More fun with Fedora

Still going with Fedora 20 and my new X1 Carbon. I’ve decided it’s dangerously light. What if I got really annoyed? I could throw it quite far!

Linux does add something special to the new laptop experience after all, dodgy support for hardware for the first months I have a new laptop. I foolishly believed I had finished the install just because it booted and I could use a web browser and send email, but I kept noticing new problems as time went on.

First, the laptop’s screen (her name is Irian by the way, because I name them for female wizards, which, well, spoilers, but I do like Tales of Earthsea and you should read it) is very high resolution. GNOME tries to detect this and (essentially) make all its screen elements extra big to compensate. The trouble is, I usually use an external monitor which doesn’t have 2014-grade DPI (it’s 24″ with a , and GNOME doesn’t detect that, so things were being displayed on the external monitor extra big as well. This can be reverted with:

$ gsettings set org.gnome.desktop.interface scaling-factor 1

But that now means that when I disconnect my external monitor, everything on my laptop screen is eensy teensy. So switching between my laptop display and the external monitor involves plugging or unplugging a cable and a command line interaction. Judging from the discussion on bug 1025391, the task of figuring out when to apply what scaling factor is no mean feat, but all the same, it’s annoying that it’s been handed to me.

Second, speaking of external monitors, this is what happens when I boot now: the machine starts. My laptop screen goes black. My external monitor displays a featureless grey, ie, the background colour of gdm but without any content whatsoever (ie, it doesn’t display a list of users or a login prompt… just featureless grey). I have worked out that I can hit Enter, type my password, hit Enter again and then it will log me in, which is an improvement over the previous sequence which was “swear, pull out monitor cable, force a reboot, log in without external monitor, reconnect external monitor”. I’ve run Fedora 20 on my previous laptop and this didn’t happen, so I presume again there’s some specific hardware support issue where Fedora+gdm can tell I have an external monitor but not to the point of actually displaying a login prompt on it.

Meanwhile, I mentioned before that it wouldn’t resume from suspend and that I needed to upgrade the BIOS to get that fixed. There are a few ways to upgrade the BIOS within Linux but they all seemed horrifying, so rebooting into Windows was, in theory, going to be the way. However, as foretold in the prophecy, I didn’t have dual boot working in this new UEFI+Windows 8 utopia. In fact I still don’t, because I get a “cannot load image” error trying to boot Windows 8 through grub, and that error seems to either mean (a) you have Windows 8 and Fedora installed on separate physical drives (no) or (b) you shouldn’t be using grub but could maybe use one of a number of other bootloaders maybe because secure boot something something I don’t even. I messed around with this sort of thing until my eyes bled, and eventually resigned myself to going through the BIOS’s menus to boot Windows (ie, press Enter to interrupt startup, press F12 to get a startup menu, select Windows, it’s not that bad). I only use Windows for upgrading the BIOS and communicating with the Australian Tax Office on behalf of my business in any case (because you haven’t lived, died, and died again until you’ve tried to get the Australian government’s AUSkey authentication working under Linux, but I digress). I can deal with the BIOS menus for those cases.

The BIOS update went fine though, and now I can suspend and resume. And while I was in Windows random nagware immediately fired up to ask me to hand over my email address so as to confirm my subscription to a million anti-virus and anti-malware bundleware things that come pre-installed, so that certainly reminded me why it is that I don’t use it.

Standard disclaimer: I still don’t want tech support and no, I’m not going to file bugs. My Ubuntu-using days, in which you file a bug and the only response is having to extensively reconfirm it exists every three to six months for three years lest it be closed has pretty much cured me of bug-filing. I like shouting into the void on my own domain now.

New laptop blues

At a previous employer, my husband, who worked from home as a developer, was given a new laptop every three years, since it was his primary work tool. One of his colleagues, after going through the hassle of setting up a new laptop, apparently opined that he wished he was getting a new coffee machine or something similar.

