Configuration Common Linux: Difference between revisions

From miki
Jump to navigation Jump to search
 
(38 intermediate revisions by the same user not shown)
Line 133: Line 133:
sudo systemctl enable fstrim.timer
sudo systemctl enable fstrim.timer
sudo systemctl start fstrim.timer
sudo systemctl start fstrim.timer
</source>

;Systemd
* Add ourselves to group '''adm''' to get journalctl log for the whole system
<source lang="bash">
journalctl -b | head
# Hint: You are currently not seeing messages from other users and the system.
# Users in groups 'adm', 'systemd-journal' can see all messages.
# Pass -q to turn off this notice.
sudo gpasswd -a $USER adm
# ...logout
journalctl -
b | head
</source>
</source>


Line 305: Line 318:
sudo apt install gufw
sudo apt install gufw
</source>
</source>

If necessary, restore old '''gufw''' profiles from {{file|/etc/gufw}}.


=== X11 ===
=== X11 ===
Line 319: Line 334:
gsettings set org.gnome.desktop.input-sources xkb-options "@as ['caps:escape']"
gsettings set org.gnome.desktop.input-sources xkb-options "@as ['caps:escape']"
* Fonts &mdash; disable ''embedded bitmaps''. See [[Fonts#MS Fonts not rendering correctly|Fonts]].
* Fonts &mdash; disable ''embedded bitmaps''. See [[Fonts#MS Fonts not rendering correctly|Fonts]].

;On Xfce
* In the shell:
<source lang="bash">
setxkbmap -option caps:escape # Note: caps:swapescape doesn't work for me (caps does caps+esc).
</source>

* Permanent (not tried), edit {{file|/etc/default/keyboard}}:
<source lang="bash">
XKBOPTIONS="caps:escape"
</source>


== Desktop - Gnome ==
== Desktop - Gnome ==
Line 397: Line 423:
* Recent alternative: https://github.com/gonzaarcr/Fildem
* Recent alternative: https://github.com/gonzaarcr/Fildem


;Custom Corner (Gnome-shell &lt;= 3.30)
;Custom Hot Corner - Extended
* Install from the store ([https://extensions.gnome.org/extension/1037/customcorner/ Custom Corner])
* Install from the store ([https://extensions.gnome.org/extension/4167/custom-hot-corners-extended/])
* Set ''Show activity'' for all top corners on both monitors.
* Top left corner: ''Gnome default'' (default).
* Built-in alternative: there is however also '''Gnome settings -> Multitasking -> Hot Corner'''.
* Top right corner: ''Show overview''.


=== Gnome theme ===
=== Gnome theme ===
Line 410: Line 436:
;Mojave light theme (Debian Buster / Bullseye / Bookworm)
;Mojave light theme (Debian Buster / Bullseye / Bookworm)
* Guide on [https://www.omgubuntu.co.uk/2017/03/make-ubuntu-look-like-mac-5-steps OMG buntu].
* Guide on [https://www.omgubuntu.co.uk/2017/03/make-ubuntu-look-like-mac-5-steps OMG buntu].
* '''FIX''': Make sure to include fix for [https://github.com/vinceliuice/Mojave-gtk-theme/pull/223 bad bg color in light theme (PR)].
<source lang="diff">
--- /usr/share/themes/Mojave-light/gnome-shell/gnome-shell.css 2022-04-28 08:48:55.877668709 +0200
+++ /usr/share/themes/Mojave-light/gnome-shell/gnome-shell.css 2022-04-14 08:42:57.953109488 +0200
@@ -2531,7 +2531,6 @@
.popup-menu .popup-menu-content {
padding: 10px 0;
font-weight: normal;
+ background-color: rgba(241, 241, 241, 0.85);
}
</source>
* Download and install [https://www.gnome-look.org/p/1275087/ McMojave]:
* Download and install [https://www.gnome-look.org/p/1275087/ McMojave]:
<source lang="bash">
<source lang="bash">
Line 483: Line 520:
* Disable emoji shortcut Ctrl-Shift-E (interfere with [[Terminator]]).
* Disable emoji shortcut Ctrl-Shift-E (interfere with [[Terminator]]).
:* Launch <code>ibus-setup</code>, and delete the shortcut for emoji.
:* Launch <code>ibus-setup</code>, and delete the shortcut for emoji.
* Disable '''gnome-software''' from autostarting (to reduce memory consumption) [https://www.reddit.com/r/gnome/comments/gn8rs4/how_to_disable_gnome_software_autostart/]:
<source lang="bash">
# Disable Gnome Software autostart
mkdir -pv ~/.config/autostart && cp /etc/xdg/autostart/gnome-software-service.desktop ~/.config/autostart/
mkdir -pv ~/.config/autostart && cp /etc/xdg/autostart//etc/xdg/autostart/org.gnome.Software.desktop ~/.config/autostart/
echo "X-GNOME-Autostart-enabled=false" >> ~/.config/autostart/gnome-software-service.desktop
echo "X-GNOME-Autostart-enabled=false" >> ~/.config/autostart/org.gnome.Software.desktop
dconf write /org/gnome/desktop/search-providers/disabled "['org.gnome.Software.desktop']"

# Disable Gnome Software automatic updates
dconf write /org/gnome/software/allow-updates false
dconf write /org/gnome/software/download-updates false
</source>
* Keyboard - Lower window below other windows, set to {{kb|Ctrl-Shift-/}}


== Development packages ==
== Development packages ==
Line 526: Line 577:
sudo vi /etc/fstab # Add the following line
sudo vi /etc/fstab # Add the following line
# //mystique/local /mnt/mystique/local cifs noauto,vers=1.0,_netdev,noperm,iocharset=utf8,sec=ntlm,username=superwoman 0 0
# //mystique/local /mnt/mystique/local cifs noauto,vers=1.0,_netdev,noperm,iocharset=utf8,sec=ntlm,username=superwoman 0 0
</source>

=== BorgBackup / Borgcronic ===
* Install borgbackup & borgcronic, reusing our existing configuration:
<source lang="bash">
sudo apt install borgbackup
sudo ./borgcronic install borgbackup:borgbackup:/home/borg/repo
</source>
* Restore file {{file|/etc/borgcronic.conf}}
* Restore root ssh config ({{file|/root/.ssh}} folder and {{file|/etc/hosts}}.
Host borgbackup
User borg
HostName dumbledore
ForwardX11 no
ForwardX11Trusted no
ProxyCommand none
ServerAliveInterval 10
ServerAliveCountMax 30
IdentityFile ~/.ssh/id_ed25519_borg_zavcxl0006
* Restart and test
<source lang="bash">
sudo ssh borgbackup # Should report tty error. Ctrl-C.
sudo systemctl restart borgcronic
sudo borgcronic exec list # say 'Yes'
</source>
By default, cron will trigger borgcronic daily / every 6h.

=== Chromium ===
Enable Chromecast:
* Go to <code>chrome://flags/#load-media-router-component-extension</code>
* Set to '''Enabled'''.

=== Dropbox ===
* Download from https://www.dropbox.com/install-linux

=== Courier ===
<source lang="bash">
sudo apt-get install courier-imap courier-doc gamin
cd /etc/courier/
sudo vi authdaemonrc # Set authmodulelist="authuserdb"
sudo makeuserdb
sudo vi userdb # Restore pwd for user 'st' and 'peetersm'
# See Courier page to generate new
sudo etckeeper commit "courier config"
sudo systemctl restart courier-authdaemon
</source>
</source>


Line 742: Line 838:
=== NFS ===
=== NFS ===
*'''NFS Server''' (<tt>nfs-kernel-server nfs-common rpcbind</tt>)||See [[NFS]] for more details; Created entries in <tt>/etc/exports</tt>. ''rpcbind'' replaces ''portmap'' since Oneiric.
*'''NFS Server''' (<tt>nfs-kernel-server nfs-common rpcbind</tt>)||See [[NFS]] for more details; Created entries in <tt>/etc/exports</tt>. ''rpcbind'' replaces ''portmap'' since Oneiric.

=== Owncloud ===
* Install {{deb|owncloud-client}}.
* Start the client, and make sure the client is started at login.
* Make sure appindicator gnome extension is installed, or status icon will not show up.
* If owncloud icon does not show, there is maybe a racing condition. We fix by delaying start by 3s.
<source lang="bash">
sudo vi /usr/local/bin/owncloud-delayed # Content as below
# #! /bin/bash
# sleep 3 && exec /usr/bin/owncloud &
sudo chmod 755 /usr/local/bin/owncloud-delayed
sed -r 's/^Exec.*/Exec=/usr/local/bin/owncloud-delayed' ~/.config/autostart/ownCloud.desktop
</source>
* Use {{file|~/owncloud}} instead of {{file|~/ownCloud}}.

=== PipeWire ===
We follow instructions from [https://wiki.debian.org/PipeWire#Debian_Testing.2FUnstable Debian Wiki].

