Episode 435 Show Notes
Welcome to mintCast
the Podcast by the Linux Mint Community for All Users of Linux
This is Episode 435!
This is Episode 435.5!
Recorded on Sunday, April 14, 2024
Emulating everything I’m Joe; A Fanboy for Gameboy, I’m Bill; Rocking out, I’m Majid; and back to normal (whatever that is), I’m Eric
— Play Standard Intro —
- First up in the News: Mint Monthly News, Mint is testing new CDN setup for repositories, EndeavourOS ends ARM branch due to lack of help, Proton buys Standard Notes, Dynebolic portable Linux renewed after 10 year hiatus, APT 2.9 released, 3.0 announced;
- In Security and Privacy: Over 92,000 DLink NAS devices exposed via backdoor, with no patch (out of service);
- Then in our Wanderings: Bill gets his game on with a new handheld device, Joe gets his game on with every device, Majid gets to be the family IT guy, and Eric deals with technical debt.
- In our Innards section: Migrating Pihole and wireguard to an x86_64 system
- In Vibrations from the Ether, we have listener feedback about malicious Linux developer vulnerabilities
- And finally, in Check This Out, Bill discusses Fullup – The comprehensive update script for Arch Linux based systems
— Play News Transition Bumper —
The News
20 minutes
- HELP –
- Most of the news we put here comes from what is posted by our listeners to our Discord News channel. So, if you are aware of a news item that you would like us to cover, please let us know!
- Mint Monthly News – March 2024 (Eric)
- From the Linux Mint Blog (via londoner)
- Posted just too late (April 1st) for our last show Clem talks about upcoming changes and features for Mint 22.
- Linux Mint 22 installations will be better localized and use less disk space than before. Pre-installed packages for languages other than English and the one you select will be removed at the end of the installation, saving a significant amount of disk space post-installation.
- The Software Sources tool will feature support for the new Deb822 format.
- The default sound server in Linux Mint 22 will be Pipewire.
- The next version of Pix will support JXL images.
- Mint 22 will ship with the 6.8 kernel.
- A new thumbnailer for Gimp files was implemented.
- With GNOME 46, GNOME Online Accounts moves to GTK4. It can no longer be used by GTK3 applications. To solve this problem a new XApp called GNOME Online Account GTK was created. As with any XApp the goal is to work for everybody, in any desktop environment and in any Linux distribution. This will provide GNOME Online Accounts to any desktop that didn’t have access to it before (for instance: MATE and Xfce editions in Linux Mint). Both GTK3 and GTK4 versions will be available.
- Because in Ubuntu 24.04, Thunderbird has moved to a Snap the Mint devs decided to package it themselves, so it will continue to be available as a native .deb package.
- Work continues on the Chat Room application Jargonaut.It received a new layout, a tray icon, image thumbnails, channel events, nickserv authentication, text formatting, /me commands, scrolling/catch-up support, auto-completion, spell-check…etc.
- The package repositories were tuned last month to accept a larger number of concurrent connections. Although this helped address some of the issues we had, they’re still really slow when the traffic is high. Mint is currently working on a new partnership with Fastly, which has the potential to significantly and consistently increase the speed of the repositories.
- The popularity of the Linux Mint editions was recently measured. From a population sample over just over 5000 users, the following was found.
- Mint Cinnamon 42.7% excluding EDGE version
Mint Xfce 20.5%
Mint MATE 13.0%
Mint EDGE 12.6%
LMDE 11.2% - Advertising on the Mint websites was drastically reduced.
- Mint testing new CDN setup for repositories (Eric)
- In a later blog post, and in the Mint forums Clem has put out a request for users to test a new setup for the package repositories using a CDN (content delivery network) service from Fastly. There is a link to the linuxmint page on Github where full details on how to make the change are described. This has the potential for much faster download speeds with multiple points of presence across the globe.
- EndeavourOS Devs Say “Goodbye” to Their ARM Branch, Maintainers Needed (Joe)
- from 9to5 Linux
- Founder and project leader of EndeavourOS Bryan Poerwoatmodjo published today a short blog post announcing the end of the road of the distribution’s ARM branch due to a lack of recent upstream changes and maintainers.
- The EndeavourOS ARM branch was initially launched about three and a half years ago and it shipped its first installer with the EndeavourOS Artemis release, allowing users to easily install the Arch Linux-based distro on various ARM-powered single-board computers like the Raspberry Pi or ODROID N2/XU4.
- EndeavourOS ARM was based on the Arch Linux ARM project and maintained by a few members of the EndeavourOS community. Compared to upstream, EndeavourOS ARM offered a graphical installation method by using the popular Calamares universal installer for Linux-based systems.
