Linux Blimp

Paw Prints: Writings of the maddog

Oct 29, 2018 GMT, Jon maddog Hall

IBM bought Red Hat Software.

The world wide web is alive with the news, and many of the people who have worked and used Red Hat in the last 25 years are lamenting the “fall” of their beloved company and software.

I understand how they feel.

• The first company I worked for, Aetna Life and Casualty is much smaller than it used to be through various economic reasons.
• The college I taught at, Hartford State Technical College, was merged with the state community colleges and is not even mentioned today.
• Bell Laboratories, renamed Lucent and broken off from the world’s largest telephone company, purchased by Alcatel, then by Nokia.
• Digital Equipment Corporation (DEC), once the second largest computer company in the world was purchased by Compaq, then by HP.
• SGI (who I worked for briefly) is gone.

Believe me, I know the pain.

Yet IBM has been a friend of Linux for a long time.

As early as 1998 IBM said they were going to support Linux, one of the first major companies that said that while Microsoft was at its peak and calling Linux “a virus and a cancer”.

I still remember the IBM ads of the early 2000s touting Linux on TV and in magazines. I remember the little white-haired boy who represented Linux and how “on spot” the IBM advertisements were.

In 2001 we all cheered when IBM announced they had invested a billion USD in Linux (and made two billion from that investment).

I was invited to Austin, Texas by Daniel Frye, the VP of Open Source for IBM when Lou Gerstner Jr. (IBM’s CEO) wrote the memo that made Open Source a focal point of IBM.
Lou wrote that in the past IBM had produced closed source products unless someone make a case for the product being Open Source. In the future IBM would produce Open Source products unless someone made a case for the product to be closed source.

Being from DEC, and knowing how engineers often were put through the legal and business gauntlet when they wanted to make a product Open Source, I understood the power of that memo from Lou.

I remember that day in Austin, when Dan asked me if the Open Source community would be afraid of IBM taking an active interest in Linux. I told him that some would, but the people I respected (Linus, Alan Cox, David Miller and others) would welcome IBM’s involvement in Linux, GNU, and Open Source.

I remember when people left the Linux project because “other people were making money on the work I do”. This was and is a wrong attitude. You write Free Software for whatever reason you write it. The fact that other people make money off of it is not a concern as long as they obey the license you wrote it under.
IBM has Open Source advocates all over the world. Their purchase of Red Hat should increase the exposure of Red Hat to even more people, to allow Red Hat to be used in even larger commercial-grade opportunities.

The statements I have read from both companies state that Red Hat will still be an autonomous division of IBM. We will see how true that is, but it is a good sign that Jim Whitehurst is to remain at the helm of Red Hat and will join IBM’s executive team.

Early on IBM hired many FOSS developers, even for projects not directly in their line of business. They gave support to Apache and many other Open Source projects. They were sponsors of many Open Source conferences.
IBM even has a server line called “LinuxONE” which touts security, scalability and lightening speed.
I can not predict the future, but if the past is any example of IBM’s respect and love for Linux, than Red Hat should be confident in their future.

Carpe Diem.

Source

Portland, Oregon, October 29, 2018 — Today, Bryan Lunduke announced that he is officially joining the Linux Journal team as “Deputy Editor” of the illustrious — and long-running — Linux magazine. “I’ve been a fan of Linux Journal for almost as long as I’ve been using Linux,” beamed Lunduke. “To be joining a team that has been producing such an amazing magazine for nearly a quarter of a century? It’s a real honor.” In November of 2017, SUSE—the first Linux-focused company ever created—announced Lunduke’s departure to re-focus on journalism. Now, furthering that goal, Lunduke has joined the first Linux-focused magazine ever created. Lunduke’s popular online show, the aptly named “Lunduke Show”, will continue to operate as a completely independent entity with no planned changes to production schedules or show content. Sources say Lunduke is “feeling pretty fabulous right about now.” No confirmation, as yet, on if Lunduke is currently doing a “happy dance”. At least one source suggests this is likely.

Source

Virsh is a command line executable to control existing virtual machines. It includes a number of commands to help manage KVM(kernel-based virtual machine) instances. It allows for easy command line management often remotely of virtual machines through SSH access.

To enter the command shell over ssh just type the following:

virsh

From there you can type the help command to view all of the possible commands. We will cover some of the more common commands for managing virtual machines. Virsh commands can also be executed directly from the command line as opposed to starting the virsh enviroment by prefixing each command with virsh.

