Linux

EDIT: This has been solved!! This link has the full post, but basically you need to ensure SELinux flags are set for every file, and this won't happen to new files added. I have appended the SELinux option as a context entry to my fstab and now every file shows!

So right off the bat, I understand that NFS is dependent on UID matching. What I can't find is a guide to setting this up that isn't either:

1. Make all nfs media accessible by all, or
2. Use advanced permissions that seem(?) reliant on professional server authentication that I can't wrap my head around ~~(I guess I need to take some Linux classes?)~~ I would happily work with anyone willing to help me understand how to make this work though.

As for Samba: Well it seemed like I had everything set up well enough. I can login with each of the three users just fine. All files and folders have 02777 permissions with correct ownership. This was set after initially using just 777, and a troubleshooting answer on a Stack Exchange-like site advised 02777. However, files that I added shortly after setting up Samba and getting it running are simply not showing in client systems. And crucially, this is even the case on machines that logged in the first time after the file changes, ruling out the potential for bad client-side caching. Is there a server-side caching I'm not aware of?

I can run chmod -R 02777 * all day til the cows come home for the entire drive that's being shared (under /mnt/4tb, yes this is related to my previous thread on reddit r/linuxadmin). But no matter how I run it alongside restarting samba (sudo systemctl restart smb), it still won't show those newer files. Testparm succeeds, no errors in the config. FWIW, I printed the config below

[global]
	workgroup = SAMBA
	security = user
    unix extensions = no
    server string = Ravens Hoard
	passdb backend = tdbsam
    inherit permissions = yes
	printing = cups
	printcap name = cups
	load printers = yes
	cups options = raw

	# Install samba-usershares package for support
	include = /etc/samba/usershares.conf

[gen-media]
    comment = General Media Repository
    path = /mnt/4tb/general
    writeable = yes
    browseable = yes
    public = no
    create mask = 0644
    directory mask = 0755
    valid users = user4, user2, user1
    force user = user4

[intake]
    comment = Intake Directory
    path = /mnt/4tb/intake
    read only = no
    writeable = yes
    browseable = yes
    public = no
    create mask = 0644
    directory mask = 0755
    valid users = user1

[user1]
    comment = Share for user1
    path = /mnt/4tb/user1
    read only = no
    writeable = yes
    browseable = yes
    public = no
    create mask = 0664
    force create mode = 0664
    directory mask = 02755
    force directory mode = 02755
    valid users = user1

[user2]
    comment = Share for user2
    path = /mnt/4tb/user2
    read only = no
    writeable = yes
    browseable = yes
    public = no
    create mask = 0644
    directory mask = 0755
    valid users = user2

[user3]
    Comment = Share for user3
    path = /mnt/4tb/user3
    read only = no
    writeable = yes
    browseable = yes
    public = no
    create mask = 0644
    directory mask = 0755
    valid users = user1, user3
    force user = user3

Lastly in my explorations on file sharing, is SFTP/SSH-based file sharing. But with this, I don't know of a way for Windows clients to mount the share transparently. Is this possible? Or would the Windows client be stuck with using 3rd party software like WinSCP?

FWIW, The idea of this is that the shares can be read and written to by Android through Solid Explorer, Android TV using Kodi, and Windows 10. It would have 3 users and 4 shares, as can be seen in the samba config. Any help towards getting one of these methods working for this purpose would be very much appreciated.

I just learned:

https://github.com/ogham/exa the ls replacement has been replaced by https://github.com/eza-community/eza

the exa repo says:

exa is unmaintained, use the fork eza instead.
(This repository isn’t archived because the only person with the rights to do so is unreachable).

I didn't read it all, but for the curious, looks like the story is here: [Question] Is this project still being actively maintained? · Issue #1139 · ogham/exa

hope everyone involved is OK, on to other projects

I just learned:

https://github.com/ogham/exa the ls replacement has been replaced by https://github.com/eza-community/eza

the exa repo says:

exa is unmaintained, use the fork eza instead.
(This repository isn’t archived because the only person with the rights to do so is unreachable).

I didn't read it all, but for the curious, looks like the story is here: [Question] Is this project still being actively maintained? · Issue #1139 · ogham/exa

hope everyone involved is OK, on to other projects

turning on/off in an infinity loop.anyone else facing it?