- Unfortunately, it looks like the upstream Arch Linux ARM project is quite behind compared to the Arch Linux project, and recently the gap between the ARM and 64-bit (x86_64) architectures become bigger. This, combined with the frustration of the lead maintainer as he didn’t receive more help from the outside, led to the EndeavourOS ARM branch being abandoned.
- “EndeavourOS is a project on the side for everyone involved and enthusiasm is key to making it roll forward,” said EndeavourOS leader Bryan Poerwo. “Even though we are saying goodbye to the project with pain in our hearts, we completely understand Pudge’s decision.”
- But the good news is that the EndeavourOS ARM branch is still open for anyone who wants to take over the project. If you’re reading this and want to pick up where EndeavourOS ARM left off, check out the project’s GitHub page and join the team.
- EndeavourOS is a popular GNU/Linux distribution based on Arch Linux and leveraging the KDE software for its flagship ISO image. Similar to Arch Linux, EndeavourOS uses a rolling-release model, but it offers several community editions with various popular desktop environments and window managers.
- Standard Notes is joining the Proton family. – Majid
- from HowTo Geek
- roton started out as a single service, the encrypted and secure Proton Mail, but has expanded since then to become an entire ecosystem of connected applications. There’s now a password manager (Proton Pass), cloud storage service (Proton Drive), calendar app (Proton Calendar) and VPN (Proton VPN). Proton has just announced that it’s buying out a popular notes app, potentially adding another useful service to that library.
- Proton has just announced that it is buying out Standard Notes, an end-to-end encrypted note-taking app that is currently used by 300,000 people. The acquisition would see Standard Notes join the ecosystem of Proton apps. It’s not clear whether the service will be seeing a rebrand to “Proton Notes” or something along the lines—Proton is guaranteeing that the service will remain “independent,” but it also says that Standard Notes and Proton engineers will begin working together immediately, so make of that what you will.
- This is the second time Proton has completed an acquisition. Back in 2022, the company bought SimpleLogin, which later became part of the infastructure for Proton Pass. This is the first time Proton buys an actual app to integrate it into its ecosystem, however. The company says that prices for the service will not be changing, and likewise, if you have an ongoing subscription to Notes, this will still be honored. Proton might choose to integrate Standard Notes into its current billing scheme, however, and into its premium plans, so we’ll have to see how that looks once this merger is a bit more finalized. Both companies say that the merger is a no-brainer—after all, Standard Notes is already an app that has high standards of security, and supports end-to-end encryption.
- For now, we don’t know when, or if, the app will be changing a lot as it gets more integrated into the Proton ecosystem, but you should see no major changes at the moment. And as we said before, you should also see no changes to what you’re paying or how it’s billed. Things might turn around over the course of the coming months, however. Perhaps not branding-wise, but definitely in other ways at the very least.
- Dynebolic is a portable Linux distribution that can be used without installation (Bill)
- from ZD Net
- If you’re a digital artist or multimedia creator, and you’ve always dreamed of having an operating system that can travel with you, Dynebolic is back after a 10-year hiatus.
- There are plenty of Linux distributions that are geared toward specific tasks. There are distributions for desktops, servers, firewalls, routers, gaming, containers, file servers, forensics, penetration testing, and more. There are also distributions created specifically to help creatives do their thing.
- One of those distributions is Dynebolic, which rose in popularity a decade ago just as it ceased development. The great news for those who used to like Dynebolic is that the distribution is back.
- From the official announcement: “Ten years have passed and today we are back with a brand new Dynebolic 4.0 based on Devuan 5 “Daedalus”, live-boot and the Linux kernel 6.8 series.”
- Ten years is a long time in IT, but Rastasoft is confident it’s a return to form for its distribution. With the help of the KDE Plasma desktop, Dyenbolic has become a portable, creative operating system geared specifically for multimedia production, with plenty of audio and video tools to get the job done.
- ZDNET’s key takeaways
- After a 10-year hiatus, Dynebolic is back and can be downloaded and used for free.
- Dynebolic has everything you need for multimedia creation and runs as a live instance, so it’s portable and doesn’t make any changes to your default operating system.
- With Dynebolic, it’s WYSIWYG, so you don’t need to install any other applications.
- APT 2.9 Released: Debian’s APT 3.0 To Have A New UI With Colors, Columnar Display & More (Eric)
- From londoner:
- APT as the packaging tool built around Debian Linux is embarking on some big upgrades with the APT 2.9 development series to then roll-out as APT 3.0. There’s big improvements to the command-line user interface with the new APT and it’s certainly looking nice from my initial Friday night encounter.