View all of the virtual machines on this system

# virsh list –all

and you will see a similar output:

Id Name State
—————————————————-
5 centos7-1 running
84 centos7-2 running
85 centos7-3 running

Start a virtual machine

# virsh start server-name

Replace server-name with the virtual machine you are attempting to start

Stopping a virtual machine

Shutdown a virtual machine:

# virsh shutdown server-name

This will attempt to gracefully stop a virtual machine and power it off.

Power off a virtual machine

# virsh destroy server-name

This will immediately power off a virtual machine. This is the equivalent to removing the power cord on a running physical server.

Reboot a virtual machine

# virsh reboot server-name

Auto start configuration for virtual machines

To have a virtual machine start every time a server reboots type the following:

# virsh autostart server-name

To prevent a virtual machine from starting every time a server reboots type the following

# virsh autostart –disable server-name

Attach a console to a virtual machine

To view the console output of a virtual machine type the following

# virsh console server-name

There are many more things virsh can do, this is just the basics to get you through power management of a virtual machine on the command line. If you have not already, please check out multi-part series on setting up KVM:

Part 1: KVM Installation On CentOS
Part 2: Bridged Networking Setup For KVM Virtualization
Part 3: Creating A New Virtual Machine With KVM

May 1, 2017LinuxAdmin.io

Source

Hole opens up remote-code execution to miscreants – or a crash, if you’re lucky

A security bug in Systemd can be exploited over the network to, at best, potentially crash a vulnerable Linux machine, or, at worst, execute malicious code on the box.

The flaw therefore puts Systemd-powered Linux computers – specifically those using systemd-networkd – at risk of remote hijacking: maliciously crafted DHCPv6 packets can try to exploit the programming cockup and arbitrarily change parts of memory in vulnerable systems, leading to potential code execution. This code could install malware, spyware, and other nasties, if successful.

The vulnerability – which was made public this week – sits within the written-from-scratch DHCPv6 client of the open-source Systemd management suite, which is built into various flavors of Linux.

This client is activated automatically if IPv6 support is enabled, and relevant packets arrive for processing. Thus, a rogue DHCPv6 server on a network, or in an ISP, could emit specially crafted router advertisement messages that wake up these clients, exploit the bug, and possibly hijack or crash vulnerable Systemd-powered Linux machines.

Here’s the Red Hat Linux summary:

Felix Wilhelm, of the Google Security team, was credited with discovering the flaw, designated CVE-2018-15688. Wilhelm found that a specially crafted DHCPv6 network packet could trigger “a very powerful and largely controlled out-of-bounds heap write,” which could be used by a remote hacker to inject and execute code.

“The overflow can be triggered relatively easy by advertising a DHCPv6 server with a server-id >= 493 characters long,” Wilhelm noted.

In addition to Ubuntu and Red Hat Enterprise Linux, Systemd has been adopted as a service manager for Debian, Fedora, CoreOS, Mint, and SUSE Linux Enterprise Server. We’re told RHEL 7, at least, does not use the vulnerable component by default.

Systemd creator Lennart Poettering has already published a security fix for the vulnerable component – this should be weaving its way into distros as we type.

If you run a Systemd-based Linux system, and rely on systemd-networkd, update your operating system as soon as you can to pick up the fix when available and as necessary.

The bug will come as another argument against Systemd as the Linux management tool continues to fight for the hearts and minds of admins and developers alike. Though a number of major admins have in recent years adopted and championed it as the replacement for the old Init era, others within the Linux world seem to still be less than impressed with Systemd and Poettering’s occasionally controversial management of the tool. ®

Source

Live Voyager is an open source distribution of Linux based on a special edition of the highly acclaimed Ubuntu operating system that uses Xfce as its main desktop environment. It includes the same stable and reliable base as Xubuntu and on top of that various tweaks and additional software.

It’s distributed as Live DVDs for 32-bit and 64-bit architectures

The distribution is available for download as Live DVD ISO images, one for each of the supported hardware platforms (amd64 (64-bit) and i386 (32-bit)), that can be deployed to USB flash drives using Disks or UNetbootin apps, or burned to DVD discs using any CD/DVD burning software.

Boot menu options

Except for the fact that it uses a different background image, the boot prompt of the Live DVDs is identical with the one used by the Xubuntu Linux operating system, allowing users to try the distribution without installing anything on their computers.

In addition, users can boot an existing operating system installed on the first disk drive, run a memory diagnostic test, check the disk for defects (only if using a DVD media), as well as to directly install the system, without testing it (not recommended).