<source lang="bash">
# Install WirePlumber and enable it
sudo apt install wireplumber pipewire-media-session-
sudo apt purge pipewire-media-session
systemctl --user --now enable wireplumber.service
sudo rmdir /etc/pipewire/media-session.d/
sudo rmdir /etc/pipewire

# Restart, check that PW took over
sudo shutdown -r now
LANG=C pactl info | grep '^Server Name'
# Server Name: PulseAudio (on PipeWire 0.3.50)

# Enable ALSA through PipeWire
sudo apt install pipewire-audio-client-libraries
sudo cp /usr/share/doc/pipewire/examples/alsa.conf.d/99-pipewire-default.conf /etc/alsa/conf.d/
sudo etckeeper commit "Enable ALSA through pipewire"

# Enable JACK through PipeWire
sudo apt install libspa-0.2-jack
sudo cp /usr/share/doc/pipewire/examples/ld.so.conf.d/pipewire-jack-*.conf /etc/ld.so.conf.d/
sudo ldconfig
sudo etckeeper commit "Enable JACK through pipewire"

# Enable bluetooth through PipeWire
sudo apt install libspa-0.2-bluetooth pulseaudio-module-bluetooth-
</source>

Relevant configuration files:
* Bluetooth &mdash; {{file|/etc/pipewire/media-session.d/bluez-monitor.conf}}
:* Or per-user {{file|~/.config/pipewire/media-session.d/bluez-monitor.conf}}

;Workarounds
* Disable speech in Firefox. Open <code>about:config</code>, and set the following keys to <code>false</code>, then restart Firefox. [https://gitlab.freedesktop.org/pipewire/pipewire/-/wikis/Performance-tuning#firefox]
reader.parse-on-load.enabled false
media.webspeech.synth.enabled false

=== Recoll ===
See [[Recoll]].

Indexing mails from another user requires that Maildir is readable.
By default, Maildir are not group-readable (although see <code>man maildirmake</code> for more info).
The simplest is to run a cron script:

<source lang=bash>
# m h dom mon dow command
10 12 * * * bash -c 'find ~/Maildir -type d -print0 | xargs -0 chmod g+rx'
</source>


=== Samba ===
=== Samba ===
Line 761: Line 923:
sudo apt install terminator
sudo apt install terminator
</source>
</source>
* If '''Ctrl-Shift-O''' not working, See [[Linux Software#Gnome Terminator|Gnome Terminator]].
* Install the new terminator that depends on GTK3 ({{deb|terminator-gtk3}}, version <code>1.97~ppa3</code>).
* Install the new terminator that depends on GTK3 ({{deb|terminator-gtk3}}, version <code>1.97~ppa3</code>).
* On latest Debian, install patch for middle click on Wayland ([[Terminator]]).
* On latest Debian, install patch for middle click on Wayland ([[Terminator]]).
Line 777: Line 940:
dconf write '/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/name' 'Terminal'
dconf write '/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/name' 'Terminal'
</source>
</source>

=== Truecrypt ===
Unpack and execute binary from file {{file|truecrypt-7.1a-linux-console-x64.tar.gz}} (console) or {{file|truecrypt-7.1a-linux-x64.tar.gz}}.


=== Thunderbird ===
=== Thunderbird ===
See [[Thunderbird]].
See [[Thunderbird]].

;Account configuration:
* Junk Settings -> Move new junk to: 'Junk' folder
* Junk Settings -> DO NOT Enable adaptive junk mail controls (for localhost accounts only).
* Set PGP key
* Server Settings -> Message Storage -> Clean Up ("Expunge") Inbox on Exit
* Server Settings -> Message Storage -> Empty Trash on Exit (for st@localhost only)
* Synchronization & Storage -> Message Synchronizing -> DO NOT Keep messages in all folders for this account on this computer (for localhost accounts only).

;Gui configuration
* Select columns: '''Attachment, Correspondents, Date''', then apply to all folders & children on all accounts.
* For all account, select View, Unthreaded.

;Troubleshoot
* If getting error <code>Incoming server already exists</code>, just use an alias (eg. use <code>127.0.0.1</code> instead of <code>imap.localhost</code>, or use <code>imap2.localhost</code>, and add an entre in {{file|/etc/hosts}}).


=== tmux ===
=== tmux ===
Line 787: Line 968:
* Compile from [https://tmux.github.io/ sources].
* Compile from [https://tmux.github.io/ sources].


=== VirtualBox ===
=== VirtualBox / VMWare ===
;VirtualBox
<source lang="bash">
<source lang="bash">
sudo apt install virtualbox
sudo apt install virtualbox
Line 797: Line 979:
sudo apt remove virtualbox
sudo apt remove virtualbox
sudo ./VirtualBox-6.0.5-129923-Linux_amd64.run
sudo ./VirtualBox-6.0.5-129923-Linux_amd64.run
</source>

; VMWare
See [[PipeWire]] for sharing audio (share the pipewire unix socket) with user <code>vbox</code>.

Seee [[VMWare]] for module compilation.

; Configure ACL for {{file|/data/d}}:
<source lang="bash">
# VirtualBox / VMWare uses /data/d as Windows D: drive. Since they run as user 'vbox', all files gets vbox/vbox ownership.
# Any user in group 'vbox' will access to files created by vbox.
# We use acl to set set default acl (group access vbox/rwx, mask rwx), so that vbox can also access any file created by other users.
# Note this also gives write access independently of umask setting.
# Only limitation is that moved / copied files will keep their original ACL.
sudo apt install acl
cd /data
sudo chgrp -R vbox d
sudo chmod -R g+w d
find d -type d -print0|sudo xargs -0 chmod g+ws
find d -type d -print0|sudo xargs -0 setfacl -m d:group:vbox:rwx
</source>
To fix group ownership in case of move / copy:
<source lang="text">
sudo chmod -R g+w /data/d; sudo chown -R vbox /data/d; find /data/d -type d -print0 | xargs -0 setfacl -m d:group:vbox:rwx
</source>
The same line could be run as a user cronjob, but this will only fix the files/folders that user owns.
<source lang="bash">
# restore ACL for /data/d vmware disk
00 12 * * * chmod -R g+w /data/d; chown -R vbox /data/d; find /data/d -type d -print0 | xargs -0 setfacl -m d:group:vbox:rwx
</source>
</source>


Line 802: Line 1,013:
* '''Wine''' (<tt>wine</tt>) See [[Configuration NXP Dell Latitude_E6500 - Wine|Wine page]]
* '''Wine''' (<tt>wine</tt>) See [[Configuration NXP Dell Latitude_E6500 - Wine|Wine page]]


=== XBMC ===
* see [[XBMC#Install|XBMC]]

=== Owncloud ===
* Install {{deb|owncloud-client}}.
* Start the client, and make sure the client is started at login.
* Make sure appindicator gnome extension is installed, or status icon will not show up.
* If owncloud icon does not show, there is maybe a racing condition. We fix by delaying start by 3s.
<source lang="bash">
<source lang="bash">
sudo dpkg --add-architecture i386
sudo vi /usr/local/bin/owncloud-delayed # Content as below
sudo apt update
# #! /bin/bash
sudo apt install wine wine32
# sleep 3 && exec /usr/bin/owncloud &
sudo chmod 755 /usr/local/bin/owncloud-delayed
sed -r 's/^Exec.*/Exec=/usr/local/bin/owncloud-delayed' ~/.config/autostart/ownCloud.desktop
</source>
</source>

* Use {{file|~/owncloud}} instead of {{file|~/ownCloud}}.
=== XBMC ===
* see [[XBMC#Install|XBMC]]


=== Zathura ===
=== Zathura ===
Line 831: Line 1,034:
xdg-mime default org.pwmt.zathura.desktop application/pdf
xdg-mime default org.pwmt.zathura.desktop application/pdf
</source>
</source>

=== Chromium ===
Enable Chromecast:
* Go to <code>chrome://flags/#load-media-router-component-extension</code>
* Set to '''Enabled'''.