Here's one major change coming down the road: Long-term support (LTS) for Linux kernels is being reduced from six to two years.

Currently, there are six LTS Linux kernels -- 6.1, 5.15, 5.10, 5.4, 4.19, and 4.14. Under the process to date, 4.14 would roll off in January 2024, and another kernel would be added. Going forward, though, when the 4.14 kernel and the next two drop off, they won't be replaced.

Why? Simple, Corbet explained: "There's really no point to maintaining it for that long because people are not using them." I agree. While I'm sure someone out there is still running 4.14 in a production Linux system, there can't be many of them.

Another reason, and a far bigger problem than simply maintaining LTS, according to Corbet, is that Linux code maintainers are burning out. It's not that developers are a problem. The last few Linux releases have involved an average of more than 2,000 programmers -- including about 200 new developers coming on board -- working on each release. However, the maintainers -- the people who check the code to see if it fits and works properly -- are another matter.

Hours after posting a large patch series for enabling the Nouveau kernel driver to use NVIDIA's GSP for improving the support for RTX 20/30 series hardware and finally enabling accelerated graphics support on RTX 40 'Ada Lovelace' GPUs, the Red Hat maintainer has resigned from his duties.

Brian Exelbierd, RHEL Business Strategist at Red Hat, talks about Fedora's relationship with Red Hat and the terms of their sponsorship.📢 Check out all the ...

Will it be Slowroll or Linarite -- or nothing at all? Programmers are conflicted about where the venerable Linux distro should go from here.

I have a few IP cameras that I want to check sometimes. Is there an app like the Android app tinyCam PRO? I know you an open a specific camera using VLC, but I want to be able to open several cameras at once in a grid. I don't care about recording.

It seems like ZoneMinder is close, but it needs the whole LAMP stack? I just want a singular app.

I lost 2-3 hdd's due to old age and lost all data on them. Some other 2-3 hdd's make a lot of noise while in operation and probably failing. I use VVV to catalog the stuff and to see which files have 2-3 copies, i need to manually search each file name. It's really tedious. I was wondering if there is another program that does this automatically. I let it scan the hdd's and it makes catalogs of each hdd and tells me which files don't have duplicates when i press a button. I have like 18 hdds ranging from 500GB to 4TB full of data so manually searching is too much work now.

It is now being reported that the highly anticipated "ray-tracing" revamp made in RADV "Radeon Vulkan" drivers previously has been finally merged for "monolithic pipelines", taking RT performance on AMD Radeon GPUs to a whole new level.

AMD's developments on Linux have reached an all-time high, with improvements being made all across the board. Not only is the company focused on providing early next-gen support, but existing products have also witnessed significant advancements. A prime example of this is the recent patches implemented on open-source Mesa RADV Vulkan drivers, which brought in uplifted ray-tracing performance on the platform.

Phoronix discloses that the merge request has been pending for 5 months now, initially uploaded by the open-source developer Konstantin Seurer. While we haven't seen a graphical representation of the performance gains, Seurer has revealed some figures after the driver update, which shows almost a 20% uplift in titles such as Quake II and DOOM Eternal.

Quake II RTX:

Before: 81fps
After: 98fps

Control:

Before: 66fps
After: 69fps

DOOM Eternal:

Before: 127fps
After: 130fps

GitHub via Phoronix

Windows is better than Linux

Because I can attend/Linux Google Meet with Bluetooth Headphone over a 2.4Ghz WiFi, on Linux I can't. It cuts down internet speed by 95% or even compleltly

I've been using Linux approx 2 yrs for Web Development. I really like it. The OS is superb. I can't ever go back to Windows for development. After a lot of googling, searching, trying I came to the conclusion that both Wifi & Bluetooth use 2.4 Ghz. That's the problem

Windows is better for reliability because the same Bluetooth headphone works fine over the same 2.4 Ghz wifi on the same laptop with Windows dual boot.