- Released tonight was APT 2.9 as the latest version to this packaging tool used on Debian and derivatives like Ubuntu. Catching me by surprise in the release announcement was:
- “Welcome to the APT 3.0 development series. It has a new UI for apt(8). It has colors, columnar display, some more padding, and shows removals last (Closes: #755088), making the output more easy to quickly scan.”
- Catching my interest, I decided to quickly try a test build of APT 2.9 on an Ubuntu box.
- Ooo yes APT is finally sporting colored text.
- I immediately loved the columnar format for the APT output. Paired with the colors and columnar format, the new text UI is a big improvement over the long-standing APT output.
- Debian APT 2.9 looking good
- While just spending a few minutes with the new APT 2.9 build, it’s a big improvement in my perspective over how APT has long looked with its text user interface. This will culminate with the APT 3.0 stable release but already the coloring and columnar layout is a big improvement for quickly sorting through the output when involving a long list of packages.
- It’s looking nice and I’m looking forward to APT 3.0. Downloads and more details on today’s APT 2.9 release to Debian unstable via the v2.9 announcement.
- Check the link in the show notes to see the various images related to this article. This article is written by Michael Larabel.
- According to 9to5Linux APT 3.0 will be installed in the upcoming Debian GNU/Linux 13 “Trixie” operating system series, due out in June-July 2025, and, of course, Ubuntu 24.10, which should be available later this year in October.
— Play Security Transition Bumper —
Security and Privacy
10 minutes
- Over 92,000 exposed D-Link NAS devices have a backdoor account
- from Bleeping Computer
- A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models.
- The researcher who discovered the flaw, ‘Netsecfish,’ explains that the issue resides within the’/cgi-bin/nas_sharing.cgi’ script, impacting its HTTP GET Request Handler component.
- The two main issues contributing to the flaw, tracked as CVE-2024-3273, are a backdoor facilitated through a hardcoded account (username: “messagebus” and empty password) and a command injection problem via the “system” parameter.
- When chained together, any attacker can remotely execute commands on the device.
- The command injection flaw arises from adding a base64-encoded command to the “system” parameter via an HTTP GET request, which is then executed.
- “Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the system, potentially leading to unauthorized access to sensitive information, modification of system configurations, or denial of service conditions,” warns the researcher.
- The device models impacted by CVE-2024-3273 are:
- DNS-320L Version 1.11, Version 1.03.0904.2013, Version 1.01.0702.2013
- DNS-325 Version 1.01
- DNS-327L Version 1.09, Version 1.00.0409.2013
- DNS-340L Version 1.08
- Netsecfish says network scans show over 92,000 vulnerable D-Link NAS devices exposed online and susceptible to attacks through these flaws.
- After contacting D-Link about the flaw and whether a patch would be released, the vendor told us that these NAS devices had reached the end of life (EOL) and are no longer supported.
- “All D-Link Network Attached storage has been End of Life and of Service Life for many years [and] the resources associated with these products have ceased their development and are no longer supported,” stated the spokesperson.
- “D-Link recommends retiring these products and replacing them with products that receive firmware updates.”
- The spokesperson also told BleepingComputer that the impacted devices do not have automatic online updating capabilities or customer outreach features to deliver notifications, like current models.
- Hence, the vendor was limited to a security bulletin published yesterday to raise awareness about the flaw and the need to retire or replace those devices immediately.
- D-Link has set up a dedicated support page for legacy devices where owners can navigate archives to find the latest security and firmware updates.
- Those who insist on using outdated hardware should at least apply the latest available updates, even if those won’t address newly discovered problems like CVE-2024-3273.
- Furthermore, NAS devices should never be exposed to the internet as they are commonly targeted to steal data or encrypt in ransomware attacks.
- xz?
