abarbarian Posted May 11, 2022 Author Posted May 11, 2022 On 5/10/2022 at 12:09 AM, securitybreach said: Do you honestly want gnome-keyring to unlock automatically as that sounds like a security risk? It looks like you can autologin into gnome-keyring though: https://bbs.archlinux.org/viewtopic.php?id=249486 I want Surfshark to automatically start when I boot the pc. Things have improved somewhat. when I boot up now, I get the popup asking for the "default password" after entering this Surfshark opens and with just one click it now connects me to the server of my choice. Now if only I can get rid of that "default keyring " popup on boot. From my reading I think it can be done if you use a login manager but I use startx. So far I have not been able to make sense of the information I have found on the net. Do we have any Gnomies here who could throw some light on the problem ?? Quote
securitybreach Posted May 11, 2022 Posted May 11, 2022 You could just disable the gnome-keyring altogether https://wiki.archlinux.org/title/GNOME/Keyring Quote
abarbarian Posted May 18, 2022 Author Posted May 18, 2022 On 5/11/2022 at 11:29 AM, securitybreach said: You could just disable the gnome-keyring altogether https://wiki.archlinux.org/title/GNOME/Keyring Ta. I'll have to look into this after me holls. 1 Quote
abarbarian Posted February 20, 2023 Author Posted February 20, 2023 (edited) On 9/10/2017 at 3:25 PM, securitybreach said: I do use a hook to automatically take care of mirrorlist.pacnew files though. /etc/pacman.d/hooks/mirrorlist.hook [Trigger] Type = Package Operation = Install Operation = Upgrade Target = pacman-mirrorlist [Action] Description = Updating mirrorlist... When = PostTransaction Exec = /usr/bin/env sh -c "reflector --country 'United States' --latest 50 --age 24 --sort rate --save /etc/pacman.d/mirrorlist; if [[ -f /etc/pacman.d/mirrorlist.pacnew ]]; then rm /etc/pacman.d/mirrorlist.pacnew; fi" This basically uses reflector to grab the latest 50 mirrors for the USA and sort them by speed. Then it removes the /etc/pacman.d/mirrorlist.pacnew file. Just caught up with this part of me Arch maintenance. If you are using REFLECTOR then you do not need a pacman hook. As you can just do in /etc/pacman.conf. NoExtract = etc/pacman.d/mirrorlist All of the tweaking for reflector is done through /etc/xdg/reflector/reflector.conf.Mine is, Quote --save /etc/pacman.d/mirrorlist --country GB,EE,FI,LV,LT --protocol https --latest 10 --sort age 24 --fastest 10 If you make changes to the reflector.conf then you may wish to refresh the mirrorlist ahead of schedule so use, systemctl start reflector.service To check that the timer is set correctly run, systemctl list-timers Thu 2023-02-23 12:04:00 GMT 3 days left Thu 2023-02-02 15:51:21 GMT 2 weeks 3 days ago archlinux-keyring-wkd-sync.timer archlinux-keyring-wkd- Mon 2023-02-27 01:20:33 GMT 6 days left Mon 2023-02-20 10:45:10 GMT 36min ago fstrim.timer fstrim.service Mon 2023-02-27 02:32:46 GMT 6 days left Mon 2023-02-20 10:44:34 GMT 36min ago reflector.timer reflector.service Edited February 20, 2023 by abarbarian 1 Quote
securitybreach Posted February 20, 2023 Posted February 20, 2023 2 minutes ago, abarbarian said: Just caught up with this part of me Arch maintenance. If you are using REFLECTOR then you do not need a pacman hook. As you can just do in /etc/pacman.conf. Well things change in 6 years... Quote
abarbarian Posted February 20, 2023 Author Posted February 20, 2023 (edited) Easily Convert Images to WebP on Linux and macOS Quote WebP is a modern, open source, image format that provides superior lossless and lossy compression ( as well as animation and alpha transparency ) for images on the web. There are a lot of online tools that will allow you to convert your images but, why upload your images on a random server when you can easily convert them right on your computer? If you capture pictures from the net for your own use or for posting in say forums then this new WebP format is a right pain as some forums will not accept the format for posts. As the article states you can use on-line methods but it may be quicker or easier to convert on your own pc. You may of course want to convert from JPG/PNG etc to WebP. Using cwebp/dwebp to Convert Images Quote Use cwebp on the command line to convert PNG or JPEG image files to WebP format. cwebp image.png -o image.webp Quote Use dwebp on the command line to convert WebP image files to the PNG or PPM format. You can convert a WebP image file, say image.webp to a PNG image with the command: dwebp image.webp -o image.png You may need libwebp which was already installed on my Arch as it needed by several other programs. https://archlinux.org/packages/extra/x86_64/libwebp/ I found that converting WebP was a right old pain till I found this neat little cli tip. Edited February 20, 2023 by abarbarian Quote