Productive and modern desktop environment with a dock

The Xfce-powered desktop environment has been tweaked to offer users a futuristic graphical session that is comprised of a top panel, from where users can access the unique main menu, launch applications and interact with running programs, as well as a dock (app launcher) located on the bottom edge of the screen.

Contains great applications

Default applications include the Mozilla Firefox web browser, Pidgin multi-protocol instant messenger, AbiWord word processor, Gnumeric spreadsheet editor, Mozilla Thunderbird email and news client, Darktable and GIMP image editors, gThumb and Ristretto image viewers, and MComix comic book viewer.

Additionally, it comes with the Transmission torrent downloader, Hotot Twitter client, XChat IRC client, Clementine audio player, VLC Media Player, Parole video player, PiTiVi video editor, Cheese webcam viewer, Transmageddon video transcoder, FreetuxTV TV viewer, Kazam screen recording tool, and Ubuntu Software Center for installing extra apps.

A really great and lightweight distribution of Linux

Live Voyager is really great, lightweight and modern operating system that uses a stable and reliable Ubuntu/Xubuntu base, an astonishing icon theme, a different and handy main menu, and a great selection of applications. We recommend to use it on low-end machines or computers that don’t support resource hungry OSes.

Source

Let’s Encrypt is a certificate authority created by the Internet Security Research Group (ISRG). It provides free SSL certificates via fully automated process designed to eliminate manual certificate creation, validation, installation and renewal.

Certificates issued by Let’s Encrypt are are valid for 90 days from the issue date and trusted by all major browsers today.

This tutorial will guide you through the process of obtaining a free Let’s Encrypt using the certbot tool on Debian 9. We’ll also show how to configure Apache to use the new SSL certificate and enable HTTP/2.

Source

Compiling Apache 2.4 from source is easy and allows for more customization later on. It also allows for control over where it is installed

Install some required depedencies:

yum install -y wget pcre-devel openssl openssl-devel expat-devel

First get the latest version, at the time of writing this it is 2.4.25. The link to download the latest version is here

wget -O /usr/src/httpd-2.4.25.tar.gz http://mirror.nexcess.net/apache//httpd/httpd-2.4.25.tar.gz

Change directories to /usr/src

cd /usr/src

Uncompress the tar

tar xfvz httpd-2.4.25.tar.gz

Go to the directory:

cd httpd-2.4.25

The build we are creating requires apr and apr-util so to the src lib directory and download the following (APR download page):

cd ./srclib
wget http://mirror.stjschools.org/public/apache//apr/apr-1.5.2.tar.gz
wget http://mirrors.gigenet.com/apache//apr/apr-util-1.5.4.tar.gz

Uncompress them and rename them:

tar xfvz apr-1.5.2.tar.gz; mv apr-1.5.2 apr
tar xfvz apr-util-1.5.4.tar.gz; mv apr-util-1.5.4 apr-util

Configure Apache:

Go back to the main source directory:

cd ../

To view the configure options type the following

./configure –help

This is a sample config:

./configure
–enable-layout=RedHat
–prefix=/usr
–enable-expires
–enable-headers
–enable-rewrite
–enable-cache
–enable-mem-cache
–enable-speling
–enable-usertrack
–enable-module=so
–enable-unique_id
–enable-logio
–enable-ssl=shared
–with-ssl=/usr
–enable-proxy=shared
–with-included-apr

Make:

make

Install:

make install

Start Services:

CentOS 7

Create a systemd start file by creating /etc/systemd/system/httpd.service and add

[Unit]
Description=The Apache HTTP Server

[Service]
Type=forking
PIDFile=/var/apache/httpd.pid
ExecStart=/usr/sbin/apachectl start
ExecReload=/usr/sbin/apachectl graceful
ExecStop=/usr/sbin/apachectl stop
KillSignal=SIGCONT
PrivateTmp=true

[Install]
WantedBy=multi-user.target

Configure it to start on boot:

systemctl enable httpd

Start it

systemctl start httpd

CentOS 6

chkconfig –add httpd

chkconfig httpd on

service httpd start

That’s it for compiling Apache from source. If you visit the http://ip-address of the server you should see a default page for apache.

