Configuration Common Linux
Jump to navigation
Jump to search
This page details a common configuration for Linux, independent of the underlying platform.
To Do
- Basic configuration for standard installation
- Move settings that can be recovered from HOME directory in separate section.
Base
On Debian, login as root and add default user (uid 1000) as root.
su -
USERNAME=$(awk -F: '/:1000:/ {print $1}' /etc/passwd)
gpasswd -a $USERNAME sudo
# Terminate all users process !!! this will FORCE LOGOUT !!!
# ... alternatively: su - $USERNAME to avoid logout
loginctl terminate-user $USERNAME
Install etckeeper (with git).
# ### etckeeper + git
sudo apt install git etckeeper terminator
sudo make -C /usr/share/doc/git/contrib/diff-highlight # Fix diff-highlight
sudo ln -sf /usr/share/doc/git/contrib/diff-highlight/diff-highlight /usr/local/bin/diff-highlight
git config --global user.email "user@server.com" # Make sure this is defined for admin user + root
git config --global user.name "User Name" # or release upgrade might fail in the future
sudo su -
git config --global user.email "$USER@$HOSTNAME"
git config --global user.name "root"
logout
sudo vi /etc/etckeeper/etckeeper.conf # Select git, AVOID_DAILY_AUTOCOMMITS, AVOID_COMMIT_BEFORE_INSTALL
sudo etckeeper init
sudo etckeeper commit "1st commit"
cd /etc
sudo vi .gitignore # Ignore resolv.c*, cups/ppd, cups/printers.conf* (and cups/subscriptions.* before Ubuntu Precise)
sudo git rm --cached resolv.c*
sudo git rm --cached cups/subscriptions.* # No longer needed on Ubuntu Precise and after
sudo etckeeper commit "ignore resolv.c*, cups/subscriptions.*"
Then we install ssh (incl. ssh server), vim + mc, and avahi (often preinstalled)
sudo apt install ssh vim mc # Debian 9+
sudo apt install ssh vim-gnome mc # Older
sudo apt install libnss-mdns avahi-daemon mdns-scan
From now, the configuration can continue either locally or remotely (using ssh).
We now install a few repositories, as required.
- See also Ubuntu Tweak, XBMC, Gnome Terminator, Medibuntu (replaced by Videolan)
sudo vi /etc/apt/sources.list # Debian: enable 'main non-free contrib'
# Ubuntu: enable 'partner' and 'extra' (if available)
sudo add-apt-repository ppa:phoerious/keepassxc # Ubuntu: keepassxc
# sudo add-apt-repository ppa:synapse-core/ppa # Ubuntu <14.04 - Synapse
sudo add-apt-repository ppa:tualatrix/next # Ubuntu: Ubuntu Tweak
sudo add-apt-repository ppa:team-xbmc/ppa # Optional: XBMC
sudo etckeeper commit "Update repositories"
sudo apt update
sudo apt upgrade # This may upgrade firmware to non-free versions
- hosts — Update /etc/hosts
sudo vi /etc/hosts # Add any relevant entries.
# Make sure localhost has FQDN:
# 127.0.1.1 myhost.domain.com
sudo etckeeper commit "update hosts file"
- sudoers — Create new files in /etc/sudoers.d as required:
# envkeep
# http_proxy, https_proxy -- to keep proxy settings for apt-get etc
# GREP_OPTIONS -- keep grep options
# DISPLAY, XAUTHORITY -- avoid doing 'xhost local:root' before launching X pgm
# HOME -- e.g. to keep git aliases and settings when using etckeeper
# PASSWD -- e.g. to pass password via env. var to <code>mount.cifs</code>
echo "Defaults env_keep += \"http_proxy https_proxy GREP_OPTIONS DISPLAY XAUTHORITY HOME\"" | sudo tee /etc/sudoers.d/envkeep
# Truecrypt
echo "ALL ALL = NOPASSWD: /usr/bin/truecrypt" | sudo tee /etc/sudoers.d/truecrypt
# Privoxy - no longer needed with tun2socks-manager
#echo "ALL ALL = (ALL) NOPASSWD: /etc/privoxy/set-network-config" | sudo tee /etc/sudoers.d/privoxy
# rfkill - no more used
#echo "ALL ALL = NOPASSWD: /sbin/rfkill" | sudo tee /etc/sudoers.d/rfkill
sudo chmod o-r /etc/sudoers.d/*
sudo etckeeper commit "update sudoers.d files"
- Restore home profile (from git)
# Restore my profile
mv home/.git .
rm -rf home
git reset --hard
git st
export PATH=$PATH:$HOME/bin
set-network.sh
~/setup.sh
- Restore old keyboard dead keys behaviour by uninstalling im-config:
- DOES NOT WORK - on Bullseye, still get the strange behaviour. Maybe due to Wayland?
# No more the issue on Bookworm (with pkg installed - so not root cause)
# sudo apt remove im-config # DOES NOT WORK - To avoid ¨ / ^ displaying while composing, and other nasty side effects
- Locale (at least since Debian 10 Buster)
- ATTENTION Using the locale
en_DK.UTF-8break Wine Command Prompt (bad keyboard config).
- To fix that, for instance for PlayOnLinux, edit file /usr/share/applications/PlayOnLinux.desktop
vi /usr/share/applications/PlayOnLinux.desktop
-Exec=playonlinux %F
+Exec=env LC_ALL=en_US.UTF-8 playonlinux %F
- Edit /etc/locale.gen, and uncomment line
en_DK.UTF-8 UTF-8, then update the locale
sudo vi /etc/locale.gen
# ...
sudo locale-gen
sudo vi /etc/default/locale # ...
- In Gnome, select
en_DK.UTF-8for format in Region and Language settings.