Speaking of which, hello from my new Lenovo X1 Carbon, likewise my primary work tool! It’s amazeballs. It is the size I like (14″) while having the weight I’ve always coveted and previously associated with <12″ laptops (as weight little as possible of course, but 1.2kg or so is OK). I’m also joining the world of SSD drives, luckily modern spinning drives have way more space than what I use on a laptop (my photos are stored on an external drive, my music in FLAC on our central server and Vorbis or MP3 on our phones) so I didn’t even need to dial back in order to settle for 120GB. So far, so win.

But, oh, the setup.

First, I’ve never had a new laptop that entirely worked with Linux, and this one is no exception. It doesn’t resume from suspend (looks like this is bug 1084742 and I’m going to need to update the BIOS, so writing this entry has already paid off!). And sheesh moving my working environment from one laptop to another is a monumental pain. Especially when I’ve just reinstalled my Linode for the first time in about a decade, in order to install a 64 bit distro and thereby be able to use their SSD offering.

If you look for how to do such a thing on the ‘net, you get a few possibilities.

Use some kind of scripting/automation of the installer to get exactly the right packages, your config files set up the way you like them and such. I maintain a small number of Linux machines: three (hetrogenous) Ubuntu servers and a Fedora laptop. That’s, in my opinion, about three too few to find it worthwhile to, eg, semi-manually maintain a list of all the packages I need, work out the common versus custom bits of their config files, and such-like, especially when I reinstall so seldom. By the time a reinstall comes around, I can guarentee you I will have accidentally busted my automated install config through lack of testing, or the entire software stack I was relying on for the automation has been discontinued for years.

Copy /home and /etc to the new machine. Yeah, don’t do this.

Well, /home is basically OK, as long as you check the user ids carefully. (Fancy that, some people still run multi-user systems.) But don’t wholesale copy /etc. It worked OK for the Linode, once I edited /etc/fstab to mount the new drive configuration and chowned a bunch of things in /var to account for some of the user ids changing. Which was silly of me and which isn’t really what you’d call working, but it works now.

It was a monumental disaster on Fedora though, because I don’t speak new-fangled Linux. Specifically, I have no idea how one mounts LVM partitions from the command line and had to rely on Nautilus for it, and it turns out that if I, eg, move a new file in over the top of /etc/postfix/main.cf, SELinux won’t let it read it any more and I have to either understand SELinux or invoke random magic commands found on Google that probably amount to “disable SELinux and mail my SSL private key to the NSA while you’re at it”. Or I could understand LVM and SELinux of course, and that would be what I’d do if rebuilding a laptop wasn’t a 3–5 yearly task for me. Once again, whatever I learned will be thoroughly out of date by the time I next need to apply this knowledge.

And separately, there’s the package installing problem. Basically, both Debian-verse and Red Hat-verse systems both now have package managers that track the difference between “this package was installed at the administrator’s request” and “this package was installed as the dependency of another package”. But neither of them, as best I can tell, can export this reliably to a second machine, which means that on my new Fedora laptop, both Firefox and libwhatever.something.the.millionth are treated as sacrosanct “installed at the administrator’s request!” packages and I’m stuck with libwhatever.something.the.millionth forever, because I used rpm -qa. (There’s attempts at getting only the right packages out of the package manager, and the leading solution is now busted to the point of giving about 200 errors and then telling me I’d only ever installed 10 applications on my old Fedora install. You see what I mean about this stuff aging.)

Use some other operating system. Judging from commentary on the “yay, a new lapt— shit, a new laptop, now to spend three days of my life spinning my wheels on reinstalling all my favourite apps and redoing all my config” situation I’ve heard from Windows and Mac-using peeps, I get the impression this is a universal problem.

Use some magical program where one points at an existing laptop and say “make it like that one!” Dreamland. Although you’d think it would be something of a market advantage for Linux, which typically is agnostic on which packages you use (as long as they are open source and have certain trademark properties, admittedly, browsers are an issue here).

But I’d use the hell out of a desktop replicator, if one existed. Or even something that reliably dumped my package status including the “installed as a dependency” distinction, plus gave me some hints as to which bits of /etc I probably want.