You can also verify its running by typing the following:

# ps aux|grep httpd
root 1101 0.0 0.0 105376 836 pts/0 S+ 21:03 0:00 grep httpd
nobody 15834 0.0 0.4 270908 8288 ? S 03:46 0:00 /usr/sbin/httpd -DHAVE_PROXY_FTP -DHAVE_AUTH_TOKEN -DHAVE_PROXY_HTTP -DHAVE_RPAF -DHAVE_PHP5 -DHAVE_XSENDFILE -DHAVE_AUTH_MYSQL -DHAVE_PROXY -DHAVE_PROXY_AJP -DHAVE_PROXY_BALANCER -DHAVE_PROXY_SCGI -DHAVE_SSL -DHAVE_PROXY_CONNECT -DSSL -DSSL -DSSL
nobody 15835 0.0 0.4 270764 8224 ? S 03:46 0:00 /usr/sbin/httpd -DHAVE_PROXY_FTP -DHAVE_AUTH_TOKEN -DHAVE_PROXY_HTTP -DHAVE_RPAF -DHAVE_PHP5 -DHAVE_XSENDFILE -DHAVE_AUTH_MYSQL -DHAVE_PROXY -DHAVE_PROXY_AJP -DHAVE_PROXY_BALANCER -DHAVE_PROXY_SCGI -DHAVE_SSL -DHAVE_PROXY_CONNECT -DSSL -DSSL -DSSL
nobody 15836 0.0 0.4 270764 8224 ? S 03:46 0:00 /usr/sbin/httpd -DHAVE_PROXY_FTP -DHAVE_AUTH_TOKEN -DHAVE_PROXY_HTTP -DHAVE_RPAF -DHAVE_PHP5 -DHAVE_XSENDFILE -DHAVE_AUTH_MYSQL -DHAVE_PROXY -DHAVE_PROXY_AJP -DHAVE_PROXY_BALANCER -DHAVE_PROXY_SCGI -DHAVE_SSL -DHAVE_PROXY_CONNECT -DSSL -DSSL -DSSL
nobody 15837 0.0 0.4 270764 8224 ? S 03:46 0:00 /usr/sbin/httpd -DHAVE_PROXY_FTP -DHAVE_AUTH_TOKEN -DHAVE_PROXY_HTTP -DHAVE_RPAF -DHAVE_PHP5 -DHAVE_XSENDFILE -DHAVE_AUTH_MYSQL -DHAVE_PROXY -DHAVE_PROXY_AJP -DHAVE_PROXY_BALANCER -DHAVE_PROXY_SCGI -DHAVE_SSL -DHAVE_PROXY_CONNECT -DSSL -DSSL -DSSL
nobody 15838 0.0 2.1 321656 40916 ? S 03:46 0:00 /usr/sbin/httpd -DHAVE_PROXY_FTP -DHAVE_AUTH_TOKEN -DHAVE_PROXY_HTTP -DHAVE_RPAF -DHAVE_PHP5 -DHAVE_XSENDFILE -DHAVE_AUTH_MYSQL -DHAVE_PROXY -DHAVE_PROXY_AJP -DHAVE_PROXY_BALANCER -DHAVE_PROXY_SCGI -DHAVE_SSL -DHAVE_PROXY_CONNECT -DSSL -DSSL -DSSL
nobody 15839 0.0 1.6 292740 32276 ? S 03:46 0:00 /usr/sbin/httpd -DHAVE_PROXY_FTP -DHAVE_AUTH_TOKEN -DHAVE_PROXY_HTTP -DHAVE_RPAF -DHAVE_PHP5 -DHAVE_XSENDFILE -DHAVE_AUTH_MYSQL -DHAVE_PROXY -DHAVE_PROXY_AJP -DHAVE_PROXY_BALANCER -DHAVE_PROXY_SCGI -DHAVE_SSL -DHAVE_PROXY_CONNECT -DSSL -DSSL -DSSL
nobody 15840 0.0 1.6 291948 31052 ? S 03:46 0:00 /usr/sbin/httpd -DHAVE_PROXY_FTP -DHAVE_AUTH_TOKEN -DHAVE_PROXY_HTTP -DHAVE_RPAF -DHAVE_PHP5 -DHAVE_XSENDFILE -DHAVE_AUTH_MYSQL -DHAVE_PROXY -DHAVE_PROXY_AJP -DHAVE_PROXY_BALANCER -DHAVE_PROXY_SCGI -DHAVE_SSL -DHAVE_PROXY_CONNECT -DSSL -DSSL -DSSL
nobody 15841 0.0 1.6 291948 31048 ? S 03:46 0:00 /usr/sbin/httpd -DHAVE_PROXY_FTP -DHAVE_AUTH_TOKEN -DHAVE_PROXY_HTTP -DHAVE_RPAF -DHAVE_PHP5 -DHAVE_XSENDFILE -DHAVE_AUTH_MYSQL -DHAVE_PROXY -DHAVE_PROXY_AJP -DHAVE_PROXY_BALANCER -DHAVE_PROXY_SCGI -DHAVE_SSL -DHAVE_PROXY_CONNECT -DSSL -DSSL -DSSL

httpd -M will show the compiled modules:

