plembo / tpmsecbootwinkvm.md

Last active April 25, 2024 14:37

KVM libvirt qemu tpm secure boot Windows install

TPM and Secure Boot for Windows 11 guests on KVM

The latest KVM on Ubuntu Desktop 22.04 supports both TPM2.0 and Secure Boot for Windows 11 guests. To use it you'll need to make sure the ovmf package is installed.

If using Virtual Machine Manager (VMM, or virt-manager) to install Windows 11 from a Microsoft iso, be sure to check "Customize configuration before install" before clicking on the "Finish" button. While VMM will automatically detect the operating system version and customize many things, including TPM, it will not choose the correct setting for Secure Boot.

When you get to the VM's configuration screen in VMM, you'll find that a TPM vNone device has already been added. Setting up Secure Boot properly will require manually selecting the correct firmware. To do that:

Select Overview

plembo / virgl3d-ubuntu.md

Last active April 22, 2025 06:56

3d acceleration for Linux guests in KVM on Ubuntu Desktop

VirGL for Linux KVM guests on Ubuntu Desktop

NOTE: Please don't ask for help here, it was a miracle that I got it to work at all. Seek answers in the usual places (yes, even Stackoverflow knows more than I do).

The question: How can I get 3d accelerated graphics for Linux guests in KVM without using PCI passthrough?

The short answer is: Use VirGL. The long answer is more complicated, because the VirGL project has had slow but steady progress towards actually working reliably, but the degree to which any given Linux distribution (or related driver project) is in sync has varied greatly over time. Even if it works right now, today, on your machine, it might not tomorrow. Note that even when it works, graphics performance is mediocre to downright painful.

Tested on Ubuntu Desktop 22.04.04 LTS with qemu-kvm, in an "Ubuntu on Xorg" session (not Wayland). Linux quests must have spice-vdagent installed (Ubuntu installs this by default). The hardware is a AMD 5600G d

plembo / newmutternostutter.md

Last active November 6, 2024 19:25

Upgrade mutter to eliminate stutter in Gnome terminal on Ubuntu

Upgrade mutter to eliminate stutter

System impacted is a AMD workstation with NVIDIA graphics, running Gnome desktop on X11. The operating system is Ubuntu Desktop 22.04.4 LTS.

The latest mutter update causes stutter and lagging in Gnome terminal sessions. Switching to xterm relieves the problem, but not a real solution.

The problem was finally identified as a bug in the code to Canonical's latest update for Gnome's mutter window manager and compositor (Bug #2059847). A preliminary workaround PPA from mutter maintainer Daniel Van Vugt (vanvugt) stopped working after a new official update that retained the original bug. In a 15 May 2024 comment to the bug report (#135), Daniel posted links to corrected packages that fix the issue:

You don't really need to enable jammy-proposed. Just download the 3 proposed packages:

plembo / shrinkpdfsize.md

Last active October 22, 2024 13:27

Massively shrink PDF size

Massively shrink the size of a PDF file

Use ghostscript:

$ gs -sDEVICE=pdfwrite \
-dCompatibilityLevel=1.4 \
-dPDFSETTINGS=/ebook \
-dNOPAUSE \
-dBATCH \

plembo / dellchromelinux.md

Last active April 22, 2025 19:32

Linux on a Dell Chromebook 11

NOTE: The N3060 CPU's 2 cores on this old Chromebook were just too sluggish for it to be usable during that overseas trip mentioned below. It now sits unused on my lab table, as I contemplate taking it on a journey to our local county recycling center. I leave this gist here mostly out of nostalgia.

My retail (not enterprise) Dell Chromebook 11 (an Inspiron model 3181, not the 3180 or 3189) went EOL shortly after I purchased it new from Best Buy. Since then it saw some hard use in the family kitchen as a recipe lookup device, but was finally retired when replaced by a (relatively) newer Android tablet (that also reached EOL shortly thereafter).

With an overseas trip looming, I decided to look into refurbishing the Chromebook for use as a privacy hardened travel laptop. Frankly, the thought of TSA and Customs manhandling my trusty portable workstation was too much to bear.

I mostly followed the detailed instructions in the Chrultrabook Docs,

plembo / debiangnome.md

Last active February 16, 2024 16:43

Notes on Debian Gnome Desktop

Some notes on setting up the Gnome desktop on Debian.

This is only for Debian, not Ubuntu.

Base system is Debian 12 Stable (Bookworm).

No joy installing nvidia drivers. Sorry.

plembo / ubuntudesktopprint.md

Last active September 27, 2024 18:15

Printing on Ubuntu desktop

Printing on Ubuntu Desktop

IMPORTANT: Anyone trying to understand/manage printing on Debian-derived distributions, including Ubuntu, should read through CupsDriverlessPrinting. "CupsDriverLessPrinting". Debian Wiki, https://wiki.debian.org/CUPSDriverlessPrinting.

Following are some notes I've brought back from the gist graveyard. Notably, the recent publication of a vulnerability in the Apple-managed CUPS printing subsystem has renewed my misgivings about Zeroconf. I've now disabled it on all my Linux systems, although it will result in inconvenience to me.

Zeroconf and Printing

Zeroconf, or Zero Configuration may be a dream for developers: but can be an absolute nightmare for sysadmins and users. Zeroconf aims to allow the system to configure itself automatically for all kinds of external devices, from music players to printers. For many of th

plembo / resticbackup.md

Last active March 2, 2024 18:55

Restic backup

Backups with restic

We just recently began to use restic as our main backup solution at home. I'm posting this mostly to document the configuration for myself. Anyone interested in using restic should thoroughly read the documentation before proceeding.

By default, backups are run with encryption and compression enabled. Although many people have all hosts in a multi-host network sharing a single repo, I chose to separate them out (to limit the impact of any future data corruption and simplify security configuration).

plembo / debianserver.md

Last active May 2, 2024 20:59

Debian server notes

Notes on Debian as a server

These are some notes on instaling and configuring Debian Linux for a server. In this case, my existing home backup/application server that had been running Ubuntu Server 22.04 LTS. The occasion of this migration was a series of hardware failures that resulted in the need to reinstall the operating system.

Hardware

Everything below was done on a 6 year-old desktop-class machine with a 6th gen Intel (Skylake) i7 CPU and 32 GB non-ECC RAM. The boot drive is a (by today's standards) tiny 1 year-old (7836 power-on hours) "spare" 120 GB 2-1/2" SSD (this was the weekend, and the idea of running out to Best Buy on a Saturday was intolerable: besides, Clonezilla will make short work of any future replacement), and data is stored on a new pair of 8 TB hard disks in a JBOD arrangement. All partitions (except EFI and Swap) use the ext4 filesystem sans LVM.

The existing server had been another 3 year-old desktop-class machine with a 2nd gen Ryzen 5 CPU and 32

plembo / ubuerraptpkgmergelist.md

Last active August 17, 2023 14:32

Ubuntu error on apt update: Package header, MergeList

Ubuntu Error on apt update: Package header, MergeList

Thanks to Amr, I didn't have to rebuild my system the other day. AmrAbdeen. "Fix| Error E:Encountered a section with no Package: header, E:Problem with MergeList". GitHub Gist, 21 Nov 2015, https://gist.github.com/AmrAbdeen/59d688b3d4cf20cc81f2.

Doing an apt update on my house Ubuntu Server 22.04 LTS, I kept getting this error:

Error “E:Encountered a section with no Package: header, E:Problem with MergeList …….”

Trawled the internets for advice, none of it worked, at least one suggestion was pretty clearly dangerous (as in system-crippling dangerous).

Phil Lembo plembo