Standard disclaimer! I’m not after any of: requests for further information for debugging purposes, exhortions to file bugs, or explanations of how to do anything with LVM and SELinux. I can figure out where to look that up when hell freezes over or it becomes a paid job of mine, one or the other.

Now brought to you by Fedora*

I’ve been an Ubuntu user since about September or October 2004. I bought my first up-to-date laptop hardware in New York City (a Fujitsu Lifebook, still my favourite of my laptops), replacing a Toshiba Libretto I’d bought in late 2002 or early 2003 at more than five years of age and which I’d managed to squeeze Debian onto against its will. In 2004 my husband was working for the company later to be known as Canonical and so I became a beta tester (I think not a highly contributing one) for the distribution soon after revealed to be Ubuntu. And that was pretty great for me, basically Debian with a regular release schedule centered around up-to-date GNOME.

In January this year I appeared on My Linux Rig and you can see I was still an Ubuntu desktop user. I wrote:

I am curious about how Fedora is doing these days, but realistically switching distributions is more work than upgrading Ubuntu so I am likely to stick with the path of least resistance.

But rumblings were changing my mind. Late last year I made a belated upgrade to Ubuntu 12.04 (after I submitted my PhD in May), at which point for reasons I now forget it became impossible to use GNOME 2/Metacity. I wasn’t particularly enamoured of GNOME 2 by that point in any event, but I’d resisted switching because my husband has been using Unity for considerably longer (he is a fan; he may have been dogfooding for Canonical fairly early, although he’s worked for Google since mid-2011 and I am not sure of Unity’s timeline there) and I really struggled with it when I used his machine. Much later it emerged that he doesn’t use workspaces at all in Unity, so that may be responsible for his desktop being a bit Mary-hostile.

I gave Unity and GNOME Shell about two hours each on my desktop and decided that I liked the latter better. GNOME Shell wasn’t ideally supported in Ubuntu 12.04 and 12.10 but it worked well enough to keep me from the pain of re-installing. But then I upgraded to 13.04, and GNOME Shell crashed about every half an hour on my hardware and graphics seemed unstable in general. Unity was rather better, needing a restart “only” a few times a week. But I really missed GNOME Shell. I was tempted to move to a distro that follows mainline GNOME at that point, but the decision was sealed when I began to learn about Canonical’s plans for the desktop stack. I don’t actually have a strongly held opinion on a lot of the issues: the value or otherwise of collaborating with upstream in general or with GNOME or Wayland or Xorg in particular, the relative technical merits of any current proposal, the risks of splitting the Linux desktop and so on. I just have a preference for vanilla GNOME 3 and Canonical’s development direction suggested Ubuntu was increasingly less likely to cater to me as time went on. And less likely looked pretty bad when 13.04 already rendered it nearly unusable.

Well, I guess I do have a preference in a way, I’m using Fedora — rather than any other distro with a good GNOME 3 stack — to support Red Hat (in a small way), in that they are active in developing the software I like at the moment.

In terms of work, I really didn’t want to switch. Reinstalling my machine and setting up my work environment has been exactly as annoying and boring as I expected it would be, I have a whole second post coming with notes on all the gotchas I encountered configuring Fedora. There is nothing fun about installing or configuring Linux, and FedUp better do what it says on the tin and take me to Fedora 20 and so on when the time comes. (Ubuntu’s preferred upgrade path, by the by, hadn’t worked for me for at least five releases, I was therefore still using apt-get dist-upgrade.) It took me a month to get from “I want to switch to Fedora” to actually installing it, and it probably would have been at least another month if Unity hadn’t crashed on me about three times in an hour last week.

So here we are. Initial signs are promising. My install, while boring, went cleanly. GNOME 3 on Fedora is much more stable than GNOME 3 or Unity on Ubuntu 13.04 on my hardware.

Hopefully I won’t be doing this again before 2022.

* Not really, my servers are still Ubuntu LTS and will likely stay Ubuntu LTS or, if there’s some Unity-equivalent disruption in the Ubuntu server experience, which I can’t imagine, Debian.