abarbarian Posted February 20, 2023 Author Posted February 20, 2023 23 minutes ago, securitybreach said: Well things change in 6 years... Gosh has it taken me that long to carry out some basic maintenance 1 Quote
abarbarian Posted June 19, 2023 Author Posted June 19, 2023 (edited) kernel-modules-hook https://github.com/saber-nyan/kernel-modules-hook Quote Tired of missing modules when updating the kernel? Annoyed by modprobe: FATAL: Module smth not found in directory /lib/modules/new-kernel? Losing uptime after reboots due to kernel update? After doing an update that has a new kernel some programs will not work unless you do a reboot. This little program may be just what you are looking for. It was in the AUR but is now in the EXTRA repo. I could not find out a great deal about it on the net apart from some out of date information and some fud. As it is now in the EXTRA repo I do not anticipate any problems running it. Have just installed it and will post back if I have any problems. Edited June 19, 2023 by abarbarian 1 Quote
securitybreach Posted June 20, 2023 Posted June 20, 2023 I seen that the other day and went to mention it but like you said, no real details about it on the net. Quote
abarbarian Posted June 20, 2023 Author Posted June 20, 2023 46 minutes ago, securitybreach said: I seen that the other day and went to mention it but like you said, no real details about it on the net. Well I have installed it but there has been no kernel update so I can not say how it performs. If it works ok then it will be a neat addition. 1 Quote
securitybreach Posted June 20, 2023 Posted June 20, 2023 Well usually I will just wait until something stops working until I do the reboot after a kernel update. Like how earlier the usb ports stopped working until I rebooted but it usually takes a day or so before it goes wonky. Quote
securitybreach Posted June 20, 2023 Posted June 20, 2023 There has always been things like Ksplice but that is mostly only used for servers. 1 Quote
securitybreach Posted June 20, 2023 Posted June 20, 2023 Ksplice is an open-source extension of the Linux kernel that allows security patches to be applied to a running kernel without the need for reboots, avoiding downtimes and improving availability. Ksplice supports only the patches that do not make significant semantic changes to kernel's data structures. https://en.wikipedia.org/wiki/Ksplice 1 Quote
abarbarian Posted June 21, 2023 Author Posted June 21, 2023 10 hours ago, securitybreach said: Well usually I will just wait until something stops working until I do the reboot after a kernel update. Same here but having a program not work until a reboot can be annoying. Not such a big deal with faster boot up times but it was a real pain back when. 10 hours ago, securitybreach said: There has always been things like Ksplice but that is mostly only used for servers. Too techy for this old grey cell. 1 Quote
abarbarian Posted June 25, 2023 Author Posted June 25, 2023 Kernel-modules --- UPDATE It seems that the above is working as I had a kernel update. Here is the output after updating. (28/32) upgrading linux [----------------------] 100% (29/32) upgrading linux-headers [----------------------] 100% (30/32) upgrading nvidia [----------------------] 100% (31/32) upgrading python-zeroconf [----------------------] 100% (32/32) upgrading yt-dlp [----------------------] 100% :: Running post-transaction hooks... ( 1/15) Restoring Linux kernel modules... ++ uname -r + KVER=6.3.8-arch1-1 + test -e /usr/lib/modules/backup/6.3.8-arch1-1 + rsync -AHXal --ignore-existing /usr/lib/modules/backup/6.3.8-arch1-1 /usr/lib/modules/ + rm -rf /usr/lib/modules/backup ( 2/15) Creating system user accounts... ( 3/15) Reloading system manager configuration... ( 4/15) Reloading device manager configuration... ( 5/15) Arming ConditionNeedsUpdate... ( 6/15) Updating module dependencies... ( 7/15) Install DKMS modules ==> dkms install --no-depmod v4l2loopback/0.12.7 -k 6.3.9-arch1-1 ==> depmod 6.3.9-arch1-1 ( 8/15) Updating linux initcpios... ==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'default' Quote