- SSD Trim
If using an SSD, enable TRIM (but see WARNING HERE).
sudo systemctl enable fstrim.timer
sudo systemctl start fstrim.timer
- Systemd
- Add ourselves to group adm to get journalctl log for the whole system
journalctl -b | head
# Hint: You are currently not seeing messages from other users and the system.
# Users in groups 'adm', 'systemd-journal' can see all messages.
# Pass -q to turn off this notice.
sudo gpasswd -a $USER adm
# ...logout
journalctl -
b | head
Kernel update
- Install latest kernel [3]
# Get Utopic kernel
sudo apt install --install-recommends linux-generic-lts-utopic xserver-xorg-lts-utopic libgl1-mesa-glx-lts-utopic libegl1-mesa-drivers-lts-utopic
# Get Vivid kernel
# DO NOT UPDATE TO VIVID X.ORG - IT LEAKS LIKE HELL
# sudo apt install --install-recommends linux-generic-lts-vivid xserver-xorg-lts-vivid libgl1-mesa-glx-lts-vivid libegl1-mesa-drivers-lts-vivid
sudo apt install --install-recommends linux-generic-lts-vivid
Standard packages
- Install packages - standard
# Common Applications
sudo apt install synapse # Ubuntu: requires extra repo
sudo apt install keepassxc # Upgrade: keepassx -> keepassxc
sudo apt install rpcbind # Use 'portmap' before oneiric ocelot
sudo apt install cifs-utils # Use 'smbfs' with precise pangolin or before
# moreutils: for chronic, sponge
# Removed in Bionic: gnome-mplayer gecko-mediaplayer ubuntu-tweak
# app-install-data-medibuntu
# Upgraded: libavcodec-extra-54
# Discontinued: ubuntu-restricted-extras (would install libdvdread4)
# 14.04 Trusty: packages 'ubuntu-tweak', 'app-install-data-medibuntu',
# 'smbfs' missing
sudo apt install autossh terminator smbclient \
nfs-kernel-server nfs-common autofs \
apt-file p7zip-full p7zip-rar dlocate \
ttf-mscorefonts-installer qiv gthumb \
gnupg-agent renameutils mplayer \
mplayer-doc gimp gparted xsel moreutils\
tmux libavcodec-extra \
silversearcher-ag gawk \
mlocate keychain python3-pip
# sudo apt install gnome-tweak-tool # older Debian / Ubuntu
# sudo apt install pepperflashplugin-nonfree # older Debain / Ubuntu
# sudo apt install dconf-tools # older Debian / Ubuntu
# sudo apt install mplayer-fonts # older Debian / Ubuntu
sudo apt install chromium # Debian 10+
# sudo apt install chromium-browser # older
sudo apt install bash-completion # Fix '__git_ps1 command not found' (on Debian Buster / Bullseye)
sudo apt install chrome-gnome-shell # Since U18.04, to manage Gnome extension in Chrome / FF. Require browser ext.
sudo apt install ripgrep
# Debian 9 / Ubuntu 16.04 or older.
# wget https://github.com/BurntSushi/ripgrep/releases/download/12.1.1/ripgrep_12.1.1_amd64.deb
# sudo apt install ripgrep_12.1.1_amd64.deb
sudo apt install bat
# Debian 9 / Ubuntu 16.04 or older.
# wget https://github.com/sharkdp/bat/releases/download/v0.10.0/bat_0.10.0_amd64.deb
# sudo apt install bat_0.10.0_amd64.deb
sudo apt install fasd fd-find
sudo apt-file update
# Optional essentials
sudo apt install nmap # For various personal scripts (''prj'', ''tsync''')
sudo apt install winbind libnss-winbind # winbind + libnss-winbind for NetBIOS name resolution
sudo vi /etc/nsswitch.conf # Add "wins" at the end of "hosts:" line
sudo apt install xbmc
sudo apt install thunderbird
sudo apt install wine
# Debian 9 or older
# sudo apt install wine-stable
# Ubuntu
sudo apt install unity-tweak-tool \
compizconfig-settings-manager \
compiz-plugins
sudo /usr/share/doc/libdvdread4/install-css.sh
Bash
Add to /etc/bash.bashrc:
# Configure history
HISTCONTROL=erasedups:ignorespace
shopt -s histappend
HISTIGNORE=$'&:bg:fg:l:la:ls:ll:lla:exit:history'
HISTSIZE=100000
HISTFILESIZE=100000
# some more ls aliases
alias ll='ls -alF'
alias la='ls -A'
alias l='ls -CF'
alias u='cd ..'
alias grep='grep --color=auto'
Add to /etc/inputrc:
set meta-flag on
set convert-meta off
set input-meta on
set output-meta on
$if Bash
set completion-ignore-case on
set show-all-if-ambiguous on
$endif
"\eOA":history-search-backward #Up arrow
"\e[A":history-search-backward #Up arrow
"\eOB":history-search-forward #Down arrow
"\e[B":history-search-forward #Down arrow
"\e[2~":paste-from-clipboard #Insert
tab:menu-complete #TAB
"\e[Z":menu-complete-backward #Shift-Tab
Etckeeper
If disabling daily autocommits, there is a patch to apply [4].
diff --git a/cron.daily/etckeeper b/cron.daily/etckeeper
index eb74401..ddd9d05 100755
--- a/cron.daily/etckeeper
+++ b/cron.daily/etckeeper
@@ -1,8 +1,6 @@
#!/bin/sh
set -e
-if [ -e /etc/etckeeper/daily ] && [ -e /etc/etckeeper/etckeeper.conf ]; then
- . /etc/etckeeper/etckeeper.conf
- if [ "$AVOID_DAILY_AUTOCOMMITS" != "1" ]; then
- /etc/etckeeper/daily
- fi
+# The etckeeper/daily script checks if daily autocommits are disabled.
+if [ -x /etc/etckeeper/daily ]; then
+ /etc/etckeeper/daily
fi
diff --git a/etckeeper/daily b/etckeeper/daily
index f98c6ad..a79b908 100755
--- a/etckeeper/daily
+++ b/etckeeper/daily
@@ -2,6 +2,12 @@
# Script that can be run daily to autocommit /etc changes.
set -e
if [ -x /usr/bin/etckeeper ] && [ -e /etc/etckeeper/etckeeper.conf ]; then
+ # check if daily autocommits are disabled (Debian bug #884824)
+ . /etc/etckeeper/etckeeper.conf
+ if [ "$AVOID_DAILY_AUTOCOMMITS" = "1" ]; then
+ exit 0
+ fi
+
# avoid autocommit if an install run is in progress
lockfile=/var/cache/etckeeper/packagelist.pre-install
if [ -e "$lockfile" ] && [ -n "$(find "$lockfile" -mtime +1)" ]; then
Ufw
Keep UFW logs only in /var/log/ufw.log. Edit /etc/rsyslog.d/20-ufw.conf:
-#& stop
+& stop
Then
sudo service rsyslog restart
Install gufw
sudo apt install gufw
If necessary, restore old gufw profiles from /etc/gufw.