== Configuration ==
== Configuration ==
Line 921: Line 1,119:
# when using 'xdg-open' or midnight commander:
# when using 'xdg-open' or midnight commander:
xdg-mime default chromium.desktop image/svg+xml
xdg-mime default chromium.desktop image/svg+xml
</source>

=== Safeweb ===
Create a custom user for safe browsing.
<source lang="bash">
adduser --uid 1005 safeweb
</source>

* Add {{file|~/reset.sh}} script to HOME:
<source lang="bash">
cat > ~/reset.sh << "__END__"
#! /bin/bash

# Some safety check
[ -f $HOME/.resetable ] || { echo "$(basename "$0"): error: HOME is not resetable ('touch ~/.resetable' to fix) -- aborting!"; exit 1; }
[ "$HOME" = "$PWD" ] || { echo "$(basename "$0"): error: HOME and PWD are different ('cd' to fix) -- aborting!"; exit 1; }

# Armageddon !
find $HOME -maxdepth 1 \
! -name .bashrc \
! -name .profile \
! -name .inputrc \
! -name .bash_logout \
! -name reset.sh \
! -name .resetable \
! -path $HOME \
-print0 | xargs -0 rm -rf
__END__
chmod a+x ~/reset.sh
touch ~/.resetable
</source>
</source>


Line 1,070: Line 1,298:
# List of packages
# List of packages
sudo dpkg -l > dpkg-l-$HOSTNAME-$(date +"%Y%m%d%H%M%S").txt
sudo dpkg -l > dpkg-l-$HOSTNAME-$(date +"%Y%m%d%H%M%S").txt
apt-mark showmanual > apt-mark-showmanual-$HOSTNAME-$(date +"%Y%m%d%H%M%S").txt
</source>
</source>



Latest revision as of 10:14, 3 September 2024

This page details a common configuration for Linux, independent of the underlying platform.

To Do

  • Basic configuration for standard installation
  • Move settings that can be recovered from HOME directory in separate section.

Base

On Debian, login as root and add default user (uid 1000) as root.

su -
USERNAME=$(awk -F: '/:1000:/ {print $1}' /etc/passwd)
gpasswd -a $USERNAME sudo

# Terminate all users process !!! this will FORCE LOGOUT !!!
# ... alternatively: su - $USERNAME to avoid logout
loginctl terminate-user $USERNAME

Install etckeeper (with git).

# ### etckeeper + git

sudo apt install git etckeeper terminator
sudo make -C /usr/share/doc/git/contrib/diff-highlight # Fix diff-highlight
sudo ln -sf /usr/share/doc/git/contrib/diff-highlight/diff-highlight /usr/local/bin/diff-highlight
git config --global user.email "user@server.com"       # Make sure this is defined for admin user + root
git config --global user.name "User Name"              # or release upgrade might fail in the future
sudo su -
git config --global user.email "$USER@$HOSTNAME"
git config --global user.name "root"
logout

sudo vi /etc/etckeeper/etckeeper.conf                  # Select git, AVOID_DAILY_AUTOCOMMITS, AVOID_COMMIT_BEFORE_INSTALL
sudo etckeeper init
sudo etckeeper commit "1st commit"
cd /etc
sudo vi .gitignore                                     # Ignore resolv.c*, cups/ppd, cups/printers.conf* (and cups/subscriptions.* before Ubuntu Precise)
sudo git rm --cached resolv.c*
sudo git rm --cached cups/subscriptions.*              # No longer needed on Ubuntu Precise and after
sudo etckeeper commit "ignore resolv.c*, cups/subscriptions.*"

Then we install ssh (incl. ssh server), vim + mc, and avahi (often preinstalled)

sudo apt install ssh vim mc                            # Debian 9+
sudo apt install ssh vim-gnome mc                      # Older
sudo apt install libnss-mdns avahi-daemon mdns-scan

From now, the configuration can continue either locally or remotely (using ssh).

We now install a few repositories, as required.

sudo vi /etc/apt/sources.list                          # Debian: enable 'main non-free contrib'
                                                       # Ubuntu: enable 'partner' and 'extra' (if available)
sudo add-apt-repository ppa:phoerious/keepassxc        # Ubuntu: keepassxc
# sudo add-apt-repository ppa:synapse-core/ppa         # Ubuntu <14.04 - Synapse
sudo add-apt-repository ppa:tualatrix/next             # Ubuntu: Ubuntu Tweak
sudo add-apt-repository ppa:team-xbmc/ppa              # Optional: XBMC

sudo etckeeper commit "Update repositories"
sudo apt update
sudo apt upgrade # This may upgrade firmware to non-free versions
  • hosts — Update /etc/hosts
sudo vi /etc/hosts                                                 # Add any relevant entries.
                                                                   # Make sure localhost has FQDN:
                                                                   #     127.0.1.1	myhost.domain.com
sudo etckeeper commit "update hosts file"
  • sudoers — Create new files in /etc/sudoers.d as required:
# envkeep
# http_proxy, https_proxy -- to keep proxy settings for apt-get etc
# GREP_OPTIONS            -- keep grep options
# DISPLAY, XAUTHORITY     -- avoid doing 'xhost local:root' before launching X pgm
# HOME                    -- e.g. to keep git aliases and settings when using etckeeper
# PASSWD                  -- e.g. to pass password via env. var to <code>mount.cifs</code>
echo "Defaults env_keep += \"http_proxy https_proxy GREP_OPTIONS DISPLAY XAUTHORITY HOME\"" | sudo tee /etc/sudoers.d/envkeep
# Truecrypt
echo "ALL ALL = NOPASSWD: /usr/bin/truecrypt" | sudo tee /etc/sudoers.d/truecrypt
# Privoxy - no longer needed with tun2socks-manager
#echo "ALL ALL = (ALL) NOPASSWD: /etc/privoxy/set-network-config" | sudo tee /etc/sudoers.d/privoxy
# rfkill - no more used
#echo "ALL ALL = NOPASSWD: /sbin/rfkill" | sudo tee /etc/sudoers.d/rfkill
sudo chmod o-r /etc/sudoers.d/*
sudo etckeeper commit "update sudoers.d files"
  • Restore home profile (from git)
# Restore my profile
mv home/.git .
rm -rf home
git reset --hard
git st
export PATH=$PATH:$HOME/bin
set-network.sh
~/setup.sh
  • Restore old keyboard dead keys behaviour by uninstalling im-config:
DOES NOT WORK - on Bullseye, still get the strange behaviour. Maybe due to Wayland?
# No more the issue on Bookworm (with pkg installed - so not root cause)
# sudo apt remove im-config       # DOES NOT WORK - To avoid ¨ / ^ displaying while composing, and other nasty side effects
Locale (at least since Debian 10 Buster)
  • ATTENTION Using the locale en_DK.UTF-8 break Wine Command Prompt (bad keyboard config).
To fix that, for instance for PlayOnLinux, edit file /usr/share/applications/PlayOnLinux.desktop
vi /usr/share/applications/PlayOnLinux.desktop
-Exec=playonlinux %F
+Exec=env LC_ALL=en_US.UTF-8 playonlinux %F
  • Edit /etc/locale.gen, and uncomment line en_DK.UTF-8 UTF-8, then update the locale
sudo vi /etc/locale.gen
# ...
sudo locale-gen
  • Edit /etc/default/locale, and add line LC_TIME="en_DK.UTF-8" [1], [2]
sudo vi /etc/default/locale
# ...
  • In Gnome, select en_DK.UTF-8 for format in Region and Language settings.
SSD Trim

If using an SSD, enable TRIM (but see WARNING HERE).

sudo systemctl enable fstrim.timer
sudo systemctl start fstrim.timer
Systemd
  • Add ourselves to group adm to get journalctl log for the whole system
journalctl -b | head
# Hint: You are currently not seeing messages from other users and the system.
#       Users in groups 'adm', 'systemd-journal' can see all messages.
#       Pass -q to turn off this notice.
sudo gpasswd -a $USER adm
# ...logout
journalctl -
b | head

Kernel update

  • Install latest kernel [3]
# Get Utopic kernel
sudo apt install --install-recommends linux-generic-lts-utopic xserver-xorg-lts-utopic libgl1-mesa-glx-lts-utopic libegl1-mesa-drivers-lts-utopic
# Get Vivid kernel
# DO NOT UPDATE TO VIVID X.ORG - IT LEAKS LIKE HELL
# sudo apt install --install-recommends linux-generic-lts-vivid xserver-xorg-lts-vivid libgl1-mesa-glx-lts-vivid libegl1-mesa-drivers-lts-vivid
sudo apt install --install-recommends linux-generic-lts-vivid

Standard packages

  • Install packages - standard
# Common Applications
sudo apt install synapse       # Ubuntu: requires extra repo
sudo apt install keepassxc     # Upgrade: keepassx -> keepassxc
sudo apt install rpcbind       # Use 'portmap' before oneiric ocelot
sudo apt install cifs-utils    # Use 'smbfs' with precise pangolin or before

# moreutils: for chronic, sponge
# Removed in Bionic: gnome-mplayer gecko-mediaplayer ubuntu-tweak 
#     app-install-data-medibuntu
# Upgraded: libavcodec-extra-54
# Discontinued: ubuntu-restricted-extras (would install libdvdread4)
# 14.04 Trusty: packages 'ubuntu-tweak', 'app-install-data-medibuntu',
# 'smbfs' missing
sudo apt install autossh terminator smbclient \
    nfs-kernel-server nfs-common autofs \
    apt-file p7zip-full p7zip-rar dlocate \
    ttf-mscorefonts-installer qiv gthumb \
    gnupg-agent renameutils mplayer \
    mplayer-doc gimp gparted xsel moreutils\
    tmux libavcodec-extra \
    silversearcher-ag gawk \
    mlocate keychain python3-pip