— Play Wanderings Transition Bumper —
Bi-Weekly Wanderings
30 minutes (~5-8 mins each)
- Bill
- Well, I purchased one of these hand-held retro gaming devices from Amazon after listening to an episode of Linux Unplugged where Chris, Wes, and Brent raved on and on about this thing. I have to say, they were right. This thing is actually pretty cool. It has most of the top emulators by default, including some I’ve never heard of. The number of games pre-loaded on it is staggering. It runs on a forked version of Ubuntu 19.10 which is fine, because the device isn’t connected to the network as such. The device is called the R36S, made by a company called Manyun. The form factor is something closely resembling a Gameboy except it has the “trigger” buttons on the bottom to enable Playstation emulation. It’s provisioned for two micro sd cards, presumably one for the os, and the other for games and media files. The device bills it’s self as a “multi-function entertainment device. So you can take your downloaded movies, music and whatnot on the go. In a time of Spotify and Youtube, I’m not sure what value a device which essentially offers the additional functionality of Zune offers, but there you go. I have to say the screen is the most surprising thing, as it offers nearly equal quality to a modern smartphone, though it’s a native 4:3 ratio screen, which is appropriate for the types of games it plays. Battery life is about what you’d expect, and it can be plugged into USB-C for charging and use, and has a user-replaceable battery. Over all, I’m pleased with the little device, and I recommend it to anyone who would enjoy an on the go retro gaming device. Best of all, it runs on Linux
- I want to take advantage of my wanderings to talk a little about a relatively new feature we’ve implemented for the show. Some time back, I announced that we’ve began offering clickable chapter time stamps for the audio only version of the show for podcast players that support the podcasting 2.0 feature sets. Listeners can now skip around to the sections they want to listen to either from the “chapters” menu on their podcast players, or from the timestamp on the episode description. To that we’ve added the ability to go to the specific section of the show notes related to the section of the show of your choice. Each timestamp consists of two separate links: one which instructs the player to jump to a desired spot in the show, and another that opens the show notes directly to the section the listener wants. For those of you that listen to the show through the browser from our website, you have the same functionality on each episode page. I’d be interested to know what everyone thinks about that. Let us know: [email protected], or comment directly on the website.
- Joe
- More steam deck fun. I have really been enjoying messing around with this thing and am happy that i decided to keep it.
- I did play a bunch more of Skyrim which i tend to play in the evenings if my wife is playing one of the batman games so that we are at least spending time in the same room doing something “together”
- But I also redid my retro setup and decided to try out emudeck which i am very impressed with. Also added a 64gb microsd and then used my old PSP setups to transfer a bunch of games over and get started with testing and playing. I am still working on getting MAME working correctly but most of the others are working well.
- I spent some time playing the ps1 version of Hydro Thunder. I really love that game. And it worked perfectly. I had to tweak some settings for the refresh rate to get NES running well but once that was set to 30 it looked and sounded great.
- I also was able to find some videos online of people playing the 360 version of hydro thunder hurricane on the deck and am interested in giving it a try. None of them listed the methods that used to rip the bios or the game to get it running so i have some research to do. I like the original version but it lacks in any kind of story mode or being able to build on itself
- I attempted to get Crimson Skies the xbox version running in emu deck but i had the same issues with the hud that i was having with the appimage. Emudeck uses flatpaks. But i was able to do some research on the internet and in the comments of a fix that worked for someone else i found a launch variable that created the HUD. It is a little bit smaller than i would like but now the game is playable. I need to get good at it again however.
- I know i talked last time about the design that i was doing for a mounted rail system but i did decide to go a different direction. I found that a commercial company was releasing their product as a 3d model and i decided to go with that.
- It is called deckmate, which provides a quick release latch system and frame that wraps around the back of the steam deck. It requires 2 springs 3 heatset inserts and 3 screws as well as some double sided tape for the universal mount. The instructions call for 2.5m heatset insert and screw but all i have is 3m but i was able to make it work with some minor issues. I did not want to spend a lot of money on hard ware so i used the 3m inserts and i also got some pens from the dollar store to get the springs from.
- The amount of heat required to put in the inserts caused a couple of problems with the shape but i was able to put things back into mostly correct positions and get 2 of them working
- I am planning on putting a battery on one of them but the other i decided to put a port replicator/ hub on there and see how i like that one.
- I also 3d printed a different stand to try out that has nubs for the screw holes in the back allowing for a more stable base and less sliding around in the dock. It also fits well with the deckmate attached and stays on when you pick it up. This helps when siting it on your knee
- I also went back and played some more borderlands 2. I adjusted the controls and turned on gyroscopic aiming which allows for a bit more precision in control and while I am not as good with it as I am with keyboard and mouse I find it playable.
- My hunt for a new low cost used soundbar has seen some movement. At this point I would have been better off just buying new but I like taking my chances. I got a used 16 inch soundbar from goodwill for an ok price. Surprise surprise when I got it home it did not turn on.
- This actually made me happy. The first thing that I checked was the power supply which was working fine. But then I started taking it apart. Turns out I was not the first person to do that and the last person had snapped the tiny ribbon cable.
- I have watched videos of people trying for hours and hours to fix those with no luck at the end but I decided to give it a shot anyway. I removed the broken portion and set it to the side and pulled out my needle files and very carefully shaved down to the copper.
