UEFI Upgrade Fails
by Jonathan Ryshpan
Discover, which I use for upgrades, reports problems with UEFI. There is
an update, which Discover refuses to install. Discover reports this
message:
UEFI DBX : Version 217 : Released on 4/8/23
UEFI Secure Boot Forbidden Signature Database
Insecure versions of software from Trend Micro, vmware, CPSD, Eurosoft,
and New Horizon Datasys Inc were added to the list of forbidden
signatures due to discovered security problems. This updates the dbx to
the latest release from Microsoft.
Before installing the update, fwupd will check for any affected
executables in the ESP and will refuse to update if it finds any boot
binaries signed with any of the forbidden signatures.
...
It looks like there is a new version of the UEFI boot system, which
can't be installed because of signature issues. Is this correct? Is it
anything to worry about? Can anything be done to fix the issue? Is the
issue likely to be fixed upstream?
System Info:
Operating System: Fedora Linux 37
KDE Plasma Version: 5.27.4
KDE Frameworks Version: 5.104.0
Qt Version: 5.15.8
Kernel Version: 6.2.9-200.fc37.x86_64 (64-bit)
Graphics Platform: X11
Processors: 8 × Intel® Core™ i7-4790K CPU @ 4.00GHz
Memory: 15.5 GiB of RAM
Graphics Processor: Mesa Intel® HD Graphics 4600
Manufacturer: ASUS
Product Name: All Series
--
Sincerely Jonathan Ryshpan <jonrysh(a)pacbell.net>
Common sense is the collection of prejudices
acquired by the age of eighteen. -- Einstein
1 year, 1 month
GNOME interface is too bulky
by Ranbir
Hello Everyone,
Is there a tweak in GNOME to shrink the GUI? It's huge! There's so much
wasted space. It's eating up a ton of my screen real estate and driving
me bananas.
I like GNOME otherwise, I've been using it for 15 years or something
silly like that and I don't want to move to a different desktop
environment. But, if that's the most reasonable solution, then that's
what I'll have to do.
Thanks,
Ranbir
--
Ranbir
1 year, 1 month
setting up wpa2 wireless
by bruce
Hi.
looking to setup/test wifi/wpa2 for uverse
Configured the uverse device. Using the basic default settings with a
diff test network name/password
On the test client. I've manually set the ip address. I'm looking at
different sites to see how/if I need to do anything for the "routes"
any pointers/sites to look at would be helpful.
thanks
1 year, 1 month
Security context for Apache
by Patrick O'Callaghan
I've set up a simple web server for private use (though I will enable
https access from outside the network), but I want some of the content
to be outside the default /var/www/html tree. When I do this, I get
file access errors when SElinux is enabled, but not when I set
'setenforcing=0'.
I'd prefer to use SElinux as intended, so what do I need to do?
poc
1 year, 1 month
VDQ mate terminal (F37)
by Beartooth
I must be getting more senile than I thought. I've lost the little
row of words on the top border of my mate-terminal (under F37, if it
matters) "File Edit View Search ... etc" and I can't find where to
turn it back on. <whimper, sniff>
--
Beartooth Octogenarian
1 year, 1 month
Virtual Machine Network Connection Confusion
by Robert McBroom
Fedora 37 with four qemu/kvm virtual machines. Trying to get internet
access from the vm's. Found some advice about using systemd-networkd
instead of NetworkManager. Lost internet connection with the host.
Restored with NetworkManager. Further research on NetworkManager gets
into a tangle with ifcfg scripts and the apparent migration to keyfiles.
Totally confused.
Can only start the virtual machines if the network device is removed.
----------
VM centos8 failed to start
Requested operation is not valid: network 'default' is not active
---------
From cockpit on the web interface tried some of the options with bond
looking like a possibility
---------
11:37 AM
<info> [1680622647.3084] dhcp6 (bond0): state changed new lease,
address=2600:1702:4860:9dd0::34
NetworkManager
11:27 AM
<info> [1680622058.5768] manager: (vnet4): new Tun device
(/org/freedesktop/NetworkManager/Devices/9)
NetworkManager
11:07 AM
<info> [1680620850.7934] dhcp6 (bond0): state changed new lease,
address=2600:1702:4860:9dd0::34
NetworkManager
11:02 AM
<info> [1680620556.1938] manager: (vnet3): new Tun device
(/org/freedesktop/NetworkManager/Devices/8)
NetworkManager
11:01 AM
<info> [1680620475.6234] manager: (vnet2): new Tun device
(/org/freedesktop/NetworkManager/Devices/7)
NetworkManager
10:40 AM
<info> [1680619204.0043] dhcp6 (bond0): state changed new lease,
address=2600:1702:4860:9dd0::34
NetworkManager
--------
but
--------
VM centos8 failed to start
Unable to add bridge bond0 port vnet5: Operation not supported
----------
The options seem to be endless with no success.
Advice?
1 year, 1 month
Where is the magic SysReq key?
by Patrick O'Callaghan
I have a Logitech MX series wireless keyboard, and no keys are labelled
as SysRq or PrtScr. Is there a way to configure a different sequence
for the magic SysRq function? The man pages are not helpful.
poc
1 year, 2 months
update-linux command automates Fedora updates
by Barry Scott
I have released a tool that I have been using for a number of years to
maintain my Fedora systems.
https://pypi.org/project/update-linux/2.0.0/
This tool allows you to update all your Fedora systems easily:
$ update-linux host1 host2
Or check if there are updates available:
$ update-linux --check host4 host5
It also handles system upgrades:
$ update-linux --system-upgrade=37 host3
It can be configured with named groups of hosts to avoid the need to
type long lists of host names.
Barry
1 year, 2 months
Sending messages to all users
by Robert Nichols
Now that gnome-terminal (also mate-terminal, etc) no longer registers as a login session, what is the mechanism for sending messages to logged-in users? This is fairly important for shutdown, "UPS on bettery", etc. messages. The "wall" command does send a message to plain console sessions (Alt-Fn consoles), but the message does not reach GUI users whether or not a terminal emulator session is active, even with a terminal session started with the "Run command as a login shell" option selected.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
1 year, 2 months