# sudo apt install gnome-tweak-tool # older Debian / Ubuntu
# sudo apt install pepperflashplugin-nonfree # older Debain / Ubuntu
# sudo apt install dconf-tools      # older Debian / Ubuntu
# sudo apt install mplayer-fonts    # older Debian / Ubuntu
sudo apt install chromium           # Debian 10+
# sudo apt install chromium-browser # older

sudo apt install bash-completion    # Fix '__git_ps1 command not found' (on Debian Buster / Bullseye)
sudo apt install chrome-gnome-shell # Since U18.04, to manage Gnome extension in Chrome / FF. Require browser ext.
sudo apt install ripgrep
# Debian 9 / Ubuntu 16.04 or older.
# wget https://github.com/BurntSushi/ripgrep/releases/download/12.1.1/ripgrep_12.1.1_amd64.deb
# sudo apt install ripgrep_12.1.1_amd64.deb
sudo apt install bat
# Debian 9 / Ubuntu 16.04 or older.
# wget https://github.com/sharkdp/bat/releases/download/v0.10.0/bat_0.10.0_amd64.deb
# sudo apt install bat_0.10.0_amd64.deb
sudo apt install fasd fd-find

sudo apt-file update
# Optional essentials
sudo apt install nmap               # For various personal scripts (''prj'', ''tsync''')
sudo apt install winbind libnss-winbind # winbind + libnss-winbind for NetBIOS name resolution
sudo vi /etc/nsswitch.conf          # Add "wins" at the end of "hosts:" line
sudo apt install xbmc
sudo apt install thunderbird
sudo apt install wine
# Debian 9 or older
# sudo apt install wine-stable

# Ubuntu
sudo apt install unity-tweak-tool \
    compizconfig-settings-manager \
    compiz-plugins
sudo /usr/share/doc/libdvdread4/install-css.sh

Bash

Add to /etc/bash.bashrc:

# Configure history
HISTCONTROL=erasedups:ignorespace
shopt -s histappend
HISTIGNORE=$'&:bg:fg:l:la:ls:ll:lla:exit:history'
HISTSIZE=100000
HISTFILESIZE=100000

# some more ls aliases
alias ll='ls -alF'
alias la='ls -A'
alias l='ls -CF'
alias u='cd ..'
alias grep='grep --color=auto'

Add to /etc/inputrc:

set meta-flag on
set convert-meta off
set input-meta on
set output-meta on

$if Bash
  set completion-ignore-case on
  set show-all-if-ambiguous on
$endif

"\eOA":history-search-backward     #Up arrow
"\e[A":history-search-backward     #Up arrow
"\eOB":history-search-forward      #Down arrow
"\e[B":history-search-forward      #Down arrow
"\e[2~":paste-from-clipboard       #Insert
tab:menu-complete                  #TAB
"\e[Z":menu-complete-backward      #Shift-Tab

Etckeeper

If disabling daily autocommits, there is a patch to apply [4].

diff --git a/cron.daily/etckeeper b/cron.daily/etckeeper
index eb74401..ddd9d05 100755
--- a/cron.daily/etckeeper
+++ b/cron.daily/etckeeper
@@ -1,8 +1,6 @@
 #!/bin/sh
 set -e
-if [ -e /etc/etckeeper/daily ] && [ -e /etc/etckeeper/etckeeper.conf ]; then
-	. /etc/etckeeper/etckeeper.conf
-	if [ "$AVOID_DAILY_AUTOCOMMITS" != "1" ]; then
-		/etc/etckeeper/daily
-	fi
+# The etckeeper/daily script checks if daily autocommits are disabled.
+if [ -x /etc/etckeeper/daily ]; then
+	/etc/etckeeper/daily
 fi
diff --git a/etckeeper/daily b/etckeeper/daily
index f98c6ad..a79b908 100755
--- a/etckeeper/daily
+++ b/etckeeper/daily
@@ -2,6 +2,12 @@
 # Script that can be run daily to autocommit /etc changes.
 set -e
 if [ -x /usr/bin/etckeeper ] && [ -e /etc/etckeeper/etckeeper.conf ]; then
+ 	# check if daily autocommits are disabled (Debian bug #884824)
+ 	. /etc/etckeeper/etckeeper.conf
+ 	if [ "$AVOID_DAILY_AUTOCOMMITS" = "1" ]; then
+ 		exit 0
+ 	fi
+
 	# avoid autocommit if an install run is in progress
 	lockfile=/var/cache/etckeeper/packagelist.pre-install
 	if [ -e "$lockfile" ] && [ -n "$(find "$lockfile" -mtime +1)" ]; then

Ufw

Keep UFW logs only in /var/log/ufw.log. Edit /etc/rsyslog.d/20-ufw.conf:

-#& stop
+& stop

Then

sudo service rsyslog restart

Install gufw

sudo apt install gufw

If necessary, restore old gufw profiles from /etc/gufw.

X11

  • Custom keyboard mapping be:
# From my profile
sudo cp ~/etc/be /usr/share/X11/xkb/symbols/be
sudo rm /var/lib/xkb/*.xkm
setxkbmap us
setxkbmap be
gsettings get org.gnome.desktop.input-sources xkb-options
gsettings set org.gnome.desktop.input-sources xkb-options "@as ['caps:escape']"
  • Fonts — disable embedded bitmaps. See Fonts.
On Xfce
  • In the shell:
setxkbmap -option caps:escape    # Note: caps:swapescape doesn't work for me (caps does caps+esc).
  • Permanent (not tried), edit /etc/default/keyboard:
XKBOPTIONS="caps:escape"

Desktop - Gnome

Disable Wayland

Wayland is improving, but still some hickups with the following applications:

  • Synapse (constant pop up inhibiting shortcuts), and global shortcut not working (but we could set up a gnome shortcut Ctrl-Alt-Space with /usr/bin/synapse as command).

To disable:

  • At startup screen, select the user.
  • Click settings icon in bottom right corner, and select "Gnome on X.Org"
  • Login with the user and logout.

Gnome extensions

Notes
  • To install an extension using apt (recommended):
  • Install the package gnome-shell-extension-*.
  • Restart gnome shell (Alt-F2, then r).
  • To install an extension using chromium:
  • Install chromium and extension:
sudo apt install chromium chrome-gnome-shell   # Since U18.04, to manage Gnome extension in Chromium / FF.
# Alternative: install 'Gnome Shell Integration' from https://chrome.google.com/webstore/.
  • Enable and configure extensions in Extensions (recent Gnome)
  • Older Gnome, use Gnome tweaks (package gnome-tweaks).
AlternateTab
  • Debian - Since BookWorm: APPLICATION NO MORE NEEDED.
  • Instead, settings → keyboard shortcuts Set Alt-Tab to Switch windows instead of Switch applications.
  • Debian: Install from Chromium: AlternateTab
  • Ubuntu: press Super key, then AlternateTab, it will be installed automatically. This might require installing sudo apt install gnome-tweak-tool [5].
  • This extension fixes the annoying Gnome Alt-Tab behaviour that group windows from the same application.
System-Monitor
sudo apt install gnome-shell-extension-system-monitor
# Restart Gnome and enable with Tweaks
  • This replaces applet indicator-multiload that no longer works since Ubuntu Bionic.
  • If installed from store, requires the following packages:
sudo apt install gir1.2-gtop-2.0 gir1.2-networkmanager-1.0  gir1.2-clutter-1.0   # Ubuntu
sudo apt install gir1.2-gtop-2.0 gir1.2-nm-1.0  gir1.2-clutter-1.0               # Debian
  • Note: the indicator may conflict with owncloud client (no longer visible), however this seems to be fixed with laster appindicator.
  • Selects memory, cpu, network, width 50px, and DO NOT show text.
Ubuntu appindicators / Appindicator and kstatusnotifieritem support
  • Install using apt
sudo apt install gnome-shell-extension-appindicator
# Restart Gnome and enable with Tweaks
More Pixel
  • Install using apt:
sudo apt install gnome-shell-extension-pixelsaver
# Restart Gnome and enable with Tweaks
  • NOTE: This works only in X.Org ! (at least under Debian Bookworm).
No title bar (Gnome-shell <= 3.30)
  • Install from the store (No title bar)
  • Revive Unity-like merging of window title bar with desktop top bar.
  • Caveat: Window's menu is not merged [6]
  • Gnome 3.38: we have to use fork from kendling/no-title-bar to fix for No JS Module 'tweener' found in search path.
  • Alternative: gnome-shell-extension-pixelsaver.
Gnome Global Application Menu (Gnome-shell <= 3.30)
  • Install from the store (Gnome Global Application Menu)
  • AVOID 'ALT' KEY STEALING FOCUS → In extension configuration (via Gnome Tweaks), Go to main menu, click on Alt, then Backspace to remove the shortcut. Breathe again.
  • To merge application menu in top title bar.
  • As a side-effect, this extension fixes the owncloud-icon-not-showing bug.
  • Recent alternative: https://github.com/gonzaarcr/Fildem
Custom Hot Corner - Extended
  • Install from the store ([7])
  • Set Show activity for all top corners on both monitors.
  • Built-in alternative: there is however also Gnome settings -> Multitasking -> Hot Corner.