- Then I super glued the insertion piece from the broken cable onto the back of the part that I filed and very carefully inserted into the connector. Took a little force but it went in and closed without breaking.
- Loved that fix. It was a little difficult to get all the screws back into place without putting pressure on the connector but in the end it was working again. But it is working well.
- There was a bunch more but I think that I will save the rest of it for the next bi-weekly in case I get a slow couple of weeks
- Moss
- Majid
- So Ramadan finished this week, and we had our Eid Festival. I ate a LOT of biryani and desserts! Was nice to have family time. Eid Mubarak to everyone.
- Also realised its my 1-year anniversary on MintCast. Was on OTC last week, not my best!
- I mentioned last week about putting Mint on my wifes Elitebook. Both wife and daughter liking using it as its more performant. However they don’t like the reduced battery life. I don’t think its a massive decrease compared to the original Windows 10 install. But I think the fact that it doesn’t drain uniformly is the issue. I think my daughter lost some work because she believed the battery counter. I therefore decided to install Slimbook battery which we have discussed before. It looks like the battery is lasting longer, but again not sure its uniform. I decided to put it on my other devices. Working fine on the Mint Zenbook, but not so much on my Ubuntu 23.10 device. Installs, but when I try to launch it, no GUI comes up. However, Ubuntu still seems to think its running. Its probably my fault, but I havent figured out why yet.
- Been playing with Scrcpy, its pretty cool, however ive noticed that sometimes the touch functionality wont work.Again not an issue on myMint install, but problematic on the work Ubuntu machine. I also tried to get the wireless facility up and working and couldn’t for the life of me do it. For some reason, it seams that the Ubuntu box sees 2 devices over adb when I plug my s24 ultra in. Im not sure why, need to try it out on my Mint box to see if its a 23.10 issue.
- Speaking of 23.10, planning on upgrading to the 24.04 beta when I can.
- Moved back to Firefox after my experiment with Floorp. First time I’ve really noticed differences between the ESR and later releases. Did wonder which package format would be best. Some discussion online that the flatpak is better then the .deb which I thought was the wrong way round. Went with that, I cant say I notice much, however I have heard other contributers saying it effects nextclouds and dark themes in our discord.
- After resurrecting my Pixel 3a and OnePlus 6 with lineageOS, I managed to sell them on for modest prices. Could have got more I suppose, but since at one point both were dead (thanks linux) Im taking it as a win.
- I had thought of giving one of them to my mom who was running a Umidigi Power (I checked the model) from Amazon. As I mentioned before this hasnt had any software updates since 2019, and security updates from 21/22. However, my mum said she’d only want a device with 128gb of storage as she is finding 64gb not enough.Now that device does have an extra 32gb microsd card in, but she isnt technical enough (she is 74!) to figure out how to default save images,videos etc to the microsd. So my way around this was to give my “work” Redmi 12+ 5G which has 128gb storage (and pretty good specs) and replace that with a Nothing Phone 2a. I’de been fascinated with Nothing devices, and they remind me a lot of the early days of Oneplus. I had the Nothing Ear 1s too, and found them really good too. Anyhoo, for £319 it seemed a reasonable deal, so gave the Redmi to my mum (and shes enjoying it) and got the 2a. Its nice, very clean, original aeshetic, the glyph interface is a bit gimmicky, but its original at least. Worked well when I’ve been doing some long shifts this week.
- My mum insisted i sell the old phone. Theres no way I’m getting anything beyond 20 quid for that, so im looking at other uses. Dashcam is my favourite idea so far.
- I decided to keep the Buds 2 Pro as they’ve gone back up in price, and so I wont get them that cheap again. Plus I found out why they didn’t sound as good as the reviews suggested. When you have the 360 spatial audio settings on, it increases the treble and high end in general. I switched it off, and it was a lot better, so much so that its the other reason I’m keeping them.
- So I had had a free trial of Amazon Music unlimited to enjoy all this spatial audio stuff. I decided that it wasnt worth the extra 10 quid a month to have though, and I wasnt going to cancel my Spotify for the slighlty better quality. Now I did my best to cancel this, it was not an easy process, and required quite a biit more googling then I anticipated. I did it on my phone, through the app, through a mobile browser, and was pretty sure it was cancelled. The other day I decided to check on my desktop browser. It had NOT cancelled, as the appropriate cancel membership button was buried deep in some other setting. Not impressed. Mrwhosetheboss has a good youtube video on how companies scam you, enshittification etc. This was classic big tech. Yes it is cancelled now…but not after they had already deducted the money for this month. I reiterate,not impressed.