abarbarian Posted June 25, 2023 Author Posted June 25, 2023 Keeping a list of all explicitly installed packages can be useful to backup a system or quicken the installation of a new one: https://wiki.archlinux.org/title/Pacman/Tips_and_tricks#List_of_installed_packages I followed the wiki and did this for my install To keep an up-to-date list of explicitly installed packages (e.g. in combination with a versioned /etc/), you can set up a hook. 2023 Arch packages [Trigger] Operation = Install Operation = Remove Type = Package Target = * [Action] When = PostTransaction Exec = /bin/sh -c '/usr/bin/pacman -Qqen > /etc/pacman.d/hooks/pkglist.txt' --asdeps for Arch packages [Trigger] Operation = Install Operation = Remove Type = Package Target = * [Action] When = PostTransaction Exec = /bin/sh -c '/usr/bin/comm -13 <(pacman -Qqdt | sort) <(pacman -Qqdtt | sort) > /etc/pacman.d/hooks/optdeplist.txt' Foreign packages [Trigger] Operation = Install Operation = Remove Type = Package Target = * [Action] When = PostTransaction Exec = /bin/sh -c '/usr/bin/pacman -Qqem > /etc/pacman.d/hooks/foreignpkglist.txt' 1 Quote
securitybreach Posted June 25, 2023 Posted June 25, 2023 Neat but I just use these to get a list of all packages (native + aur) and install on new machine pacman -Q | awk '{print $1}' > pkg.list Then to reinstall after installing paru, I run this to reinstall everything: cat pkg.list | xargs paru -S --needed --noconfirm Also, make sure to capture your /etc/ and $HOME configs Having a pacman hook is neat but how often do people reinstall? Quote
securitybreach Posted June 25, 2023 Posted June 25, 2023 I keep my list on github under my config folder Quote
abarbarian Posted June 25, 2023 Author Posted June 25, 2023 9 minutes ago, securitybreach said: Neat but I just use these to get a list of all packages (native + aur) and install on new machine pacman -Q | awk '{print $1}' > pkg.list Then to reinstall after installing paru, I run this to reinstall everything: cat pkg.list | xargs paru -S --needed --noconfirm Also, make sure to capture your /etc/ and $HOME configs Having a pacman hook is neat but how often do people reinstall? That looks neat. As to how often folk reinstall. Depends on the user I guess and how much they know and how much they fiddle. They say Nero was an Arch user. 1 Quote
abarbarian Posted March 7 Author Posted March 7 (edited) Came across this very neat site the other day. It gives detailed information on both Arch official packages and AUR packages. Explore Arch Versions - Your Ultimate Guide Searching for the " refind " package in the official section we get, Quote 3. Information about the refind package on Arch Linux Repository : extra Name : refind Version : 0.14.0.2-2 Description : An EFI boot manager Architecture : x86_64 URL : https://www.rodsbooks.com/refind/ Licenses : BSD-2-Clause CC-BY-SA-3.0 CC-BY-SA-4.0 GPL-2.0-only GPL-2.0-or-later GPL-3.0-or-later LGPL-2.1-or-later LGPL-3.0-or-later OR CC-BY-SA-3.0 Groups : None Provides : None Depends On : bash dosfstools efibootmgr Optional Deps : gptfdisk: for finding non-vfat ESP with refind-install imagemagick: for refind-mkfont openssl: for generating local certificates with refind-install python: for refind-mkdefault refind-docs: for HTML documentation sbsigntools: for EFI binary signing with refind-install sudo: for privilege elevation in refind-install and refind-mkdefault Conflicts With : None Replaces : None Download Size : 986.76 KiB Installed Size : 1979.74 KiB Packager : David Runge Build Date : Sun Nov 26 20:04:41 2023 Validated By : MD5 Sum SHA-256 Sum Signature@archlinux.org> You also get details of how to install and uninstall the program with " pacman ". One note of caution here though they give, Quote 2. Uninstall "refind" package Please follow the steps below to uninstall refind on Arch Linux: $ sudo pacman -Rcns refind Using the " c " option in the pacman command above can make you system unusable. Find details on this in the Arch Wiki and make your own mind up as to using it or not. Quote # pacman -Rsc package_name To remove a package, which is required by another package, without removing the dependent package: Warning: The following operation can break a system and should be avoided. See System maintenance#Avoid certain pacman commands. Searching for Window Maker in the AUR section we get, windowmaker-extra and three different windowmaker's, windowmaker-crm-git windowmaker-git windowmaker On the windowmaker page you get instructions, Install "windowmaker" effortlessly via AUR with the help of a helper(YAY) and Manually Install "windowmaker" via AUR Which is useful for new users of Arch, though I prefer a different AUR helper. Interesting