Gnome theme

We install a Mac OS theme.

Enable Gnome User Themes
  • Open Gnome tweaks, and enable extensions User themes (this enable theme selection for Shell' in Appearance).
Mojave light theme (Debian Buster / Bullseye / Bookworm)
--- /usr/share/themes/Mojave-light/gnome-shell/gnome-shell.css	2022-04-28 08:48:55.877668709 +0200
+++ /usr/share/themes/Mojave-light/gnome-shell/gnome-shell.css	2022-04-14 08:42:57.953109488 +0200
@@ -2531,7 +2531,6 @@
 .popup-menu .popup-menu-content {
   padding: 10px 0;
   font-weight: normal;
+  background-color: rgba(241, 241, 241, 0.85);
 }
sudo apt install gtk2-engines-murrine gtk2-engines-pixbuf
sudo apt install libglib2.0-dev-bin                             # Needed to install gdm theme
git clone https://github.com/vinceliuice/Mojave-gtk-theme.git
cd Mojave-gtk-theme
./install.sh
sudo ./install.sh -g
  • In Gnome tweaks → Appearance → Applications, select Mojave-light.
  • In Gnome tweaks → Appearance → Shell, select Mojave-light.
La Capitaine Icon Pack
  • Download and install:
mkdir -p ~/.icons
cd ~/.icons
git clone https://github.com/keeferrourke/la-capitaine-icon-theme.git
  • In Gnome tweaks → Appearance → Icons, select La-capitaine-icon-theme.
Fonts
  • In Gnome Tweaks → Fonts, select the following fonts:
    • Interface Text: Lucide Sans Regular 11 (was Cantarell Regular 11).
    • Document Text: Lucida Sans Regular 11 (was Sans Regular 11)
    • Monospace Text: Fantasque Sans Mono Regular 11 (was Monospace Regular 11)
    • Legacy Window Titles: Lucida Sans Unicode Bold 11 (was Canterell Bold 11)
Launcher
  • We stick to Synapse with Ctrl-Alt-Space, but this requires either running X.Org or add custom keyboard shortcut in Gnome Settings (fuzzy mode in Albert is just broken).
Other options
# Wallpaper
see MacBuntu-Wallpapers.zip
# Theme
sudo dpkg -i gtk3-engines-unico_1.0.3+14.04.20140109-0ubuntu1_amd64.deb
sudo dpkg -i macbuntu-os-ithemes-v1804_3.3~bionic~NoobsLab.com_all.deb
# Icons
sudo dpkg -i macbuntu-os-icons-v1804_3.3~bionic~NoobsLab.com_all.deb
# Launcher
sudo dpkg -i albert_0.11.1-1~zesty1.0_amd64.deb
sudo dpkg -i macbuntu-os-plank-theme-v1804_3.3~bionic~NoobsLab.com_all.deb
# LibreOffice monochrome icons
sudo apt-get install libreoffice-style-sifr
# ... then "Tools" > "Options" > "LibreOffice" > "View" and select "Sifr" under "Icon size and style".
# Fonts
see mac-fonts.zip

Gnome tweak

  • Top bar → Application Menu → OFF.

Gnome Mouse

  • Go to Settings, Mouse, and enable / disable the following settings as wished:
  • Touchpad → Tap to click
  • Touchpad → Natural scrolling
  • When playing games, flat acceleration is recommended.
  • On Debian 10 with BT mouse, speed -0.2 gives best result.
gsettings reset-recursively org.gnome.desktop.peripherals.mouse
gsettings set org.gnome.desktop.peripherals.mouse accel-profile flat
gsettings set org.gnome.desktop.peripherals.mouse speed -0.2
dconf dump /org/gnome/desktop/peripherals/mouse/
# [/]
# speed=-0.20000000000000001
# accel-profile='flat'

Miscellaneous Gnome

  • Disable emoji shortcut Ctrl-Shift-E (interfere with Terminator).
  • Launch ibus-setup, and delete the shortcut for emoji.
  • Disable gnome-software from autostarting (to reduce memory consumption) [8]:
# Disable Gnome Software autostart
mkdir -pv ~/.config/autostart && cp /etc/xdg/autostart/gnome-software-service.desktop ~/.config/autostart/
mkdir -pv ~/.config/autostart && cp /etc/xdg/autostart//etc/xdg/autostart/org.gnome.Software.desktop ~/.config/autostart/
echo "X-GNOME-Autostart-enabled=false" >> ~/.config/autostart/gnome-software-service.desktop
echo "X-GNOME-Autostart-enabled=false" >> ~/.config/autostart/org.gnome.Software.desktop
dconf write /org/gnome/desktop/search-providers/disabled "['org.gnome.Software.desktop']"

# Disable Gnome Software automatic updates
dconf write /org/gnome/software/allow-updates false
dconf write /org/gnome/software/download-updates false
  • Keyboard - Lower window below other windows, set to Ctrl-Shift-/

Development packages

  • Install packages - development
sudo apt install gitk git-gui git-doc exuberant-ctags cscope ruby meld colordiff  # ruby for Vim plugin snipMate.vim

# Optional
sudo apt install gitweb git-svn

Optional packages

AutoFS

sudo apt install autofs
  • Mount mnemosyne shares as NFS autofs (see [9]) and as SMB autofs
Enabled/created the following automounters in /etc/auto.master:
/net                /etc/auto.net                   --ghost
/smb/mnemosyne      /etc/auto.smb.mnemosyne         --ghost
/smb/lacie-cloudbox /etc/auto.smb.lacie-cloudbox    --ghost
  • Create configuration file /etc/auto.smb.mnemosyne
  • Create SMB credential files /etc/auto.smb.mnemosyne.* (see man mount.cifs)
  • Created path for mount points:
sudo mkdir /net
sudo mkdir -p /smb/mnemosyne
# ls /net/mnemosyne
# sudo mkdir -p /mnt/mnemosyne
# for i in /net/mnemosyne/volume1/*; do sudo ln -s $i /mnt/mnemosyne/$(basename $i); done
  • Or recover settings from an already configured host:
scp griffin:tmp/autofs.tgz .                                        # Configure autofs
sudo tar -xvzf autofs.tgz
sudo cp etc/* /etc
  • If necessary, mount shares read-only: add option ro in /etc/autofs.smb.mnemosyne
  • Create a writable share in /etc/fstab:
sudo mkdir -p /mnt/mystique/local
sudo vi /etc/fstab            # Add the following line
# //mystique/local /mnt/mystique/local   cifs    noauto,vers=1.0,_netdev,noperm,iocharset=utf8,sec=ntlm,username=superwoman   0       0

BorgBackup / Borgcronic

  • Install borgbackup & borgcronic, reusing our existing configuration:
sudo apt install borgbackup
sudo ./borgcronic install borgbackup:borgbackup:/home/borg/repo
  • Restore file /etc/borgcronic.conf
  • Restore root ssh config (/root/.ssh folder and /etc/hosts.
Host borgbackup
    User                borg
    HostName            dumbledore
    ForwardX11          no
    ForwardX11Trusted   no
    ProxyCommand        none
    ServerAliveInterval 10
    ServerAliveCountMax 30
    IdentityFile    ~/.ssh/id_ed25519_borg_zavcxl0006
  • Restart and test
sudo ssh borgbackup # Should report tty error. Ctrl-C.
sudo systemctl restart borgcronic
sudo borgcronic exec list # say 'Yes'

By default, cron will trigger borgcronic daily / every 6h.

Chromium

Enable Chromecast:

  • Go to chrome://flags/#load-media-router-component-extension
  • Set to Enabled.

Dropbox

Courier

sudo apt-get install courier-imap courier-doc gamin
cd /etc/courier/
sudo vi authdaemonrc   # Set authmodulelist="authuserdb"
sudo makeuserdb
sudo vi userdb         # Restore pwd for user 'st' and 'peetersm'
                       # See Courier page to generate new
sudo etckeeper commit "courier config"
sudo systemctl restart courier-authdaemon

Firefox

sudo apt install firefox
  • Set Ctrl-Tab to show last tab. Either in Settings (Ctrl+Tab cycles through tabs in recently used order), or browse to about:config, and set browser.ctrlTab.previews to True.
  • Install extension Firefox#textern.

fzf

fzf is a very fast fuzzy-finder written in Go.