Connecting a Debian/Ubuntu server to the Macquarie University OneNetAnywhere VPN

I realise that this is a rather specific problem, but hopefully the links I provide here will be useful for anyone wanting to access a PPTP VPN themselves.

I have to say that this is one of those entries more likely to be useful if you ever have this specific problem (eg, you can here via a search engine query for “argh pptp mppe errors argh argh argh”) and less for a casual reader. Apologies loyal fans!

Continue reading “Connecting a Debian/Ubuntu server to the Macquarie University OneNetAnywhere VPN”

IPv6: encore

In which Mary does a lot of work on a comments policy in order to talk to herself about IPv6. True story.

Anyway, where we last left our heroine, she had found one unpromising (because unanswered) complaint describing her IPv6 problem. She tried updating the router firmware but it said it was the newest available firmware.

Some time later, our heroine found another account of the problem over on Server Fault where it was less likely to be lonely, and our heroine became convinced that she ought to install DD-WRT on her wireless router. Hey, maybe it would have worked, too. But our heroine’s husband likes his Internet to work, and gave her a sidelong look, whereupon our heroine at least deferring bricking her router until the weekend.

However! Our heroine is slightly bored of one of her day jobs, so today she idly searched for updated firmware and updated her D-Link DIR-615 router (C2 hardware edition) from firmware version 3.01 to 3.03WW (WW? I don’t get it either) and now she has a wireless router that does not send rogue IPv6 router advertisements to the network.

The end.

IPv6: finale in the key of D-Link

Background knowledge: this post requires some knowledge of networking, at least to the point of knowing what IPv4 and IPv6 are, and what is meant by subnet notation like “/60” and “/64”.

I believed for a very brief time that I’d beaten IPv6 into shape but soon my husband started complaining that sometimes it worked, sometimes it didn’t, and basically questioning whether it was worth any more late nights. (I would poke things, we would jointly debug them, IPv6 involved us skipping dinner two nights in a row in the end.)

Basically what would happen was that anything we tried to connect to over IPv6, most noticeably Google itself (because they trust Internode’s IPv6 routing enough to have turned on IPv6 access for their customers) would either work or just hang. I vaguely suspected some kind of routing error.

Here’s something to try if you have mysterious intermittent IPv6 dropouts or hangs: watch the output of radvdump closely. What you are looking for is any router advertisements coming from a second source: rogue RAs was the search term I was using somewhat in vain.

Unfortunately, if you find such a thing, there are essentially two options (much as you do if someone has put a rogue DHCP server on a network). One is to remove the rogue device from the network, the other is to firewall its announcements away from your clients. Unfortunate in my case, that is, because it emerged that the source of the announcements was our D-Link wireless router (which, per the previous entry, we run as a switch). Removing a wireless switch from our network would have the unacceptable side-effect of re-introducing strings of blue cable to our home, and it’s pretty hard to firewall your switch itself. So in our case, the answer for the present time is to give up on home IPv6.

Overall, although the reason we gave up on IPv6 was not a Linux problem, I have to say that I was really surprised how immature Linux’s tools are at this point. The fundamentals exist: kernel support, DHCPv6 and stateless configuration servers and clients. As an IPv6 client, Linux is doing OK. If you connect a Linux machine to a network that happens to be using IPv6, it’ll likely Just Work. But at the tools and packaging level there’s still loads of gaps along the lines of:

  • iptables and ip6tables are entirely separate programs, so you get to have your firewall configuration fun twice! (However, UFW handles this fairly nicely, if you’re in the market for a thin-ish wrapper around iptables.)
  • configuring ppp for IPv6 is like ppp for IPv4 circa 1999 or 2000 or so. Things like the “oh yeah, for a reason no one knows, you won’t get a default route, so here’s a little script that will bring one up for you” (see Shane Short’s blog entry)
  • radvd is a fairly crucial tool, but there aren’t a lot of example config files for different situations that I could find, and the man page assumes that you know a lot about router advertisements already
  • if you want to use Ubuntu’s supported DHCP server (isc-dhcp-server) for DHCPv6, you need to write it a second init script and config file yourself

So after all that you might be tempted to use a dedicated router for IPv6 and I’d sympathise except that the D-Link device does it even worse than Linux. Not promising. I can’t see that moving many ADSL users over to IPv6 is going to happen any time soon.