# httpd -M
Loaded Modules:
core_module (static)
authn_file_module (static)
authn_default_module (static)
authz_host_module (static)
authz_groupfile_module (static)
authz_user_module (static)
authz_default_module (static)
auth_basic_module (static)
cache_module (static)
mem_cache_module (static)
include_module (static)
filter_module (static)
log_config_module (static)
logio_module (static)
env_module (static)
expires_module (static)
headers_module (static)
usertrack_module (static)
unique_id_module (static)
setenvif_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
mime_module (static)
status_module (static)
autoindex_module (static)
asis_module (static)
cgi_module (static)
negotiation_module (static)
dir_module (static)
actions_module (static)
speling_module (static)
userdir_module (static)
alias_module (static)
rewrite_module (static)
so_module (static)
ssl_module (shared)

Configuration Changes

The configuration is located in /etc/httpd/conf/httpd.conf typically.

How to change default ports

Apache listens on ports by the Listen directive to change it from port 80 (default)

Listen 8080

How to enable ssl in httpd.conf

Edit /etc/httpd/conf/httpd.conf and ensure the following line is uncommented:

LoadModule ssl_module modules/mod_ssl.so

And add the following line

Listen 443

You will need to restart the service if you make any changes to the configuration files.

Source

Oct 27, 2018, 06:00

Source

Goblinz Studio have taken on a lot of feedback from players of their sci-fi dungeon crawler Robothorium and it’s showing in their recent updates.

They’ve made tons of improvements to nearly all aspects of the game, including fixing plenty of bugs. They’ve been able to add in new robots, a new scenario, a hardcore game mode and with the latest update they’ve added in gamepad support along with a new multiple choice event system.

When I checked out the initial Early Access release, I was reasonably impressed with the rather refined experience that it offers.

After trying it out for a good while again today, I came off even more impressed than I was before. It feels a lot better, especially since they revamped the previously lacklustre trap system to give you multiple choices. Previously when you hit a room with a trap, it activated right away. Now you can now destroy them, hack them or deactivate them, so that’s a previous issue I had with it sorted out completely. They also added additional types of traps, so it’s more interesting overall.

They’ve also added new items, new sounds and so much more recently it’s worth another look. Very keen to see what else they improve, as it’s actually quite fun.

You can grab Robothorium on Humble Store and Steam.

Source

It has been nearly two years since I tried Fedora, Manjaro and Ubuntu MATE on the Raspberry Pi 2 & 3, and there have been a lot of changes since then. Most for the better, such as the introduction of the Pi 3B+, but a few for the worse, such as the end of the Manjaro Pi development. So I think it’s time to take a fresh look at this.

But, first, why would anyone even want to do this, when Raspbian Linux is available, free, and supports all the special features, quirks and capabilities of the Raspberry Pi hardware?

Well; the most common reasons seem to be that users want to work with a “familiar” distribution, meaning one that they are already using on a PC, such as Ubuntu. Another common reason is that companies have “standardized” on a specific version of Linux for servers, desktops and laptops; this is frequently the case with SUSE and Fedora, for example. Yet another reason might be a specific use of the Raspberry Pi; for example, Kali Linux for penetration testing. Finally you might just be curious (or masochistic) like me, and want to see how (or if) all of this works together.

So, I have taken what I consider to be the four best-known or most popular Linux distributions which have Raspberry Pi ports available, and tried them out on a few of my Raspberry Pi systems. One thing that I am doing differently this time is that I have limited my testing to the Raspberry Pi 2 and 3 (including the 3B+). I learned the last time that even if you could get something running on a Pi Zero or 1, the performance was just too bad to be worthwhile.

Ubuntu MATE

Let’s get the bad news out of the way first. Ubuntu MATE seems to be stuck at version 16.04 LTS. That’s well over two years old now. When it first came out, I assumed (well, hoped) that it would be updated along with the regular Ubuntu releases every six months. That didn’t happen when 16.10 came out, so I then hoped that it would at least be updated to the next LTS release. Alas, that also didn’t happen when Ubuntu 18.04 LTS came out.