It is installed when installing vim plugins. To install it in bash:

git clone https://github.com/junegunn/fzf.git ~/.fzf    # Skip this step if already present
cd ~/.fzf
./install

Gpg

sudo apt install gnupg-agent pgpgpg
  • Added use-agent at end of ~/.gnupg/gpg.conf
  • Edit ~/.gnupg/gpg.conf as necessary.

KeePass

sudo apt install keepassxc            # Now using KeepassXC
# sudo apt install keepassx

We store the database on Owncloud, and sync to local git repository with cron.

Script private/kdbx/sync_from_owncloud.sh:

#! /bin/bash

BASEDIR=$(dirname "$(readlink -nf "${BASH_SOURCE[0]}")")
cd "$BASEDIR"

KDBX=work.kdbx
OWNCLOUD_DIR=~/owncloud/kdbx

if ! diff -q $OWNCLOUD_DIR/$KDBX $KDBX; then
    echo "Adding $KDBX to git..."
    cp $OWNCLOUD_DIR/$KDBX $KDBX
    git add $KDBX
    git commit -m "Sync keepassx db with Owncloud"
fi

Cronjob:

31 * * * *      chronic ~peetersm/private/kdbx/sync_from_owncloud.sh
Workaround
  • Set kbd layout to fix autotype bug ([10]). Create ~/.xprofile and /etc/skel/.xprofile [11]:
#!/bin/sh

#
setxkbmap be

Java from Oracle

Reference: https://launchpad.net/~webupd8team/+archive/ubuntu/java

sudo add-apt-repository ppa:webupd8team/java
sudo apt update
Java 8
# sudo apt install oracle-java8-set-default
# ... discontinued. We install from local copy
cd /smb/wolverine/family/archive/software/linux-cygwin/java-jdk-8u162/
dpkg -i oracle-java8-set-default_8u161-1~webupd8~0_all.deb oracle-java8-installer_8u161-1~webupd8~0_all.deb 
apt install -f
# ... an error occur about missing archive.
# ... Note that we edited the package to install version 8u162
cp jdk-8u162-linux-x64.tar.gz /var/cache/oracle-jdk8-installer/
apt install -f
Java 7
sudo apt install oracle-java7-installer
# An error occur because archive is not found anymore
# ... so we copy back our backup at the right location
sudo cp /smb/lacie-cloudbox/family/archives/software/any/oracle-jdk-7u80-linux-x64/jdk-7u80-linux-x64.tar.gz /var/cache/oracle-jdk7-installer/
# Resume install
sudo apt install oracle-java7-installer

LibreOffice

Install latest LibreOffice by adding the PPA:

sudo add-apt-repository ppa:libreoffice/ppa
sudo apt update

mDNS

sudo apt install libnss-mdns avahi-daemon mdns-scan
  • To scan:
mdns-scan

Machine should broadcast its ip address on griffin.local to all avahi clients. For some strange reason, avahi may append a -2 suffix to broadcast name. To avoid that, edit /etc/avahi/avahi-daemon.conf and set host-name variable:

host-name=griffin

In some cases, avahi may detect host name conflicts on the network where there isn't.

Oct 24 19:32:06 zavcxl0006 avahi-daemon[810747]: Host name conflict, retrying with griffin-2

One fix for that is to restrict the set of interfaces (here only wired and wifi) [12], [13]:

allow-interfaces=enp0s31f6, wlp1s0

There is yet another potential conflict with systemd-resolved [14], [15]:

Oct 24 19:41:28 zavcxl0006 avahi-daemon[811344]: *** WARNING: Detected another IPv4 mDNS stack running on this host.

Midnight Commander

sudo apt instal mc
  • See reference page.
  • Use vi as standard viewer/editor.
  • Installed version from mc official repository to fix file highlighting issue.

neovim / vim

Install instructions:

  • Debian BookWorm: install from debian repository, version 0.6.1.
sudo pip3 install --upgrade pynvim
sudo apt install nodejs npm yarnpkg ruby-dev
sudo npm install -g neovim
sudo gem install neovim

# In neovim, run ':checkhealth' and fix issues if any
# ... ignoring python2 bindings
# ... ignoring perl bindings
  • Debian Bullseye: build from source, version 0.5.1.
  • Debian Buster: build from source, version 0.5.1.
# New / current instructions
# We use Neovim compiled from source, version 0.4.4
# ... use uninstall script to uninstall
cd / && sudo tar xvzf /path/to/nvim-0.4.4.tgz
sudo ln -sf nvim /usr/local/bin/vim
sudo ln -sf nvim /usr/local/bin/vi
sudo pip3 install --upgrade pynvim neovim-remote
sudo pip install --upgrade pynvim
sudo apt install ruby-dev
sudo gem install neovim

# Old instructions (using distribution neovim)
sudo apt install neovim
sudo pip3 install neovim-remote   # nvr, needed by Vimtex

See Neovim page for complete install instructions.

Workarounds and tips
# Fix clipboard timeout issue at startup:
vim /usr/local/share/nvim/runtime/autoload/provider/clipboard.vim
# +  elseif exists('$DISPLAY') && executable('xsel')
# -  elseif exists('$DISPLAY') && executable('xsel') && s:cmd_ok('xsel -o -b')

Create a file /usr/local/bin/ngvim:

#! /bin/bash
# We redirect stderr to silent error on keyboard binding failure
if [ "$1" == "-f" ]; then
    shift
    # Blocking call
    2> /dev/null exec /usr/bin/terminator -m --p nvim -i /usr/local/icons/neovim.png -u -T "$PWD" -x env COLORTERM=gnome-terminal nvim "$@"
else
    2> /dev/null /usr/bin/terminator -m --p nvim -i /usr/local/icons/neovim.png -u -T "$PWD" -x env COLORTERM=gnome-terminal nvim "$@" &
fi

Neovim / vim plugins are installed via vim-plug, which is part of the home git repository.

Set Neovim as alternatives for vim/viewer (useful for Midnight Commander).

sudo update-alternatives --config vi         # Select 'nvim'
sudo update-alternatives --config vim        # Select 'nvim'
sudo update-alternatives --config view       # Select 'view.nvim'

However the following plugins require extra configuration:

YouCompleteMe

This is the install script to enable the minimum features. Note that this is done automatically by vim-plug.

sudo apt install cmake
cd ~/.vim/plugged/YouCompleteMe
./install.py --clang-completer
cpsm

Run this script after installing the plugin with vim-plug.

sudo apt install libboost-all-dev cmake python-dev libicu-dev
cd ~/.vim/plugged/cpsm
./install.sh

NFS

  • NFS Server (nfs-kernel-server nfs-common rpcbind)||See NFS for more details; Created entries in /etc/exports. rpcbind replaces portmap since Oneiric.

Owncloud

  • Install owncloud-client.
  • Start the client, and make sure the client is started at login.
  • Make sure appindicator gnome extension is installed, or status icon will not show up.
  • If owncloud icon does not show, there is maybe a racing condition. We fix by delaying start by 3s.
sudo vi /usr/local/bin/owncloud-delayed        # Content as below
# #! /bin/bash
# sleep 3 && exec /usr/bin/owncloud &
sudo chmod 755 /usr/local/bin/owncloud-delayed
sed -r 's/^Exec.*/Exec=/usr/local/bin/owncloud-delayed' ~/.config/autostart/ownCloud.desktop
  • Use ~/owncloud instead of ~/ownCloud.

PipeWire

We follow instructions from Debian Wiki.

# Install WirePlumber and enable it
sudo apt install wireplumber pipewire-media-session-
sudo apt purge pipewire-media-session
systemctl --user --now enable wireplumber.service
sudo rmdir /etc/pipewire/media-session.d/
sudo rmdir /etc/pipewire

# Restart, check that PW took over
sudo shutdown -r now
LANG=C pactl info | grep '^Server Name'
# Server Name: PulseAudio (on PipeWire 0.3.50)

# Enable ALSA through PipeWire
sudo apt install pipewire-audio-client-libraries
sudo cp /usr/share/doc/pipewire/examples/alsa.conf.d/99-pipewire-default.conf /etc/alsa/conf.d/
sudo etckeeper commit "Enable ALSA through pipewire"

# Enable JACK through PipeWire
sudo apt install libspa-0.2-jack
sudo cp /usr/share/doc/pipewire/examples/ld.so.conf.d/pipewire-jack-*.conf /etc/ld.so.conf.d/
sudo ldconfig
sudo etckeeper commit "Enable JACK through pipewire"

# Enable bluetooth through PipeWire
sudo apt install libspa-0.2-bluetooth pulseaudio-module-bluetooth-

Relevant configuration files:

  • Bluetooth — /etc/pipewire/media-session.d/bluez-monitor.conf
  • Or per-user ~/.config/pipewire/media-session.d/bluez-monitor.conf
Workarounds
  • Disable speech in Firefox. Open about:config, and set the following keys to false, then restart Firefox. [16]
reader.parse-on-load.enabled false
media.webspeech.synth.enabled false

Recoll

See Recoll.