IPv6: prelude in the key of radvd

Background knowledge: this post requires some knowledge of networking, at least to the point of knowing what IPv4 and IPv6 are, and what is meant by subnet notation like “/60” and “/64”.

I’ve just changed ISPs, because I wasn’t much of a fan of my old ISP’s demand that either we enter into a new 12 month contract before 27 November or they’d consider us re-contracted at that date. My new ISP is Internode, Australia’s favourite geek ISP, in part because they offer native IPv6 and it’s even supported by customer service. It took me an entire 24 hours to succumb to the temptation of wrecking my perfectly good home network by attempting to make it IPv4/IPv6 dual stack, partly motivated by Geoff Huston’s “the sky is falling” keynote at linux.conf.au 2011. I like doing my bit to hold up the sky.

I use a Linux machine as our router rather than a consumer router device, that is, my ADSL modem is set to bridge mode and we use our wireless router just as a switch; neither of them do routing. (Or shouldn’t, but we’ll get to that.) In terms of resources for doing this with Internode, or any other ISP who will advertise your IPv6 routes via DHCPv6, here’s some useful material:

The main problem I had is that for as yet unexplained reasons, while this radvd.conf stanza worked fine when my Linux server ran Ubuntu 11.04 with radvd 1.7, it doesn’t work on Ubuntu 11.10 with radvd 1.8:

prefix ::/64 {
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};

radvd 1.8 was advertising this in such a way as to get my Linux client to give this error (in /var/log/syslog):

IPv6 addrconf: prefix with wrong length 60

That is, it seems to have been advertising the entire /60 that Internode routes to each customer rather than a single /64. We ended up having to do something like this:

prefix 2001:db8:aaaa:bbbb::/64 {
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};

That is, because Internode’s IPv6 allocations are static, we just manually picked a /64 out of the /60 allocated to us, and advertised that. I’m not clear if this a bug or a change in the way radvd works or a mistake of mine, we never got a chance to find out because of a showstopper which you’ll see in the next, and at this stage, final post in my adventures in IPv6.

GNOME Shell versus Unity

I upgraded my laptop to Ubuntu 11.10 today. I used Metacity+GNOME Panel through the previous version of Ubuntu as Unity crashed annoyingly on my laptop (tending to leave me looking at my background image, which is a cute picture of my son but even so) so this is my first Ubuntu version with the new shiny.

What’s annoying me right now is that they both have features I really like. I’ve only played around for a few hours so possibly one can be configured to have the good features of the other; these are from the default functionality on 11.10.

Unity: my laptop doesn’t have a lot of screen real estate, so I love the integration of the menu bar of windows into the top panel (called global menu). I like having those 20 pixels or so back!

GNOME Shell: I love the Activities mode in general! The presence of workspace previews that don’t require me to keep holding down the Alt part of the Alt-Tab combo is lovely, and the favourites menu on the left seems easier to edit than Unity’s. On the balance, I’d say I prefer GNOME Shell, but damn, global menu is a killer feature on my smaller screen. I’ll watch the global menu patch closely.

(Meanwhile, while writing this entry I discovered that Firefox’s right-click menu is broken in Unity—it disappears as soon as I move my mouse—which is a rather compelling reason to use GNOME Shell.)

Just putting this out there

Why does the terminal beep still exist? There are approximately six quintillion laptops owned by Free Software developers, and none of their owners have ever carefully muted the sound, proceeded to do something hugely important like a non-matching search in Firefox and got the evil eye from unimportant people like the lecturer grading the course for the series of loud humiliating beeps coming from their direction? Or you all have pcspkr blacklisted or what?

 $ whois deathtobeeps.com  Whois Server Version 2.0  Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information.  No match for "DEATHTOBEEPS.COM". 

Implausible.