đŸ Archived View for gemlog.blue âș users âș BaronHK âș 1692942925.gmi captured on 2023-09-08 at 16:18:47. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Mullvad VPN Does Work on openSUSE; General Thoughts on openSUSE Leap 15.5. Bonus: Hopefully the Last Rants About IBM, Red Hat, Fedora.
(Originally posted on WordPress.com on August 14th, 2023)
Mullvad doesnât support it, but it does work.
I managed to get Mullvad VPN to work on openSUSE and about the only caveat seems to be that the RPM package that supports Fedora 37+ expects that dbus-libs will be named that when it lists its dependencies, otherwise it works fine. I looked around and Mullvadâs only comment is itâs not a priority for them that they have customers who want to pay them and use openSUSE. *sigh*
Do I detect just a hint of Fedora fanboy-ism?
I did sudo zypper install <name of Mullvad RPM package> and it complained about that, so I chose option 2. Break Mullvad by ignoring the âdbus-libsâ dependency.
Then it installed it and the other dependencies and everything seems to work and no broken system. (yay!) I set the Lockdown Mode (to make sure nothing can access the internet until the VPN is working) and launch on startup and auto-connect.
It doesnât appear that anything fails to work properly. I went ahead and did an âExtended DNS Leak Testâ and it wasnât leaking. I checked my IP address and the site showed my Mullvad-assigned VPN ipv4 and no ipv6. (As it should be.)
Then I used TorGuardâs âWhat is my Torrent IPâ page to check and sure enough Transmission leaked the real IPv6.
Then I remembered I had to go into the WiFi settings in NetworkManager in Fedora and set IPv6 to disabled and reconnect to the WiFi and that solved the problem here too.
I did run into one little hair in the soup with SeaMonkey though.
openSUSE didnât build it with ChatZilla. Iâm not really sure how or why, but I suppose I could dump the tarball into /opt.
I downloaded an unpacked the SeaMonkey 2.53.17 tarball into my home directory for now and it seems to work okay there, except somehow (both with my backed up and unpacked profile from Fedora and a blank one) I can no longer get WordPress.com to log in. They must have read about my success and put in more âDiarrhea Codeâ for GULAG CRASH. đ
Also, Leap doesnât have the latest SeaMonkey (they have 2.53.14 as of this writing) which is alarming because Web browser and security patches.
Also, while SeaMonkey doesnât get along famously with all of this âDiarrhea Codeâ on some sites, they do backport some Web platform code from later Gecko releases and it does make a large difference.
At one point, Element (the Web App version of a Matrix client) wasnât working at all in SeaMonkey, but now it does, at least the one hosted on nerdsin.space.
As far as KDE, it appears that YaST automatically logs you in if youâre the only user or something.
(Thereâs a switch to turn this behavior off in the user creation screen in the installer.)
Other than that wtf (in the trial run on my old laptop, then searching how to fix it), the system seems to run okay. I enabled zram with zstd and put an active swap on it (no SWAP partition during setup) and edited /etc/fstab to use BtrFS Compress level 1 with zstd and then defragmented the file system with the compress option to make existing files compressed.
Iâm not really amused by the attitude of some of these VPN companies where they donât think making distribution-specific packages for distributions that have significant users is important. I detect a hint of Fedora fanboyism at Mullvad.
Oh well.
Fedora has been getting a lot more lulzy lately.
Yesterday I had my first HARD (hold the power button down) crash in a long LONG time.
This made it seem more urgent to get away from Fedora considering their OS bugs that are already causing audio glitches. I blogged previously about the bad Fedora updates making my sound card do weird stuff. My spouse was complaining because it makes a high pitched âwarblingâ screeching sound and sometimes the only way to make it stop is to reboot.
I know what Iâm doing with Fedora systems and I always clean up the mess thatâs left after a dnf upgrade.
âObligatory Joke Timeâ
Iâm not like âSecurity Expertâ Matthew J. Garrett who had to go 10 Fedora versions at once and couldnât figure out RPM and Mr. Beanâd the solution because he didnât know RPM has a switch to ignore signatures.
(Just shoot the light bulb with a pellet gun and replace the bulb every morning. So much easier than learning the light switch.)