Indexing mails from another user requires that Maildir is readable. By default, Maildir are not group-readable (although see man maildirmake for more info). The simplest is to run a cron script:

# m h  dom mon dow   command
10 12 * * * bash -c 'find ~/Maildir -type d -print0 | xargs -0 chmod g+rx'

Samba

sudo apt install smbclient cifs-utils
  • Use package smbfs for u1204 Precise Pangolin and before

SSH

  • Create / restore private key *and* public keys (or we get a wrong format error):
ln -sf ../private/ssh/id_rsa_work ~/.ssh/id_rsa
ln -sf ../private/ssh/id_rsa_work.pub ~/.ssh/id_rsa.pub
  • If using bin/ssh-agent-refresh.sh:
touch ~/.use_ssh_agent

Terminator

sudo apt install terminator
  • If Ctrl-Shift-O not working, See Gnome Terminator.
  • Install the new terminator that depends on GTK3 (terminator-gtk3, version 1.97~ppa3).
  • On latest Debian, install patch for middle click on Wayland (Terminator).
  • See Terminator.
  • See Gnome Terminator for tips.
  • Set background to transparent 6% (through ~/.config/terminator/config)
  • Set scrollback to infinite scrollback
  • Custom geometry terminator --geometry=1220x720+100+100 (in application menu)
  • Font Lucida Console, 9 (on nxl67002ux / nxl67063ux), or Bitstream Vera Sans Mono Roman 9 (on nxl67063 Cygwin-X).
  • (not needed on trusty) Set terminator as default terminal for Ctrl-Alt-T [17]:
gsettings set org.gnome.desktop.default-applications.terminal exec 'terminator --geometry=1220x720+100+100'
  • On Debian, with Gnome, add new shortcut for Ctrl-Alt-T:
dconf write '/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/binding' '<Primary><Alt>t'
dconf write '/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/command' '/usr/bin/terminator'
dconf write '/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/name' 'Terminal'

Truecrypt

Unpack and execute binary from file truecrypt-7.1a-linux-console-x64.tar.gz (console) or truecrypt-7.1a-linux-x64.tar.gz.

Thunderbird

See Thunderbird.

Account configuration
  • Junk Settings -> Move new junk to: 'Junk' folder
  • Junk Settings -> DO NOT Enable adaptive junk mail controls (for localhost accounts only).
  • Set PGP key
  • Server Settings -> Message Storage -> Clean Up ("Expunge") Inbox on Exit
  • Server Settings -> Message Storage -> Empty Trash on Exit (for st@localhost only)
  • Synchronization & Storage -> Message Synchronizing -> DO NOT Keep messages in all folders for this account on this computer (for localhost accounts only).
Gui configuration
  • Select columns: Attachment, Correspondents, Date, then apply to all folders & children on all accounts.
  • For all account, select View, Unthreaded.
Troubleshoot
  • If getting error Incoming server already exists, just use an alias (eg. use 127.0.0.1 instead of imap.localhost, or use imap2.localhost, and add an entre in /etc/hosts).

tmux

  • Alternative to screen, but with support for multiple panes like terminator

Make sure that tmux is at least version 2.2. If not install it:

VirtualBox / VMWare

VirtualBox
sudo apt install virtualbox
Debian Buster
  • Mouse pad scrolling issue, and micro-freeze issues with vbox 6.04+ coming from distribution. As workaround we use Oracle (testing) packge (and ext-pack):
sudo apt remove virtualbox
sudo ./VirtualBox-6.0.5-129923-Linux_amd64.run
VMWare

See PipeWire for sharing audio (share the pipewire unix socket) with user vbox.

Seee VMWare for module compilation.

Configure ACL for /data/d
# VirtualBox / VMWare uses /data/d as Windows D: drive. Since they run as user 'vbox', all files gets vbox/vbox ownership.
# Any user in group 'vbox' will access to files created by vbox.
# We use acl to set set default acl (group access vbox/rwx, mask rwx), so that vbox can also access any file created by other users.
# Note this also gives write access independently of umask setting.
# Only limitation is that moved / copied files will keep their original ACL.
sudo apt install acl
cd /data
sudo chgrp -R vbox d
sudo chmod -R g+w d
find d -type d -print0|sudo xargs -0 chmod g+ws
find d -type d -print0|sudo xargs -0 setfacl -m d:group:vbox:rwx

To fix group ownership in case of move / copy:

sudo chmod -R g+w /data/d; sudo chown -R vbox /data/d; find /data/d -type d -print0 | xargs -0 setfacl -m d:group:vbox:rwx

The same line could be run as a user cronjob, but this will only fix the files/folders that user owns.

# restore ACL for /data/d vmware disk
00 12 * * *      chmod -R g+w /data/d; chown -R vbox /data/d; find /data/d -type d -print0 | xargs -0 setfacl -m d:group:vbox:rwx

Wine

sudo dpkg --add-architecture i386
sudo apt update
sudo apt install wine wine32

XBMC

Zathura

  • Install
sudo apt install zathura
  • If Zathura is not used for PDF files:
# when using 'see'
echo 'application/pdf; /usr/bin/zathura %s; test=test -n "$DISPLAY"' | tee -a ~/.mailcap

# when using 'xdg-open' or midnight commander:
# -- was "org.gnome.Evince.desktop"
xdg-mime default org.pwmt.zathura.desktop application/pdf

Configuration

  • Install fonts
mkdir ~/.fonts
wget https://github.com/belluzj/fantasque-sans/releases/download/v1.7.1/FantasqueSansMono.tar.gz
tar xvzf FantasqueSansMono.tar.gz -C ~/.fonts/ --wildcards *.ttf
sudo fc-cache -fv
  • Apply common settings (see below)
  • Applications not from repositories:
    • Panda glGo 1.4.1 (local page, does not work on Oneiric 64-bit)
  • Install latest updates:
sudo apt dist-upgrade
  • Restore scrollbar behaviour in GTK3 [18], [19].
Use Shift+Click or Template:Right click to get the jump to click behaviour.
cat >> ~/.config/gtk-3.0/settings.ini <<__HERE__
[Settings]
gtk-primary-button-warps-slider=false
__HERE__
Ubuntu 12.04
sudo vi /etc/default/apport                         # Disable apport by setting "enabled=0"
sudo etckeeper commit "disable apport"

Fonts

Antialiasing RGBA, Hinting Slight, Text scaling factor 1.00.

Application Font Selected font
Terminator Monospace font Fantasque Sans Mono 9
Gnome Terminal Monospace font Fantasque Sans Mono 9
Unity (desktop) Default font Lucida Sans Regular 9
Unity (desktop) Document font Lucida Sans Regular 10
Unity (desktop) Monospace font Fantasque Sans Mono 10
Unity (desktop) Windows title font Lucida Sans Unicode Bold 10
Firefox Sans-serif (latin) Liberation Sans 16
Firefox Monospace (Latin) Fantasque Sans Mono 16

For firefox, fonts are inspired from Mediawiki Vector skin -- typography refresh.

MIME

Use Chromium for SVG files:

# when using 'see'
echo 'image/svg+xml; /usr/bin/chromium %s; test=test -n "$DISPLAY"' | tee -a ~/.mailcap
echo 'image/svg+xml-compressed; /usr/bin/chromium %s; test=test -n "$DISPLAY"' | tee -a ~/.mailcap

# when using 'xdg-open' or midnight commander:
xdg-mime default chromium.desktop image/svg+xml

Safeweb

Create a custom user for safe browsing.

adduser --uid 1005 safeweb
  • Add ~/reset.sh script to HOME:
cat > ~/reset.sh << "__END__"
#! /bin/bash

# Some safety check
[ -f $HOME/.resetable ] || { echo "$(basename "$0"): error: HOME is not resetable ('touch ~/.resetable' to fix) -- aborting!"; exit 1; }
[ "$HOME" = "$PWD" ] || { echo "$(basename "$0"): error: HOME and PWD are different ('cd' to fix) -- aborting!"; exit 1; }

# Armageddon !
find $HOME -maxdepth 1 \
	! -name .bashrc \
	! -name .profile \
	! -name .inputrc \
	! -name .bash_logout \
	! -name reset.sh \
	! -name .resetable \
	! -path $HOME \
	-print0 | xargs -0 rm -rf
__END__
chmod a+x ~/reset.sh
touch ~/.resetable

Debian

Add contrib non-free repositories to apt source [20].