X11
- Custom keyboard mapping be:
# From my profile
sudo cp ~/etc/be /usr/share/X11/xkb/symbols/be
sudo rm /var/lib/xkb/*.xkm
setxkbmap us
setxkbmap be
- Use CapsLock as an extra Esc key (see X#Configuring_Layout_Options)
gsettings get org.gnome.desktop.input-sources xkb-options gsettings set org.gnome.desktop.input-sources xkb-options "@as ['caps:escape']"
- Fonts — disable embedded bitmaps. See Fonts.
Desktop - Gnome
Disable Wayland
Wayland is improving, but still some hickups with the following applications:
- Synapse (constant pop up inhibiting shortcuts), and global shortcut not working (but we could set up a gnome shortcut Ctrl-Alt-Space with
/usr/bin/synapseas command).
To disable:
- At startup screen, select the user.
- Click settings icon in bottom right corner, and select "Gnome on X.Org"
- Login with the user and logout.
Gnome extensions
- Notes
- To install an extension using apt (recommended):
- Install the package gnome-shell-extension-*.
- Restart gnome shell (Alt-F2, then
r).
- To install an extension using chromium:
- Install chromium and extension:
sudo apt install chromium chrome-gnome-shell # Since U18.04, to manage Gnome extension in Chromium / FF.
# Alternative: install 'Gnome Shell Integration' from https://chrome.google.com/webstore/.
- Visit https://extensions.gnome.org/, and search for the extension.
- Enable and configure extensions in Extensions (recent Gnome)
- Older Gnome, use Gnome tweaks (package gnome-tweaks).
- AlternateTab
- Debian - Since BookWorm: APPLICATION NO MORE NEEDED.
- Instead, settings → keyboard shortcuts Set Alt-Tab to Switch windows instead of Switch applications.
- Debian: Install from Chromium: AlternateTab
- Ubuntu: press Super key, then AlternateTab, it will be installed automatically. This might require installing
sudo apt install gnome-tweak-tool[5]. - This extension fixes the annoying Gnome Alt-Tab behaviour that group windows from the same application.
- System-Monitor
sudo apt install gnome-shell-extension-system-monitor
# Restart Gnome and enable with Tweaks
- This replaces applet indicator-multiload that no longer works since Ubuntu Bionic.
- If installed from store, requires the following packages:
sudo apt install gir1.2-gtop-2.0 gir1.2-networkmanager-1.0 gir1.2-clutter-1.0 # Ubuntu
sudo apt install gir1.2-gtop-2.0 gir1.2-nm-1.0 gir1.2-clutter-1.0 # Debian
- Note: the indicator may conflict with owncloud client (no longer visible), however this seems to be fixed with laster appindicator.
- Selects memory, cpu, network, width 50px, and DO NOT show text.
- Ubuntu appindicators / Appindicator and kstatusnotifieritem support
- Install using apt
sudo apt install gnome-shell-extension-appindicator
# Restart Gnome and enable with Tweaks
- More Pixel
- Install using apt:
sudo apt install gnome-shell-extension-pixelsaver
# Restart Gnome and enable with Tweaks
- NOTE: This works only in X.Org ! (at least under Debian Bookworm).
- No title bar (Gnome-shell <= 3.30)
- Install from the store (No title bar)
- Revive Unity-like merging of window title bar with desktop top bar.
- Caveat: Window's menu is not merged [6]
- Gnome 3.38: we have to use fork from kendling/no-title-bar to fix for
No JS Module 'tweener' found in search path. - Alternative: gnome-shell-extension-pixelsaver.
- Gnome Global Application Menu (Gnome-shell <= 3.30)
- Install from the store (Gnome Global Application Menu)
- AVOID 'ALT' KEY STEALING FOCUS → In extension configuration (via Gnome Tweaks), Go to main menu, click on
Alt, then Backspace to remove the shortcut. Breathe again. - To merge application menu in top title bar.
- As a side-effect, this extension fixes the owncloud-icon-not-showing bug.
- Recent alternative: https://github.com/gonzaarcr/Fildem
- Custom Hot Corner - Extended
- Install from the store ([7])
- Set Show activity for all top corners on both monitors.
- Built-in alternative: there is however also Gnome settings -> Multitasking -> Hot Corner.
Gnome theme
We install a Mac OS theme.
- Enable Gnome User Themes
- Open Gnome tweaks, and enable extensions User themes (this enable theme selection for Shell' in Appearance).
- Mojave light theme (Debian Buster / Bullseye / Bookworm)
- Guide on OMG buntu.
- FIX: Make sure to include fix for bad bg color in light theme (PR).
--- /usr/share/themes/Mojave-light/gnome-shell/gnome-shell.css 2022-04-28 08:48:55.877668709 +0200
+++ /usr/share/themes/Mojave-light/gnome-shell/gnome-shell.css 2022-04-14 08:42:57.953109488 +0200
@@ -2531,7 +2531,6 @@
.popup-menu .popup-menu-content {
padding: 10px 0;
font-weight: normal;
+ background-color: rgba(241, 241, 241, 0.85);
}
- Download and install McMojave:
sudo apt install gtk2-engines-murrine gtk2-engines-pixbuf
sudo apt install libglib2.0-dev-bin # Needed to install gdm theme
git clone https://github.com/vinceliuice/Mojave-gtk-theme.git
cd Mojave-gtk-theme
./install.sh
sudo ./install.sh -g
- In Gnome tweaks → Appearance → Applications, select Mojave-light.
- In Gnome tweaks → Appearance → Shell, select Mojave-light.
- La Capitaine Icon Pack
- Download and install:
mkdir -p ~/.icons
cd ~/.icons
git clone https://github.com/keeferrourke/la-capitaine-icon-theme.git
- In Gnome tweaks → Appearance → Icons, select La-capitaine-icon-theme.