- I am planning on using my s24 ultra morefor games. What im thinking is to use dex, and then play on the big screen. I have an old PS4 controller, but wondering whether its worth getting a usb c controller instead as I havent got s many microusb chargers/cables like I used to.
- Continuing with Constellation, its slow, but good.
- Was excited when X Men 97 started a few weeks ago, wasnt as impressed with the last few episodes as it seemed \ bit derivative. I decided to skip Ep 5. What a mistake, by the time I’d heard the spoiler filled reviews explaining what happened, I had to go and watch it. What an episode, I was almost tearful at the end.
- I’ve always been a Nirvana fan, they are one of the reason I learnt to play guitar. However I seemed to have missed the release in 2019 of their Live N Loud seattle show which they did in late 1993 on MTV. Probably the best live performance of them I’ve ever seen. The audio is really good, and the bass parts really punch.
- Fell into a real Youtube rabbit hole. Guy who does metal covers of old cartoon shows. Was occupied for ages!
- My scheduling hasnt been the best again, and I’ve got 3 weekends on the trot coming up, not looking forward to it. Can be quite anxiety inducing. Lets hope I(and more importantly the patients) survive!
- Eric
I’m feeling a lot stronger and have much less pain from my recent surgery so I have been to get back to using a computer instead of just mobile devices. Having spent a little over a month relying on Android, it has mostly been nice to get back to actual multitasking with Linux, a keyboard, and mouse.
I say “mostly” because I had to deal with some deferred maintenance on both my laptop and my tablet PC. The Latitude tablet had been running Fedora 38 Workstation with GNOME which had been performing fine for several months but had eventually gotten very slow, to the point where it was almost unusable. Just about every action, from copying files to opening applications, took an inordinately long time. I did troubleshoot the common reasons for this behavior but wasn’t able to find anything obvious.
It ultimate didn’t matter because I needed a system to test a distro for Distrohoppers’ Digest. I wanted to test KDE Plasma 6 and the easiest way I could see to do that was using KDE neon. If you’d like to hear more about that experience, please listen to episode 51 of Distrohoppers’ Digest. I will say that it ended up not being the ideal setup for me so I wanted to try something else which ended up being Arch by way of EndeavourOS. I had thought perhaps I’d stick with Plasma 6 but I didn’t find it to be as ideal for a tablet PC as GNOME is so I switched back.
Arch, from a lazy man’s perspective, is a lot of extra work that I don’t normally have to deal with when using many more user experience focused distros. One example include having Bluetooth preinstalled but not enabled and, even once enabled, is lacking numerous configuration options to make it work like you’d expect. Others include setting up sudo, bash configuration, fonts, and so on. Arch doesn’t make many assumptions for their users which is something that Arch users appreciate but is frustrating for lazy people like me who want a turnkey experience. The one overwhelming positive that I can concede is that Arch feel lean and fast, especially on lowered powered hardware.
The other machine, the Dell XPS 15 laptop, has been happily running Linux Mint for over a year however I’m now having a disk space issue. I’m not sure how but when I initially installed Mint I somehow picked BTRFS with home directory encryption. I have had zero luck figuring out how to free up space on the root partition and, consequently, am almost out of space. I have removed as many large files as I can but it doesn’t seem to make a difference. For now, I am ignoring it but I will either have to figure it out soon or just wipe the install and start fresh. I’m partially inclined to start fresh since it’s been more than a year and there is certainly a good bit of cruft that has built up over that time.
— Play Innards Transition Bumper —
Linux Innards
30 minutes (~5-8 minutes each)
- Migrating Pihole and wireguard to an x86_64 system
- This innards is about me migrating away from the pi zero w for my dns sinkhole and my wireguard setup. The reason I decided to do this is because the zero w is over wifi and the wireguard setup was only getting 10mbps max.
- I had a Gigabyte Brix GB-BXA8-5545 mini pc that was just sitting around doing nothing and I figured that I might as well put it to use and maybe also use it as a settop box and get back my dell latitude that needs a new screen. Also with the Brix being wired I should get much faster speeds on the wireguard settup.
- This will also allow me to free up th pi for a future project
- So the first thing that I did was try to find my ventoy stick that had mint already on it. But I did not find it. However I did find a couple of other usb sticks that I had sitting around so I decided to make another ventoy stick. I had gone through this process recently before so I had a good copy of ventoy and a good copy of mint.
