useful when you don’t have much free space available in the root partition as the longer you wait the more files you have to download and the less free space we have for the actual upgrade.

Another thing I do that has helped me a lot is to ensure that you look at the packages being upgraded, specifically any packages being removed. Don’t upgrade if there are a lot of packages being removed without updated versions being installed. To give an example, I tried upgrading my system yesterday and it told me that it was going to “457 upgraded, 11 newly installed, 297 to remove and 0 not upgraded.” Looking at the packages it was going to remove I found that if I had blindly allowed the upgrade to proceed it would have ended up uninstalling my entire KDE install, VPN server and a whole bunch of other stuff. I waited for a day and tried again and the bug that was causing the system to insist on removing KDE during the upgrade was resolved and I was able to upgrade successfully.

I also pipe the output from the apt-get dist-upgrade command to a log file so that I have a log of what was changed and any errors are logged so I can look at it later in case there are issue. The command I use for that is as below:

apt-get dist-upgrade 2>&1 |tee ~suramya/Documents/Suramya/Computer\ Update\ Logs/StarKnight/2022/10032022

I keep all the logs from the upgrades so I can see exactly what was changed on the system and when. Makes it a lot easier to troubleshoot issues caused due to an upgrade.

If you have multiple systems, then I recommend you don’t upgrade all of them at the same time. I stagger them by a day or two so that in case of issues I have a working system. This has saved my sanity a few times.

Well, this is all for now. Do share any tips you might have for avoiding issues during an upgrade.

– Suramya

August 28, 2022

Debian looking at changing how it handles non-free firmware

Filed under: Computer Software,Linux/Unix Related,Tech Related — Suramya @ 5:38 PM

One of the major problems when installing Debian as a newbie is that if your hardware is not supported by an Open (‘free’) driver/firmware then the system doesn’t install any and then it is a painful process to download and install the driver, especially if it is for the Wireless card. In earlier laptops you could always connect via a network cable to install the drivers but the newer systems don’t come with a LAN connection (which I think sucks BTW) so installing Debian on those systems is a pain.

How this should be addressed is a question that has been debated for a while now. It was even one of the questions Jonathan Carter discussed in his post on ‘How is Debian doing’. There are a lot of people with really strong opinions on the topic and ‘adulterating’ Debian by allowing non-free drivers to be installed by default has a lot of people up in arms. After a lot of debate on how to resolve there are three proposals to solve this issue that are up for vote in September:

Proposal A and B both start with the same two paragraphs:
We will include non-free firmware packages from the “non-free-firmware” section of the Debian archive on our official media (installer images and live images). The included firmware binaries will normally be enabled by default where the system determines that they are required, but where possible we will include ways for users to disable this at boot (boot menu option, kernel command line etc.).

When the installer/live system is running we will provide information to the user about what firmware has been loaded (both free and non-free), and we will also store that information on the target system such that users will be able to find it later. The target system will also be configured to use the non-free-firmware component by default in the apt sources.list file. Our users should receive security updates and important fixes to firmware binaries just like any other installed software.

But Proposal A adds that “We will publish these images as official Debian media, replacing the current media sets that do not include non-free firmware packages,” while Proposal B says those images “will not replace the current media sets,” but will instead be offered alongside them.

And Proposal C? “The Debian project is permitted to make distribution media (installer images and live images) containing packages from the non-free section of the Debian archive available for download alongside with the free media in a way that the user is informed before downloading which media are the free ones.

Debian is not the more new user friendly system out there and a lot of distributions got popular because they took the Debian base and made it more userfriendly by allowing non-free drivers and firmware. So this is a good move in my opinion. Personally I feel that option B might be the best option that will keep both the purists and the reformers happy. I don’t think Option C is a good option at all as it would be confusing.

Source: Slashdot: Debian Considers Changing How It Handles Non-Free Firmware

– Suramya

Older Posts »

Powered by WordPress