- Fonts
- In Gnome Tweaks → Fonts, select the following fonts:
- Interface Text:
Lucide Sans Regular 11(wasCantarell Regular 11). - Document Text:
Lucida Sans Regular 11(wasSans Regular 11) - Monospace Text:
Fantasque Sans Mono Regular 11(wasMonospace Regular 11) - Legacy Window Titles:
Lucida Sans Unicode Bold 11(wasCanterell Bold 11)
- Interface Text:
- Launcher
- We stick to Synapse with Ctrl-Alt-Space, but this requires either running X.Org or add custom keyboard shortcut in Gnome Settings (fuzzy mode in Albert is just broken).
- Other options
- (older Debian / Ubuntu) Noobslab MacBuntu 18.04 guide.
# Wallpaper
see MacBuntu-Wallpapers.zip
# Theme
sudo dpkg -i gtk3-engines-unico_1.0.3+14.04.20140109-0ubuntu1_amd64.deb
sudo dpkg -i macbuntu-os-ithemes-v1804_3.3~bionic~NoobsLab.com_all.deb
# Icons
sudo dpkg -i macbuntu-os-icons-v1804_3.3~bionic~NoobsLab.com_all.deb
# Launcher
sudo dpkg -i albert_0.11.1-1~zesty1.0_amd64.deb
sudo dpkg -i macbuntu-os-plank-theme-v1804_3.3~bionic~NoobsLab.com_all.deb
# LibreOffice monochrome icons
sudo apt-get install libreoffice-style-sifr
# ... then "Tools" > "Options" > "LibreOffice" > "View" and select "Sifr" under "Icon size and style".
# Fonts
see mac-fonts.zip
Gnome tweak
- Top bar → Application Menu → OFF.
Gnome Mouse
- Go to Settings, Mouse, and enable / disable the following settings as wished:
- Touchpad → Tap to click
- Touchpad → Natural scrolling
- When playing games, flat acceleration is recommended.
- On Debian 10 with BT mouse, speed
-0.2gives best result.
gsettings reset-recursively org.gnome.desktop.peripherals.mouse
gsettings set org.gnome.desktop.peripherals.mouse accel-profile flat
gsettings set org.gnome.desktop.peripherals.mouse speed -0.2
dconf dump /org/gnome/desktop/peripherals/mouse/
# [/]
# speed=-0.20000000000000001
# accel-profile='flat'
Miscellaneous Gnome
- Disable emoji shortcut Ctrl-Shift-E (interfere with Terminator).
- Launch
ibus-setup, and delete the shortcut for emoji.
- Launch
- Disable gnome-software from autostarting (to reduce memory consumption) [8]:
# Disable Gnome Software autostart
mkdir -pv ~/.config/autostart && cp /etc/xdg/autostart/gnome-software-service.desktop ~/.config/autostart/
mkdir -pv ~/.config/autostart && cp /etc/xdg/autostart//etc/xdg/autostart/org.gnome.Software.desktop ~/.config/autostart/
echo "X-GNOME-Autostart-enabled=false" >> ~/.config/autostart/gnome-software-service.desktop
echo "X-GNOME-Autostart-enabled=false" >> ~/.config/autostart/org.gnome.Software.desktop
dconf write /org/gnome/desktop/search-providers/disabled "['org.gnome.Software.desktop']"
# Disable Gnome Software automatic updates
dconf write /org/gnome/software/allow-updates false
dconf write /org/gnome/software/download-updates false
Development packages
- Install packages - development
sudo apt install gitk git-gui git-doc exuberant-ctags cscope ruby meld colordiff # ruby for Vim plugin snipMate.vim
# Optional
sudo apt install gitweb git-svn
Optional packages
AutoFS
sudo apt install autofs
- Mount mnemosyne shares as NFS autofs (see [9]) and as SMB autofs
- Enabled/created the following automounters in /etc/auto.master:
/net /etc/auto.net --ghost /smb/mnemosyne /etc/auto.smb.mnemosyne --ghost /smb/lacie-cloudbox /etc/auto.smb.lacie-cloudbox --ghost
- Create configuration file /etc/auto.smb.mnemosyne
- Create SMB credential files /etc/auto.smb.mnemosyne.* (see
man mount.cifs) Created path for mount points:
sudo mkdir /net
sudo mkdir -p /smb/mnemosyne
# ls /net/mnemosyne
# sudo mkdir -p /mnt/mnemosyne
# for i in /net/mnemosyne/volume1/*; do sudo ln -s $i /mnt/mnemosyne/$(basename $i); done
- Or recover settings from an already configured host:
scp griffin:tmp/autofs.tgz . # Configure autofs
sudo tar -xvzf autofs.tgz
sudo cp etc/* /etc
- If necessary, mount shares read-only: add option
roin /etc/autofs.smb.mnemosyne - Create a writable share in /etc/fstab:
sudo mkdir -p /mnt/mystique/local
sudo vi /etc/fstab # Add the following line
# //mystique/local /mnt/mystique/local cifs noauto,vers=1.0,_netdev,noperm,iocharset=utf8,sec=ntlm,username=superwoman 0 0
BorgBackup / Borgcronic
- Install borgbackup & borgcronic, reusing our existing configuration:
sudo apt install borgbackup
sudo ./borgcronic install borgbackup:borgbackup:/home/borg/repo
- Restore file /etc/borgcronic.conf
- Restore root ssh config (/root/.ssh folder and /etc/hosts.
Host borgbackup
User borg
HostName dumbledore
ForwardX11 no
ForwardX11Trusted no
ProxyCommand none
ServerAliveInterval 10
ServerAliveCountMax 30
IdentityFile ~/.ssh/id_ed25519_borg_zavcxl0006
- Restart and test
sudo ssh borgbackup # Should report tty error. Ctrl-C.
sudo systemctl restart borgcronic
sudo borgcronic exec list # say 'Yes'
By default, cron will trigger borgcronic daily / every 6h.
Chromium
Enable Chromecast:
- Go to
chrome://flags/#load-media-router-component-extension - Set to Enabled.
Dropbox
- Download from https://www.dropbox.com/install-linux
Courier
sudo apt-get install courier-imap courier-doc gamin
cd /etc/courier/
sudo vi authdaemonrc # Set authmodulelist="authuserdb"
sudo makeuserdb
sudo vi userdb # Restore pwd for user 'st' and 'peetersm'
# See Courier page to generate new
sudo etckeeper commit "courier config"
sudo systemctl restart courier-authdaemon
Firefox
sudo apt install firefox
- Set Ctrl-Tab to show last tab. Either in Settings (Ctrl+Tab cycles through tabs in recently used order), or browse to
about:config, and setbrowser.ctrlTab.previewstoTrue. - Install extension Firefox#textern.
fzf
fzf is a very fast fuzzy-finder written in Go.