to see that the uninstall hint does not have the "c " option. Quote (Optional) Uninstall windowmaker on Arch using YAY $ yay -Rns windowmaker So which windowmaker would you use ? Well windowmaker is the one to use as the other two are no longer maintained currently. From the information given at this site it is hard to tell as the dates given in the information section are a tad strange. Quote 3. Information about the windowmaker package on Arch User Repository (AUR) ID: 1390358 Name: windowmaker PackageBaseID: 128929 PackageBase: windowmaker Version: 0.96.0-1 Description: An X11 window manager with a NEXTSTEP look and feel URL: http://www.windowmaker.org/ NumVotes: 22 Popularity: 0.089027 OutOfDate: Maintainer: bidulock Submitter: Barthalion FirstSubmitted: 1515341746 LastModified: 1705904112 URLPath: /cgit/aur.git/snapshot/windowmaker.tar.gz You can only find out the current state of the program by going to the AUR itself and looking up the programs. The date mix up is strange as on the AUR page the date is set correctly in a normal readable fashion. All in all this is a neat site. The site also does the same thing for all the main distros. Edited March 7 by abarbarian 1 Quote
securitybreach Posted March 7 Posted March 7 Neat but you really should be using pacman -Rns for removing packages. Quote
securitybreach Posted March 7 Posted March 7 Quote Pacman saves important configuration files when removing certain applications and names them with the extension: .pacsave. To prevent the creation of these backup files use the -n option: # pacman -Rn package_name Quote
abarbarian Posted March 7 Author Posted March 7 53 minutes ago, securitybreach said: Neat but you really should be using pacman -Rns for removing packages. Yeah that is why I included the advisory below. 58 minutes ago, abarbarian said: You also get details of how to install and uninstall the program with " pacman ". One note of caution here though they give, Quote 2. Uninstall "refind" package Please follow the steps below to uninstall refind on Arch Linux: $ sudo pacman -Rcns refind Using the " c " option in the pacman command above can make you system unusable. Find details on this in the Arch Wiki and make your own mind up as to using it or not. Quote # pacman -Rsc package_name To remove a package, which is required by another package, without removing the dependent package: Warning: The following operation can break a system and should be avoided. See System maintenance#Avoid certain pacman commands. 1 Quote
abarbarian Posted March 17 Author Posted March 17 Fstrim for ssd and nvme drives As part of me new install of Arch I looked into using fstrim as the discard (continuous trim) option in fstab is not recommended for the above drives. Quote By enabling the existing fstrim.timer systemd unit file by default, will cause weekly execution of the fstrim.service. This service acts only on mounted filesystems listed in fstab. On supported hardware (e.g. most SD Card, SSD, and NVMe drives), LVM thin provisioned storage, and file systems (e.g. ext4, XFS, Btrfs, f2fs, VFAT), fstrim will inform underlying physical storage device's firmware about unused blocks. This hinting can make wear leveling and block erasure more efficient. The timer will execute Monday at 00:00 local time. If the system is inactive at this time, it will be run immediately upon becoming active again (upon wake from suspend, during or very soon after boot). Quote Periodic TRIM The util-linux package provides fstrim.service and fstrim.timer systemd unit files. Enabling the timer will activate the service weekly. The service executes fstrim(8) on all mounted filesystems listed in fstab on devices that support the discard operation. The timer relies on the timestamp of /var/lib/systemd/timers/stamp-fstrim.timer (which it will create upon first invocation) to know whether a week has elapsed since it last ran. Therefore there is no need to worry about too frequent invocations, in an anacron-like fashion. Useful commands sudo systemctl enable fstrim.timer sudo systemctl list-timers sudo systemctl status fstrim.timer sudo systemctl disable fstrim.timer I also came across this tip, https://fedoraproject.org/wiki/Changes/EnableFSTrimTimer Quote Advanced customizations: Like any systemd unit customization, the user shouldn't directly modify /usr units. Example: sudo systemctl edit fstrim.service and insert a modified ExecStart line using --all instead of --fstab, which then creates /etc/systemd/system/fstrim.service.d containing override.conf; reboot or systemctl