I even tried multiple distros: Ubuntu 22.04, PoP Os, Fedora, OPen Suse TW
Laptop: Acer Extensa 15
Headphone: Realme Buds Wireless 3

#linux

Hi, sorry if this isn't the right place for this question. I've been using Linux Mint Cinnamon for about 9 months now and have also been experimenting with an Ubuntu GNOME Wayland session for the past month or so. I don't really like distro-hopping, but using X11 isn't cutting it for me. After giving GNOME an honest shot, I don't think it's for me. However, Wayland has been stellar. I would prefer to keep using LM Cinnamon, but I have a dual monitor setup that use different refresh rates which has been causing issues.

I'm interested in Arch, but I'm slightly concerned about the frequent comments regarding things breaking during updates. Also, is maintaining an Arch install heavy on time consumption? I'm not opposed to reading the wiki and spending time here and there to keep things working. However, I'm a bit hesitant if I were to run into an issue that may be more complicated than I may be prepared for. That said, generally I do like the higher skill ceiling options, if that makes sense in this context.

Tumbleweed seems more beginner friendly from what I've read so far. While I do generally enjoy challenges, having a smoother day-to-day experience does certainly have it's own appeal.

I would primarily be doing some gaming (this would be a mix of more recent AAA titles along with less demanding ones) and programming, along with the usual stuff you'd expect on a desktop setup. I have a Ryzen 5 3600 processor, an AMD 6650 XT GPU, and 16 gb RAM if that information helps. Thanks in advance; if this isn't the right place, I'll delete the post.

Update: I have installed EndeavourOS and things have been smooth so far. The installer was very straightforward, and setup was extremely quick. I have started reinstalling various programs which were part of my original workflow with very minimal issues. The issues primarily came from adjusting to pacman syntax. I also have a series of notes regarding what I have installed and how. Cheers, and thanks for your input, everyone. I will be sticking with Gnome for the time being.

I accidentally found out that mpv can play videos from the TTY, meaning I don't have to log in to a graphical session. It even has a scaled OSD, unlike anything I've seen in a terminal UI.

Obviously there are plenty of terminal applications that work in a TTY, (edit) intext-mode or using ncurses (/edit), but are there any others like mpv that aren't strictly terminal apps but don't require a display server (maybe because they do the job themselves)?

The Bohdi Linux team has made good on the commitment to improve user experience and performance.

Hey :) I want to play one audio source on the right ear of my headphones und one audio source on the left ear. Does somebody knows an application that can do that.

Rocking ubuntu btw

This roundtable-style panel brings together several downstream communities of the Fedora Project. Each downstream community will start the panel with a short...

Think Buku, but with a GUI. Does anything like that currently exist?

So, some background: my organization is moving from RHEL7 using the UI/Coolkey Smartcard setup for autolock on removal and authenticating to the AD. We are in the process of upgrading to RHEL8 in our Secure Area (which means local only connections with zero internet access). This process has been insanely complicated versus RHEL7 and it seems no matter how similar the guides, I just can't figure it out. Our support plan with RedHat is the one answer/email per 24 hours one (I have no control over this) and has been next to worthless. I am going to detail out what all i've done and hopefully someone here can see where I am missing my last keystone.

• On Windows Server 2019:

1. Open mmc.exe
2. File > Add/Remove Snap-in...
   2a. Certificates > "add>" > My User Acount
3. Trust Root Certificate Authorities
   3a. CA > All Tasks > Export
   3b. Certificate Export Wizard > Next > DER Encoded Library x.509 (.CER) > name the file "ca_root.cer" > choose the destination > Next > 'Summary of Details' > Finish
4. scp the certificate to my RHEL8 box

• On RHEL8

1. openssl x509 -inform der -in ca_root.cer -out ca_root.pem
2. dnf install -y samba-common samba-common-tools oddjob-mkhomedir sssd authselect nss-tools ccid pcsc-lite pcsc-lite-devel pcsc-tools opensc gnutls-utils
3. mkdir -p /etc/pki/ca-trust/source/anchors
4. cp ca_root.pem /etc/pki/ca-trust/source/anchors/
5. sudo update-ca-trust
6. sudo certutil -A -i /etc/pki/ca-trust/source/anchors/ca_root.pem -n CA_ROOT -t CT,C,C -d /etc/pki/nssdb
7. systemctl enable oddjobd.service
8. systemctl start oddjobd.service
9. touch /etc/sssd/sssd.conf
10. chmod 600 touch /etc/sssd/sssd.conf
11. chown root:root /etc/sssd/sssd.conf
12. vim /etc/sssd/sssd.conf