It is installed when installing vim plugins. To install it in bash:
git clone https://github.com/junegunn/fzf.git ~/.fzf # Skip this step if already present
cd ~/.fzf
./install
Gpg
sudo apt install gnupg-agent pgpgpg
- Added
use-agentat end of ~/.gnupg/gpg.conf - Edit ~/.gnupg/gpg.conf as necessary.
KeePass
sudo apt install keepassxc # Now using KeepassXC
# sudo apt install keepassx
We store the database on Owncloud, and sync to local git repository with cron.
Script private/kdbx/sync_from_owncloud.sh:
#! /bin/bash
BASEDIR=$(dirname "$(readlink -nf "${BASH_SOURCE[0]}")")
cd "$BASEDIR"
KDBX=work.kdbx
OWNCLOUD_DIR=~/owncloud/kdbx
if ! diff -q $OWNCLOUD_DIR/$KDBX $KDBX; then
echo "Adding $KDBX to git..."
cp $OWNCLOUD_DIR/$KDBX $KDBX
git add $KDBX
git commit -m "Sync keepassx db with Owncloud"
fi
Cronjob:
31 * * * * chronic ~peetersm/private/kdbx/sync_from_owncloud.sh
- Workaround
#!/bin/sh
#
setxkbmap be
Java from Oracle
Reference: https://launchpad.net/~webupd8team/+archive/ubuntu/java
sudo add-apt-repository ppa:webupd8team/java
sudo apt update
- Java 8
# sudo apt install oracle-java8-set-default
# ... discontinued. We install from local copy
cd /smb/wolverine/family/archive/software/linux-cygwin/java-jdk-8u162/
dpkg -i oracle-java8-set-default_8u161-1~webupd8~0_all.deb oracle-java8-installer_8u161-1~webupd8~0_all.deb
apt install -f
# ... an error occur about missing archive.
# ... Note that we edited the package to install version 8u162
cp jdk-8u162-linux-x64.tar.gz /var/cache/oracle-jdk8-installer/
apt install -f
- Java 7
sudo apt install oracle-java7-installer
# An error occur because archive is not found anymore
# ... so we copy back our backup at the right location
sudo cp /smb/lacie-cloudbox/family/archives/software/any/oracle-jdk-7u80-linux-x64/jdk-7u80-linux-x64.tar.gz /var/cache/oracle-jdk7-installer/
# Resume install
sudo apt install oracle-java7-installer
LibreOffice
Install latest LibreOffice by adding the PPA:
sudo add-apt-repository ppa:libreoffice/ppa
sudo apt update
mDNS
sudo apt install libnss-mdns avahi-daemon mdns-scan
- To scan:
mdns-scan
Machine should broadcast its ip address on griffin.local to all avahi clients. For some strange reason, avahi may append a -2 suffix to broadcast name. To avoid that, edit /etc/avahi/avahi-daemon.conf and set host-name variable:
host-name=griffin
In some cases, avahi may detect host name conflicts on the network where there isn't.
Oct 24 19:32:06 zavcxl0006 avahi-daemon[810747]: Host name conflict, retrying with griffin-2
One fix for that is to restrict the set of interfaces (here only wired and wifi) [12], [13]:
allow-interfaces=enp0s31f6, wlp1s0
There is yet another potential conflict with systemd-resolved [14], [15]:
Oct 24 19:41:28 zavcxl0006 avahi-daemon[811344]: *** WARNING: Detected another IPv4 mDNS stack running on this host.
Midnight Commander
sudo apt instal mc
- See reference page.
- Use vi as standard viewer/editor.
- Installed version from mc official repository to fix file highlighting issue.
neovim / vim
Install instructions:
- Debian BookWorm: install from debian repository, version 0.6.1.
sudo pip3 install --upgrade pynvim
sudo apt install nodejs npm yarnpkg ruby-dev
sudo npm install -g neovim
sudo gem install neovim
# In neovim, run ':checkhealth' and fix issues if any
# ... ignoring python2 bindings
# ... ignoring perl bindings
- Debian Bullseye: build from source, version 0.5.1.
- Debian Buster: build from source, version 0.5.1.
# New / current instructions
# We use Neovim compiled from source, version 0.4.4
# ... use uninstall script to uninstall
cd / && sudo tar xvzf /path/to/nvim-0.4.4.tgz
sudo ln -sf nvim /usr/local/bin/vim
sudo ln -sf nvim /usr/local/bin/vi
sudo pip3 install --upgrade pynvim neovim-remote
sudo pip install --upgrade pynvim
sudo apt install ruby-dev
sudo gem install neovim
# Old instructions (using distribution neovim)
sudo apt install neovim
sudo pip3 install neovim-remote # nvr, needed by Vimtex
See Neovim page for complete install instructions.
- Workarounds and tips
# Fix clipboard timeout issue at startup:
vim /usr/local/share/nvim/runtime/autoload/provider/clipboard.vim
# + elseif exists('$DISPLAY') && executable('xsel')
# - elseif exists('$DISPLAY') && executable('xsel') && s:cmd_ok('xsel -o -b')
Create a file /usr/local/bin/ngvim:
#! /bin/bash
# We redirect stderr to silent error on keyboard binding failure
if [ "$1" == "-f" ]; then
shift
# Blocking call
2> /dev/null exec /usr/bin/terminator -m --p nvim -i /usr/local/icons/neovim.png -u -T "$PWD" -x env COLORTERM=gnome-terminal nvim "$@"
else
2> /dev/null /usr/bin/terminator -m --p nvim -i /usr/local/icons/neovim.png -u -T "$PWD" -x env COLORTERM=gnome-terminal nvim "$@" &
fi
Neovim / vim plugins are installed via vim-plug, which is part of the home git repository.