daemon-reload; and now fstrim is applied to all mounted file systems. For more information see: https://www.freedesktop.org/software/systemd/man/systemctl.html https://www.freedesktop.org/software/systemd/man/systemd.unit.html This is what I did Quote Advanced customizations: ---2024-AMD-ARCH Like any systemd unit customization, the user shouldn't directly modify /usr units. Example: sudo systemctl edit fstrim.service and insert a modified ExecStart line using --all instead of --fstab [Service] ExecStart= ExecStart=/usr/bin/fstrim --all which then creates /etc/systemd/system/fstrim.service.d containing override.conf reboot or systemctl daemon-reload and now fstrim is applied to all mounted file systems. The red highlight is the modified entry for the file. Not sure if I needed the empty EXEC= line but am almost sure you need the [Service] addition. I wonder if anyone can confirm that everything is correct for me ? Quote
sunrat Posted March 17 Posted March 17 29 minutes ago, abarbarian said: The red highlight is the modified entry for the file. Not sure if I needed the empty EXEC= line but am almost sure you need the [Service] addition. I wonder if anyone can confirm that everything is correct for me ? Sounds like it should work. Here's the default Debian fstrim.service file, a bit different (doesn't Arch have a default one?). [Unit] Description=Discard unused blocks on filesystems from /etc/fstab Documentation=man:fstrim(8) ConditionVirtualization=!container [Service] Type=oneshot ExecStart=/sbin/fstrim --listed-in /etc/fstab:/proc/self/mountinfo --verbose --quiet-unsupported PrivateDevices=no PrivateNetwork=yes PrivateUsers=no ProtectKernelTunables=yes ProtectKernelModules=yes ProtectControlGroups=yes MemoryDenyWriteExecute=yes SystemCallFilter=@default @file-system @basic-io @system-service Works fine here. Quote
securitybreach Posted March 17 Posted March 17 3 hours ago, abarbarian said: Fstrim for ssd and nvme drives As part of me new install of Arch I looked into using fstrim as the discard (continuous trim) option in fstab is not recommended for the above drives. Useful commands sudo systemctl enable fstrim.timer sudo systemctl list-timers sudo systemctl status fstrim.timer sudo systemctl disable fstrim.timer I also came across this tip, https://fedoraproject.org/wiki/Changes/EnableFSTrimTimer This is what I did The red highlight is the modified entry for the file. Not sure if I needed the empty EXEC= line but am almost sure you need the [Service] addition. I wonder if anyone can confirm that everything is correct for me ? Yup Trim is only intended for SSDs. Quote
securitybreach Posted March 17 Posted March 17 I use this instead of FTRIM on my SSDs: Quote Using the discard option for a mount in /etc/fstab enables continuous TRIM in device operations: /dev/sda1 / ext4 defaults,discard 0 1 https://wiki.archlinux.org/title/Solid_state_drive#Continuous_TRIM Quote
abarbarian Posted March 17 Author Posted March 17 1 hour ago, securitybreach said: I use this instead of FTRIM on my SSDs: https://wiki.archlinux.org/title/Solid_state_drive#Continuous_TRIM Reason I decided to use fstrim and not discard is due to the note at the start of the wiki page. Quote Note: If you want to use TRIM, use either periodic TRIM or continuous TRIM. Continuous TRIM is not the most preferred way to issue TRIM commands among the Linux community. For example, Ubuntu enables periodic TRIM by default [2], Debian does not recommend using continuous TRIM and Red Hat recommends using periodic TRIM over using continuous TRIM if feasible [3]. It was advice or information on the last part of my post that I was interested in. Quote
abarbarian Posted March 17 Author Posted March 17 5 hours ago, sunrat said: Sounds like it should work. Here's the default Debian fstrim.service file, a bit different (doesn't Arch have a default one?). Yup the Arch one looks just like yours. Quote
securitybreach Posted March 17 Posted March 17 It runs this executable: Quote [Unit] Description=Discard unused blocks on filesystems from /etc/fstab Documentation=man:fstrim(8) ConditionVirtualization=!container [Service] Type=oneshot ExecStart=/usr/bin/fstrim --listed-in /etc/fstab:/proc/self/mountinfo --verbose --quiet-unsupported PrivateDevices=no PrivateNetwork=yes PrivateUsers=no ProtectKernelTunables=yes ProtectKernelModules=yes ProtectControlGroups=yes MemoryDenyWriteExecute=yes SystemCallFilter=@default @file-system @basic-io @system-service I've been using this for many years now. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.