SEE: How to build a successful developer career (free PDF)

It has, at least, gotten the point-updates for 16.04, but even those have not been incorporated into new distribution images. So if you get the image from the Ubuntu MATE Downloads page now, what you actually install is 16.04.2, and you then have to try to update from there.

Oh, and before I forget to mention it, the Ubuntu MATE distribution images will not boot on a Pi 3B+. This is a “known problem”, because the boot code is different, and since the distribution images haven’t been updated, that’s not a big surprise.

Ubuntu MATE on Raspberry Pi 3B

Anyway, after booting the distribution image on a Pi 2 or 3B, you need to update it to at least get to the latest 16.04 version. Unfortunately even that is difficult, because the update process complains about not having enough space in the /boot partition, and there is no room to increase the size of that partition. Sigh. The simplest work-around that I could find was to move the start_*.efi files from /boot to /root, which frees up enough space; then run the update, which takes an hour or so, then move those files back to /boot. Yeah, I know, it’s pretty ugly.

By this time my patience was wearing pretty thin — I’m not a big Ubuntu fan anyway, and this was just turning into one problem after another, with a very limited payoff even if everything works. Which it didn’t. The Welcome screen crashes, for example. It finally came up, and I could confirm that it was running 16.04.5 LTS, which is at least the latest version of 16.04. Then I tried to run Firefox, and even that crashed. Grrrr. Ok, I’m ready to give up on this now.

One last bit of bad news… it still doesn’t boot in a Pi 3B+. Yes, I know that it might be possible to fix this but honestly, there’s just no point. If you absolutely, positively have to run Ubuntu on your Raspberry Pi 2 or 3B, it is still possible. Sort of.

Moving on to the good news…

Kali Linux

My original impetus in doing this was seeing an article about Secure Kali Pi 2018. I’m a huge fan of Kali Linux, so this really interested me. I wrote about Kali on the Raspberry Pi previously, and was quite pleased with it then, so I wanted to see how much they have improved it since that time. I was not disappointed.

The only thing that is a bit confusing about the Kali Pi distribution is figuring out exactly which version you want to download. You have to go through the Kali Linux Downloads page, then from there to the Kali Arm Images page, then expand the Raspberry Pi Foundation section. There are eight images there, and it’s not always easy to figure out which one is for what Pi model, what display, what other tools or configurations might be included… in my honest opinion, it’s a bit of a mess, and at least some explanation of what each download is for would be a tremendous help.

Anyway, after some significant head-scratching and tracking down various terms and references, I settled on the one called Kali Linux Raspberry Pi 2 and 3. That looks very obvious when I just write it here like that, but then you look around and see that there is also one called Kali Linux RaspberryPi 2 and 3 Hyperpixel, and another called Kali Linux RaspberryPi 2 or 3 without nexmon… well, hyperpixel is a specific touch-screen display for the Pi, and I don’t want to use that in this case, and nexmon has to do with monitoring and manipulating the Broadcom WiFi chip. I don’t really care about that either, but the “without” version looks like it might be a Pi 2 version, and I don’t want to have trouble booting on the 3B+, so that’s why I settled on the one I did. I hope.

The download is in xz compressed format, so to uncompress and dump it to an SD card you can use this (on a Linux system):

xzcat kali-linux-2018.3-rpi3-nexmon.img.xz |

dd bs=4M of=/dev/sdX iflag=fullblock oflag=direct status=progress

Kali Linux 2018.3 on Raspberry Pi 3B Plus

Image: J.A. Watson

Then I just popped the microSD card into my Pi 3B+, and it booted right up! Nice!

This is an Xfce desktop, which is a very good choice because it is lightweight so it doesn’t load the Pi CPU or memory too much, but it still looks good, and it is very flexible and easily configurable.

Performance is amazingly good, this is the first time I have tried a distribution that I thought performed at least as well as Raspbian.

I have booted the same microSD card in Pi 3B+, 3B and 2B systems and all three worked without problem, including wired and wireless networking and Bluetooth using the built-in adapters in the 3B and 3B+, and USB dongles on the 2B.

In fact, Bluetooth works even better than it does on Raspbian! I mentioned in a recent post that my Logitech m720 Triathlon mouse wouldn’t pair with Raspbian; it works perfectly with Kali Linux, on all three Pi models (that means with two different built-in bluetooth adapters and one USB adapter). I would suggest installing the Blueman package to get a GUI interface for Bluetooth management, but it can certainly be done from the CLI in the basic Kali installation.