Set Neovim as alternatives for vim/viewer (useful for Midnight Commander).
sudo update-alternatives --config vi # Select 'nvim'
sudo update-alternatives --config vim # Select 'nvim'
sudo update-alternatives --config view # Select 'view.nvim'
However the following plugins require extra configuration:
- YouCompleteMe
This is the install script to enable the minimum features. Note that this is done automatically by vim-plug.
sudo apt install cmake
cd ~/.vim/plugged/YouCompleteMe
./install.py --clang-completer
- cpsm
Run this script after installing the plugin with vim-plug.
sudo apt install libboost-all-dev cmake python-dev libicu-dev
cd ~/.vim/plugged/cpsm
./install.sh
NFS
- NFS Server (nfs-kernel-server nfs-common rpcbind)||See NFS for more details; Created entries in /etc/exports. rpcbind replaces portmap since Oneiric.
Owncloud
- Install owncloud-client.
- Start the client, and make sure the client is started at login.
- Make sure appindicator gnome extension is installed, or status icon will not show up.
- If owncloud icon does not show, there is maybe a racing condition. We fix by delaying start by 3s.
sudo vi /usr/local/bin/owncloud-delayed # Content as below
# #! /bin/bash
# sleep 3 && exec /usr/bin/owncloud &
sudo chmod 755 /usr/local/bin/owncloud-delayed
sed -r 's/^Exec.*/Exec=/usr/local/bin/owncloud-delayed' ~/.config/autostart/ownCloud.desktop
- Use ~/owncloud instead of ~/ownCloud.
PipeWire
We follow instructions from Debian Wiki.
# Install WirePlumber and enable it
sudo apt install wireplumber pipewire-media-session-
sudo apt purge pipewire-media-session
systemctl --user --now enable wireplumber.service
sudo rmdir /etc/pipewire/media-session.d/
sudo rmdir /etc/pipewire
# Restart, check that PW took over
sudo shutdown -r now
LANG=C pactl info | grep '^Server Name'
# Server Name: PulseAudio (on PipeWire 0.3.50)
# Enable ALSA through PipeWire
sudo apt install pipewire-audio-client-libraries
sudo cp /usr/share/doc/pipewire/examples/alsa.conf.d/99-pipewire-default.conf /etc/alsa/conf.d/
sudo etckeeper commit "Enable ALSA through pipewire"
# Enable JACK through PipeWire
sudo apt install libspa-0.2-jack
sudo cp /usr/share/doc/pipewire/examples/ld.so.conf.d/pipewire-jack-*.conf /etc/ld.so.conf.d/
sudo ldconfig
sudo etckeeper commit "Enable JACK through pipewire"
# Enable bluetooth through PipeWire
sudo apt install libspa-0.2-bluetooth pulseaudio-module-bluetooth-
Relevant configuration files:
- Bluetooth — /etc/pipewire/media-session.d/bluez-monitor.conf
- Or per-user ~/.config/pipewire/media-session.d/bluez-monitor.conf
- Workarounds
- Disable speech in Firefox. Open
about:config, and set the following keys tofalse, then restart Firefox. [16]
reader.parse-on-load.enabled false media.webspeech.synth.enabled false
Recoll
See Recoll.
Indexing mails from another user requires that Maildir is readable.
By default, Maildir are not group-readable (although see man maildirmake for more info).
The simplest is to run a cron script:
# m h dom mon dow command
10 12 * * * bash -c 'find ~/Maildir -type d -print0 | xargs -0 chmod g+rx'
Samba
sudo apt install smbclient cifs-utils
- Use package smbfs for u1204 Precise Pangolin and before
SSH
- Create / restore private key *and* public keys (or we get a
wrong formaterror):
ln -sf ../private/ssh/id_rsa_work ~/.ssh/id_rsa ln -sf ../private/ssh/id_rsa_work.pub ~/.ssh/id_rsa.pub
- If using bin/ssh-agent-refresh.sh:
touch ~/.use_ssh_agent
Terminator
sudo apt install terminator
- Install the new terminator that depends on GTK3 (terminator-gtk3, version
1.97~ppa3). - On latest Debian, install patch for middle click on Wayland (Terminator).
- See Terminator.
- See Gnome Terminator for tips.
- Set background to transparent 6% (through ~/.config/terminator/config)
- Set scrollback to infinite scrollback
- Custom geometry terminator --geometry=1220x720+100+100 (in application menu)
- Font Lucida Console, 9 (on nxl67002ux / nxl67063ux), or Bitstream Vera Sans Mono Roman 9 (on nxl67063 Cygwin-X).
- (not needed on trusty) Set
terminatoras default terminal for Ctrl-Alt-T [17]:
gsettings set org.gnome.desktop.default-applications.terminal exec 'terminator --geometry=1220x720+100+100'
- On Debian, with Gnome, add new shortcut for Ctrl-Alt-T:
dconf write '/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/binding' '<Primary><Alt>t'
dconf write '/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/command' '/usr/bin/terminator'
dconf write '/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/name' 'Terminal'
Truecrypt
Unpack and execute binary from file truecrypt-7.1a-linux-console-x64.tar.gz (console) or truecrypt-7.1a-linux-x64.tar.gz.
Thunderbird
See Thunderbird.
tmux
- Alternative to screen, but with support for multiple panes like terminator
Make sure that tmux is at least version 2.2. If not install it:
- Compile 2.2-3 package from yakkety. See Package Management for instruction.
- Compile from sources.
VirtualBox
sudo apt install virtualbox
- Debian Buster
- Mouse pad scrolling issue, and micro-freeze issues with vbox 6.04+ coming from distribution. As workaround we use Oracle (testing) packge (and ext-pack):
sudo apt remove virtualbox
sudo ./VirtualBox-6.0.5-129923-Linux_amd64.run
VMWare
See PipeWire for sharing audio (share the pipewire unix socket) with user vbox.
Seee VMWare for module compilation.