- Should be an easy process right? Well the first stick that I made kept coming up with an error about needing to load the kernel first after it had gone through the ventoy screen and I was trying to bring up the live version of mint.
- Same with the second. So I decided to try a couple of things at the same time to isolate the problem. I started downloading a new copy of ventoy and a new copy of mint and even though my research online said that it was probably an issue with the USB sticks I decided to just image one of them and see how things worked out.
- Research was easy because I was in my garage and I was using the portable monitor attached to my chair and the usb switcher that I use for work to move the mouse and keyboard back and forth.
- Well the barebones install of mint on the usb stick worked fine and I was able to install just fine.
- OK, next up install openssh so that I can access everything externally and while I am at it install x2goserver so I can work on a bigger screen if needed and I can hook back up the work computer to the mouse and keyboard.
- Next up pihole, which from my readings can be installed on x86. Turns out you can install it but it looks for the OS you are running and really only wants to install on UBUNTU using the script. But you can tell it to skip the OS check as in below:
curl -sSL https://install.pi-hole.net | PIHOLE_SKIP_OS_CHECK=
true
sudo -E bash
- Normally I would be a bit paranoid about running things from a script but this one is well know and I don’t have any concerns about it. It installs just the way that it does on the PI and the only real thing of note is picking the external DNS which I chose adguard so that I have a bit of redundancy. Everything worked with pihole pretty easy and I was able to get to the pihole interface easy enough. But that was all that I checked at that time and did not verify that it was actually working.
- Next up wireguard. I kinda figured that it would be the same process as pi-hole and that I would be able to just run the pi script to get it working probably having to pass the skip os command again but that did not work so I went and found
- Wireguard-manager. It really did make things simple. As a matter of fact it made things so simple that I kinda breezed through it. I did notice that it had its own ad blocker and I kinda figured I would try it out and have a bit more redundancy in regards to my phone connecting with my adblocking
- This turned out to be a mistake. I was able to connect to the wireguard instance but I had not network. It looked like it was connected on my phone but I could not reach out to anything.
- My first assumption is that something is wrong with the pi-hole setup and I take a closer look at the interface and I see a couple of errors.
- There was a problem with port 53, pi-ole could not connect to anything because something else was using the port. The first thing I tried was simply changing the port inside pi-hole to 54 and that worked but it did not find the problem and there was still no internet on the client side.
- I started checking what was using port 53 using the command
- ss -tulpn sport = 53
- turns out it was an application called unbound which was installed when I added the adblocking for wireguard. The easiest solution was to use the wireguard-manager script to uninstall and reinstall without the added adblocking.
- This still did not fix the client. Still looked like it connected but no internet
- pi-hole had an error with the PHP as well but that was easily resolved with a service restart
- So I started looking elsewhere for the issue. By that point I had done several hours worth of searching on pi-hole forums on various things to try but nothing seemed to work. I almost said to heck with it and installed ubuntu to see if it was an issue with mint but I decided to take a look at the client first
- Sure enough I went into the logs on my phone and it was showing a handshake error. It was finding the server but could not complete the handshake and the application was redirecting traffic into nothing
- Well me being an idiot sometimes I had remembered to forward my port but I forgot that it needed to be UDP instead of TCP
- So yeah basically I had trouble on every step of that process and it all turned out to be a major issue between the keyboard and chair
- But when finished I was able to compare the two wireguard setups and the Brix which is setup out in my garage on 100mbps connection was able to provide the whole 100mbps up and down from a remote location and the pi was only giving 10. So worth the hassle.
- But oh wait I didn’t stop there. I decided to also install a full instance of my nextcloud on the device as a full time backup since the one on the onegx doesn’t get turned on all the time. I had a 1tb external hdd sitting around not doing anything anyway
- But I decided to do it from x2go while using my main computer. I tried cinnamon but no task bar at the bottom, I had gone through this process before on some other machines and then the solution was KDE but on the brix it wont even load, same with mate.
- LXDE worked though and worked pretty well. I have my issues with the base install of LXDE but it gets the job done in this instance. Flatpak install of nextcloud and add it to the startup.
- Attach the hard drive and setup the automount and then unmount and create the mount folder and change the permissions. Then automount and make sure that it is in the correct spot
- Back to nextcloud to put in the user info and set the storage location and let it do its thing. Restart to test and every thing works and syncs no issues
- So now I have done all this work and everything is going great. The dns sinkhole works the wireguard works and is brilliantly fast, my nextcloud is properly redundant and the first thing that goes through my head is: I should migrate this to the Dell Latitude that is hooked up in the living room, roughly the same power if not a bit more and the power consumption would probably be less. The next thing I thought to myself was shut the hell up you.