What an excellent result this was, especially after the initial disappointment with Ubuntu MATE on the Raspberry Pi. In fact, I was so inspired by this that I decided to have another look at openSUSE on the Raspberry Pi too.

openSUSE Tumbleweed

The last time I tried openSUSE on a Raspberry Pi I had a lot of trouble with it. I managed to get Leap 42.2 working, but I couldn’t even get Tumbleweed to boot. This time the experience has been much better.

The information, instructions and download links are on the openSUSE Raspberry Pi 3 page. It’s still not all smooth sailing, because none of the direct links to downloads on that page work (sigh). The reason is simple enough — someone has removed “raw” from the Current image names, but not from the links. The solution is also simple, just click on the general download directory link, and find the version you want; or copy the specific link for the version you want, paste it and remove “raw” from the end, and it will work. It’s really (really) irritating when silly, careless mistakes like this make an otherwise good distribution look so bad.

SEE: Getting started with Python: A list of free resources

Anyway, I downloaded the LXQt version (in the interest of minimizing system load and resource use), which comes in at a rather svelte 800MB. It is also in xz compressed format, so it can be uncompressed and dumped to an SD card using the same command as for Kali above.

Pop the microSD card into a Pi 3B+ (or 3B, or 2B), and let it boot. It takes quite a while, and the boot process will look very strange to experienced Raspbian users, but after a minute or two it will be up and running.

openSUSE Tumbleweed on Raspberry Pi 3B Plus

The LXQt version has a rather ugly/boring desktop wallpaper, so I have replaced that with the standard openSUSE wallpaper.

Performance is once again surprisingly good, although a tad slower than Kali when starting apps and such. Wired and wireless networking are no problem, but I couldn’t get Bluetooth to work, no matter what I tried (and I tried a lot).

Installing updates was no problem, and even though the installation image was dated 20181018, there were a lot of them… well, this is Tumbleweed so no surprise there either.

Where Kali is a penetration-testing focused distribution, openSUSE is a general purpose Linux distribution, and it comes equipped accordingly. Both Firefox and Chromium are included, as is Thunderbird; GIMP and Shotwell, Pragha and Videos, and just about anything else I could think of. The only obvious thing not included was LibreOffice, and that’s more likely because I downloaded the LXQt version, not because of the Raspberry Pi target system.

openSUSE Leap 15.0

Although I was specifically looking for the Tumbleweed version, I found that the openSUSE Raspberry Pi 3 page also contained links for Leap 15.0 (the current Leap release) and Leap 42.3 (the previous Leap release). Please don’t ask me to explain about the version numbers, they don’t make much sense to me either.

I figured while I was there I would give it a whirl as well. The procedure started off the same; download, uncompress, dump to a microSD card, pop the card into the Pi 3B+, and… oops. It wouldn’t boot. It produced the classic “blinking LED” symptom which means that the boot files haven’t been updated for the 3B+. So I swapped the card over to a plain 3B, and it booted just fine.

openSUSE Leap 15.0 on Raspberry Pi 3B Plus

It continued normally from there, coming up to the LXQt desktop. I’ve left the ugly wallpaper on this one, for comparison. Once again, wired and wireless networking were just fine, and Bluetooth didn’t work. I installed all of the updates, then shut down and moved the card back to the 3B+, and it booted just fine. Yay!

Performance seemed the same as it was for Tumbleweed, so that was good. It doesn’t have nearly the assortment of applications and utilities in the base system, though. I only saw Firefox (no Chromium or Thunderbird), it has GIMP but not Shotwell, and no audio or video players at all that I could find. Again, this may be down to my choosing the LXQt version, and all of these applications and much more are available in the repositories.

My bottom line for openSUSE, either Tumbleweed or Leap, is that they are perfectly usable on the Raspberry Pi 3B or 3B+, and even tolerable on the 2B. So if you don’t care for Raspbian, and you don’t want to start with Kali and add the applications you need, or if you are in an organization that has standardized on SUSE or openSUSE, go for it. I don’t think you’ll regret it.

Fedora Workstation

While I was working on the Kali and openSUSE installations, I got an email from a reader who mentioned that he had just tried Fedora 28 on a Pi 3, and had been very pleasantly surprised by the ease of installation and performance.

The last time I tried Fedora on Raspberry Pi 2 and 3 systems, I was less than entirely successful or satisfied. That was with Fedora 25, and I found that on the Pi 3 it still didn’t support a lot of the hardware (WiFi, Bluetooth, Sound and more), and on the Pi 2 it was so slow that I wasn’t interested in trying to find out what worked and didn’t.