Wine
- Wine (wine) See Wine page
sudo dpkg --add-architecture i386
sudo apt update
sudo apt install wine wine32
XBMC
- see XBMC
Zathura
- Install
sudo apt install zathura
- If Zathura is not used for PDF files:
# when using 'see'
echo 'application/pdf; /usr/bin/zathura %s; test=test -n "$DISPLAY"' | tee -a ~/.mailcap
# when using 'xdg-open' or midnight commander:
# -- was "org.gnome.Evince.desktop"
xdg-mime default org.pwmt.zathura.desktop application/pdf
Configuration
- Install fonts
mkdir ~/.fonts
wget https://github.com/belluzj/fantasque-sans/releases/download/v1.7.1/FantasqueSansMono.tar.gz
tar xvzf FantasqueSansMono.tar.gz -C ~/.fonts/ --wildcards *.ttf
sudo fc-cache -fv
- Apply common settings (see below)
- Applications not from repositories:
- Panda glGo 1.4.1 (local page, does not work on Oneiric 64-bit)
- Install latest updates:
sudo apt dist-upgrade
- Use Shift+Click or Template:Right click to get the jump to click behaviour.
cat >> ~/.config/gtk-3.0/settings.ini <<__HERE__
[Settings]
gtk-primary-button-warps-slider=false
__HERE__
- Ubuntu 12.04
sudo vi /etc/default/apport # Disable apport by setting "enabled=0"
sudo etckeeper commit "disable apport"
Fonts
Antialiasing RGBA, Hinting Slight, Text scaling factor 1.00.
| Application | Font | Selected font |
|---|---|---|
| Terminator | Monospace font | Fantasque Sans Mono 9
|
| Gnome Terminal | Monospace font | Fantasque Sans Mono 9
|
| Unity (desktop) | Default font | Lucida Sans Regular 9
|
| Unity (desktop) | Document font | Lucida Sans Regular 10
|
| Unity (desktop) | Monospace font | Fantasque Sans Mono 10
|
| Unity (desktop) | Windows title font | Lucida Sans Unicode Bold 10
|
| Firefox | Sans-serif (latin) | Liberation Sans 16
|
| Firefox | Monospace (Latin) | Fantasque Sans Mono 16
|
For firefox, fonts are inspired from Mediawiki Vector skin -- typography refresh.
MIME
Use Chromium for SVG files:
# when using 'see'
echo 'image/svg+xml; /usr/bin/chromium %s; test=test -n "$DISPLAY"' | tee -a ~/.mailcap
echo 'image/svg+xml-compressed; /usr/bin/chromium %s; test=test -n "$DISPLAY"' | tee -a ~/.mailcap
# when using 'xdg-open' or midnight commander:
xdg-mime default chromium.desktop image/svg+xml
Safeweb
Create a custom user for safe browsing.
adduser --uid 1005 safeweb
- Add ~/reset.sh script to HOME:
cat > ~/reset.sh << "__END__"
#! /bin/bash
# Some safety check
[ -f $HOME/.resetable ] || { echo "$(basename "$0"): error: HOME is not resetable ('touch ~/.resetable' to fix) -- aborting!"; exit 1; }
[ "$HOME" = "$PWD" ] || { echo "$(basename "$0"): error: HOME and PWD are different ('cd' to fix) -- aborting!"; exit 1; }
# Armageddon !
find $HOME -maxdepth 1 \
! -name .bashrc \
! -name .profile \
! -name .inputrc \
! -name .bash_logout \
! -name reset.sh \
! -name .resetable \
! -path $HOME \
-print0 | xargs -0 rm -rf
__END__
chmod a+x ~/reset.sh
touch ~/.resetable
Debian
Add contrib non-free repositories to apt source [20].
Add sid release apt sources.
cat << EOF | sudo tee /etc/apt/sources.list.d/sid.list
# Unstable / Sid
deb http://ftp.debian.org/debian/ sid main contrib
deb-src http://ftp.debian.org/debian/ sid main contrib
EOF
cat << EOF | sudo tee /etc/apt/preferences.d/sid
Package: *
Pin: release a=unstable
Pin-Priority: 400
EOF
Install these packages
sudo apt install mlocate dnsmasq-base
sudo apt install libcanberra-gtk-module # Fix truecrypt warning
We install Firefox 56 and Thunderbird 52.8 to preserve some important add-ons. These packages and their dependencies are no longer available but they can still be downloaded on http://snapshot.debian.org/:
sudo dpkg -i firefox_56.0-2_amd64.deb \
libcurl3_7.52.1-5+deb9u9_amd64.deb \
libevent-2.0-5_2.0.21-stable-3_amd64.deb \
libhunspell-1.3-0_1.3.4-2_amd64.deb \
libhunspell-1.6-0_1.6.2-2_amd64.deb \
libvpx4_1.6.1-3+deb9u1_amd64.deb \
thunderbird_52.8.0-1~deb8u1_amd64.deb
sudo apt install -f
echo "firefox hold" | sudo dpkg --set-selections
echo "thunderbird hold" | sudo dpkg --set-selections
Nvidia
See Debian wiki. Mainly:
- Make sure the system is up-to-date (nvidia module will be compiled against kernel headers, which may fail if headers are no longer available).
sudo apt udpate
sudo apt dist-upgrade
- Run
nvidia-detect:
sudo apt install nvidia-detect
sudo nvidia-detect
# ...
# It is recommended to install the
# nvidia-legacy-340xx-driver
# package.
- Install the reported driver (eg. here
nvidia-legacy-340xx-driver)
sudo apt install linux-headers-$(uname -r|sed 's/[^-]*-[^-]*-//') nvidia-legacy-340xx-driver
- Run
nvidia-xconfigto create a new xorg.conf file (!! This fails on Optimus systems. See wiki !!).
sudo apt install nvidia-xconfig
sudo nvidia-xconfig
- Reboot
sudo reboot
- More issues
- Apparently driver
nouveaugets loaded as well. Let's blacklist it:
echo blacklist nouveau | sudo tee /etc/modprobe.d/blacklist-nouveau.conf
echo options nouveau modeset=0 | sudo tee -a /etc/modprobe.d/blacklist-nouveau.conf
- Boot error:
nvidia-persistenced[557]: Failed to open libnvidia-cfg.so.1: libnvidia-cfg.so.1: cannot open shared object file: No such file or directory.