[sssd]
config_file_version = 2
domains = mydomain.local
services = nss, pam, pac

[domain/MYDOMAIN.LOCAL]
id_provider = ad
auth_provider = ad
chpass_provider = ad
access_provider = ad
cache_credentials = true

[pam]
pam_cert_auth = True

1. systemctl enable sssd.service
2. systemctl start sssd.service
3. vim /etc/krb5.conf

# To opt out of the system crypto-policies configuration of krb5, remove the
# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated.
includedir /etc/krb5.conf.d/

[logging]
    default = FILE:/var/log/krb5libs.log
    kdc = FILE:/var/log/krb5kdc.log
    admin_server = FILE:/var/log/kadmind.log

[libdefaults]
    dns_lookup_realm = false
    ticket_lifetime = 24h
    renew_lifetime = 7d
    forwardable = true
    rdns = false
    pkinit_anchors = /etc/pki/tls/certs/ca-bundle.crt
    spake_preauth_groups = edwards25519
    default_realm = MYDOMAIN.LOCAL
    default_ccache_name = KEYRING:persistent:%{uid}

1. realm join -U myadminuser MYDOMAIN.LOCAL
2. Verify the above sssd and krb5 files are largely unmodified, which each time I test appears to be the case.
3. Enable authselect to handle the smartcards:

authselect select sssd  with-smartcard  with-smartcard-required with-smartcard-lock-on-removal --force

1. I am able to use pcsc_scan, pkcs11_listcerts, and pkcs11_inspects to see that my Dell KB813t is recognized along with my smartcard, the certs on the card, and I can login with my pin on my RHEL7 and Windows 10 boxes. However, when I go to the RHEL8 Login Screen it just says:

Please (Re)Insert (Different) Smartcard

I am never able to get it to work unless I SSH in and remove the authselect stuff, login with my username and password, or while SSH'd in I check for /var/log/secure and /var/log/messages which show the same message as well as "unable to authenticate", but it never asks for my pin like the RHEL7 or Win10 boxes and I've tried following guides on RedHat, VMware, scribd, buildingtents, Citrix, beyondtrust, Fedora, Reddit, and I even to lookup how other you'd do it for SUSE or Ubuntu, but no matter what guide I follow I end up at the same dead end. I see so many dead threads or reddit posts asking the same question "how do I setup smart card on RHEL8?" which either ends in "Okay I figured it out!" or they just go dead. Hopefully someone here can help piece the missing puzzle pieces together for me.

So, some background: my organization is moving from RHEL7 using the UI/Coolkey Smartcard setup for autolock on removal and authenticating to the AD. We are in the process of upgrading to RHEL8 in our Secure Area (which means local only connections with zero internet access). This process has been insanely complicated versus RHEL7 and it seems no matter how similar the guides, I just can't figure it out. Our support plan with RedHat is the one answer/email per 24 hours one (I have no control over this) and has been next to worthless. I am going to detail out what all i've done and hopefully someone here can see where I am missing my last keystone.

• On Windows Server 2019:

1. Open mmc.exe
2. File > Add/Remove Snap-in...
   2a. Certificates > "add>" > My User Acount
3. Trust Root Certificate Authorities
   3a. CA > All Tasks > Export
   3b. Certificate Export Wizard > Next > DER Encoded Library x.509 (.CER) > name the file "ca_root.cer" > choose the destination > Next > 'Summary of Details' > Finish
4. scp the certificate to my RHEL8 box

• On RHEL8

1. openssl x509 -inform der -in ca_root.cer -out ca_root.pem
2. dnf install -y samba-common samba-common-tools oddjob-mkhomedir sssd authselect nss-tools ccid pcsc-lite pcsc-lite-devel pcsc-tools opensc gnutls-utils
3. mkdir -p /etc/pki/ca-trust/source/anchors
4. cp ca_root.pem /etc/pki/ca-trust/source/anchors/
5. sudo update-ca-trust
6. sudo certutil -A -i /etc/pki/ca-trust/source/anchors/ca_root.pem -n CA_ROOT -t CT,C,C -d /etc/pki/nssdb
7. systemctl enable oddjobd.service
8. systemctl start oddjobd.service
9. touch /etc/sssd/sssd.conf
10. chmod 600 touch /etc/sssd/sssd.conf
11. chown root:root /etc/sssd/sssd.conf
12. vim /etc/sssd/sssd.conf