â/Obligatory Joke Timeâ
âSecurityâ
We had more sockpuppets in TechRights this morning. âHe Who Would Never Commit a Cybercrimeâ appears to have spewed some CTCP crap in our IRC channel that was vaguely meant to look like some sort of l33t h4x0ring or somethingâŠ.I donât know why. (Roy says he got some too.) Just some jerk that was trying to see if I thought something was actually happening. So that was a minor distraction for about a few seconds I guess.
Although it does give me time to turn to a rather unfortunate default setting in openSUSE that sshd is on by default and the port is open, and if you arenât observant in the installer, you might miss that. (What is this? Windows 98!? Come back, you forgot to include NetBIOS!)
Although I do need to give them points for letting you remove âshimâ for âSecure Bootâ since itâs off in my firmware and I wonât ever turn it on. There is no actual security advantage from leaving it on, it only puts Microsoft in control of what you can boot.
Even Spectre/Meltdown mitigations are configurable. If you have an old system that it slows down way too much (the old stuff where process context id is not a CPU feature, especially), you can risk it. Sadly, itâs mostly this âClown Computingâ and Modern Web shit thatâs putting people at much risk from these chip bugs.
â/Securityâ
âFedora and IBM Rantâ
The situation in Fedora is not just IBM Red Hatâs hate speech trolls. Oh no, if it was only that they had losers on IRC flaming people and kicking them out of some dumb room, I could totally get past that. Hell, I know more about Fedora than most of the moderators (who use Edge on Windows and Safari on Mac in the case of fedora-kde).
Itâs that the thing is falling down like a termite infested house. Iâm betting we get one, maybe two more releases before itâs either so awful youâd have to be out of your mind to consider installing it on something or IBM finally pulls the plug.
I had considered using a RHEL clone then quickly decided against it when IBM Red Hat went further in hiding their source code. They are not a Free Software company.
Now, what I need to remember to do next time is tidy things up instead of littering the SSD with stuff from the director who brought you Untitled Document 1 and Untitled Document 2, the Untitled Document series spanning more than Taken.
â/Fedora and IBM Rantâ
And how many times can they take Liam Neesonâs family hostage?
AaaaandâŠ.
Before I got around to posting this, I managed to finish up my backups and get openSUSE Leap 15.5 on my main laptop.
Things Iâve learned so far (from breaking it on my other laptop a few times and finding issues with my Gen12 Intel Tiger Lake laptop):
KDE has gotten a lot better since the last time I tried it. Itâs very fast and I have yet to run into any real problems. Just the usual post-install run around changing all the preferences.
The user interface of KDE reminds me how much I really disliked GNOMEâs Human Interface. (Broken iPhone with One Button Meets Windows 8.)
You can get used to anythingâŠ.
Anyway, quirks I ran into along the way that may be worth noting in case I run into them again:
openSUSE ships broken and gimpy Mesa and media codecs, like Fedora did, because of US patents. But like Fedoraâs RPM Fusion, you have âPackmanâ for openSUSE. Fixing this problem involved visiting this official Wiki page and selecting the instructions from Option 1, the OBS Package Installer, to change to the codecs and Mesa from Packman.
When I was done with that, I still didnât have Vulkan graphics API support for my Intel GPU, just OpenGL, or Video Acceleration API for GStreamer codecs.
No Problem, a trip to Yast Software now offered that, I think. It was just there being offered, so I hit apply and reboot and vulkaninfo showed that Vulkan was now working. I think thatâs how I fixed it.
Sound didnât work, turned out to be a missing sound firmware, but I installed it with sudo zypper install sof-firmware and then went to Yast and had it automatically configure my Tiger Lake Sound Chipset in the Sound applet.
I specifically chose everything on btrfs and to remove everything Fedora did to the SSD, and then I set up BtrFS with Compression and zram with a swap.
(Some of this appears to be outdated already. On my system, it only created one zram device of the size of my installed physical RAM, and put a swap device on it, which is what I wanted it to do.)
All around, I can say that openSUSE could use a lot of polishing if it wants to appeal to casual and novice users. I probably wouldnât recommend it to people who can already barely poke around a Mac or something, but technically inclined users should be able to get a productive desktop OS set up in fairly short order. (Though I would recommend tossing it around on a spare computer for a few days.)