- We uninstall some packages:
sudo apt remove nvidia-persistenced libnvidia-cfg1:amd64 libgl1-nvidia-tesla-440-glvnd-glx:amd64 libglx-nvidia-tesla-440-0:amd64 libnvidia-tesla-440-glcore:amd64 nvidia-tesla-440-alternative
Workaround
- Install custom udisks package, version 1.0.4-5ubuntu2.1fuu1, to fix unreadable DVD-RW. See udisks, or bug 635499).
sudo dpkg -i udisks_1.0.4-5ubuntu2.1fuu1_amd64.deb
- Add the following to ~/.bash_profile and ~/.profile to Meta-key (Alt) not working and Midnight Commander displays
Press any key...after each command when in tmux session [21]:
# This fix meta-key support and stop mc displaying "Press any key..." in tmux session
if [ $TERM = "screen" ]; then
export TERM=xterm
fi
if [ -n "$TMUX" ]; then
export COLORTERM=rxvt
fi
- Had some issues around fcitx packages being held when upgrading from Debian Bullseye to testing (Bookworm). So I uninstalled the full package suite, also because I fear this package may interfere with editors.
sudo apt autoremove --purge fcitx fcitx-modules fcitx-config-common libfcitx5utils2
Restore / keep from previous PC
Here a list of items to restore from previous PC.
- /home directory.
- The easiest is to transfer with
tar
- The easiest is to transfer with
# This requires the following line in /etc/sudoers on mypc.local:
# Defaults !tty_tickets
#
MYPC=mypc
MYUSER=user
stty -echo; ssh -t $MYUSER@$MYPC.local sudo -v; stty echo
sudo mkdir /home/$MYPC
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system home)" | sudo tar xvCf /home/$MYPC -
- /root directory
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system root)" | sudo tar xvCf /home/$MYPC -
- /usr/local directory
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system usr/local)" | sudo tar xvCf /home/$MYPC -
- /etc directory
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system etc)" | sudo tar xvCf /home/$MYPC -
- In particular:
- Restore files from /etc/sudoers.d.
- Restore gufw profile from /etc/gufw/Home.profile.
- /opt directory
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system opt)" | sudo tar xvCf /home/$MYPC -
- /var directory, but excluding /var/cache and /var/log
ssh $MYUSER@$MYPC.local "(cd /; sudo tar cf - --one-file-system --exclude=cache --exclude=log var)" | sudo tar xvCf /home/$MYPC -
- Alternatively, data to backup from /var
- MySQL database
- Docker images
- crontabs (from /var/spool/cron/crontabs or for each user using
crontab -l). - mail (/var/mail.
- Configuration:
# List of packages
sudo dpkg -l > dpkg-l-$HOSTNAME-$(date +"%Y%m%d%H%M%S").txt
apt-mark showmanual > apt-mark-showmanual-$HOSTNAME-$(date +"%Y%m%d%H%M%S").txt
The pit (things to tidy up)
Miscellaneous
- Optional - Fix flash issue
# Optional - Fix blue video in flash (see below for details)
sudo mkdir /etc/adobe
echo -e "EnableLinuxHWVideoDecode=1\nOverrideGPUValidation=true" | sudo tee /etc/adobe/mms.cfg > /dev/null
sudo etckeeper commit "Fix blue video bug in adobe flashplayer"
- Install packages - optional
# Optional applications
sudo apt install gnugo qgo uligo cgoban quarry pgpgpg powertop
Synapse
# On Debian Buster / Bullseye
sudo apt install synapse
# Alternative / Ubuntu
# sudo add-apt-repository ppa:synapse-core/ppa
# sudo apt-get update && sudo apt-get install synapse
- Start synapse → Preferences → click Startup on login
- If Synapse does not show up on keypress, there is maybe a racing condition. We fix by delaying start by 3s.
sudo vi /usr/local/bin/synapse-delayed # Content as below
# #! /bin/bash
# sleep 3 && exec synapse --startup &
sudo chmod 755 /usr/local/bin/synapse-delayed
sed -r 's/^Exec.*/Exec=/usr/local/bin/synapse-delayed' ~/.config/autostart/synapse.desktop
- It may also requires to define a custom shortcut in Gnome. Still in preferences, set Activate shortcut to Ctrl-Alt-Space
Opera
sudo apt install opera
See Opera to fix apt key issues.
Users
sudo useradd -s /bin/bash -m -u 1100 marie
sudo useradd -s /bin/bash -m -u 1200 isma
sudo useradd -s /bin/bash -m -u 1300 emma
sudo passwd marie
sudo passwd isma
sudo passwd emma
Flash
- Flash Plugin 10 (flashplugin-installer)||
- Enable Ubuntu partner repository if needed(deb http://archive.canonical.com/ubuntu lucid partner).
- In case of error
failure to download extra data files flashplugin-installer, try
sudo apt-get --reinstall install flashplugin-installer
(Old recipe:
sudo aptitude autoremove "flashplugin-*"
sudo aptitude install flashplugin-installer
)
- broken— This is too unstable, see next solution — On Ubuntu 12.04 with NVidia card, there is a bug Flash video appears blue. That link recommends to update libvdpau1, but in my case it was already at the latest version. Instead the following did the trick (from bug 968647):
sudo mkdir /etc/adobe
echo -e "EnableLinuxHWVideoDecode=1\nOverrideGPUValidation=true" | sudo tee /etc/adobe/mms.cfg > /dev/null
- Another solution is to disable hardware acceleration, by going into flash player settings. If the settings window is not clickable, first disable unity 3D (for instance with
metacity --replace&)
Quicktime
- Quicktime plugin (gnome-mplayer gecko-mediaplayer)||To play Quicktime content in Opera, Firefox
- libdvdcss2||Installed via
sudo /usr/share/doc/libdvdread4/install-css.sh(see also [22])
Ubuntu tweak
- Ubuntu tweak
sudo apt install ubuntu-tweak
- see Ubuntu Tweak
Medibuntu application center (app-install-data-medibuntu)||
- No longer available on u1404 Trusty Tahr
- This install medibuntu apps in Ubuntu Application Center
- Unity tweak tool
sudo apt install unity-tweak-tool
- Don't show desktop in switcher
- top right hot corner: Spread all windows
gdmap
sudo apt install gdmap # Graphical Disk Map - broken? using baobab instead
Miscellaneous
- Disable apport. Set
enabled=0in /etc/default/apport
- Edit AppArmor tunables. If home directories are not located at /home (e.g. /data/home), edit apparmor tunables. See here for details.
- Configure the console:
dpkg-reconfigure console-setup
# utf-8 / latin1+latin5 / Terminus / 16
Network
- Samba / NFS client: Via autofs