— Play Vibrations Transition Bumper —
Vibrations from the Ether
20 minutes (~5 minutes each)
- Listener sunfun sent an email:
Security Now just covered the EXTREME “malicious Linux developer” vulnerability that i have REPEATEDLY mentioned to NUMEROUS Linux podcasts over the last 15 years! The Linux community is either apathetic, stumped, or just bewildered on how to fix this! Security Now just implied the problem is that the Linux community simply tests new software via “encrypted” or “zipped” submissions, that can’t see the malicious behavior.
My question has always been: “what is stopping someone from just submitting a malicious update, then reverting it in a few days to avoid detection? Answer from the Linux community: total silence, crickets 😦
My longstanding recommendation: “AT LEAST save all update revisions, to have a CHANCE of back-auditing them to see what was installed! Answer from the Linux community: total silence, crickets 😦
Here is the Security Now YouTube video start time code mentioning this yesterday…
— Play Check This Transition Bumper —
Check This Out
10 minutes
- Fullup – The comprehensive update script for Arch Linux based systems. Bill
- For a few years now I’ve been fleshing out a nice little script for Arch Linux based systems that greatly simplifies the process of optimizing the mirror list, updates the packages, including AUR stuff and flatpaks, and cleans the cache. The script works by first checking to see if your have all the necessary packages to do the work, such as “Reflector” “Yay” and “pacman-contrib”, then it runs the necessary tasks. If the system doesn’t have the necessary tools installed, it will do that for you. This is a good way to set up an optimized mirror list and get easy AUR support quickly and easily on newly installed Archlinux systems. If you run Arch, Endeavour, Manjaro, or the like this could be an excellent time saver. Us it all one need do is download it, mark it executable, then either run it from the terminal by prepending the ./ or put it in a directory recognized by your shell as being in your $PATH for executing binaries and scripts. Let me know what you think. One bit of functionality I’d like to add is to check the users locale, then run the “Reflector” command cooresponding with the users location. I’ve not figured out how to do that yet. For now, if the user lives outside the US, they’ll have to edit the script, changing the “US” in the Reflector command to point the tool to the appropriate locale.
- Atari 400 mini
- I kinda want this. Or I want to print my own. Dont think I would use it I just want the display piece.
Housekeeping & Announcements
- Thank you for listening to this episode of mintCast!
- If you see something that you’d like to hear about, tell us!
Send us email at [email protected]
Join us live on Youtube
Post at the mintCast subreddit
Chat with us on Telegram and Discord,
Or post directly at https://mintcast.org
- Next Episode – 2 pm US Central time on Sunday, April 28, 2024.
- Get mintCast converted to your time zone
- for 435 Next Roundtable Live Stream – 2 pm US Central time on Saturday, April 20, 2024.
- Get the Roundtable Live Stream converted to your time zone
- for 435.5 Next Roundtable Live Stream – 2 pm US Central time on Saturday, May 4, 2024.
- Get the Roundtable Live Stream converted to your time zone
- Livestream information is at mintcast.org/livestream
Wrap-up
- Joe – Tllts.org, linuxlugcast.com, [email protected], Buy Joe a coffee
- Moss – Full Circle Weekly News, Distrohoppers’ Digest, [email protected], Mastodon @[email protected],
- Bill – [email protected], Bill_H on Discord, @[email protected] on Mastodon, also – checkout my other two podcasts Linux OTC and 3 Fat Truckers
- Majid – [email protected] @atypicaldr870on twitter, AtypicalDr on instagram and The Atypical Doctor Podcast on Spotify and also Linux OTC.
- Eric – You can hear and see me on this and the Linux OTC podcasts as well as the Linux Saloon and LinuxLUGCast streams. If you’d like to get in touch with me I can be reached by email at [email protected] or numerous other places such as Discord and Telegram. Check the show notes for specifics.
Discord (eric_adams), Telegram (https://t.me/ericadams), Matrix (@esa1975:matrix.org), and Mastodon (https://fosstodon.org/@ericadams)
Before we leave, we want to make sure to acknowledge some of the people who make mintCast possible:
- Someone for our audio editing
- Archive.org for hosting our audio files
- Hobstar for our logo, initrd for the animated Discord logo
- Londoner for our time syncs and various other contributions
- Bill Houser for hosting the server which runs our website, website maintenance, and the NextCloud server on which we host our show notes and raw audio
- The Linux Mint development team for the fine distro we love to talk about <Thanks, Clem … and co!>
— Play Closing Music and Standard Outro —
Recent Comments