Since I have now been on such a hot streak with Kali, Tumbleweed and Leap on the Raspberry Pi, I decided to give Fedora another shot. There is an excellent discussion of Fedora on the Raspberry Pi in the Fedora Wiki, so I started there. I went to the Fedora 29 Beta downloads and got the Workstation armhfp image.

There are two ways to copy the distribution image to an SD card; because it is in xz compressed format, you can use the same commands as given above for Kali and openSUSE. But there is also a utility script available which does the same thing, and lets you specify a few additional parameters in the process. So I installed that utility on one of my Fedora systems, and did it that way.

When I put the SD card in the Pi 3B+, it booted and, uh, sort of struggled its way up. Slowly. Very slowly. It finally made it up to the desktop, and I realized that I had made a big mistake. I had downloaded the standard desktop version, which is Gnome 3. Not a good idea at all; for a variety of reasons, even the Pi 3B+ is not up to running Gnome 3. It took tremendous patience just to get it to shut back down, so I could start over.

Fedora 29 LXDE on Raspberry Pi 3B Plus

I went back to the Fedora 29 Beta distribution tree, and this time went to Spins instead of Workstation, and picked up the LXDE version (there are also LXQt, Xfce, MATE and KDE versions there). The same utility dumped it to the SD card, and this time it booted and came up reasonably well, although still noticeably slower than openSUSE (and much slower than Kali).

The first time you boot any of the Fedora images you are taken to the final screen of their anaconda installer, where you can configure the timezone, root password, user account and network info. Once that is done, the boot process continues to the normal login screen. One thing you don’t get to do during the initial boot is configure the keyboard layout, so if you have a non-U.S. keyboard you’ll have to configure that after you login. The easiest way I have found to do that with the LXDE desktop is to add the Keyboard Layout Manager to the LXDE panel, and then use that to add the appropriate layout and delete the default (U.S.) layout.

At this point I was ready to declare Fedora 29 on the Raspberry Pi 3B+ usable — but I still want to know a couple of other things. First, how does it do on the original Model 3B and on the 2B? That turned out to be easy enough to find out, and pretty much what you would expect. The 3B is noticeably slower than the 3B+, but still usable if you are determined and patient. The 2B is, in my opinion, just too slow. It really struggles, with long delays, when you try to do anything at all.

I was also interested in the other desktops, so I went back to the Fedora distribution tree; by this time, the final ISO images for Fedora 29 were up. The LXQt image seems to have disappeared, I don’t know if this is intentional or if it might still show up before release. I downloaded the Xfce spin, and tried that on the 3B+. Unfortunately it is much too slow, and it seems to have some pretty serious rendering problems (several icons in the panel were just blank boxes, for example).

My advice for Fedora on the Raspberry Pi is that if you really need/want/must use it, either due to strong personal preference (loyalty) or commercial requirements, it can be done — but make sure you’re using a Pi 3B+ to run it and only try to use the LXDE desktop.

Overall I’m pretty pleased with these results, the situation is certainly a lot better than it was the last time I looked at this. Let’s just hope things keep moving in the right direction.

RECENT AND RELATED COVERAGE

Raspberry Pi: Hands-on with the updated Raspbian Linux

I have installed the new Raspbian 2018-10-09 release from scratch on some systems, and upgraded existing installations on others.

Kali Linux for Vagrant: Hands-on

The developers at Kali Linux have released a Vagrant distribution of their latest version. Here is a look at that release – and at the Vagrant tool itself

Hands-on with MX Linux: A pleasant, easy-to-install Linux distribution

MX Linux is a descendant/spin-off from Antix and MEPIS Linux. I want to see what it is like to install and run on both UEFI and MBR laptops.

Hands-on with Linux Mint Debian Edition 3 Beta

The long-awaited LMDE update is finally (really) on the way!

Linux phone battery bug: Purism’s Librem 5 delayed until April 2019

Purism gave its Librem 5 phone an updated SoC, but found it has a battery-draining bug that’s delayed production.

A $10 Raspberry Pi alternative? La Frite packs Pi-like specs into low-cost Linux board (TechRepublic)

The $10 La Frite comes close to matching some key specs of the $35 Pi 3 B+, while trimming other features to slash the price.

How to start your smart home: Home automation, explained (CNET)

Starting a smart home doesn’t have to be scary. Here are the basics.

Source