Iâd say that the technical underpinnings are what Iâm looking for, and Leap is based on an enterprise Linux distribution, and one where everyone can actually look and see whatâs in it.
âAnother IBM/Fedora Rantâ
IBM Red Hat has been running around basically threatening people that if they show you whatâs in the Linux kernel that RHEL uses, theyâll cancel your subscription, no refund.
Do they have a legal right to cancel a subscription when the GPL clearly says they canât impose further terms on people? Thatâs obviously something thatâs in a legal gray area.
All I know is that itâs ethically disgusting and flies in the face of the spirit of Free and Open Source Software.
Sadly, the march towards this behavior started long before IBM. Years before IBM even bought the company, Red Hat said they were no longer going to break out patches. They would just release the full source code.
This was meant to make it difficult to easily figure out what they had done, but it was certainly allowed by the GPL. I think that theyâre just behaving like Canonical, Oracle, and Google now, and violating laws, norms, and customs and daring anyone to do anything about it because youâd be up against IBM even if you did.
I wasnât going to switch operating systems from Fedora just over that, but it certainly wasnât helping their case any.
I would never recommend someone standardize on what Nancy Pelosi might call, âPass it so you can find out whatâs in it.â.
I also didnât want to plant myself on an enterprise distribution based on RHEL only to find out that they were going to threaten people if they divulged what was in userspace too. I mean, they could go there. Theyâve done this. Why wouldnât they go there?
At the moment, you could probably cobble together an OS thatâs like 99.97% RHEL out of the userspace of RHEL (no longer provided as source RPMs, obviously to harass the rebuild process) and a kernel plucked from CentOS, and it would be very very close, but again, it wouldnât be âexactlyâ RHEL.
This is where they are now, but as weâve seen before, IBM is terrified of Oracle eating their lunch.
Obviously, Debian 12 just came out, and thereâs Ubuntu Long Term Support, but honestly Canonical is at least as toxic as IBM and not even 20% as competent.
So that left me at Debian 12 or openSUSE Leap 15.x and it was a coin toss at that point and I just evaluated openSUSE first and determined that they did decent work and I could manage this.
The pain of switching operating systems after youâve been on one for a few years is significant. Itâs also fundamentally incompatible with âDonât make me do things.â
So I did not make this decision lightly. To draw a comparison, this Fedora thing is like trying to settle on a substandard foundation where bad contractors are constantly working, never finished, day and night, and trying to make the best out of it.
That was okay when Fedora had a community that hadnât disappeared, and before IBM Red Hat started mass layoffs. Thereâs a brain drain, a massive one, and you have people like âKhaytsusâ staffing the chat rooms. Why in Godâs name did I ever go in there?
Nobody in there knows as much as I already do about Fedora. 90% of the moderators use Windows and Macs. About all I got for my trouble was being k-lined from all Libera Chat (again), because I let one of their peckerhead idiot moderators goad me into talking back instead of just giving up on Fedora where I was at and realizing it was time to go.
Nobody at Fedora has taken any action on the Code of Conduct report I filed against Khaytsus. I would believe you if you told me that everyone it signed up for the issue isnât even in the project anymore and nobody turned off the light.
I donât encourage new users to install Fedora and get comfortable and lay the mounting problems aside and let them slowly get worse.
At this rate, I do wonder how long until IBM just taps out of it and declares that you can use CentOS Stream if you want to risk a broken operating system at any minute testing âcandidate updatesâ (youâre the guinea pig) for RHEL.
They donât actually need Fedora for any of IBMâs ambitions at this point and it shows.
Roy Schestowitz commented that Planet Fedora is a ghost town now.
â/Another IBM/Fedora Rantâ
Finally, a humorous observation about openSUSE.
Some screen chatter went by earlier while I was using zypper up to fetch my security updates.
Something complained that the part of systemd that Red Hat figured would be just a super fantastic idea, which shits binary core dumps (crash dumps) into your system logs, is apparently not included with openSUSE.
I just thought it was interesting that it has systemd but theyâre obviously not wild about at least some of it.
Then again, you know systemd is there because I got the infamous âA stop job is running onâŠ.â with the 1 minute 30 second timer before the OS declares âItâs dead, Jim.â and turns off the computer, presuming nothing else does it.
I must remember to do what I did on Fedora where it happened constantly and reduce the timer to 30 seconds.