[sssd]
config_file_version = 2
domains = mydomain.local
services = nss, pam, pac

[domain/MYDOMAIN.LOCAL]
id_provider = ad
auth_provider = ad
chpass_provider = ad
access_provider = ad
cache_credentials = true

[pam]
pam_cert_auth = True

1. systemctl enable sssd.service
2. systemctl start sssd.service
3. vim /etc/krb5.conf

# To opt out of the system crypto-policies configuration of krb5, remove the
# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated.
includedir /etc/krb5.conf.d/

[logging]
    default = FILE:/var/log/krb5libs.log
    kdc = FILE:/var/log/krb5kdc.log
    admin_server = FILE:/var/log/kadmind.log

[libdefaults]
    dns_lookup_realm = false
    ticket_lifetime = 24h
    renew_lifetime = 7d
    forwardable = true
    rdns = false
    pkinit_anchors = /etc/pki/tls/certs/ca-bundle.crt
    spake_preauth_groups = edwards25519
    default_realm = MYDOMAIN.LOCAL
    default_ccache_name = KEYRING:persistent:%{uid}

1. realm join -U myadminuser MYDOMAIN.LOCAL
2. Verify the above sssd and krb5 files are largely unmodified, which each time I test appears to be the case.
3. Enable authselect to handle the smartcards:

authselect select sssd  with-smartcard  with-smartcard-required with-smartcard-lock-on-removal --force

1. I am able to use pcsc_scan, pkcs11_listcerts, and pkcs11_inspects to see that my Dell KB813t is recognized along with my smartcard, the certs on the card, and I can login with my pin on my RHEL7 and Windows 10 boxes. However, when I go to the RHEL8 Login Screen it just says:

Please (Re)Insert (Different) Smartcard

I am never able to get it to work unless I SSH in and remove the authselect stuff, login with my username and password, or while SSH'd in I check for /var/log/secure and /var/log/messages which show the same message as well as "unable to authenticate", but it never asks for my pin like the RHEL7 or Win10 boxes and I've tried following guides on RedHat, VMware, scribd, buildingtents, Citrix, beyondtrust, Fedora, Reddit, and I even to lookup how other you'd do it for SUSE or Ubuntu, but no matter what guide I follow I end up at the same dead end. I see so many dead threads or reddit posts asking the same question "how do I setup smart card on RHEL8?" which either ends in "Okay I figured it out!" or they just go dead. Hopefully someone here can help piece the missing puzzle pieces together for me.

In a world where nothing seems to work anymore, especially anything related to tech and/or customer service, getting on my laptop running Linux Mint just feels like a breath of fresh air. And that goes for just about any distro. It's nice to have something that works as it should and doesn't seem to go out of its way to cause frustration and irritation.

(P.S. Loblaw's/PC Express suck ass. Canadians will know what I'm talking about).

Debian Linux is 30 years old. Today, it remains one of the most dominant Linux distributions. Here's how it started and where its impact is still felt today.

Bazzite isn't an exact clone of SteamOS 3, but its functionality is virtually identical to Valve's operating system. On the surface, Bazzite features an identical desktop experience to SteamOS 3. Thanks to the integration of KDE Plasma — a customizable Linux desktop environment, and Valve's KDE themes from SteamOS, Bazzite shares the same desktop wallpapers, icons, and taskbar as Valve's operating system. If you didn't know any better, you'd think you were running the real SteamOS.

But under the hood, Bazzite's actual operating system is not the same, as it uses an entirely different Linux distro from Valve's operating system. Instead of using a branch of Arch Linux, which is the distro SteamOS 3 is based on, Bazzite is built using a custom version of Fedora 38, which incorporates more hardware and device support than SteamOS 3. Some of the hardware support includes baked-in proprietary Nvidia driver support for GeForce GPUs, to enable GeForce-powered systems to run Bazzite. (Sadly AMD support is unclear — but the OS does support AMD ROCm.)

I used sharex on windows... But on ubuntu sharex is not there... Can anyone suggest any good software with hotkey support?