Add sid release apt sources.

cat << EOF | sudo tee /etc/apt/sources.list.d/sid.list
# Unstable / Sid
deb http://ftp.debian.org/debian/ sid main contrib
deb-src http://ftp.debian.org/debian/ sid main contrib
EOF

cat << EOF | sudo tee /etc/apt/preferences.d/sid
Package: *
Pin: release a=unstable
Pin-Priority: 400
EOF

Install these packages

sudo apt install mlocate dnsmasq-base
sudo apt install libcanberra-gtk-module      # Fix truecrypt warning

We install Firefox 56 and Thunderbird 52.8 to preserve some important add-ons. These packages and their dependencies are no longer available but they can still be downloaded on http://snapshot.debian.org/:

sudo dpkg -i firefox_56.0-2_amd64.deb \
    libcurl3_7.52.1-5+deb9u9_amd64.deb \
    libevent-2.0-5_2.0.21-stable-3_amd64.deb \
    libhunspell-1.3-0_1.3.4-2_amd64.deb \
    libhunspell-1.6-0_1.6.2-2_amd64.deb \
    libvpx4_1.6.1-3+deb9u1_amd64.deb \
    thunderbird_52.8.0-1~deb8u1_amd64.deb
sudo apt install -f
echo "firefox hold" | sudo dpkg --set-selections
echo "thunderbird hold" | sudo dpkg --set-selections

Nvidia

See Debian wiki. Mainly:

  • Make sure the system is up-to-date (nvidia module will be compiled against kernel headers, which may fail if headers are no longer available).
sudo apt udpate
sudo apt dist-upgrade
  • Run nvidia-detect:
sudo apt install nvidia-detect
sudo nvidia-detect
# ...
# It is recommended to install the
#     nvidia-legacy-340xx-driver
# package.
  • Install the reported driver (eg. here nvidia-legacy-340xx-driver)
sudo apt install linux-headers-$(uname -r|sed 's/[^-]*-[^-]*-//') nvidia-legacy-340xx-driver
  • Run nvidia-xconfig to create a new xorg.conf file (!! This fails on Optimus systems. See wiki !!).
sudo apt install nvidia-xconfig
sudo nvidia-xconfig
  • Reboot
sudo reboot
More issues
  • Apparently driver nouveau gets loaded as well. Let's blacklist it:
echo blacklist nouveau | sudo tee /etc/modprobe.d/blacklist-nouveau.conf
echo options nouveau modeset=0 | sudo tee -a /etc/modprobe.d/blacklist-nouveau.conf
  • Boot error: nvidia-persistenced[557]: Failed to open libnvidia-cfg.so.1: libnvidia-cfg.so.1: cannot open shared object file: No such file or directory.
  • We uninstall some packages:
sudo apt remove nvidia-persistenced libnvidia-cfg1:amd64 libgl1-nvidia-tesla-440-glvnd-glx:amd64 libglx-nvidia-tesla-440-0:amd64 libnvidia-tesla-440-glcore:amd64 nvidia-tesla-440-alternative

Workaround

  • Install custom udisks package, version 1.0.4-5ubuntu2.1fuu1, to fix unreadable DVD-RW. See udisks, or bug 635499).
sudo dpkg -i udisks_1.0.4-5ubuntu2.1fuu1_amd64.deb
  • Add the following to ~/.bash_profile and ~/.profile to Meta-key (Alt) not working and Midnight Commander displays Press any key... after each command when in tmux session [21]:
# This fix meta-key support and stop mc displaying "Press any key..." in tmux session
if [ $TERM = "screen" ]; then
    export TERM=xterm
fi
if [ -n "$TMUX" ]; then
    export COLORTERM=rxvt
fi
  • Had some issues around fcitx packages being held when upgrading from Debian Bullseye to testing (Bookworm). So I uninstalled the full package suite, also because I fear this package may interfere with editors.
sudo apt autoremove --purge fcitx fcitx-modules fcitx-config-common libfcitx5utils2

Restore / keep from previous PC

Here a list of items to restore from previous PC.

  • /home directory.
  • The easiest is to transfer with tar
# This requires the following line in /etc/sudoers on mypc.local:
#    Defaults     !tty_tickets
#
MYPC=mypc
MYUSER=user
stty -echo; ssh -t $MYUSER@$MYPC.local sudo -v; stty echo
sudo mkdir /home/$MYPC
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system home)" | sudo tar xvCf /home/$MYPC -
  • /root directory
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system root)" | sudo tar xvCf /home/$MYPC -
  • /usr/local directory
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system usr/local)" | sudo tar xvCf /home/$MYPC -
  • /etc directory
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system etc)" | sudo tar xvCf /home/$MYPC -
In particular:
  • Restore files from /etc/sudoers.d.
  • Restore gufw profile from /etc/gufw/Home.profile.
  • /opt directory
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system opt)" | sudo tar xvCf /home/$MYPC -
  • /var directory, but excluding /var/cache and /var/log
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system --exclude=cache --exclude=log var)" | sudo tar xvCf /home/$MYPC -
Alternatively, data to backup from /var
  • MySQL database
  • Docker images
  • crontabs (from /var/spool/cron/crontabs or for each user using crontab -l).
  • mail (/var/mail.
  • Configuration:
# List of packages
sudo dpkg -l > dpkg-l-$HOSTNAME-$(date +"%Y%m%d%H%M%S").txt
apt-mark showmanual > apt-mark-showmanual-$HOSTNAME-$(date +"%Y%m%d%H%M%S").txt

The pit (things to tidy up)

Miscellaneous

  • Optional - Fix flash issue
# Optional - Fix blue video in flash (see below for details)
sudo mkdir /etc/adobe
echo -e "EnableLinuxHWVideoDecode=1\nOverrideGPUValidation=true" | sudo tee /etc/adobe/mms.cfg > /dev/null
sudo etckeeper commit "Fix blue video bug in adobe flashplayer"


  • Install packages - optional
# Optional applications
sudo apt install gnugo qgo uligo cgoban quarry pgpgpg powertop

Synapse

# On Debian Buster / Bullseye
sudo apt install synapse
# Alternative / Ubuntu
# sudo add-apt-repository ppa:synapse-core/ppa
# sudo apt-get update && sudo apt-get install synapse
  • Start synapsePreferences → click Startup on login
  • If Synapse does not show up on keypress, there is maybe a racing condition. We fix by delaying start by 3s.
sudo vi /usr/local/bin/synapse-delayed        # Content as below
# #! /bin/bash
# sleep 3 && exec synapse --startup &
sudo chmod 755 /usr/local/bin/synapse-delayed
sed -r 's/^Exec.*/Exec=/usr/local/bin/synapse-delayed' ~/.config/autostart/synapse.desktop
  • It may also requires to define a custom shortcut in Gnome. Still in preferences, set Activate shortcut to Ctrl-Alt-Space

Opera

sudo apt install opera

See Opera to fix apt key issues.

Users

sudo useradd -s /bin/bash -m -u 1100 marie
sudo useradd -s /bin/bash -m -u 1200 isma
sudo useradd -s /bin/bash -m -u 1300 emma
sudo passwd marie
sudo passwd isma
sudo passwd emma

Flash

  • Flash Plugin 10 (flashplugin-installer)||
  • Enable Ubuntu partner repository if needed(deb http://archive.canonical.com/ubuntu lucid partner).
  • In case of error failure to download extra data files flashplugin-installer, try
sudo apt-get --reinstall install flashplugin-installer

(Old recipe:

sudo aptitude autoremove "flashplugin-*"
sudo aptitude install flashplugin-installer

)

  • broken— This is too unstable, see next solution — On Ubuntu 12.04 with NVidia card, there is a bug Flash video appears blue. That link recommends to update libvdpau1, but in my case it was already at the latest version. Instead the following did the trick (from bug 968647):
sudo mkdir /etc/adobe
echo -e "EnableLinuxHWVideoDecode=1\nOverrideGPUValidation=true" | sudo tee /etc/adobe/mms.cfg > /dev/null
  • Another solution is to disable hardware acceleration, by going into flash player settings. If the settings window is not clickable, first disable unity 3D (for instance with metacity --replace&)

Quicktime

  • Quicktime plugin (gnome-mplayer gecko-mediaplayer)||To play Quicktime content in Opera, Firefox
  • libdvdcss2||Installed via sudo /usr/share/doc/libdvdread4/install-css.sh (see also [22])

Ubuntu tweak

Ubuntu tweak
sudo apt install ubuntu-tweak

Medibuntu application center (app-install-data-medibuntu)||

  • No longer available on u1404 Trusty Tahr
  • This install medibuntu apps in Ubuntu Application Center
Unity tweak tool
sudo apt install unity-tweak-tool
  • Don't show desktop in switcher
  • top right hot corner: Spread all windows

gdmap

sudo apt install gdmap                    # Graphical Disk Map - broken? using baobab instead

Miscellaneous

  • Disable apport. Set enabled=0 in /etc/default/apport
  • Edit AppArmor tunables. If home directories are not located at /home (e.g. /data/home), edit apparmor tunables. See here for details.
  • Configure the console:
dpkg-reconfigure console-setup
# utf-8 / latin1+latin5 / Terminus / 16

Network

  • Samba / NFS client: Via autofs

Preferences